How to Configure an Email Security Policy with Mail Scan and DNSBL on ATP?

Zyxel_Emily Posts: 1,325  Zyxel Employee
First Anniversary 10 Comments Friend Collector First Answer
edited June 2022 in Security Service

This is an example of using ATP Series’ UTM Profile to mark or discard spam (unsolicited commercial or junk e-mail). Use the Email Security white list to identify legitimate e-mail. Use the Email Security black list to identify spam e-mail. The ATP Series can also check e-mail against a DNS Black List (DNSBL) of IP addresses of servers that are suspected of being used by spammers.

Note: All network IP addresses and subnet masks are used as examples in this article. Please replace them with your actual network IP addresses and subnet masks. This example was tested using ATP200 (Firmware Version: ZLD 4.32).

Set Up the Email Security on ATP Series

In the ATP Series, go to CONFIGURATION > Security Service> Email Security; Enable this feature on General Settings page. Select Check IP Reputation (SMTP only) to have the ATP Series scan for spam e-mail by IP Reputation. Select Check Mail Content to identify Spam Email by content, such as malicious content. Select Check Virus Outbreak to scan viruses attached in emails. On advance section, leave Query Timeout Settings to be the default settings.

Select from the list of available Scan Options and desired Log type whether to have the ATP Series generate a log (log), log and alert (log alert) or neither (no) by default when traffic matches this policy. Click Apply to save the configuration

CONFIGURATION > Security Service > Email Security

1.    Register the device to

2.    Activate Application Security.

3.    Go to CONFIGURATION > Security Service> Email Security>Enable Check Black List to have the ATP Series treat e-mail that matches (an active) black list entry as spam.

4.   Continue to Rule Summary on Black/White List, click the Add icon. A pop-up screen will appear allowing you to configure Content (Subject, IP/IPv6 Address, E-Mail Address and Mail Header), Use wildcards (*) to configure Mail Subject Keyword. (*sell* in this example). Click OK to return to the General screen.

CONFIGURATION > Security Service> Black/White List

5.    In the ATP Series, go to CONFIGURATION > Security Service> Email Security>Enable Check DNSBL

Press Add and enter the DNSBL Domain for a DNSBL service ( in this example). Click Apply.

Test the Result

1.    Send the mail subject with “sell”. 

2.    You will receive the mail subject with [Spam] tag.

What Could Go Wrong?

1.    If Email Security is not working, there are two possible reasons:

You have not subscribed for the Email Security service.

You have subscribed for the Email Security service but the license (Application Security) is expired.

2.    You can click the link from the CONFIGURATION > Licensing > Registration screen of your ZyXEL device’s Web Configurator or click the 2.0 icon from the portal page ( to register or extend your Application Security license.

Share yours now!