Chapter 28 Anti-Spam
USG20(W)-VPN Series User’s Guide
450
Figure 301 DNSBL Spam Detection Example
1 The USG receives an e-mail that was sent from IP address a.a.a.a and relayed by an e-mail server
at IP address b.b.b.b. The USG sends a separate query to each of its DNSBL domains for IP address
a.a.a.a. The USG sends another separate query to each of its DNSBL domains for IP address
b.b.b.b.
2 DNSBL A replies that IP address a.a.a.a does not match any entries in its list (not spam).
3 DNSBL C replies that IP address b.b.b.b matches an entry in its list.
4 The USG immediately classifies the e-mail as spam and takes the action for spam that you defined
in the anti-spam policy. In this example it was an SMTP mail and the defined action was to drop the
mail. The USG does not wait for any more DNSBL replies.
Here is an example of an e-mail classified as legitimate based on DNSBL replies.
DNSBL A
DNSBL B
DNSBL C
IPs: a.a.a.a
b.b.b.b
1
2
a
.
a
.
a
.
a
N
o
t
s
p
a
m
3
4
a
.
a
.
a
.
a
?
b
.
b
.
b
.
b
?
a
.
a
.
a
.
a
?
b
.
b
.
b
.
b
?
a.a.a.a?
b.b.b.b?
b
.
b
.
b
.
b
S
p
a
m
To Next Page
Loading...
