Best State of Art IT Security Solutions
The best Innovative and powerful IT Security products

SecPoint Products / Protector /

RBL customization

The Protector Anti Spam UTM Firewall comes fully loaded with RBL customization

Reputation Block Lists, also referred to as "DNSBLs" or "DNS Blocklists", are external databases queried by the Protector during the Anti Spam analysis. To perform a RBL check, the Anti Spam filter must extract the IP addresses from a message's Received headers, discard those that are known to be reserved or trusted, then query RBLs for each address. If any of the addresses are listed in the blacklist, the test matches and the message can be blocked as spam.
RBLs can be configured in menu Anti Spam > Black - White - Grey - RBL - TLD - Hardblock Lists. Here you can perform a quick configuration by selecting the New Level and/or go to Advanced Settings to configure each RBL individually.



When you set a new level, the Protector will enable/disable a pre-defined set of RBLs. You can then fine-tune RBLs through Advanced Settings.




In this firmware each RBL is associated with a default score, which will contribute to the global score assigned to each email. The default score can be changed depending on the reputation of the RBL itself and your experience with it (false positives etc.).
Positive scores are assigned to IP addresses with a bad reputation, negative scores are assigned to trusted IP addresses. The score 0 will eliminate the use of a RBL.

The RBL provided by the Protector is made up of official RBLs, marked with  , and custom RBLs, marked with  . In official RBLs, it is only possible to modify the default score, which in any case remains visible on the list and can be restored.

The Protector has a list of preloaded custom RBLs, but it is also possible to add more custom RBLs or even delete the existing ones. If you want to add your own RBL, please read the detailed explanation that you find in the Advanced Settings page. The information that you need to enter in the RBL configuration page should be provided by the RBL itself.


You can see the result of RBL checks in the Message Details page of the Mail Archiver.

Here you can click on [    ] in the row of a Spam message and you will see the matching RBLs among the Message Details.


URI DNSBL

Spammers may use legitimate servers to send mail messages that contain links to bad websites. In such cases these messages may not be caught by RBLs, and it’s possible to detect the message as spam through the analysis of the bad links contained in the message. Bad links can be detected through external databases, named URI DNSBLs, that contain the domain names or IP addresses found in the clickable links of a spam message.
In this firmware we have added the possibility to enable/disable this check.

This function is available through menu Anti Spam > Black - White - Grey - RBL - TLD - Hardblock Lists.

Here you can enable/disable this option by simply clicking on Active (checked by default).

When this option is enabled, the Protector will extract all URIs from a message and check them against a list of URI DNSBLs. If the match is positive, the message can be blocked as spam even if the sending IP for that spam is not listed on any RBL (see the RBL feature).

The external databases to which the Protector will connect, usually provide a free service for a limited number of requests. When this number exceeds, the database will not perform the check and a special tag is added to the message header, in "X-Spam-Status". Possible tags are: "URIBL_BLOCKED" for database uribl.com or "SURBL_BLOCKED" for surbl.org.




URIDNSBL tags added to messages are visible in the Message Details page of the Mail Archiver.

 

➤ Related pages
Anti Spam RBL Listing
Firewall Hardware
Firewall Network Security
Hardware Firewall
Hardware Firewall Appliance
Internet Security
Latest Protector Change Log
Network Security Appliance
Protector Awards
Protector P7 UTM Firewall
Protector Questions FAQ
Protector Questions FAQ Part2
Protector Questions FAQ Part3
Protector UTM Firewall Comparison Matrix
Protector UTM Firewall Sitemap
SecPoint Protector Visio Stencils
Unified Threat Management Best UTM VPN Firewall VPN
UTM Appliance ROI Calculator
VPN Client Connection
VPN Client to LAN

Powerful UTM Firewall, Vulnerability Scanner, WiFi Penetration Testing software

SecPoint is specialized to deliver the best IT security solutions and products.

Compatible with Product
Securely protected by SecPoint
Customer reference King Customer reference New York Customer reference ROC Customer reference Rochdale Customer reference Roscrea Customer reference Tradetracker Customer reference Unicef Customer reference King Customer reference New York Customer reference Roc Customer reference Rochdale Customer reference Roscrea Customer reference Tradetracker Customer reference Unicef