Email Security Connection management Miscellaneous options.

03/26/2020 1048 12275

DESCRIPTION:
Email Security Connection management Miscellaneous options.

RESOLUTION:
Email Security Connection Management, Miscellaneous Options"

Grid Network IP Reputation

Grid Network IP Reputation is the reputation a particular IP address has with members of the SonicWall Grid Network. When this feature is enabled, email is not accepted from IP addresses with a bad reputation. When SonicWall Email Security receives a connection from a known bad IP address, it responds with a 554 No SMTPd here error and the SMTP session is rejected.

Note: this feature is useful only for Email Security servers that are running as the "first touch" server (receiving email directly from the internet). SonicWall recommends disabling Grid Network IP Reputation if Email Security is not first touch.

BATV

Bounce Address Tag Validation (BATV) reduces the number of unauthorized NDRs (Non-Delivery Reports) delivered to your organization.

Spammers commonly forge sender email addresses when sending spam in order to make the spam email look like it was sent from a valid email address. If that spam cannot be delivered, an NDR is sent to the forged sender's email account.

BATV protects your organization by adding a signature to all of your outbound email. When an NDR arrives at your organization, BATV is used to check for a valid signature. If the signature does not exist or does not pass the security check, Email Security rejects the NDR. If the signature is authentic, the NDR is valid, and Email Security continues analyzing the NDR.

Note: in order for BATV to work, all outbound and inbound email must pass through your organization's Email Security gateway.

Greylisting

Greylisting discourages spam without permanently blocking a suspicious IP address. When greylisting is enabled, Email Security assumes that all new IP addresses that contact it are suspicious, and requires those addresses to retry connecting before it will accept the email.

Warning: enabling greylisting may cause good email to be delayed. The mail should be delivered within 15 minutes, depending on the configuration of the sending MTA.

Note: this feature is useful only for Email Security servers that are running as the "first touch" server (receiving email directly from the internet). SonicWall recommends disabling greylisting if Email Security is not first touch.

Strict MAIL FROM Checking

By default, SonicWall Email Security enforces the SMTP specification with regard to the Reverse Path (aka MAIL FROM field or Envelope From field). This reduces the load on the downstream (e.g. Microsoft Exchange) server. It is likely that this will also reduce the amount of junk email allowed into the system. Very few administrators want to allow email with illegal Reverse Paths to flow through their systems.