Unable to have antispam working for incoming emails
Options
Freshman Member
Hi all,
I want to apply antispam checking on all emails going to our email server, which resides behind the Zyxel ZyWALL 310. The ZyWALL 310 redirects all SMTP trafic to our email server and the email works fine.
But I am not able to make the antispam to work. After following this manual: https://kb.zyxel.com/KB/searchArticle!gwsViewDetail.action?articleOid=015556&lang=EN, with the exception that Mail Subject Keyword was replace by *test* and in CONFIGURATION > Security Policy > Policy Control I have changed the from WAN to LAN1:
I want to apply antispam checking on all emails going to our email server, which resides behind the Zyxel ZyWALL 310. The ZyWALL 310 redirects all SMTP trafic to our email server and the email works fine.
But I am not able to make the antispam to work. After following this manual: https://kb.zyxel.com/KB/searchArticle!gwsViewDetail.action?articleOid=015556&lang=EN, with the exception that Mail Subject Keyword was replace by *test* and in CONFIGURATION > Security Policy > Policy Control I have changed the from WAN to LAN1:
I then send email from outside email server to our email server with the test subject, but no spam was detected.
Any idea's why, shouldn't the Spam filter mark the email as spam?
Any idea's why, shouldn't the Spam filter mark the email as spam?
Kind regards,
Lukas
0
Accepted Solution
-
Different USG services are already phased out or will phased out during next time. See following link:With our USG110 anti-spam license is still valid but not actively used (as already said above).In past we tried to purchase a license bundle without anti-spam, but this was never offered. Nevertheless the bundle license was cheaper than bying single licenses for each UTM service. That's why we purchased the bundle including anti-spam.To check which licenses are offered for your device, use the following link:0
Master Member
All Replies
-
Normally, in my case in Germany, all emails will only be retrieved in encrypted form from ISP even if the email traffic is never end-to-end encrypted between sender and receiver. Please check your mail server behind the firewall how its retrieving the mails.For example, our mail server is using port 110 (for POP3) via "SSL encryption using STLS command".But this causes that the USG spam filter is not able to analyse any mail content or subject.With us the spamfilter is integrated in the mail server since it is finally decrypting the mails before putting them into users mailboxes. At the USG you could normally save this computing time.0
-
It could work on my lab, but it hit Mail Drop directly.even I set "Forward with TAG". Not sure isn't by design?
I used " Blockrule : *sell* , Subject: wanna sell ST"
Maybe You can create the rule sourc:User Subnet -> dst: email service : (pop) with the email-security policy.
Then you should see the SPAM(Blocklist) TAG (Assume all clean text).
0 -
0
-
Hi, thank you for all answers.
The email traffic is not encrypted and I finally, I have come to conclusion, that the configuration is ok. The blockrule is not working and I did not manage to test it. But, I have received the log alert about malicious incoming email. So, at last, this looks like it is working. There are however two things I would like to ask regarding email antispam on ZyWALL 310:
1. I have trial antispam license, but I did not find the licesne (Zyxel E-iCard) with antispam for ZyWALL / USG 310. Even with MyZyxel, I can order some bundle, but without antispam. Where can I buy this 1 year antispam license?
2. Our email sever detects 4-8 incoming spam emails each day. But this antispam service on Zyxel 310 is detecting aprox. 1 incoming spam email per 3 days. According to your experience, Is it worth investing to this service?Kind regards,Lukas0 -
Different USG services are already phased out or will phased out during next time. See following link:With our USG110 anti-spam license is still valid but not actively used (as already said above).In past we tried to purchase a license bundle without anti-spam, but this was never offered. Nevertheless the bundle license was cheaper than bying single licenses for each UTM service. That's why we purchased the bundle including anti-spam.To check which licenses are offered for your device, use the following link:0
-
Hi @BarbaraMorrigan,
Greeting Forum,We are in the process of clarifying and fixing this issue.
Thanks your patience.
Kevin0 -
Hi @BarbaraMorrigan,
For Anti-Spam, Only SMTP can set "Drop".
When hit blocklist, SMTP would Drop the mail, POP3 would forward with tag.
Kevin
0 -
Additionally, you may do a more thorough search by name at a business leads database. By inputting the company name and email address at https://getprospect.com/b2b-contact-database , you may discover people's addresses by name and identify corporate and business owner email addresses in your B2B leads database. Additionally, phone numbers and physical addresses are accessible upon request. Please verify the email address you are about to enter before proceeding. Fraudulent emails are more likely to originate from addresses that have been in use for months, if not years.0
Ally Member
Zyxel Employee
Categories
- All Categories
- 390 Beta Program
- 2.1K Nebula
- 116 Nebula Ideas
- 78 Nebula Status and Incidents
- 5.1K Security
- 51 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 69 Switch Ideas
- 907 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 210 Service & License
- 331 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.9K FAQ
- 879 Nebula FAQ
- 415 Security FAQ
- 220 Switch FAQ
- 194 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 137 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 72 About Community
- 61 Security Highlight
