Filter
Top Products
SurfControl RiskFilter - E-mail V5.2.4 Administrator’s Guide 63
S
YSTEM
S
ETTINGS
Key Points
2
KEY POINTS
The following list is a summary of the main points covered in Chapter 2. Use this list as a quick reminder of
what you can do within the System Settings tab:
Q RiskFilter can notify the administrator by sending a message to a predefined address, when an event
such as a service stopping occurs.
Q User Directories provide RiskFilter with recipient address validation and end-user authentication.
Servers that can be used are: Microsoft Active Directory, IBM LDAP Server, Generic LDAP, ESMTP,
Recipient File and Local Database.
Q Microsoft Active Directory, IBM LDAP Server, Generic LDAP, ESMTP and Local Database can all be
used for PEM authentication.
Q A user-defined list of e-mail addresses and passwords can be imported onto the RiskFilter appliance
and stored in the database for authentication and validation purposes.
Q You can configure RiskFilter to act as a proxy server for POP3, Webmail and IMAP.
Q You can store messages in a different place to the default by changing the default directories within the
Logs and Archives screen.
Q For an extra layer of security RiskFilter supports the use of TLS verification/encryption.
Q If your certificate is due to expire, RiskFilter will notify you of the fact. When you see these notifications
you need to import a new certificate.
Q A default certificate is supplied with RiskFilter but this will need to be renewed when it expires, or
replaced with a certificate from a certificate authority such as Verisign.
Q It is a good idea to make a backup of the default certificate supplied with RiskFilter. This means that in
the event of the certificate on the RiskFilter appliance being corrupted or destroyed, you can simply
import your backup copy onto the machine.
Q Improve system performance by limiting the number of simultaneous connections to the system.
Q You can specify that a SMTP greeting message is delayed for a specified time, so that if a client tries to
send data ahead of this time, the connection is dropped. This helps to prevent spam, as spam sending
applications send a lot of messages very quickly.
Q You can specify an IP address or a group of IP addresses as trusted IP addresses, to enable them to
bypass RBL checks and SMTP greeting.
Q RiskFilter enables you to stop your e-mail system from being used as an open relay by spammers.
Relay control limits the server to only relaying e-mails for specific domains.
Q You can limit the message size, data size per connection, number of messages per connection, and
the number of recipients per message.
Q A message can be sent to the administrator when a filter is triggered.
Q Connections and messages will be refused if they come from addresses or domains which are listed in
the blacklist.