RedListing as a New Means to Combat Spam. MailFoundry December 7, 2006



Similar documents
Advanced Settings. Help Documentation

Barracuda Spam Control System

Introduction. How does filtering work? What is the Quarantine? What is an End User Digest?

Barracuda Spam Firewall

Frequently Asked Questions for New Electric Mail Administrators 1 Domain Setup/Administration

PROOFPOINT - SPAM FILTER

eprism Security Appliance 6.0 Intercept Anti-Spam Quick Start Guide

Green House Data Spam Firewall Administrator Guide

Core Protection Suite

About this documentation

Fax. Problems with Fax Delivery to Users CHAPTER

Migration Manual (For Outlook Express 6)

eprism Security Suite

K12 Spam Management Blocked s from parents

Personal Spam Solution Overview

MX LOGIC SPAM FILTERING

DOMAIN CENTRAL HOSTING

Core Filtering Admin Guide

MailFoundry User Manual. Page 1 of 86. Revision: MF Copyright 2007, Solinus Inc. All Rights Reserved. Page 1 of 86

BrightVisions Spam Filter User Guide

Migration Manual (For Outlook 2010)

Filtering Admin Guide. Guide to Administrative Functions of Spam and Virus Filtering Service

BARRACUDA SPAM FIREWALL FAQ

Roaring Penguin User Guide

Spam Management Service Users Guide

Barracuda Spam Firewall User s Guide

Securepoint Security Systems

Purchase College Barracuda Anti-Spam Firewall User s Guide

HOSTED EXCHANGE ADVANCED SECURITY. Hosted Exchange Advanced Security Feb 2013

Microsoft and Windows are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries.

How to Use Red Condor Spam Filtering

YSU Spam Solution Guide to Using Proofpoint

Webmail Friends & Exceptions Guide

SpamPanel Level Manual Version 1 Last update: March 21, 2014 SpamPanel

AntiSpam QuickStart Guide

Spam Marshall SpamWall Step-by-Step Installation Guide for Exchange 5.5

Update Instructions

Administration User Guide

How To Manage Your Quarantine On A Blackberry.Com

Migration Quick Reference Guide for Administrators

Barracuda Spam Firewall User s Guide

Admin Quick Start Guide Protection Service Anti-Virus & Anti-Spam

How does the Excalibur Technology SPAM & Virus Protection System work?

Scan to Quick Setup Guide

eprism Security Suite

Barracuda Spam & Virus Firewall User's Guide 5.x

Barracuda Spam Firewall User 's Guide 6.x

Setting Up Alarms in a HOBO ZW Wireless Network

Navigating Through SpamTitan

Barracuda Spam Firewall Users Guide. How to Download, Review and Manage Spam

Configuration Guide for Exchange 2003, 2007 and 2010

SonicWALL Security Quick Start Guide. Version 4.6

Version 5.x. Barracuda Spam & Virus Firewall User s Guide. Barracuda Networks Inc S. Winchester Blvd Campbell, CA

Comprehensive Anti-Spam Service

Feature Comparison Guide

POP3 Connector for Exchange - Configuration

Virtual Code Authentication User Guide for Administrators

ExchangeDefender. Understanding the tool that can save and secure your business

GREEN HOUSE DATA. Services Guide. Built right. Just for you. greenhousedata.com. Green House Data 340 Progress Circle Cheyenne, WY 82007

System Administration and Log Management

Policy Patrol 7 Upgrade Guide

Using the Barracuda Spam Firewall to Filter Your s

Version 3.x. Barracuda Spam & Virus Firewall User s Guide. Barracuda Networks Inc S. Winchester Blvd Campbell, CA

the barricademx end user interface documentation for barricademx users

FastNetSecurity SpamGuard Spam Filter How-To

Using McAfee Quarantine Manager

Guardian Digital Secure Mail Suite Quick Start Guide

Microsoft Exchange 2003

Installation Guide For Choic Enterprise Edition

Vodafone Hosted Services. Getting your . User guide

Barracuda Spam Firewall User s Guide

Configuring Trend Micro Content Security

How to configure Exchange Smart Host

ITA Mail Archive Setup Guide

KUMC Spam Firewall: Barracuda Instructions

Configuring Security for SMTP Traffic

Important Information

How To Use The Mail Control Console On A Pc Or Macbook (For A Macbook)

Using the Barracuda to Filter Your s

Update Instructions

How To Set Up Comendo.Comendo.Org For A Spammer To Send To Your Domain Name From Your Domain From Yourdomain.Com Or Yourdomain From Yourmail.Com To Yourdomain (For A Domain Name)

C I S C O E M A I L S E C U R I T Y A P P L I A N C E

Barracuda Spam Firewall User s Guide

Auto-Archiving your s in Outlook

Setup Guide for Exchange Server

- Spam Spam Firewall How Does the Spam Firewall Work? Getting Started username Create New Password

PureMessage for Microsoft Exchange Help. Product version: 4.0

1 You will need the following items to get started:

Comodo KoruMail Software Version 4.0

Chapter 10 Encryption Service

Avira Managed Security (AMES) User Guide

GRAYWALL. Introduction. Installing Graywall. Graylist Mercury/32 daemon Version 1.0.0

SaskTel Hosted Exchange Administrator Guide

Mimecast Addin Tips and Features

Archiving Your Mail in Outlook 2007

PineApp Daily Traffic Report

Transcription:

RedListing as a New Means to Combat Spam MailFoundry December 7, 2006 1

Contents 1 What is RedListing? 3 2 What impact will this have on my Mail? 3 3 What impact will this have on my MailFoundry appliance? 3 4 How do I enable RedListing? 4 5 How do I know if a server has been RedListed? 4 6 What are the RedList Settings for? 5 7 Contacting Support 5 2

1 What is RedListing? RedListing is a technology which relies on the assumption that spammers make a number of attempts to deliver email to email addresses that do not exist. Using this assumption, we construct a methodology for measuring the rate at which attempts are made to send emails to unknown addresses. Using said data, we can compare the rate of good attempts to bad attempts over a period of time to a user dened ratio. If the ratio of bad attempts to good attempts seen from a particular IP address exceeds the user dened ratio, that IP enters a state that is said to be RedListed. An IP stays RedListed for a user dened period of time and any connections or emails from that IP address is subjected to a congurable action. 2 What impact will this have on my Mail? The RedListing system is designed to reduce the impact of spam by limiting the entrance of spam into the mail-ow. Once a system has been RedListed, all mail from that system is subject to the user dened action (by default a rejected connection) and usually never seen. This reduces the overall amount of spam that can enter your mailbox. Due to the algorithms that RedListing uses, systems that are RedListed are usually systems that are part of botnets. These are machines that are running spamming software specically for sending spam. Blocking email from these machines greatly reduces the amount of spam received. The system should not RedList friendly email servers however, if it does happen, there is a easy way to keep it from happening by adding a whitelist (see section 5). 3 What impact will this have on my MailFoundry appliance? Depending on the RedListing action that has been chosen, the impact on the MailFoundry appliance can vary greatly. Choosing Reject Connection for the action will improve your appliance's performance while the other options will keep your appliances performance the way it is but still allow the reduction in spam. This can be usefull if you have a heavily loaded appliance and are looking for ways to minimize the load. Reject Connection, will cause the appliance to drop the SMTP connection after sending a SMTP permanent failure level error (554). The appliance will not have to deal with a full SMTP session from RedListed hosts and will have more time to devote to processing of other email. All other actions available through the GUI take up the same amount of processing time. 3

4 How do I enable RedListing? Redlisting options are part of the MessageIQ system and are located under it's tab in the GUI. After clicking the MessageIQ Settings tab at the top, you may click the RedListing tab on the left (this is only available if System-wide Settings is selected in the drop down box at the top). The RedListing options are now displayed in the main area. First, change the RedList check drop-down from Disabled to Enabled. Next, select your desired action to perform when an IP becomes RedListed. The recommended setting is Reject Connection under most circumstances (see Section 3) however, using the Quarantine option for a period of a week initially to test the system may be worthwhile. Last, click Update. Changes made to the RedListing section become eective immediately. 5 How do I know if a server has been RedListed? The quickest way to check the current status of a host is to use the RedList Search which is available in the RedListing tab under the MessageIQ Settings. Enter the IP address of the host you wish to check into the text box and click the Search RedListed IPs button. If the appliance has received a connection from the host recently and RedListing is enabled, the current statistics for that IP are displayed. The Good eld represents the number of RCPTTOs that were received from the IP that were valid within that last period of statistic collection. The Bad eld represents the number of invalid RCPTTOs within that time period. RedList Count indicates the number of times in the current month that the IP address has connected to the appliance while RedListed. The column Connection Count represents the total number of incoming connections from the IP address to the appliance. Percent Redlisted is calculated from the RedList Count and the Connection Count. The Status column will indicate the current status of the host as calculated using the user dened settings. Possible values in this column are whitelisted, whitelisted***, and redlisted. A whitelisted host is a host that is currently not RedListed. A host listed as whitelisted*** is a host that was RedListed and the entry has now expired but, the appliance has not seen a connection from the host since the entry expired so the entry has not been reset yet. If the host is listed as RedListed, additional information indicating the amount of time the host will remain RedListed is show in parentheses. An Admin Functions column lists functions that can be quickly performed on the host. Reset will reset the host's current information and change a host from RedListed to whitelisted if it is RedListed. Whitelist will bring the user to a whitelist entry page that is lled in with the necessary information to create 4

a system whitelist for the selected IP address so it will no longer be caught by a RedList. 6 What are the RedList Settings for? The RedList Settings are provided to make changes to various parts of the algorithm used in RedListing. Please contact MailFoundry support if you are having problems with RedListing before changing these settings (see Section 7). 7 Contacting Support MailFoundry Support http://www.mailfoundry.com/support/ 1-888-305-7776 support@mailfoundry.com 5

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information