advertisement
Intercept Anti-Spam
Configuring SPF
To configure SPF
1. Select Security > Anti-Spam > Anti-Spam > SPF .
2. Select the Enable SPF check box.
3. Select the Strip incoming SPF headers check box to strip any “Received-SPF” header from incoming messages.
Spammers may attach their own forged SPF headers to create the impression that the email is from a legitimate source
4. Select the Add outgoing SPF header check box to add an SPF header to the outgoing message.
DomainKeys
DomainKeys is a sender authentication technology used to prevent spammers from spoofing mail headers and launching phishing attacks. The sender of an email message is authenticated by querying the sending domain’s DNS records. The DomainKeys protocol allows server administrators to add a digital signature to their outgoing messages that can be validated via DNS.
The domain owner generates a public and private key pair to use for signing all outgoing messages. The public key is published in their DNS records and the private key is used to sign outbound messages. By verifying the signature in the headers of the email using the public key, the receiving host can verify that the email is originating from the legitimate mail server for that domain. This prevents spammers from sending forged emails. The WatchGuard XCS also supports the signing of outgoing messages with DomainKeys using the
Policy engine.
DomainKeys actions only apply to incoming mail messages that have failed a DomainKeys check (such as an email message where the signature in the message header does not match the corresponding published
DomainKeys record.) If a specific mail server does not have an existing DomainKeys record then the message is processed normally. It is possible, however, that administrators may misconfigure their DNS DomainKeys records, resulting in false positives and legitimate hosts being blocked from sending you mail. The weight assigned to DomainKeys in the Intercept settings will be the score used by Intercept processing if the message fails a DomainKeys check.
202 WatchGuard XCS
advertisement
Related manuals
advertisement