Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Antispam Filtering Overview

Antispam filtering allows you to tag or block unwanted e-mail traffic by scanning inbound and outbound SMTP e-mail traffic. Antispam filtering allows you to use both a third-party server-based spam block list (SBL) and to optionally create your own local allowlists and blocklists for filtering against e-mail messages. For more information, see the following topics:

Antispam Filtering Overview

Spam consists of unwanted e-mail messages, usually sent by commercial, malicious, or fraudulent entities. The antispam feature examines transmitted e-mail messages to identify spam. When the device detects a message deemed to be spam, it blocks the e-mail message or tags the e-mail message header or subject with a preprogrammed string.

Antispam filtering allows you to use both a third-party server-based spam block list (SBL) and to optionally create your own local allowlists (benign) and blocklists (malicious) for filtering against e-mail messages. The antispam feature is not meant to replace your antispam server, but to complement it.

Starting in Junos OS Release 18.2R1, the antispam filtering supports IPv6 traffic.

Starting in Junos OS Release 19.4R1, the antispam filtering supports implicit and explicit SMTPS protocol.

Implicit mode—Connect to SSL/TLS encrypted port using secure channel.

Explicit mode—First connect to unsecured channel, then secure the communication by issuing STARTTLS command.

Handling Spam Messages

Blocking Detected Spam

The device can block and drop detected spam at either the connection level or the e-mail level:

  • Blocking spam at the connection level

    When the SMTP sender is identified as a spam sender based on its IP address, the SMTP connection is rejected and dropped. An error message with a proper error code from the firewall is sent out on behalf of the SMTP server. An example of such an error message is:

  • Blocking spam at the e-mail level

    When a particular e-mail sender is identified as spam sender based on its sender address, the e-mail is rejected and dropped. An error message with a proper error code from the firewall is sent back to the sender on behalf of the server. An example of such an error message is:

Tagging Detected Spam

The device can allow and tag the e-mail if the message sender is detected as a spammer. This tagging can occur at the connection level so that all the e-mails for the connection in question are tagged. Otherwise, you can tag only an individual e-mail. Two tagging methods are supported:

  • Tag the subject: A user-defined string is added at the beginning of the subject of the e-mail.

  • Tag the header: A user-defined string is added to the e-mail header.

See Also

Related Documentation