SBG 8.03 RDNS and HTML body filtering
Updated: 21 May 2010 | 2 comments
1. I have an SBG 8.0.3 and an SMS for SMTP 5.01 gateway installed. Most of RDNS failed sender e-mails are going through the gateways. I would like to set up the gateway to filtering out and move to quarantine the RDNS failed e-mail. How to set it up?
2. If the mail HTML formatted and contains only an img src and a href, the dictionary filtering does not working. - Tipically Chinese pharma spams... - Why?
Add. info:
- these emails senders are usually xxx@hotmail.com, or xxx@yahoo.com - I don't want to block all of yahoo mails;
- the sender IP resolvable but RDNS fails, the IP's are tipically changing - probably from DSL pool;
- the body does not contain plain text, only remote images with links;
- standard built-in filtering rules are not filtering out these mails
3. How can I find out a "scanned and quarantined" and "filtered out" message's spam score? The header does not contain this info in the quarantine...
Many thanks
Ferenc
discussion Filed Under:
Comments
Hi, 1 - SBG does Reverse DNS
Hi,
1 - SBG does Reverse DNS queries just for logging purposed. There's no feature to act on failed rDNS.
service1.symantec.com/SUPPORT/ent-gate.nsf/docid/2008010812051754
2 - If this is some specific type of missed spam I'd suggest you check these KB articles:
service1.symantec.com/SUPPORT/ent-gate.nsf/docid/2008080612113754
service1.symantec.com/SUPPORT/ent-gate.nsf/docid/2005012415180263
3- We don't expose that information on the headers.
Regards,
Federico
It's a known defect (my
It's a known defect (my opinion) that SBG will not check HTML tag contents for dictionary words. I consider this a compliance leak. You can hide data that otherwise would trigger a compliance policy by enclosing the data in an html comment and sending outbound.
Would you like to reply?
Login or Register to post your comment.