Antispam Settings in ScreenOS Overview

Spam consists of unwanted e-mail messages, usually sent by commercial, malicious, or fraudulent entities. The antispam feature examines transmitted messages to identify spam. When the device detects a message deemed to be spam, it either drops the message or tags the message field with a preprogrammed string. This antispam feature is not meant to replace your antispam server, but to complement it. Configuring this command prevents an internal corporate e-mail server from receiving and distributing spams. Devices running ScreenOS 5.3 or later support antispam functionality.

You can configure antispam to tag or block unwanted e-mails based on e-mail ID, hostname, domain name, or IP address. SMTP is supported but not POP3 or IMAP. Advanced features such as Bayesian filtering are not supported.

E-mail is tagged or blocked based on blacklists and whitelists, which can be configured locally. Juniper Networks provides a server with a blacklist of known spammers. NSM first attempts to match each e-mail against the local lists. If it does not match a local list, it then attempts to match the e-mail against the list on the Juniper Networks server. Table 44 lists the match criteria for the local whitelist, local blacklist, Juniper Networks blacklist, and corresponding actions.

Table 44: Whitelist and Blacklist Criteria

Whitelist and Blacklist Criteria

Match

Match

Not Checked

No Action (allow through)

Match

No Match

Not Checked

No Action (allow through)

No Match

Match

Not Checked

Block or Tag

No Match

No Match

Match

Block or Tag

No Match

No Match

No Match

No Action (allow through)

Related Documentation