Surf Control 5.2.4 manual KEY Points

KEY POINTS

The following list is a summary of the main points covered in Chapter 2. Use this list as a quick reminder of what you can do within the System Settings tab:

RiskFilter can notify the administrator by sending a message to a predefined address, when an event such as a service stopping occurs.

User Directories provide RiskFilter with recipient address validation and end-user authentication. Servers that can be used are: Microsoft Active Directory, IBM LDAP Server, Generic LDAP, ESMTP, Recipient File and Local Database.

Microsoft Active Directory, IBM LDAP Server, Generic LDAP, ESMTP and Local Database can all be used for PEM authentication.

A user-defined list of e-mail addresses and passwords can be imported onto the RiskFilter appliance and stored in the database for authentication and validation purposes.

You can configure RiskFilter to act as a proxy server for POP3, Webmail and IMAP.

You can store messages in a different place to the default by changing the default directories within the Logs and Archives screen.

For an extra layer of security RiskFilter supports the use of TLS verification/encryption.

If your certificate is due to expire, RiskFilter will notify you of the fact. When you see these notifications you need to import a new certificate.

A default certificate is supplied with RiskFilter but this will need to be renewed when it expires, or replaced with a certificate from a certificate authority such as Verisign.

It is a good idea to make a backup of the default certificate supplied with RiskFilter. This means that in the event of the certificate on the RiskFilter appliance being corrupted or destroyed, you can simply import your backup copy onto the machine.

Improve system performance by limiting the number of simultaneous connections to the system.

You can specify that a SMTP greeting message is delayed for a specified time, so that if a client tries to send data ahead of this time, the connection is dropped. This helps to prevent spam, as spam sending applications send a lot of messages very quickly.

You can specify an IP address or a group of IP addresses as trusted IP addresses, to enable them to bypass RBL checks and SMTP greeting.

RiskFilter enables you to stop your e-mail system from being used as an open relay by spammers. Relay control limits the server to only relaying e-mails for specific domains.

You can limit the message size, data size per connection, number of messages per connection, and the number of recipients per message.

A message can be sent to the administrator when a filter is triggered.

Connections and messages will be refused if they come from addresses or domains which are listed in the blacklist.