Sender Filtering/Authentication Settings

With sender filtering and sender authentication, Deep Discovery Email Inspector filters and validate senders of incoming email messages to effectively block spam messages.

Note:

Sender filtering and sender authentication settings take effect only when Deep Discovery Email Inspector is deployed in MTA mode.

The following table describes the settings that you can configure.

Table 1.

Setting

Description

Approved Senders

A list of trusted senders that bypass sender filtering and sender authentication settings in Deep Discovery Email Inspector

Blocked Senders

A list of senders that Deep Discovery Email Inspector blocks permanently or temporarily

Email Reputation

When deployed as an edge MTA, Deep Discovery Email Inspector filters connections from senders when establishing SMTP sessions based on the reputation of the sender IP addresses.

When deployed as a non-edge MTA, Deep Discovery Email Inspector filters connections from senders of the last relay MTA based on the reputation of the sender IP addresses in the email message header.

DHA protection

Prevents senders from using a directory harvest attack (DHA) to obtain user email addresses for spam message transmission based on one of the following information:

  • Sender IP address (when Deep Discovery Email Inspector is deployed as an edge MTA)

  • Sender IP address in the email message header (when Deep Discovery Email Inspector is deployed as a non-edge MTA)

Bounce attack protection

Blocks senders if the number of returned email messages reaches the specified threshold based on the following information:

  • Sender IP address (when Deep Discovery Email Inspector is deployed as an edge MTA)

  • Sender IP address in the email message header (when Deep Discovery Email Inspector is deployed as a non-edge MTA)

SMTP traffic throttling

Blocks messages from a sender based on the IP address or email address for a certain time when the number of connections or messages reaches the specified threshold

Sender Policy Framework (SPF)

A sender authentication feature that prevents spoofing and phishing by allowing only messages that are sent from authorized servers for a domain based on the following information:

  • Sender IP address (when Deep Discovery Email Inspector is deployed as an edge MTA)

  • Sender IP address in the email message header (when Deep Discovery Email Inspector is deployed as a non-edge MTA)

DomainKeys Identified Mail (DKIM) authentication

A sender authentication feature that prevents spoofing and phishing by verifying signatures in incoming messages

DomainKeys Identified Mail (DKIM) signatures

A list of DKIM signatures that Deep Discovery Email Inspector adds to message headers in outgoing messages

Domain-based Message Authentication, Reporting & Conformance (DMARC)

A sender authentication feature that verifies message senders for specified domains to prevent spoofing