Chapter 40 Anti-Spam
ZyWALL USG Series User’s Guide
768
Figure 528 Conflicting DNSBL Replies Example
1 The Zyxel Device receives an e-mail that was sent from IP address a.b.c.d and relayed by an e-mail
server at IP address w.x.y.z. The Zyxel Device sends a separate query to each of its DNSBL domains for IP
address a.b.c.d. The Zyxel Device sends another separate query to each of its DNSBL domains for IP
address w.x.y.z.
2 DNSBL A replies that IP address a.b.c.d does not match any entries in its list (not spam).
3 While waiting for a DNSBL reply about IP address w.x.y.z, the Zyxel Device receives a reply from DNSBL B
saying IP address a.b.c.d is in its list.
4 The Zyxel Device immediately classifies the e-mail as spam and takes the action for spam that you
defined in the anti-spam policy. In this example it was an SMTP mail and the defined action was to drop
the mail. The Zyxel Device does not wait for any more DNSBL replies.
DNSBL A
DNSBL B
DNSBL C
IPs: a.b.c.d
w.x.y.z
1
2
a
.
b
.
c
.
d
N
o
t
s
p
a
m
3
4
a
.
b
.
c
.
d
?
w
.
x
.
y
.
z
?
a
.
b
.
c
.
d
?
w
.
x
.
y
.
z
?
a.b.c.d?
w.x.y.z?
a.b.c.d Spam!
To Next Page
Loading...
