SonicOS 7.1 Anti-Spam
GRID Connection Management with Sender IP Reputation and Connection Management Precedence Order
When a request is sent to your first-touch firewall, the Anti-Spam service evaluates the ‘reputation’ of the requester. The reputation is compiled from white lists of known-good senders, block lists of known spammers, and denial-of-service thresholds.
If IP Reputation is enabled, the source IP address is checked in the order shown in Evaluation order:
| Evaluation | Description |
|---|---|
| Allow-list | If an IP address is on this list, it is allowed to pass messages through Connection Management. The messages are analyzed by your firewall as usual. |
| Block-list | This IP address is banned from connecting to the firewall. |
| Reputation-list | If the IP address is not in the previous lists, the firewall checks with the GRID Network to see if this IP address has a bad reputation. |
| Defer-list |
Connections from this IP address are deferred. A set interval must pass before the connection is allowed. |
| DoS | If the IP address is not on the previous lists, the firewall checks to see if the IP address has crossed the Denial of Service threshold. If it has, the appliance uses the existing DoS settings to take action. |
Only if the IP address passes all of these tests does the firewall allow that server to make a connection and transfer mail. If the IP address does not pass the tests, there is a message from SonicOS to the requesting server indicating that there is no SMTP server. The connection request is not accepted.
Was This Article Helpful?
Help us to improve our support portal