ZyWALL ATP Series User’s Guide
556
C
HAPTER
32
Email Security
32.1 Overview
The email security feature can mark or discard spam (unsolicited commercial or junk email). Use the
white list to identify legitimate email. Use the black list to identify spam email. The Zyxel Device can also
check email against a DNS black list (DNSBL) of IP addresses of servers that are suspected of being used
by spammers.
32.1.1 What You Can Do in this Chapter
• Use the
Email Security
screens (
) to turn email security on or off and manage
email security policies. Also, you can enable and configure the mail scan functions and have the
Zyxel Device check email against DNS Black Lists.
• Use the
Black/White List
screens (
) to set up a black list to identify spam and
a white list to identify legitimate email.
32.1.2 What You Need to Know
White List
Configure white list entries to identify legitimate email. The white list entries have the Zyxel Device classify
any email that is from a specified sender or uses a specified header field and header value as being
legitimate (see
for more on mail headers). The email security feature checks an email
against the white list entries before doing any other email security checking. If the email matches a
white list entry, the Zyxel Device classifies the email as legitimate and does not perform any more email
security checking on that individual email. A properly configured white list helps keep important email
from being incorrectly classified as spam. The white list can also increases the Zyxel Device’s email
security speed and efficiency by not having the Zyxel Device perform the full email security checking
process on legitimate email.
Black List
Configure black list entries to identify spam. The black list entries have the Zyxel Device classify any email
that is from or forwarded by a specified IP address or uses a specified header field and header value as
being spam. If an email does not match any of the white list entries, the Zyxel Device checks it against
the black list entries. The Zyxel Device classifies an email that matches a black list entry as spam and
immediately takes the configured action for dealing with spam. If an email matches a blacklist entry,
the Zyxel Device does not perform any more email security checking on that individual email. A properly
configured black list helps catch spam email and increases the Zyxel Device’s email security speed and
efficiency.