Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 2 subscribers
  • Views 17524 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Antispam configuration

DrMeskon

Hi,
this is Sophos SG330 spam configuration window:

Spam Detection During SMTP Transaction and Spam Filter seems to me kind of unclear:

Here is description from firewall help: "You have the possibility to reject spam already during SMTP transaction. Select one of the following settings for the option Reject at SMTP Time"

And then: "Emails which are not rejected during SMTP transaction will be treated according to your settings in the Spam Filter section below."

So if it is not rejected it shoud not be spam or confirmed spam so why does Spam Filter is needed then? The  Spam Detection During SMTP Transaction and Spam Filter do not fit together for me.



This thread was automatically locked due to age.
  • 0

    Almis, I wouldn't do it that way at all.  Configure as in this picture.  Also select 'Use BATV' if email from your mail server is sent through the SMTP Proxy.

    There are different tests for spamminess that are applied before and after the DATA command.  80% of rejections are because of RBLs and HELO/RDNS.  15-to-20% are rejected because there's no such email address in your domain.  These tests made during 'SMTP time' are very fast and use very little bandwidth or processing power.

    After the DATA command, ctasd calculates a "signature" for the entire email and sends that to a cloud service that responds with "not spam," "maybe spam" or "confirmed spam."

    Cheers - Bob

    2017-06-07: ADDED BETTER IMAGE OF EXTRA RBLS

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    hi,

     

    the config as mentioned by bob really works.

     

    @balfson would you mind giving us your extra rbl lists cant read the picture well? (i have only one) Maybe it will quarantine even more spam for me.

  • 0 in reply to brunomc

    Added it to my post above - thanks for letting me know, Bruno!

    Just for the record, like most of the stuff I post here, it was recommendations from others that caused me to add those three.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Activate spam rejection in the SMTP transaction by selecting either to reject all Spam or only Confirmed Spam.

     

    So if i select only confirmed spam it will let other spam? Because description says that.

  • 0 in reply to DrMeskon

    If you reject Confirmed Spam at SMTP time, then suspected spam will be examined by the Spam Filter which I would configure as follows:

    As I commented above, the Spam Filter uses ctasd on the entire email.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML