The 20 Minute E-mail Solution!
TOC PREV NEXT INDEX

Host Configuration

This section explains how to configure the host level antispam options. Host configuration tasks include setting up the following: connection filtering, statistical filtering, phrase filtering, a white list and "trusted" IP addresses.

Connection Filtering

DNS black lists options for each host are configured on the Connection Filtering tab shown below. No black lists are enabled by default, so each host administrator must enable them immediately after installation. A black list must be enabled for the server before it is available for use by a host. Black list configuration information for hosts is stored in the spamblks.txt file located in the host's directory.

Getting to the Connection Filtering tab:

  1. In the left panel, expand the localhost folder and select a host with an IP address.
  2. Expand the host, and select the Antispam folder.
  3. In the right panel, click the Connection Filtering tab.

Host level DNS black lists can be separated into two categories:

Select Delete Message after X matches, to delete the message after it matches the number entered here. The value entered here must not be greater than the number of black lists plus the number of validation options that are enabled.
Select Prefix Subject with to append a word or phrase to the Subject of messages that are identified as spam. Does not apply if you select to delete a message.The default text is X-IMail-SPAM-Connection, but you can customize it to anything you want as long as it does not exceed 255 characters.

Enabling/Disabling DNS Black lists

To enable a DNS black list for a host, do the following:

  1. Decide whether you want the black list to be a standard DNS black list, or a trusted DNS black list.
  2. Click Add in the appropriate grouping to open the Add DNS Blacklist dialog box.
  3. Select a black list and click OK.
    Note: Only black lists that are configured and enabled for the server are displayed in the Add DNS Blacklist dialog box.
  4. To save the black list, click Apply at the top of the right panel.

Removing a DNS Black List

To remove a DNS black list, do the following:

  1. Select the black list name from either the DNS Black lists box, or the Trusted DNS Black lists box.
  2. Click Remove, and the DNS black list is no longer displayed.
  3. Click Apply, at the top of the right panel, to save your changes. If you do not click Apply, the black list will reappear when the screen is refreshed.

Changing a Black List Type

A black list cannot appear in both the DNS blacklists and Trusted DNS blacklists boxes. To change a DNS black list from one type to another, you must first remove it from its current type. The example below explains how to change a black list from a standard DNS blacklist to a trusted DNS blacklist.

  1. Select the black list name from the DNS Blacklist box on the Connection Filtering tab, and click Remove.
  2. Click Add in the Trusted DNS Blacklists grouping. The Add DNS Black List dialog box opens.
  3. Select the black list name that you previously deleted, and click OK. The black list now appears in the Trusted DNS Blacklist grouping.
  4. Click Apply at the top of the right panel to save your changes.

Validation Tests

Select which of the following validation tests to perform on incoming email messages. If a message fails any of these tests, an X-Header is inserted into the message indicating which test it failed.

Display Labels

Name. The display name that is used to identify the black list in log files and X-Headers. This name does not have to correspond to the actual name of the black list.

Server. The domain name or IP address of the DNS server to contact for black list queries.

Query Domain. The domain to contact for black list queries. This name usually matches the server domain name. However, sometimes a black list will contain multiple domains on their server to differentiate why an IP is black listed. When this is the case, the server name and the query domain will be different. Contact the black list to determine the Query Domain.

Type. Identifies the type of lookup that the black list performs. Select from the following:

Sender Policy Framework (SPF) Filtering

IMail uses SPF to extend the Simple Mail Transfer Protocol (SMTP) and Domain Name System (DNS) so IMail server does not accept email unless the sending computer is designated as a legitimate email sender. This feature provides administrators increased capability to stop incoming email from forged (spoofed) email addresses.

To accomplish this email security measure, SPF establishes a policy framework and a sender authentication scheme that verifies the identity of email servers (domains) for incoming messages. SMTP receivers (such as IMail server) use this information to evaluate whether the message is from an email server that is authorized to send email from the message sender. Messages that do not meet the SPF criteria are not accepted as a legitimate email message and are processed according to the SPF settings selected on the SPF tab.


How does SPF work?

SPF policy data is published on a DNS server in a TXT record. DNS resolvers typically cache SPF data to reduce lookup traffic. Sender domains do not have to run new servers to advertise SPF information; instead, SPF uses the connecting client's IP address and information from the SMTP envelope to evaluate the SPF policy document published via DNS. After the policy is evaluated, the message is classified and handled accordingly. For additional information about SPF, go to the SPF community at http://spf.pobox.com.

Example

If a spammer forges mail from the mail server imaspammer.com by using a different domain in the From address, such as john.doe@notaspammer.com, the receiving email server checks the SPF record for imaspammer.com. If it finds that imaspammer.com is not authorized to send mail on behalf of john.doe@notaspammer.com because the IP address for imaspammer.com does not match valid IP addresses listed for imaspammer.com, the message fails and is processed by the SPF settings selected on the SPF tab.

Configuring Sender Policy Framework (SPF)

The Sender Policy Framework (SPF) provides administrators increased capability to stop incoming email from forged (spoofed) email addresses. Use the SPF tab settings to configure how to process email that is identified as forged email. Settings in the SPF tab apply to the selected domain.
Note: Click Apply to save setting modifications.

Getting to the Sender Policy Framework (SPF) tab:

  1. In the left panel, expand the localhost folder, then select a host with an IP address.
  2. Under the host, select the Antispam folder.
  3. In the right panel, click the SPF tab.

Set the following options to configure SPF:

Enable SPF Processing (cleared by default). Select this check box to enable the SPF filter for the current host.

SPF Query Result Default Action. Specify an action to take for each SPF query result. The possible results and default actions are:
Result Default Action
Fail. The domain publishes SPF data and the message does not meet a domain's definition of legitimacy. Insert X-Header into the message to indicate that the message was identified as a forged message by the SPF filter.
Softfail. The domain publishes SPF data and the message does not meet a domain's strict definition of legitimacy, but the domain cannot confidently state the message is forged. Insert X-Header into the message to indicate that the message was identified as a forged message by the SPF filter.
Error. Indicates there was an error during the SPF record lookup and could not correctly interpret the error. There are three possibilities when this occurs: · Lookup error occurred because DNS server was down.
 · Incorrect DNS record
· Domain does not exist
 		Insert X-Header into the message to indicate that the message was identified as a forged message by the SPF filter.
Temp Error. Indicates there was an error during SPF record lookup. For example, the server is up, but it gives an error. None
Neutral: The domain publishes SPF data and returns a "?" value. None
None: The domain does not publish SPF data. None
Pass: The domain publishes SPF data and the message meets the publishing domain's definition of legitimacy. None

Action to be taken on SPF result. In addition to the default SPF query result actions, you can specify actions to take on positive SPF query results.

To set up an action to be taken on an SPF query result:

  1. Select the SPF query result type in the list box.
  2. Select one of the following actions to take on the query result type selected in step 1:
    • None. No action is performed on messages identified as a forged message by the SPF filter.
    • Delete. Immediately deletes the message.
    • Forward to Address. Forwards the message to a specified email address. Enter an email address in the text box to the right of this option. By default, messages are sent to the root address and stored in a mailbox called "root-bulk".
    • Insert X-Header (default). Inserts an X-Header into the message indicating that the message was identified as a forged message by the SPF filter.
    • Move to Mailbox. Moves the message to the user's mailbox specified in the text box to the right of this option. If the mailbox does not exist, it is created. The default mailbox is "bulk".
      Tip: We recommended that you select the Insert X-Header option instead of Delete until you know that the SPF options are setup to best suit your filtering requirements.
  3. If you want to add a custom prefix subject to messages that are identified as forged, select the Prefix subject with check box (cleared by default). The default subject prefix is entered in the text box to the right and is based on the SPF query result as follows:
    • Fail. [X-IMail-SPAM-SPF-Fail]
    • Softfail. [X-IMail-SPAM-SPF-Softfail]
    • Error. [X-IMail-SPAM-SPF-Error]
    • Temp Error. [X-IMail-SPAM-SPF-TempError]
    • Neutral. [X-IMail-SPAM-SPF-Neutral]
    • None. [X-IMail-SPAM-SPF-None]
    • Pass. [X-IMail-SPAM-SPF-Pass]
This subject field is also user configurable for each possible return code and limited to 255 characters. You can also enter a custom message in this box.
  1. Select the Advanced SPF Settings:
    • DNS Timeout (in seconds). Sets the total amount of time between DNS record checks (lookups).
    • Maximum number of redirects. Sets the maximum number of redirects allowed when an SPF policy is queried and evaluated.

Restore Defaults. Click to reset all of the user defined settings to the default SPF configuration. The Enable SPF Processing option does not change when you click Restore Defaults. This option remains selected or cleared, depending on the current setting.

Premium Antispam Content Filtering

The optional Premium Antispam filter provides fully automated spam protection in addition to the Standard Antispam filter included in IMail. Premium Antispam filter settings are applied before Standard Antispam filter settings.
Note: Click Apply to save setting modifications.


Getting to the Premium Content Filtering tab:

  1. In the left panel, expand the localhost folder, and select a host with an IP address.
  2. Under the host, select the Antispam folder.
  3. In the right panel, click the Premium Filtering tab.

Set the following options to configure Premium Antispam content filtering:

Content Filtering

Content filtering uses phrase filtering, statistical filtering and HTML filtering to examine messages and determine if they are spam. Phrase filtering searches for configurable phrases that indicate spam. Statistical filtering compares each word in a message against collected word counts to determine if the message is statistically likely to be spam. HTML filtering examines messages for HTML tags and domain names contained in URLs. The Content Filtering tab is shown below.


Getting to the Content Filtering Tab:

  1. In the left panel, expand the localhost folder and select a host with an IP address.
  2. Expand the host, and select the Antispam folder.
  3. In the right panel, click the Content Filtering tab.

Statistical Filtering

Statistical filtering examines each word in the body of an email message to determine if the email is spam. Words are compared against spam and non-spam word counts in the antispam-table.txt file, and assigned a spam probability value. These word counts represent the number of times that the word has occurred in previous spam and non-spam email. The entire message is then assigned a probability based on the assessment of all word values for a message. Non-alphabetic characters, such as numbers and special characters, are not included in spam assessment. For information on how these words are compared to the antispam-table.txt file, see "Configuring the Antispam Engine to Identify Wildcards".

You can also create and maintain a host specific exclude list, specify what action to take when spam is identified, and enable the use of the primary domain's antispam-table.txt file. The list box, under statistical filtering, displays the contents of the exclude list.


Options

None. Disables statistical filtering.

Current Host (default for primary host). Select this option to define statistical filtering settings specific to the current host.

Primary Host (default for non-primary hosts, not available for primary host). Uses the primary host's statistical filtering settings, including the primary host's antispam-table.txt file. Selecting this option saves memory by reading the file directly from the primary host's directory.

Spam Action. Specify one of the following actions to take for a message that is identified as spam:

Prefix Subject With. If selected, the subject of a message identified as spam by the statistical filter, is modified to begin with the text entered in the text box. By default this text is X-IMail-Spam-Statistical, however, you can customize this message to anything you want as long as it does not exceed 255 characters.
Note: To configure Advanced Statistical Filtering options, see "Advanced Configuration".

Setting Up the Exclude List

To speed up processing and save storage space, you can create a host specific exclude list. The exclude list is a list of words that are not included in the statistical analysis, because they are just as likely to appear in non-spam as spam. These words are ignored and are not entered into the antispam-table.txt file. To add a word to the exclude list, do the following:

  1. Click Add under Statistical Filtering to display the Add a word dialog box.
  2. Enter the word you want to exclude and click OK. The word must be between 1 and 15 characters.
  3. To save the exclude list, click Apply at the top of the right panel.

Phrase Filtering

Phrase Filtering searches for spam phrases within the body of email messages and identifies those messages as spam. The phrases are stored in the phrase-list.txt file, located in the host's directory.

If a message contains one of the phrases in the phrase list, it is identified as spam and you can choose to delete it, forward it to an email address, or insert an X-Header.

Use the Phrase Filtering section of the Content Filtering tab to configure the phrase filtering options. You can enable/disable phrase searching for the current host, create and maintain the host specific phrase list, and specify an action to take when an email contains one of the phrases. The list box displays the contents of the phrase list as shown below.


Setting Up the Phrase List

To add a phrase to the phrase list, do the following:

  1. Under Phrase Filtering, click Add.
  2. Enter the word or phrase in the Add a phrase dialog box, and click OK. The phrase must be between 3 and 32 characters.
  3. The phrase now appears in the list box under Phrase Filtering on the Content Filtering tab.
  4. Click Apply, at the top of the right panel, to save the new phrase-list.txt file.
    Note: To set up an effective phrase list, look at your delivery rules to see what spam words you filter. These words should be entered in the phrase list.

Editing the Phrase List

To edit a phrase in the phrase list, do the following:

  1. Select the word or phrase from the list box under Phrase Filtering and click Edit.
  2. In the Edit the Phrase dialog box, make any desired changes to the phrase and click OK.
  3. Click Apply, at the top of the right panel.

Options

None. Disables phrase filtering.

Current Host (default for primary host). Select this option to define phrase filtering settings specific to the current host.

Primary Host (default for non-primary hosts). Uses the primary host's phrase filtering settings.

Normalize Words. If this option is selected, IMail strips out all non-alphabetic characters (anything other than A-Z, a-z) from words before comparing them to the phrase list.

Scan. Select which part of a message phrase filtering will examine for phrase matches.

Spam Action. Specify one of the following actions to take if a message contains a phrase from the phrase list.

Prefix Subject With. If selected, the subject of a message identified as spam by the phrase filter, is modified to begin with the text entered in the text box. By default this text is X-IMail-Spam-Phrase, however, you can customize this message to anything you want, as long as it does not exceed 255 characters.

Content Filtering for Authenticated Users. Select this option to enable content filtering for all messages that are received from authenticated users.
Note: When Content Filtering for Authenticated Users is selected, content filtering is not performed on messages sent from system and host administrators. This prevents mail from being filtered twice in case a message is misidentified as spam and the administrator forwards it to the intended recipient.

Merging Multiple Phrase Lists

To combine the contents of multiple phrase list files, you must use the cleanlist.exe command line utility. For more information see "Merging\Cleaning Phrase Lists and URL Domain Black Lists (cleanlist.exe)".

What to Enter in the Phrase List

The phrase list should contain phrases that occur frequently in spam. The best way to obtain this information is to look at your current rules to see which phrases you filter out. You can also download a sample phrase-list.txt file from the Ipswitch Web site.

When you enter a domain name into the phrase list, IMail Server filters the domain name if it appears in normal text in the body of a message. To filter domain names found in URLs or links, you must enter the domain name into the URL Domain Black List. The URL Domain Black List filters the domain name if it appears as a link in HTML code within a message, specifically within HREF and IMG SRC tags. For more information, see "URL Domain Black List".

HTML Content Filtering

The HTML filtering feature of IMail Server is part of content filtering, but is used only on the HTML portions of a mail message. HTML filtering is important, because spammers use a variety of techniques to get around antispam programs that filter on words (such as IMail's statistical filter). The primary way they do this is by disguising the message text in HTML so that it doesn't look like text. Unfortunately, if a word doesn't look like a word, the phrase and statistical filter will not be able to determine if it is spam. HTML filtering in IMail Server consists of the following three components:

The HTML parser is always enabled as part of the antispam engine, and can work independently or in collaboration with feature filtering and the URL Domain Black List. The parser decodes HTML code and tags until the text appears as it will when the message is opened. The parser then passes the text on to be processed by statistical and phrase filtering to determine if it is spam.
HTML feature filtering allows you to define certain HTML tags that will be spam indicators. The HTML features include Nested Table, Hyperlink, Script Tag, Invalid Tag, Image Tag, Mailto Hyperlink, Deceptive URL, and Embedded Comment. If a message contains a configurable number of these HTML features, it is identified as spam, and the appropriate spam action is taken.
The URL Domain Black List is a configurable list of domain names that are taken from URLs found in email determined to be spam. URLs are found in HTML and plain text email. In the HTML text parts of an email, URLs are found in those tags that have link attributes such as the HREF attribute for the anchor tag or the IMG SRC attribute for the image tag. HTML text is always searched. The plain text parts of an email are only searched when the URL Domain Black List filter is configured to scan HTML and plain text messages.
Additionally, if Deceptive URL is selected in the Feature Filtering options, deceptive URLs (domains) found in HTML and/or plain text messages are decoded and checked against the URL Domain Black List. If the primary domain matches domain names in the URL Domain Black List, the email is considered spam and the appropriate spam action is taken.
The URL Domain Black List is a configurable list of domain names that are known to send spam. IMail Server extracts the primary domain from an http link to determine if the domain name is in the URL Domain Black List. It does this by looking for domains that are used in HREF and IMG SRC tags in the HTML code. If HTML and plain text scanning is selected) by looking for domains in plain text messages. Additionally, if Deceptive URL is selected in the Feature Filtering options, deceptive URLs (domains) found in HTML and plain text messages are decoded and checked against the URL Domain Black List. If the primary domain matches any of the domain names in the URL Domain Black List, the email is considered spam and the appropriate spam action is taken.

Getting to the Content Filtering (HTML) tab:

  1. In the left panel, expand the localhost, and select a host with an IP address.
  2. Under the host, select the Antispam folder.
  3. In the right panel, click the Content Filtering (HTML) tab.

HTML Feature Filtering

Use Feature Filtering to select the HTML features to search for in messages, the number of HTML features that must occur for a message to be identified as spam, and the spam action to take. IMail Server processes the text within the angle brackets of an HTML tag by checking to see if the tag is one of the features it has been configured to search for. If it is, the HTML filter counter counts the features found. The email is considered spam if the number of HTML features it contains equals the number configured for the features found count.

Options

None. Disables feature filtering.

Current Host (default for primary host). Select this option to define feature filtering settings specific to the current host.

Primary Host (default for non-primary hosts, not available for primary host). Uses the primary host's feature filtering settings.

Select HTML features to search for. For more information, refer to the help files for descriptions and examples of the following HTML features:
Nested Table Invalid Tag Deceptive URL
Hyperlink Script Tag Embedded Comment
Image Tag Mailto Hyperlink Deceptive Text

The email is spam if ___ of the selected features are detected. Select the number of types of HTML features that must appear in an email before it is identified as spam. The values available depend on how many features are selected. For example, if two features are selected, your choices for this option are 1 and 2.

Spam Action. Specify one of the following actions to take on a message that contains HTML features:

Prefix Subject With. If selected, the subject of a message identified as spam by the feature filter, is modified to begin with the text entered in the text box. By default this text is
X-IMail-Spam-Feature, however, you can customize this message, as long as it does not exceed 255 characters.

Example Configuration

Some of the HTML features are common to all HTML messages not just spam (i.e. hyperlinks). Selecting one of these features may cause false positives. As you gain experience with the feature filtering options, you will be able to modify the settings based on your preferences. However, below is a suggested initial configuration that enables you to use the feature filter with success.

  1. Select Embedded Comment and Deceptive URL. Both of these elements, especially when they occur together, are strong indicators of spam. Make sure that all other HTML features are cleared.
  2. Select 2 from The email is spam if __ of the selected features are detected. This requires that both an embedded comment and a deceptive URL be present in a message for it to be considered spam.
  3. For Action to be taken on email determined to be spam, select Insert X-Header.
  4. Since messages are still delivered, you may want to create a delivery rule that moves messages to a mailbox. See also "Using Delivery Rules to Filter Spam".

URL Domain Black List

You can configure IMail Server to search for domain names that appear as URL links in messages, and set the action to take on such messages. These domain names are contained in the URL Domain Black List, which is stored in the url-domain-bl.txt file, located in the IMail top directory. IMail Server extracts the primary domain from an http link, in an HREF or IMG SRC tag, to determine if the domain is in the URL Domain Black List. If it is, the email is identified as spam and the specified spam action is taken. The list box under URL Domain Black List displays domain names that have been entered manually, as well as those entered using antispamseeder.exe. Secondary domains can choose to use the primary domain's URL Domain Black List instead of maintaining their own.

Options

Use:

Scan. Set the following option to configure the type of text that domain black list filtering scans for hyperlink (URLs):

Search for the following URL domains. This list box displays the black list domains for the current host. The black list is stored in the url-domain-bl.txt file located in the host's directory. Use Add, Edit, and Remove to manage the black list domains. For more information, see "Adding a Domain to the URL Domain Black List" and "Editing a Domain in the URL Domain Black List".

Action to be taken on email that contains one of the above URL Domains. Specify the action to take on a message containing one of the domains in the URL Domain Black List.

Prefix Subject With. If selected, the subject of a message that is identified as spam by the URL Domain Black List, will be modified to begin with the text entered in the text box. By default this text is X-IMail-Spam-URL-DBL, but you can customize it to anything you want, as long as it does not exceed 255 characters.

Adding a Domain to the URL Domain Black List

  1. On the Content Filtering (HTML) tab, click Add under URL Domain Black List.
  2. In the Add URL Domain Name text box, enter the domain name or IP address that you want to add to the black list. See below for acceptable entries.
  3. Click OK. The domain name appears in the URL Domain Black List box on the Content Filtering (HTML) tab.

The following are examples of acceptable entries for the URL Domain Black List:

Editing a Domain in the URL Domain Black List

  1. On the Content Filtering (HTML) tab, find the URL Domain Black List box.
  2. Select the domain name or IP address that you want to modify and click Edit.
  3. In the Edit URL Domain dialog, make any desired modifications, and click OK.

The modified domain name appears in the URL Domain Black List box on the Content Filtering (HTML) tab.
Note: You can also use the antispamseeder.exe utility to create a URL Domain Black List. For more information, see "Creating a URL Domain Black List From a Mailbox".

Merging Multiple URL Domain Black Lists

To combine the contents of multiple URL domain black list files, you must use the cleanlist.exe command line utility. For more information, see "Merging\Cleaning Phrase Lists and URL Domain Black Lists (cleanlist.exe)".

Broken MIME Header Filtering

The Broken MIME Header filter identifies Broken MIME headers characteristics that result in SPAM email. Broken MIME headers occur when:

Options on this tab let you select actions to take when Broken MIME headers are identified

as SPAM email. For examples, see "Broken MIME Header Examples".
Note: Click Apply to save setting modifications.


Getting to the Broken MIME Headers tab:

  1. In the left panel, expand the localhost folder, then select a host with an IP address.
  2. Under the host, select the Antispam folder.
  3. In the right panel, click the Broken MIME Headers tab.

To configure Broken MIME Headers filtering:

Tip: We recommended that you select the Insert X-Header option instead of Delete until you know that the Broken MIME header options are setup to best suit your filtering requirements.

Broken MIME Header Examples

Following are examples of cases where the Broken MIME Header filter identifies Broken MIME headers characteristics and treats email with these characteristics as SPAM.

Hidden opening boundary delimiter

The opening boundary delimiter is hidden by making it part of the MIME header. Spammers sometimes include the opening boundary delimiter in the header to hide the first part of the multipart from content filters as shown in the example below. To filter a message with these attributes, on the Broken MIME Headers tab, click Enable.


Boundary parameter values exceed 70 characters

Multipart emails with boundary values that exceed 70 characters are treated as spam. See RFC 2046 for more details on the boundary parameter of the Content-Type MIME header field. To filter a message with these attributes, on the Broken MIME Headers tab, click Enable.

No boundary parameter value when the Content-Type media type is multipart

Multipart emails with no boundary value are treated as spam. This is a variation on the scheme used in Hidden opening boundary delimiters to prevent content filters from scanning the contents of an email. To filter a message with these attributes, on the Broken MIME Headers tab, click Enable.

MIME type parameters a line with no leading white spaces

Multipart emails whose Content-Type boundary parameter is on a separate line with no leading spaces are treated as spam. This is a variation on the scheme used in Hidden opening boundary delimiter to prevent content filters from scanning the contents of an email.


Configuring Trusted Addresses (White Lists)

The Trusted Addresses tab lets you enter IP addresses, subnet masks, email addresses, and domains for which no connection or content filtering is done. The IP addresses are stored in the spamskip.txt file. The domains and email addresses are stored in the whitelist.txt file, which is located in the host's top directory.


Getting to the Trusted Addresses tab:

  1. In the left panel, expand the localhost folder and select a host with an IP address.
  2. Expand the host, and select the White List folder.
  3. In the right panel, click the Trusted Addresses tab.

Adding Trusted Addresses

To add an IP address to the trusted address list:

  1. On the Trusted Addresses tab under IP Addresses, click Add.
  2. Enter the IP Address and Netmask into the Add Trusted IP Address dialog box.
    • Address. The IP address for which no spam test is performed.
    • NetMask. The subnet mask for which no spam tests are done.
  3. Click OK.
  4. On the Trusted Addresses tab, click Apply to save your changes.

Adding Domains/Email Addresses
Note: Do not enter your own domain name into the Domains/E-Mail Addresses list box.

To add a domain or email address to the trusted address list:

  1. On the Trusted Addresses tab, under Domains/Email Address, click Add.
  2. Enter either a domain or an email address into the text box.
  3. Click OK to add the entry to the Domains\Email Addresses list box.
  4. On the Trusted Addresses tab, click Apply to save your changes.
    Tip: You may want to review the log files to determine the correct domain name to use as an address in the Trusted Addresses tab. For example, in a log file you might see the following entries for a connection:00:03 SMTP-(056C00A1) Connect example.com [192.138.4.65:25] (1) 03:09 00:03 SMTP-(056C00A1) 220 YSmtp mta134.mail.sc5.example.com ESMTP.Since some mail server IP addresses are changed on a regular basis, rather than including the IP address shown in the first line of the log (192.138.4.65:25), you can use the domain name associated with the IP address (mta134.mail.sc5.example.com). For more information about log files, see "Mail Server Log Files".

Other Options

Apply to antispam (selected by default). If this option is selected, messages that are identified by content filters are compared to the trusted addresses (IP Addresses and Domains/EMail Addresses). Messages received from addresses that match the trusted addresses will not be processed as SPAM.

Apply Domains/EMail Addresses to content filtering only (option is available only when Apply to antispam is selected). If this option is selected, messages from addresses in the Domains/Email Addresses list will only bypass content filtering. If this option is cleared, messages from addresses in the Domains/Email Addresses list will bypass both content and connection filtering.

Apply to attachment blocking (selected by default). If this option is selected, messages that are identified by attachment blocking settings are compared to the trusted addresses (IP Addresses and Domains/EMail Addresses). Messages received from addresses that match the trusted addresses will not have the file attachments blocked.


Ipswitch, Inc.
http://www.ipswitch.com
TOC PREV NEXT INDEX
©Ipswitch 2005