URI Blacklists (URIBLs) are real-time blacklists designed to be used to block or tag spam based on uniform resource identifiers (usually domain names or websites) found within the message body. Also known as URI Blocklists, Spam URI Realtime Blocklists (SURBLs) and the like, URIBLs differ from DNS Blacklists in that they are not used to identify spam based on the content of message headers or on the connecting IP address. Instead, URIBLs block spam based on message content. Complete details on how URIBLs work can be found at www.surbl.org.
Configuration
Enable URIBL queries
By default SecurityGateway will perform URIBL queries on messages. Uncheck this option if you do not wish to perform these queries.
If a message contains a listed URI:
...refuse the message
Choose this option if you wish to refuse a message during the SMTP process when it is found to contain a blacklisted URI. This is not the recommended option in most situations, since a mere reference to a blacklisted URI in a message body does not guarantee that the message itself is spam.
...quarantine the message
Choose this option if you wish to quarantine a message when it is found to contain a blacklisted URI.
...accept the message
Choose this option if you wish to accept a message when it is found to contain a blacklisted URI, but wish to flag it as spam, add a tag to the subject line, and/or adjust the the Message Score. Using this option allows the mail servers or recipients to filter the message based on the results of SecurityGateway's URIBL queries. This is the default option.
...tag subject with [text]
Enable this option and specify some text if you wish to add something to the beginning of a message's Subject header when the message is found to contain a blacklisted URI. If enabled, the default text added to the subject is: "*** SPAM ***". This option is disabled by default.
|
There are a number of other places within SecurityGateway where you can optionally add text to the Subject header. For example, the DNS Blacklists (DNSBL) and Message Scoring pages also have this option. When the designated text in these options matches, the text will only be added to a message's subject once even if that message meets the criteria under each option. If, however, you change the text in one or more places then that customized text will be added as well. So, for example, if you set the text under all three of these options to "*SPAM*" then that text would only be added to the subject once, regardless of whether or not it matched the criteria under more than one of the options. But, if you changed the URIBL optional text to "*URI blacklisted*" and the message matched the criteria under this option and the others then the subject would have both "*SPAM*" and "*URI blacklisted*" added to it. |
...add score returned by URIBL engine to message score
By default, when a URIBL query indicates that a message contains a blacklisted URI, the score associated with the queried URIBL Host will be added to the Message Score. Uncheck this option if you do not wish to adjust the Message Score based on the results of URIBL queries.
|
Even when SecurityGateway is configured to accept a message rather than refuse or quarantine it, it could still be refused or quarantined if its Message Score ends up being sufficiently high, depending on how you have configured the other Security options and the options on the Message Scoring page. |
Exclusions
Exclude messages from whitelisted senders
By default, messages are excluded from URIBL queries if they originate from a whitelisted sender. Disable this option if you wish to query URIBL hosts even when the sender is whitelisted.
Exclude messages from authenticated sessions
Check this option if you wish to exclude a message from URIBL queries when the SMTP session on which it is arriving was authenticated. By default this option is disabled.
Exclude messages from domain mail servers
By default, URIBL queries are performed for both inbound messages and messages from your domain mail servers. Check this box if you wish to exclude from URIBL queries messages coming from your domain mail servers.
URI Blacklists (All domains)
This section lists the URIBL Hosts that will be queried by SecurityGateway.
New
To add a new URI Blacklist, click the New button. This will open the URI Blacklists Editor (see below).
Edit
To edit one of your URI Blacklists, select the entry you wish to edit and click the Edit button. This will open the URI Blacklists Editor for that entry.
Delete
To delete a URI Blacklist, select the entry you wish to delete and click the Delete button.
Exceptions - Domains
If you select a specific domain in the "For Domain:" drop-down list box at the top of the page when configuring these settings, that domain will be listed here after saving the settings. Click the View/Edit link for the corresponding domain to review or edit its URI Blacklists settings, or click Reset to reset the domain's settings to the default Global values.
