Filter
Top Products
Anti-Spam
835
SonicOS 5.8.1 Administrator Guide
• Better protection for users from phishing attacks
How Does the Anti-Spam Service Work?
This section describes the Anti-Spam feature, including the SonicWALL GRID Network, and
how it interacts with SonicOS as a whole. The two points of significant connection with SonicOS
are Address and Service Objects. You can use the address and service objects to configure
the Anti-Spam feature to function smoothly with SonicOS. For example, use the Anti-Spam
Service Object to configure NAT policies to archive inbound email as well as sending it through
a filter.
The Comprehensive Anti-Spam Service analyzes messages’ headers and contents, and uses
collaborative GRID printing to block spam email.
GRID Network
This section describes the GRID Connection Management with Sender IP Reputation feature
that is used by SonicWALL Email Security and by the Anti-Spam service in SonicOS. GRID
Network Sender IP Reputation is the reputation a particular IP address has with members of
the SonicWALL GRID Network. When this feature is enabled, email is not accepted from IP
addresses with a bad reputation. When SonicOS will not accept a connection from a known bad
IP address, mail from that IP address never reaches the email server.
GRID Network Sender IP Reputation checks the IP address of incoming connection requests
against a series of lists and statistics to ensure that the connection has a probability of
delivering valuable email. The lists are compiled using the collaborative intelligence of the
SonicWALL GRID Network. Known spammers are prevented from connecting to the
SonicWALL UTM appliance, and their junk email payloads never consume system resources
on the targeted systems.
Benefits:
• As much as 80 percent of junk email is blocked at the connection level, before the email is
ever accepted into your network. Fewer resources are required to maintain your level of
spam protection.
• Your bandwidth is not wasted on receiving junk email on your servers, only to analyze and
delete it.
• A global network watches for spammers and helps legitimate users restore their IP
reputations if needed.
GRID Connection Management with Sender IP Reputation and Connection Management Precedence Order
When a request is sent to your first-touch SonicWALL UTM appliance, the Anti-Spam service
evaluates the ‘reputation’ of the requestor. The reputation is compiled from white lists of known-
good senders, block lists of known spammers, and denial-of-service thresholds.
If IP Reputation is enabled, the source IP address is checked in this order:
Evaluation Description
Allow-list If an IP address is on this list, it is allowed to pass messages through
Connection Management. The messages will be analyzed by your Son-
icWALL UTM appliance as usual.