Sender Filtering/Authentication Settings Parent topic

With sender filtering and sender authentication, Deep Discovery Email Inspector filters and validate senders of incoming email messages to effectively block spam messages.
Note
Note
Sender filtering and sender authentication settings take effect only when Deep Discovery Email Inspector is deployed in MTA mode.
The following table describes the settings that you can configure.

Setting
Description
Approved Senders
A list of trusted senders that bypass sender filtering and sender authentication settings in Deep Discovery Email Inspector
Blocked Senders
A list of senders that Deep Discovery Email Inspector blocks permanently or temporarily
Email Reputation
When deployed as an edge MTA, Deep Discovery Email Inspector filters connections from senders when establishing SMTP sessions based on the reputation of the sender IP addresses.
When deployed as a non-edge MTA, Deep Discovery Email Inspector filters connections from senders of the last relay MTA based on the reputation of the sender IP addresses in the email message header.
DHA protection
Prevents senders from using a directory harvest attack (DHA) to obtain user email addresses for spam message transmission based on one of the following information:
  • Sender IP address (when Deep Discovery Email Inspector is deployed as an edge MTA)
  • Sender IP address in the email message header (when Deep Discovery Email Inspector is deployed as a non-edge MTA)
Bounce attack protection
Blocks senders if the number of returned email messages reaches the specified threshold based on the following information:
  • Sender IP address (when Deep Discovery Email Inspector is deployed as an edge MTA)
  • Sender IP address in the email message header (when Deep Discovery Email Inspector is deployed as a non-edge MTA)
SMTP traffic throttling
Blocks messages from a sender based on the IP address or email address for a certain time when the number of connections or messages reaches the specified threshold
Sender Policy Framework (SPF)
A sender authentication feature that prevents spoofing and phishing by allowing only messages that are sent from authorized servers for a domain based on the following information:
  • Sender IP address (when Deep Discovery Email Inspector is deployed as an edge MTA)
  • Sender IP address in the email message header (when Deep Discovery Email Inspector is deployed as a non-edge MTA)
DomainKeys Identified Mail (DKIM) authentication
A sender authentication feature that prevents spoofing and phishing by verifying signatures in incoming messages
DomainKeys Identified Mail (DKIM) signatures
A list of DKIM signatures that Deep Discovery Email Inspector adds to message headers in outgoing messages
Domain-based Message Authentication, Reporting & Conformance (DMARC)
A sender authentication feature that verifies message senders for specified domains to prevent spoofing