ZyXEL Communications 3.1 24.2.4DNSBL Anti-SpamCommands, 24.2.3.1 White and Black Lists Example, 24.2.3.2Regular Expressions in Black or White List Entries

Chapter 24 Anti-Spam

24.2.3.1 White and Black Lists Example

This example shows how to configure and enable a white list entries for e-mails with “testwhite” in the subject, e-mails from whitelist@ourcompany.com, e-mails with the Date header set to 2007, and e-mails from (or forwarded by) IP address 192.168.1.0 with subnet 255.255.255.0.

Router(config)# anti-spam white-list subject testwhite activate Router(config)# anti-spam white-list e-mail whitelist@ourcompany.com activate Router(config)# anti-spam white-list mail-header Date 2007 activate Router(config)# anti-spam white-list ip-address 192.168.1.0 255.255.255.0 activate Router(config)# show anti-spam white-list

No. Type Status Content

==========================================================================

1 subject yes testwhite

2 e-mail yes whitelist@ourcompany.com

3mail-header yes Date : 2007

4ip-address yes

192.168.1.0 / 255.255.255.0

24.2.3.2Regular Expressions in Black or White List Entries

The following applies for a black or white list entry based on an e-mail subject, e-mail address, or e-mail header value.

•Use a question mark (?) to let a single character vary. For example, use “a?c” (without the quotation marks) to specify abc, acc and so on.

•You can also use a wildcard (*). For example, if you configure *def.com, any e-mail address that ends in def.com matches. So “mail.def.com” matches.

•The wildcard can be anywhere in the text string and you can use more than one wildcard. You cannot use two wildcards side by side, there must be other characters between them.

•The ZyWALL checks the first header with the name you specified in the entry. So if the e-mail has more than one “Received” header, the ZyWALL checks the first one.

24.2.4DNSBL Anti-Spam Commands

This section describes the commands for checking the sender and relay IP addresses in e-mail headers against DNS (Domain Name Service)-based spam Black Lists (DNSBLs). You must use the configure terminal command to enter the configuration mode before you can use these commands.

The following table identifies the values required for many of these commands. Other input values are discussed with the corresponding commands.

Table 121 Input Values for DNSBL Commands

LABELDESCRIPTION

dnsbl_domain A domain that is maintaining a DNSBL. You may use 0-254 alphanumeric characters, or dashes (-).

216
216	ZyWALL (ZLD) CLI Reference Guide