Filter
Top Products
ZyWALL 5/35/70 Series User’s Guide
265 Chapter 15 Anti-Spam
The anti-spam external database checks for spoofing of e-mail attributes (like the IP address)
and uses statistical analysis to detect phishing.
15.1.4 Whitelist
Configure whitelist entries to identify legitimate e-mail. The whitelist entries have the
ZyWALL classify any e-mail that is from a specified sender or uses a specified MIME
(Multipurpose Internet Mail Extensions) header or MIME header value as being legitimate
(see
Section 15.1.7 on page 266 for more on MIME headers). The anti-spam feature checks an
e-mail against the whitelist entries before doing any other anti-spam checking. If the e-mail
matches a whitelist entry, the ZyWALL classifies the e-mail as legitimate and does not
perform any more anti-spam checking on that individual e-mail. A properly configured
whitelist helps keep important e-mail from being incorrectly classified as spam. The whitelist
can also increases the ZyWALL’s anti-spam speed and efficiency by not having the ZyWALL
perform the full anti-spam checking process on legitimate e-mail.
15.1.5 Blacklist
Configure blacklist entries to identify spam. The blacklist entries have the ZyWALL classify
any e-mail that is from a specified sender or uses a specified MIME (Multipurpose Internet
Mail Extensions) header or MIME header value as being spam. If an e-mail does not match
any of the whitelist entries, the ZyWALL checks it against the blacklist entries. The ZyWALL
classifies an e-mail that matches a blacklist entry as spam and immediately takes the action
that you configured for dealing with spam. The ZyWALL does not perform any more anti-
spam checking on that individual e-mail. A properly configured blacklist helps catch spam e-
mail and increases the ZyWALL’s anti-spam speed and efficiency.
15.1.6 SMTP and POP3
Simple Mail Transfer Protocol (SMTP) is the Internet’s message transport standard. It controls
the sending of e-mail messages between servers. E-mail clients (also called e-mail
applications) then use mail server protocols such as POP (Post Office Protocol) or IMAP
(Internet Message Access Protocol) to retrieve e-mail. E-mail clients also generally use SMTP
to send messages to a mail server. The older POP2 requires SMTP for sending messages while
the newer POP3 can be used with or without it. This is why many e-mail applications require
you to specify both the SMTP server and the POP or IMAP server (even though they may
actually be the same server).
The ZyWALL’s anti-spam feature checks SMTP (TCP port 25) and POP3 (TCP port 110) e-
mails. The anti-spam feature does not check (or act upon) e-mails that use other protocols
(such as IMAP) or other port numbers.