URI Blocklists (URIBLs) are real-time blocklists designed to be used to block or tag spam based on uniform resource identifiers (usually domain names or websites) found within the message body. Also known as Spam URI Realtime Blocklists (SURBLs), URIBLs differ from DNS Blocklists in that they are not used to identify spam based on the content of message headers or on the connecting IP address. Instead, URIBLs block spam based on message content. Complete details on how URIBLs work can be found at www.surbl.org.
Configuration
Enable URIBL queries
By default SecurityGateway will perform URIBL queries on messages. Uncheck this option if you do not wish to perform these queries.
If a message contains a listed URI:
...refuse the message
Choose this option if you wish to refuse a message during the SMTP process when it is found to contain a blocklisted URI. This is not the recommended option in most situations, since a mere reference to a blocklisted URI in a message body does not guarantee that the message itself is spam.
...quarantine the message
Choose this option if you wish to quarantine a message when it is found to contain a blocklisted URI.
...accept the message
Choose this option if you wish to accept a message when it is found to contain a blocklisted URI, but wish to flag it as spam, add a tag to the subject line, and/or adjust the the Message Score. Using this option allows the mail servers or recipients to filter the message based on the results of SecurityGateway's URIBL queries. This is the default option.
...tag subject with [text]
Enable this option and specify some text if you wish to add something to the beginning of a message's Subject header when the message is found to contain a blocklisted URI. If enabled, the default text added to the subject is: "*** SPAM ***". This option is disabled by default.
|
There are a number of other places within SecurityGateway where you can optionally add text to the Subject header. For example, the DNS Blocklists (DNSBL) and Message Scoring pages also have this option. When the designated text in these options matches, the text will only be added to a message's subject once even if that message meets the criteria under each option. If, however, you change the text in one or more places then that customized text will be added as well. So, for example, if you set the text under all three of these options to "*SPAM*" then that text would only be added to the subject once, regardless of whether or not it matched the criteria under more than one of the options. But, if you changed the URIBL optional text to "*URI blocklisted*" and the message matched the criteria under this option and the others then the subject would have both "*SPAM*" and "*URI blocklisted*" added to it. |
...add score returned by URIBL engine to message score
By default, when a URIBL query indicates that a message contains a blocklisted URI, the score associated with the queried URIBL Host will be added to the Message Score. Uncheck this option if you do not wish to adjust the Message Score based on the results of URIBL queries.
|
Even when SecurityGateway is configured to accept a message rather than refuse or quarantine it, it could still be refused or quarantined if its Message Score ends up being sufficiently high, depending on how you have configured the other Security options and the options on the Message Scoring page. |
Exclusions
Exclude messages from allowlisted senders
By default, messages are excluded from URIBL queries if they originate from an allowlisted sender. Disable this option if you wish to query URIBL hosts even when the sender is allowlisted.
Exclude messages from authenticated sessions
Check this option if you wish to exclude a message from URIBL queries when the SMTP session on which it is arriving was authenticated. By default this option is disabled.
Exclude messages from domain mail servers
By default, URIBL queries are performed for both inbound messages and messages from your domain mail servers. Check this box if you wish to exclude from URIBL queries messages coming from your domain mail servers.
URI Blocklists (All domains)
This section lists the URIBL Hosts that will be queried by SecurityGateway.
New
To add a new URI Blocklist, click the New button. This will open the URI Blocklists Editor (see below).
Edit
To edit one of your URI Blocklists, select the entry you wish to edit and click the Edit button. This will open the URI Blocklists Editor for that entry.
Delete
To delete a URI Blocklist, select the entry you wish to delete and click the Delete button.
Exceptions - Domains
If you select a specific domain in the "For Domain:" drop-down list box at the top of the page when configuring these settings, that domain will be listed here after saving the settings. Click the View/Edit link for the corresponding domain to review or edit its URI Blocklists settings, or click Reset to reset the domain's settings to the default Global values.
