Cyberoam Anti Spam Implementation Guide Anti S… · network bandwidth, it also affects the...

Cyberoam Anti Spam Implementation Guide Version 9

Document version 9402-1.0-18/10/2006

IMPORTANT NOTICE Elitecore has supplied this Information believing it to be accurate and reliable at the time of printing, but is presented without warranty of any kind, expressed or implied. Users must take full responsibility for their application of any products. Elitecore assumes no responsibility for any errors that may appear in this document. Elitecore reserves the right, without notice to make changes in product design or specifications. Information is subject to change without notice. USER’S LICENSE The Appliance described in this document is furnished under the terms of Elitecore’s End User license agreement. Please read these terms and conditions carefully before using the Appliance. By using this Appliance, you agree to be bound by the terms and conditions of this license. If you do not agree with the terms of this license, promptly return the unused Appliance and manual (with proof of payment) to the place of purchase for a full refund. LIMITED WARRANTY Software: Elitecore warrants for a period of ninety (90) days from the date of shipment from Elitecore: (1) the media on which the Software is furnished will be free of defects in materials and workmanship under normal use; and (2) the Software substantially conforms to its published specifications except for the foregoing, the software is provided AS IS. This limited warranty extends only to the customer as the original licenses. Customers exclusive remedy and the entire liability of Elitecore and its suppliers under this warranty will be, at Elitecore or its service center’s option, repair, replacement, or refund of the software if reported (or, upon, request, returned) to the party supplying the software to the customer. In no event does Elitecore warrant that the Software is error free, or that the customer will be able to operate the software without problems or interruptions. Elitecore hereby declares that the anti virus and anti spam modules are powered by Kaspersky Labs and the performance thereof is under warranty provided by Kaspersky Labs. It is specified that Kaspersky Lab does not warrant that the Software identifies all known viruses, nor that the Software will not occasionally erroneously report a virus in a title not infected by that virus. Hardware: Elitecore warrants that the Hardware portion of the Elitecore Products excluding power supplies, fans and electrical components will be free from material defects in workmanship and materials for a period of One (1) year. Elitecore's sole obligation shall be to repair or replace the defective Hardware at no charge to the original owner. The replacement Hardware need not be new or of an identical make, model or part; Elitecore may, in its discretion, replace the defective Hardware (or any part thereof) with any reconditioned product that Elitecore reasonably determines is substantially equivalent (or superior) in all material respects to the defective Hardware. DISCLAIMER OF WARRANTY Except as specified in this warranty, all expressed or implied conditions, representations, and warranties including, without limitation, any implied warranty or merchantability, fitness for a particular purpose, non-infringement or arising from a course of dealing, usage, or trade practice, and hereby excluded to the extent allowed by applicable law. In no event will Elitecore or its supplier be liable for any lost revenue, profit, or data, or for special, indirect, consequential, incidental, or punitive damages however caused and regardless of the theory of liability arising out of the use of or inability to use the product even if Elitecore or its suppliers have been advised of the possibility of such damages. In the event shall Elitecore’s or its supplier’s liability to the customer, whether in contract, tort (including negligence) or otherwise, exceed the price paid by the customer. The foregoing limitations shall apply even if the above stated warranty fails of its essential purpose. In no event shall Elitecore or its supplier be liable for any indirect, special, consequential, or incidental damages, including, without limitation, lost profits or loss or damage to data arising out of the use or inability to use this manual, even if Elitecore or its suppliers have been advised of the possibility of such damages.

RESTRICTED RIGHTS Copyright 2000 Elitecore Technologies Ltd. All rights reserved. Cyberoam, Cyberoam logo are trademark of Elitecore Technologies Ltd. Information supplies by Elitecore Technologies Ltd. Is believed to be accurate and reliable at the time of printing, but Elitecore Technologies assumes no responsibility for any errors that may appear in this documents. Elitecore Technologies reserves the right, without notice, to make changes in product design or specifications. Information is subject to change without notice

CORPORATE HEADQUARTERS Elitecore Technologies Ltd. 904 Silicon Tower, Off. C.G. Road, Ahmedabad – 380015, INDIA Phone: +91-79-26405600 Fax: +91-79-26407640 Web site: www.elitecore.com , www.cyberoam.com

http://www.elitecore.com/

http://www.cyberoam.com/

Cyberoam Anti Spam Implementation Guide

3

Contents

Guide Sets .......................................................................................................................................4 Technical Support ............................................................................................................................5 Typographic Conventions ................................................................................................................6

Overview..............................................................................................................................................7 Spam ...................................................................................................................................................7 Cyberoam Gateway Anti Spam ...........................................................................................................8 Enable Scanning .................................................................................................................................9 Spam Policy.........................................................................................................................................9

Types of Policies ..........................................................................................................................9 Detection of spam attributes ......................................................................................................10 Actions........................................................................................................................................10

Global policy ..................................................................................................................................11 Default policy .................................................................................................................................11 Custom policy ................................................................................................................................12

Create Custom Scan policy........................................................................................................12 Manage Custom Spam policy ....................................................................................................13 Add Advanced Rules..................................................................................................................14 Change Advanced action rules Order ........................................................................................18 Delete Custom Spam policy.......................................................................................................19

Address Groups.................................................................................................................................20 Create Address Groups .................................................................................................................20 Delete Address Groups..................................................................................................................21 Delete individual address from Group ...........................................................................................22

Spam Rule.........................................................................................................................................23 Create Spam rule...........................................................................................................................23 Delete Spam Rule..........................................................................................................................24 Change Spam rule Order...............................................................................................................25

Local Domains...................................................................................................................................26 Add Domains .................................................................................................................................26 Delete Domains .............................................................................................................................26

General Configuration .......................................................................................................................27 Bypass Reporting ..............................................................................................................................29


4

Guide Sets

Guide Describes

User Guide Console Guide Console Management Windows Client Guide Installation & configuration of Cyberoam Windows

Client Linux Client Guide Installation & configuration of Cyberoam Linux

Client HTTP Client Guide Installation & configuration of Cyberoam HTTP

Client Analytical Tool Guide Using the Analytical tool for diagnosing and

troubleshooting common problems LDAP Integration Guide Configuration for integrating LDAP with Cyberoam

for external authentication ADS Integration Guide Configuration for integrating ADS with Cyberoam

for external authentication PDC Integration Guide Configuration for integrating PDC with Cyberoam

for external authentication RADIUS Integration Guide Configuration for integrating RADIUS with

Cyberoam for external authentication High Availability Configuration Guide

Configuration of High Availability (HA)

Multi Link Manager User Guide Configuration of Multiple Gateways, load balancing and failover

VPN Management Implementing and managing VPN Cyberoam IDP Implementation Guide

Configuring, implementing and managing Intrusion Detection and Prevention

Cyberoam Anti Virus Implementation Guide

Configuring and implementing anti virus solution


Configuring and implementing anti spam solution


5

Technical Support

You may direct all questions, comments, or requests concerning the software you purchased, your registration status, or similar issues to Customer care/service department at the following address: Corporate Office eLitecore Technologies Ltd. 904, Silicon Tower Off C.G. Road Ahmedabad 380015 Gujarat, India. Phone: +91-79-26405600 Fax: +91-79-26407640 Web site: www.elitecore.com Cyberoam contact: Technical support (Corporate Office): +91-79-26400707 Email: [email protected] Web site: www.cyberoam.com Visit www.cyberoam.com for the regional and latest contact information.

http://www.elitecore.com/

mailto:[email protected]




6

Typographic Conventions

Material in this manual is presented in text, screen displays, or command-line notation.

Item Convention Example

Server Machine where Cyberoam Software - Server component is installed

Client Machine where Cyberoam Software - Client component is installed

User The end user Username Username uniquely identifies the user of the system Part titles Bold and

shaded font typefaces Report

Topic titles Shaded font typefaces Introduction

Subtitles Bold & Black typefaces Notation conventions

Navigation link Bold typeface Group Management → Groups → Create it means, to open the required page click on Group management then on Groups and finally click Create tab

Name of a particular parameter / field / command button text

Lowercase italic type

Enter policy name, replace policy name with the specific name of a policy Or Click Name to select where Name denotes command button text which is to be clicked

Cross references

Hyperlink in different color

refer to Customizing User database Clicking on the link will open the particular topic

Notes & points to remember

Bold typeface between the black borders

Note

Prerequisites Bold typefaces between the black borders

Prerequisite Prerequisite details


7

Overview Welcome to Cyberoam’s – Anti Spam User guide. Cyberoam is an Identity-based UTM Appliance. Cyberoam’s solution is purpose-built to meet the security needs of corporates, government organizations, and educational institutions. Cyberoam’s perfect blend of best-of-breed solutions includes User based Firewall, Content filtering, Anti Virus, Anti Spam, Intrusion Detection and Prevention (IDP), and VPN. Cyberoam provides increased LAN security by providing separate port for connecting to the publicly accessible servers like Web server, Mail server, FTP server etc. hosted in DMZ which are visible the external world and still have firewall protection. Cyberoam Anti Spam as a part of unified solution along with Anti Virus and IDP (Intrusion Detection and Prevention), provides real time virus and spam scanning. Anti Spam module is an add-on module which needs to be subscribed before use. Refer to Licensing section for details on registration.

Spam Spam refers to electronic junk mail or junk newsgroup postings. Some people define spam even more generally as any unsolicited e-mail. Spamming is to indiscriminately send unsolicited, unwanted, irrelevant, or inappropriate messages, especially commercial advertising in mass quantities. In other words, it is an inappropriate attempt to use a mailing list, or other networked communications facility as a broadcast medium by sending the same message to a large number of people who did not ask for it. In addition to being a nuisance, it also eats up a lot of network bandwidth. Because the Internet is a public network, little can be done to prevent spam, just as it is impossible to prevent junk mail. However, the use of software filters in e-mail programs can be used to remove most spam sent through e-mail to certain extent. With the number of computer users growing and the exchange of information via the Internet and email increases in volume, spamming has become an almost everyday occurrence. Apart from network bandwidth, it also affects the employees productive as deletion of such mails is a huge task. Anti spam protection is therefore a priority for anyone who uses a computer.


8

Cyberoam Gateway Anti Spam Cyberoam Gateway Anti Spam provides you with powerful tools for scanning and detecting spam in the e-mail traffic. Cyberoam Gateway Anti Spam inspects all incoming emails - SMTP, POP3 and IMAP traffic - before the messages are delivered to the receiver's mail box. If spam is detected, depending on the policy and rules set, emails are processed and delivered to the recipient unaltered, reject and generate a notification on the message rejection, add or change subject or change the receiver. Cyberoam Gateway Anti Spam is fully compatible with all the mail systems and therefore can be easily integrated into the existing network. Cyberoam Anti Spam allows to: • Scan email messages for spamming by protocols namely SMTP, POP3, IMAP • Monitors mails received from Domain/IP address • Detect spam mails using RBLs • Accept/Reject messages based on message size and message header • Customize protection of incoming and outgoing e-mail messages by defining scan policies • Set different actions for SMTP, POP and IMAP spam mails • Configure action for individual email address • Notify receivers about spam messages


9

Enable Scanning Enable anti-spam scanning using firewall rules. While anti-spam settings can be configured for system-wide use, they can also be implemented with specific settings on a per user basis. Refer to Cyberoam User Guide, Firewall section for creating firewall rules for enabling the anti-spam scanning. You can enable anti spam scanning by creating firewall rule for: • Zone • User/User Group • Host/Host Group

By enabling scanning through firewall, you can customize levels of protection. For example, while traffic between LAN and WAN might need strict protection, traffic between trusted internal addresses might need moderate protection. Hence you can enable/disable scanning for particular combination of source and destination IP address or domain.

Spam Policy As soon as you register Cyberoam Gateway Anti-spam module, default spam policy is applicable to all the incoming email traffic. Default spam policy is the general policy and not fit-for-all policy and hence might allow certain spam mails while block certain required mails also. Fine tuning the policies means reducing the spam attacks and chances of loosing any important and required mails. Spam policy defines what action is to be taken if the mail is identified as a spam and to which email address the copy of mail is to be send. As network scanning rules control all the traffic passing through the Cyberoam and decide whether to scan or bypass mail, policy will be applied to that traffic only that is filtered by network scanning rule.

Types of Policies

1. Global Global policy is applicable to all the users. Cyberoam provides blank corporate policy which can be customized as per the requirement.

2. Default Default policy is applicable to all the users except for those users for whom the personal policy is defined. Default policy is applicable to all the users as soon as you register the Anti Spam module.

3. Custom/Personal Cyberoam allows defining custom policy as per the individual user requirement. Custom user policy is applicable to only that user for whom the policy is created.

Scanning rules defines which scanning policy is to be applied to which recipient email address i.e. maps scanning policy to the email address.


10

Detection of spam attributes

Cyberoam uses content filtering and three RBLs - Real time Black hole Lists – to check for the spam attributes: • Message size • Message header • Premium RBL • Reliable RBL • Standard RBL

RBL is a list of IP addresses whose owners refuse to stop the proliferation of spam i.e. are responsible for spam or are hijacked for spam relay. Cyberoam will check each RBL for the connecting IP address. If the IP address matches to the one on the list then the specified action in policy is taken.

Actions

Accept – Accepts and delivers the mail to the intended receiver. This action can be defined for both SMTP and POP/IMAP protocols. Reject – Rejects the mail. This action sends the notification message to sender. This action can be defined only for SMTP protocol. Drop – Drops the mail. This action does not send any notification message to sender. This action can be defined only for SMTP protocol. Change Recipient - Accepts the mail but delivers the mail to the specified receiver and not to the receiver for whom the mail was originally send. This action can be defined only for SMTP protocol only. Prefix Subject – Accepts and delivers the mail to the intended receiver but after changing the subject of the mail. You can customize the subject in such a way that the receiver knows that the mail is a spam mail. This action can be defined for both SMTP and POP/IMAP protocols.


11

Global policy

Cyberoam provides the blank global policy which can be customized as per your requirement. By default, global policy applies to all the users. There is no need to apply the global policy to the users using rules. Select Anti Spam Spam Policy Global policy to customize policy. Refer to Add advanced rules for more details.

Default policy

Cyberoam provides a blank default policy which can be customized as per your requirement. Default policy will be applied to those users only for whom custom/personal policy is not defined. Select Anti Spam Spam Policy Default policy to customize policy. Refer to Add advanced rules for more details.


12

Custom policy

Custom scan policy allows you to specify the spam filtering level security i.e. action severity based on your requirement.

Create Custom Scan policy

Select Anti Spam Spam policy Create Custom policy to open the create page

Screen - Create Custom Spam policy

Screen Elements Description

Spam Policy details Name Specify policy name. Choose a name that best describes the policy Policy Description Specify full description of the policy Send copy to email address

Specify email addresses to which the mail copy is to be send. More than one address can be specified using comma For example [email protected],,[email protected] This option can be applied for SMTP protocol only

Create button Creates the policy. Cancel button Cancels the current operation Add button If the policy is successfully created, create advanced scanning rules to

specify what action is to be taken on mail identified as SPAM after successful creation of the policy. Refer to Manage Custom Policy for more detail for defining actions.

Table – Create Custom Spam policy screen elements


13

Manage Custom Spam policy

Select Anti Spam Spam Policy Manage Custom policy to view the list of policies created. Click the policy to be modified.

Screen – Manage Custom Spam policy


Spam Policy details Name Displays policy name Policy Description Displays full description of the policy, modify if required Send copy to email address

Displays email addresses to which the mail copy will be send, modify if required. More than one address can be specified using comma For example [email protected],,[email protected] This option can be applied for SMTP protocol only.

Update button Updates and saves modifications done in any of the above fields Cancel button Cancels the current operation Advanced Rules Advanced Rules


14


Add button Click to define the action to be taken on mails if the matching condition is found. Refer Add Advanced Rules for details.

Delete button Allows to delete the condition Select the condition to be deleted and click delete

Create button Saves the action rule Cancel button Cancels the current operation

Table – Manage Custom Spam policy screen elements

Add Advanced Rules

Select Anti Spam Spam Policy Manage Custom policy to view the list of policies created. Click the policy to which action rules are to be added.


15

Conditions • When Cyberoam Anti Spam identifies Mail as SPAM, Cyberoam accepts and delivers the mail

to the intended receiver but only after adding a prefix ‘SPAM’ to the original subject of the mail.

Original subject: ‘This is a test’ Receiver will receive the mail with subject line as: ‘SPAM: This is a test’ You can customize the subject in such a way that the receiver knows that the mail is a spam mail. To specify the contents to be prefixed to the existing subject line, select ‘Prefix Subject’ as action. You can set different actions for SMTP and POP.

• When Cyberoam Anti Spam identifies Mail as PROBABLE SPAM, Cyberoam accepts and delivers the mail to the intended receiver but after adding a prefix ‘PROBABLE SPAM’ to the original subject of the mail.

Original subject: ‘This is a test’ Receiver will receive the mail with subject line as: ‘PROBABLE SPAM: This is a test’ You can customize the subject in such a way that the receiver knows that the mail is a spam mail. To specify the contents to be prefixed to the existing subject line, select ‘Prefix Subject’ as action. You can set different actions for SMTP and POP.

• From Email Address/IP address – Specified action will be taken if the mail sender email or IP address matches the specified email address or IP address. You can set action for SMTP only.

• From Email Address/IP address – Specified action will be taken if the mail sender email or IP address belongs to the specified email address or IP address group. You can set action for SMTP only.


16

• Message Size - Specified action will be taken if the mail size matches the specified size. You can set different actions for SMTP and POP.

• Message Header - Specified action will be taken if the message header contains the specified text. You can set different actions for SMTP and POP.

You can scan message header for spam in: Subject – Specified action will be taken if the header contains the matching subject From - Specified action will be taken if the header contains the matching text in the From address. To - Specified action will be taken if the header contains the matching text in the To address. X-Mailer – X-Mailer identifies the software that created the message i.e. email client. Header section of message contains X-Mailer information. This allows you to scan and detect spam based on email client and specify action for a particular email client. For example, if you want to scan and reject messages created using Outlook Express then specify X-Mailer as ‘Microsoft Outlook Express’ and action as ‘Reject’ X-Spam Test Method – X-Spam Test Method displays the method name which is used for spam identification. Anti spam solutions use various methods to detect spam and after scanning add the X Spam Test Method tag along with the method name in the mail header. This scanning method can be used only if Cyberoam receives the tagged mail which is already scanned by some other anti spam solution and you know the method name. X-Spam Test Categories - X-Spam Test Categories displays the category name under which the mail is detected as SPAM. If Anti Spam solution uses content filtering method to detect spam then it added X Spam Test Categories tag along with the category name under which the mail is detected as spam in the mail header. This scanning method can be used only if Cyberoam receives the tagged mail which is already scanned by some other anti spam solution and you know the category name. Others – Specified action will be taken if the matching text is found in the header

• RBL - Specified action will be taken if the sender is listed in the specified RBL Group Actions Following actions can be taken on the mail identified as the SPAM • Reject – Cyberoam will reject the message and send the rejection notification to the mail

sender. This action can be applied to SMTP protocol only. • Drop – Cyberoam will reject the message but no notification will be send. This action can be

applied to SMTP protocol only. • Accept – Cyberoam will accept and deliver the message to the intended receiver • Change Recipient – Cyberoam will accept the message but will not deliver to the receiver for

whom the message was originally send. Message will be send to the specified receiver. This action can be applied to SMTP protocol only.

• Prefix Subject – Cyberoam will accept and deliver the message to the intended receiver but only after changing the subject of the message. You can customize the subject in such a way


17

that the receiver knows that the mail is a spam mail. Specify the contents to be prefixed to the existing subject line. For Example Contents to be prefixed to the original subject: ‘Spam notification from Cyberoam – ‘ Original subject: ‘This is a test’ Receiver will receive the mail with subject line as: ‘Spam notification from Cyberoam - This is a test’


18

Change Advanced action rules Order

Advanced action rules are ordered by their priority. When the rules are applied, they are processed from the top downwards and the first suitable rule found is applied. Hence, while adding multiple rules, it is necessary to put strict rules before moderate and general rules. Select Anti Spam Manage Custom policy to view the list of policies created. Click the policy whose action rule order is to be changed.

Click the rule whose order is to be changed Click Move Up to move the selected rule one-step up Click Move Down to move the selected rule one-step down Click Update Order to save the order


19

Delete Custom Spam policy

• Prerequisite • Not assigned any Rule

Select Anti Spam Spam policy Manage Custom policy to view the list of policies created

Screen – Delete Custom Spam policy


Del Select policy for deletion Click Del to select More than one policy can also be selected

Select All Select all the policies for deletion Click Select All to select all the policies

Delete button Deletes all the selected policy/policies

Table – Delete Custom Spam policy screen elements

Note Default policy cannot be deleted.


20

Address Groups Scanning rule can be defined for individual or group of • Email address • IP address • RBL (Real time black hole List)

Address group is the group of email addresses, IP addresses, or RBLs. Whenever the policy is applied to the address group, policy is applied to all the addresses included in the group. RBL is a list of IP addresses whose owners refuse to stop the proliferation of spam i.e. are responsible for spam or are hijacked for spam relay. This IP addresses might also be used for spreading virus. Cyberoam will check each RBL for the connecting IP address. If the IP address matches to the one on the list then the specified action in policy is taken.

Create Address Groups Select Anti Spam Configuration Address Groups to open the Address group page. Click Create to open the create page.

Screen – Create Email Address Group


21


Address Group details Name Specify group name

Can be any combination of A – Z, a – z, ‘_’, 0 - 9

Group Specify group type. You can create group of RBLs, IP address or Email address. RBL is a list of IP addresses whose owners refuse to stop the proliferation of spam i.e. are responsible for spam or are hijacked for spam relay. Cyberoam will check each RBL for the connecting IP address. If the IP address matches to the one on the list then the specified action in policy is taken.

Description Specify full description Allows maximum of 255 characters Can be any combination of A – Z, a – z, ‘_’, 0 - 9

Create button Creates group and depending on the group type allows adding email address, IP addresses or RBL names Click Add Type all the email addresses to be grouped specified by comma e.g. [email protected], [email protected]

Cancel button Cancels the current operation

Table – Create Email Address Group screen elements

Delete Address Groups Select Anti Spam Configuration Address Groups to view the list of groups created

Screen – Delete Address Group


Del Select address group for deletion Click Del to select


22

More than one address group can also be selected

Select All Select all the address group for deletion Click Select All to select all the address groups

Delete button Deletes all the selected address groups

Table – Delete Address Group screen elements

Delete individual address from Group Select Anti Spam Configuration Address Groups to view the list of groups created. Click the group from which the address is to be deleted

Screen – Delete Address from Group


Delete Select address for deletion Click Delete to select More than one address can also be selected

Select All Select all the address for deletion Click Select All to select all the address

Delete button Deletes all the selected address

Table – Delete Address from Group screen elements


23

Spam Rule Scanning rules defines which scanning policy is to be applied to which recipient email address i.e. map scanning policy with the email address. A rule allows to apply: • single policy for a email address or group of addresses • multiple policies for a particular email address or group of addresses

Create Spam rule

Prerequisite • Policy created • Address group created (if rule is for group)

Select Anti Spam Spam Rules to open the create page

Screen - Create Spam Rule


Spam Rule Details Action Item Select whether the rule is for individual email address or group

Specify email address or select the Address Group


24


Recipient Email Address

Specify recipient email address If the rule is for the complete domain the specify as @domainname e.g. @cyberoam.com

Address Group Specify address group Policy Name Specify policy to be applied.

According to the action specified in the policy, mails will be delivered as original or will be tagged and forwarded to the receiver.

Add button Creates rule Cancel button Cancels the current operation

Table – Create Spam Rule screen elements

Delete Spam Rule Select Anti Spam Spam Rules to view the list of rules created.

Screen - Delete Spam Rule


Del Select rule for deletion Click Del to select More than one rule can also be selected

Select All Select all the rules for deletion Click Select All to select all the rules

Delete button Deletes all the selected rules

Table – Delete Spam Rule screen elements


25

Change Spam rule Order Rules are ordered by their priority. When the rules are applied, they are processed from the top downwards and the first suitable rule found is applied. Hence, while adding multiple rules, it is necessary to put strict rules before moderate and general rules. Default policy order cannot be changes.

Select Anti Spam Spam Rules Click the rule whose order is to be changed Click Move Up to move the selected rule one-step up Click Move Down to move the selected rule one-step down Click Update to save the order


26

Local Domains Cyberoam also allows bypassing RBL scanning of mails for certain domains. For this, you have to define the domains as the trusted domains.

Add Domains

Select Anti Spam Configuration Local Domains Type Domain name or IP address Click Add

Mails from the specified domains will not be scanned for RBLs.

Delete Domains

Select Anti Spam Configuration Local Domain to view the list of domains that will be bypassed from RBL scanning


Del Select domain for deletion Click Del to select More than one domain can also be selected

Select All Select all the domains for deletion Click Select All to select all the domains

Delete button Deletes all the selected domains


27

General Configuration Select Anti Spam Configuration General Configuration to open the configuration page


Anti Spam Engine information Displays the Anti Spam Engine and Anti Spam Definitions data

base version installed and being used. It also displays when it was last updated. Cyberoam detects spam using the anti spam definition database which contains currently identified spam signatures/definitions. It is extremely important to update your anti-spam definition database periodically. By default, database updates are automatically downloaded and installed on your computer every 30 minutes. You can update database manually also.

File size restriction SMTP Mails greater than size

Specify file size for scanning. The SMTP mails greater then the specified size will not be scanned.

SMTP Mails greater than size

Specify maximum file size for delivery. The SMTP mails greater then the specified size will not be delivered.


28


POP3/IMAP Mails greater than size

Specify file size for scanning. The POP/IMAP mails greater then the specified size will not be scanned.

Header to detect recipient for POP3/IMAP Click Add to specify header which should be used for detecting the

recipient’s address. By default, Cyberoam uses Delivered-To and Received headers. Default headers cannot be deleted


29

Bypass Reporting By default, Cyberoam Anti Spam generates reports for all the Internal Domains and Email Ids. To bypass reporting of certain domains and email ids, Administrator has to create an Exclusion domain list and email id list. All the domains and email ids included in the exclusion list will not be included in the Anti Spam reports. To define the exclusion list, select Reports Configure Local Domains or select Reports Configure Bypass Email Ids Refer to Reports Guide for the details.

Date post:	29-Aug-2018
Category:	Documents
Upload:	nguyenquynh
View:	217 times
Download:	0 times

Cyberoam Anti Spam Implementation Guide Anti S… · network bandwidth, it also affects the...

Documents