How to Configure an Email Security Policy with Mail Scan and DNSBL on ATP?
Zyxel Employee
This is an example of using ATP Series’ UTM Profile to mark or discard spam (unsolicited commercial or junk e-mail). Use the Email Security white list to identify legitimate e-mail. Use the Email Security black list to identify spam e-mail. The ATP Series can also check e-mail against a DNS Black List (DNSBL) of IP addresses of servers that are suspected of being used by spammers.
Note: All network IP addresses and subnet masks are used as examples in this article. Please replace them with your actual network IP addresses and subnet masks. This example was tested using ATP200 (Firmware Version: ZLD 4.32).
Set Up the Email Security on ATP Series
In the ATP Series, go to CONFIGURATION > Security Service> Email Security; Enable this feature on General Settings page. Select Check IP Reputation (SMTP only) to have the ATP Series scan for spam e-mail by IP Reputation. Select Check Mail Content to identify Spam Email by content, such as malicious content. Select Check Virus Outbreak to scan viruses attached in emails. On advance section, leave Query Timeout Settings to be the default settings.
Select from the list of available Scan Options and desired Log type whether to have the ATP Series generate a log (log), log and alert (log alert) or neither (no) by default when traffic matches this policy. Click Apply to save the configuration
CONFIGURATION > Security Service > Email Security
1. Register the device to myZyxel.com.
2. Activate Application Security.
3. Go to CONFIGURATION > Security Service> Email Security>Enable Check Black List to have the ATP Series treat e-mail that matches (an active) black list entry as spam.
4. Continue to Rule Summary on Black/White List, click the Add icon. A pop-up screen will appear allowing you to configure Content (Subject, IP/IPv6 Address, E-Mail Address and Mail Header), Use wildcards (*) to configure Mail Subject Keyword. (*sell* in this example). Click OK to return to the General screen.
CONFIGURATION > Security Service> Black/White List
5. In the ATP Series, go to CONFIGURATION > Security Service> Email Security>Enable Check DNSBL
Press Add and enter the DNSBL Domain for a DNSBL service (zen.spamhaus.org in this example). Click Apply.
Test the Result
1. Send the mail subject with “sell”.
2. You will receive the mail subject with [Spam] tag.
What Could Go Wrong?
1. If Email Security is not working, there are two possible reasons:
You have not subscribed for the Email Security service.
You have subscribed for the Email Security service but the license (Application Security) is expired.
2. You can click the link from the CONFIGURATION > Licensing > Registration screen of your ZyXEL device’s Web Configurator or click the myZyXEL.com 2.0 icon from the portal page (https://portal.myzyxel.com/) to register or extend your Application Security license.
Categories
- All Categories
- 392 Beta Program
- 2.1K Nebula
- 116 Nebula Ideas
- 78 Nebula Status and Incidents
- 5.1K Security
- 51 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 70 Switch Ideas
- 907 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 211 Service & License
- 332 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.9K FAQ
- 880 Nebula FAQ
- 415 Security FAQ
- 220 Switch FAQ
- 195 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 137 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 72 About Community
- 63 Security Highlight