Focus: More than Spam Protection - iQ.Suite Wall
1. Does installing Wall provide immediate and comprehensive spam protection?
2. Can I immediately use the CORE technology after installing Wall?
3. Is it possible to integrate RBLs (Real Blackhole Lists) available in the Internet?
4. How do I prohibit a specific sender address or an entire sender domain?
5. How do I prohibit a specific recipient address or an entire recipient domain?
6. Can I use meta-symbols (wildcards)?
7. How do I configure the "Number of Recipients" function?
8. Can Wall be used to avoid Denial-of-Service (DOS) attacks?
9. What does "Ignore Domino routing path" mean when checking addresses in iQ.Suite for Domino?
10. What does "Append analysis details to notification" in iQ.Suite for Domino mean?
11. Can I switch off the logo and the server name in notifications?
2. Can I immediately use the CORE technology after installing Wall?
3. Is it possible to integrate RBLs (Real Blackhole Lists) available in the Internet?
4. How do I prohibit a specific sender address or an entire sender domain?
5. How do I prohibit a specific recipient address or an entire recipient domain?
6. Can I use meta-symbols (wildcards)?
7. How do I configure the "Number of Recipients" function?
8. Can Wall be used to avoid Denial-of-Service (DOS) attacks?
9. What does "Ignore Domino routing path" mean when checking addresses in iQ.Suite for Domino?
10. What does "Append analysis details to notification" in iQ.Suite for Domino mean?
11. Can I switch off the logo and the server name in notifications?
Does installing Wall provide immediate and comprehensive spam protection?
The Wall package includes various sample configurations that simply need to be enabled to ensure comprehensive spam protection.
All configuration settings should be checked for compliance with corporate policies and the current configuration of the system environment. Special rule documents for iQ.Suite for Domino should in any case be checked and adapted where required.
Custom jobs can be easily created and integrated any time - either by copying and editing (iQ.Suite for Domino) or through individually adapted job templates (iQ.Suite for Exchange/SMTP).
The iQ.Suite for Exchange/SMTP configuration includes the "Advanced Spam Filtering" job. For comprehensive spam protection, simply activate this job. If required, the spam probability levels can be individually adjusted.
All configuration settings should be checked for compliance with corporate policies and the current configuration of the system environment. Special rule documents for iQ.Suite for Domino should in any case be checked and adapted where required.
Custom jobs can be easily created and integrated any time - either by copying and editing (iQ.Suite for Domino) or through individually adapted job templates (iQ.Suite for Exchange/SMTP).
The iQ.Suite for Exchange/SMTP configuration includes the "Advanced Spam Filtering" job. For comprehensive spam protection, simply activate this job. If required, the spam probability levels can be individually adjusted.
 |
 |
|
|
Can I immediately use the CORE technology after installing Wall?
The Wall package includes a Classifier, which can immediately be used to block spam mails. To do so, simply enable the corresponding securiQ.Wall job for content checking using CORE.
If the results are not up to expectations, i.e. if too many spam mails remain unidentified, set up the Classifier according to your requirements. For details on how to set up the Classifier, please refer to our documentation (Administration Manual and additional information on the documentation website). If in doubt, please contact our Support.
Currently, the CORE technology is only available for iQ.Suite for Domino.
If the results are not up to expectations, i.e. if too many spam mails remain unidentified, set up the Classifier according to your requirements. For details on how to set up the Classifier, please refer to our documentation (Administration Manual and additional information on the documentation website). If in doubt, please contact our Support.
Currently, the CORE technology is only available for iQ.Suite for Domino.
|
|
|
|
Is it possible to integrate RBLs (Real Blackhole Lists) available in the Internet?
RBLs are supported by the Domino 6.x and Exchange 2003 mail systems. With securiQ.Wall, you can create your own lists, e.g. to block specific domains, groups or users.
|
|
|
|
How do I prohibit a specific sender address or an entire sender domain?
- iQ.Suite for Domino:
- To do so, create a Wall job. In the Basics tab under Valid for Sender(s) â?? Advanced, you can enter specific addresses or entire sender domains in the form "*@domain.com".
- Use the "Operations/Denied Recipients" tab to specify the actions to be executed for mails from included in this list. Important: Also define the list of recipients, e.g. *@* for all recipients.
- iQ.Suite for Exchange/SMTP:
- Using the E-Mail Address Filtering job template, you can enter specific addresses or entire domains ("sender@address.com" or "*@address.com") in the Addresses tab under â??Address Selection â?? Run this job when a message arrives fromâ?. Use the Actions tab to set the actions to be executed for e-mails from these senders and/or to these recipients.
- To block sender addresses, you may use SMTP addresses, SMTP domains, e-mail-enabled objects (organization units, groups, users, contacts) from the Active Directory or LDAP directory.
|
|
|
|
How do I prohibit a specific recipient address or an entire recipient domain?
Again, create a Wall job and then proceed as for sender addresses or sender domains (see item above). In iQ.Suite for Domino, select "Recipients list" in the Operations/Denied Recipients tab, in iQ.Suite for Exchange/SMTP select "Address Selection - and where addressed to".
|
|
|
|
Can I use meta-symbols (wildcards)?
In the address fields of the Wall jobs, you may use the "*" and "?" wildcards. The asterisk represents any number of consecutive characters, while the question mark represents any single character.
Exception (for Lotus Domino only): A single asterisk in the address fields is reserved for all local users, i.e. for all e-mail addresses containing the local domain (entry in notes.ini file).
Exception (for Lotus Domino only): A single asterisk in the address fields is reserved for all local users, i.e. for all e-mail addresses containing the local domain (entry in notes.ini file).
|
|
|
|
How do I configure the "Number of Recipients" function?
- iQ.Suite for Domino:
- Use the Operations/Number of Recipients tab to specify actions to be executed when the number of recipients ("To:" field in a single e-mail!) exceeds a given limit. The actions are executed as soon as the limit set there is exceeded by 1. Mails with a number of recipients that reaches this limit (or less) are not affected by this setting.
- iQ.Suite for Exchange/SMTP:
- Use the Wall Recipient Limit Filtering job type. The Number of Recipients tab allows to set a limit for the maximum number of recipients per e-mail. The actions are executed as soon as the limit set there is exceeded by 1.
|
|
|
|
Can Wall be used to avoid Denial-of-Service (DOS) attacks?
Yes. To do so, use the "Mail Flooding" function. This function (currently available for iQ.Suite for Domino only) defines the actions to be executed when the number of e-mails received within a configurable time window exceeds a given limit.
Use the Operations/Avoid Mail Flooding tab to set the actions to be executed, the count mode, as well as the time range and the number of mails within that range. All mails exceeding the maximum number of mails allowed for the time range are blocked. Example: With the count mode set to All, the number of mails set to 1000 and the time range set to 5 minutes, the 1001st and all subsequent mails arriving within 5 minutes will be blocked.
Use the Operations/Avoid Mail Flooding tab to set the actions to be executed, the count mode, as well as the time range and the number of mails within that range. All mails exceeding the maximum number of mails allowed for the time range are blocked. Example: With the count mode set to All, the number of mails set to 1000 and the time range set to 5 minutes, the 1001st and all subsequent mails arriving within 5 minutes will be blocked.
|
|
|
|
What does "Ignore Domino routing path" mean when checking addresses in iQ.Suite for Domino?
The Domino routing domains of the sender address are not taken into account when checking the address. This address checking option is available in the Advanced tab only.
When processing addresses based on a group rule from the Basics tab (according to positive/negative rules), the routing domains are never taken into account. This applies to all jobs.
When processing addresses based on a group rule from the Basics tab (according to positive/negative rules), the routing domains are never taken into account. This applies to all jobs.
|
|
|
|
What does "Append analysis details to notification" in iQ.Suite for Domino mean?
The analysis details in notifications for instance include the validation of the denied address or the denied contents/terms found. This information is always included in the Quarantine Report, even without archival in the Safe database. In an address checking job, you will this field in the Advanced tab under "Append details to ... notification". You can use different notification settings for different jobs.
In iQ.Suite for Exchange/SMTP, notifications are based on notification templates and a number of variables, which can be freely included. The user thus decides for himself which details are to be appended. A list of variables is to be found in the Administration Manual.
In iQ.Suite for Exchange/SMTP, notifications are based on notification templates and a number of variables, which can be freely included. The user thus decides for himself which details are to be appended. A list of variables is to be found in the Administration Manual.
|
|
|
|
Can I switch off the logo and the server name in notifications?
- iQ.Suite for Domino:
- Use an entry in the notes.ini file to switch off the logo and the server name: Toolkit_Logo=None (default: GROUP). This not only switches off the logo in notifications but also the server name.
- iQ.Suite for Exchange/SMTP:
- All settings (a logo actually does not exist as such) can be individually changed through notification templates. To do so, insert appropriate variables in all sender and Administrator notifications. A list of variables is to be found in the Administration Manual.
|
|
|
|
