This article explains how to configure SecurityGateway's URI blacklisting settings, if you wish to change which URIBL servers are checked, and how SecurityGateway handles messages that fail a query.
URI blacklisting is similar to DNS blacklisting, except that instead of checking connecting IP addresses to see if they are listed for being possible sources of spam, URI blacklist servers will check the body of the message for domain-names and IP addresses in URIs (Universal Resource Identifier), such as web-site addresses, for possible sources of spam.
To configure these settings, do the following, from the Dashboard, after logging in:
- Click on Security in the bottom-left corner
- Locate the Anti-Spam section
- Click on URI Blacklists (URIBL)
From there, you may configure the following options:
-
Enable URIBL queries
This option determines if SecurityGateway will query the URIBL servers listed under the URIBL Hosts section and see if the message's body has any domain-names or IP addresses listed in any URIs, such as website addresses. This option is enabled by default.
-
If the sending server of a message is listed...
This option lets you determine what to do with any message that has URIs listed on one of the URIBL sites that SecurityGateway queries. You may refuse the message completely, quarantine the message for later review by the administrator or user, or accept the message for further processing. By default, messages sent with blacklisted information are accepted for later processing.
-
... tag subject with ...
This option will allow you to add a certain phrase to the start of a blacklisted message's subject, by default '*** SPAM ***'. This option is disabled by default.
-
... Add score returned by URIBL engine to message score
This option will add the number of points specified by the matching URIBL list, as per the Score column in the URIBL-list section below. This is useful if you plan to accept the message for further processing. By default, this is enabled.
-
Exclude messages from whitelisted senders
If the sending email address, domain, or IP address is on the server's whitelist, or on the recipient's personal whitelist, then SecurityGateway will not do a URIBL query. By default, this is enabled.
-
Exclude messages from authenticated sessions
If the connecting user authenticates their session using a username and password on the SecurityGateway server before sending the message, SecurityGateway will not do a URIBL query. By default, this is enabled.
-
Exclude messages from domain mail servers
If the message is bound for a remote address, SecurityGateway will not do a URIBL check. If you enable this, make sure SecurityGateway can check that the sending user can be verified as valid, to avoid an open-relay situation. By default, this is disabled.
-
URI Blacklists
This section shows all the URIBL services that SecurityGateway queries for incoming messages, and where you can either add a new service, edit or remove an existing one, or disable one that is listed. By default, SecurityGateway has entries for the SpamHaus URIBL list, all URIBL lists hosted by SURBL.org, and URIBL.com's 'Black' and 'Grey' lists. You may add your own if you wish, but note these are the ones that we suggest you use.
Clicking on the Add button will allow you to add a new entry to the list. You may then specify the name of the service, the IP address or domain, how many points to add to a message if it has an URI that matches the provided list, and the bitmask value, if you are using an IP address or domain with multiple entries that can be matched based on final octet of the address.
Clicking on the Edit button will allow you to edit the selected entry, and make any changes you wish, such as editing the address, or giving it a higher or lower score. You may also disable it so SecurityGateway will not check it against incoming messages, if you think it may be causing an issue.
Clicking on Delete will delete the selected entry, after prompting you to make sure. More than one entry can be deleted by Shift-clicking, or Control-clicking, the entries in the list..
Additional Comments
These settings can be configured for individual domains, or for the entire server, if you so wish. Note that, however, all domains use the same URIBL hosts list.