Filter
Top Products
Chapter 38 Anti-Spam
ZyWALL USG 300 User’s Guide
691
If the ZyWALL receives conflicting DNSBL replies for an e-mail routing IP address,
the ZyWALL classifies the e-mail as spam. Here is an example.
Figure 472 Conflicting DNSBL Replies Example
1 The ZyWALL receives an e-mail that was sent from IP address a.b.c.d and relayed
by an e-mail server at IP address w.x.y.z. The ZyWALL sends a separate query to
each of its DNSBL domains for IP address a.b.c.d. The ZyWALL sends another
separate query to each of its DNSBL domains for IP address w.x.y.z.
2 DNSBL A replies that IP address a.b.c.d does not match any entries in its list (not
spam).
3 While waiting for a DNSBL reply about IP address w.x.y.z, the ZyWALL receives a
reply from DNSBL B saying IP address a.b.c.d is in its list.
4 The ZyWALL immediately classifies the e-mail as spam and takes the action for
spam that you defined in the anti-spam policy. In this example it was an SMTP
mail and the defined action was to drop the mail. The ZyWALL does not wait for
any more DNSBL replies.
DNSBL A
DNSBL B
DNSBL C
IPs: a.b.c.d
w.x.y.z
1
2
a
.
b
.
c
.
d
N
o
t
s
p
a
m
3
4
a
.
b
.
c
.
d
?
w
.
x
.
y
.
z
?
a
.
b
.
c
.
d
?
w
.
x
.
y
.
z
?
a.b.c.d?
w.x.y.z?
a.b.c.d Spam!