Domain Control Panel Options

From Greenview Wiki

Contents 1 The Domain Control Panel 2 Filter Actions 2.1 Modify Subject 2.2 Forward To 2.3 Reject 2.4 Delete 3 Mailboxes 3.1 Mailbox List 3.2 Mailbox List: Email Bypass 3.3 Mailbox List: Sub-addressing 4 URL/Phone # Filter 5 Phrase Filter 6 SPF (Sender Policy Framework) Filter 7 Pattern Matching 8 Additional Filtering 9 Spammer IP Blacklist 10 Country Blocking 11 Real-Time Blacklists 12 Personal Whitelist 12.1 Whitelisting by IP Address 12.2 Whitelisting by Sender Email Address 13 Personal Blacklist 13.1 Blacklisting by IP Address 13.2 Blacklisting by Email Address 13.3 To change the Personal Blacklist action taken when the message is filtered 14 Attachment Filters 15 Anti-Virus 16 Custom Content Filter Rules 17 Customer Mail Server 18 Firewall 19 Recommended MX Records for yourdomain.com

The Domain Control Panel

The Domain Options/Configuration Settings page is the heart of your domain's spam filter settings. From here, you can manipulate our entire range of service, to better personalize your spam blocking.

Filter Actions

Most of the filters have configurable actions, which are outlined below.

Modify Subject

Specify a string to insert at the beginning of the subject line, or easy viewing or spotting of spam messages in your regular inbox

Forward To

Specify an email account at your domain where you would like the email message forwarded to.

Instead of fully blocking spam, it can be re-directed to a special spam mailbox at your domain, e.g. spam@yourdomain.com. This lets you examine it to ensure that no legitimate email is being blocked.

Make sure you set up the email account that you specify, before using this option. Also remember to monitor the mailbox so that it doesn't get full to where it no longer accepts any new messages and start queueing up on our server as undeliverable.

Reject

You can reject the message at the SMTP layer with a rejection message. You are no longer notified about the existence of the email, but the sender is notified that the message was not delivered. In the case of a false positive, the sender can contact you by another method. In most cases, instead of our mail server accepting the email message for delivery from the sender, we will reject the message at the SMTP layer. This results in a spammer getting the rejection message even if they are using a fake reply email address. You can customize the rejection message. This is the recommended option for any blocking due to its protection for false positives.

Delete

This will just delete the email message. You aren't notified, and the sender isn't notified. It's just forgotten about.

Mailboxes

This section will give you some different options concerning mailboxes for your account

Mailbox List

Using this feature, you will be able to list all of the legitimate users on your domain, and can decide weather if you would like to accept email for any mailbox or just for mailboxes that you define as existing.

This feature will allow us to only accept email for valid email addresses and instantly notify spammers via an SMTP reject about invalid recipients. Using this feature allows us to offer some directory harvesting protection via tarpitting. Using this feature greatly reduces the load on our filter servers, because we don't have to perform content filtering on the message. It also reduces load on your server, by letting us reject messages to invalid recipients on our end, even if they don't trigger a spam filter. Up to 80% of spam for some domains is sent to email addresses that aren't even valid.

1. Click on the "Edit" link next to "Mailboxes".
2. Add your email addresses on at a time using the "Add Mailbox" text box and "Add" button.
   Optionally, you can add multiple email names (one per line) using the form reached through the "Add New Mailboxes" link.
   Make sure you add both email account names and any email alias names that you may have.
3. When you're done adding names, select the "Only accept mail for the mailboxes listed below." item from the "Mailbox List" radio selection.
4. Select the "Spam filtering ON by default for all mailboxes" item from the "Spam Filtering" radio selection.
5. Finally, click on the "Set" button to save the changes.

Wait 10-15 minutes for the database to update, and watch the majority of the spam messages disappear right at the source, as the spammers start getting reject messages in their email software (5.7.1 User unknown).

Mailbox List: Email Bypass

In this section, you can also add user address which you do not wish to filter upon.

Note: Disabling spam filtering does not disable virus filtering for that email address.

1. Click on the "Edit" link next to "Mailboxes".
2. Click on the "Add New Mailboxes" link.
3. Note your default Spam Filtering policy.
4. Add one mailbox per line, followed by a semicolon (;) and then either 0, 1, or 2,
   depending upon what your default setting Spam Filtering policy is.
   
   0 = default
   1 = filtering on
   2 = filtering off
   
   For example, if your default policy is "Spam filtering ON by default for all mailboxes", then to diable filtering for the john@yourdomain.com and jane@yourdomain.com "bypass" email addresses you would enter:
   
   john;2
   jane;2
5. Click on the "Add" button to add the entries.

Mailbox List: Sub-addressing

Some mail servers allow the use of sub-addressing with +tag qualifiers. For example, joe+newsletters@yourdomain.com. If you use this type of sub-addressing, you may use a +* wildcard entry in the mailbox list. You can also just enter each sub-address explicitly as you would any other mailbox name.

For example, if you would like to accept joe@ as well as any sub-address for joe, enter both "joe" and "joe+*" in the mailbox list.

A wildcard sub-address enter in the mailbox list will take precedence over any explicit sub-address entry. For example, if you enter "joe+newsletters" as a bypass address and "joe+*" with filtering on, an e-mail going to "joe+newsletters" would always be passed through the filtering.

URL/Phone # Filter

Use this feature to configure the action taken after the filtering of email using the SpamStopsHere maintained database of spammer advertised URLs and Phone Numbers. This is the filter that is going to catch most of your spam.

1. Click on the "Edit" link next to "URL/Phone # Filter".
2. Select one of the four radio options next to the action you would like to take on email caught with this filter (REJECT Recommended)
3. Click on the "Set" button to save the changes.

Phrase Filter

Use this feature to configure the action taken after the filtering of email using the SpamStopsHere maintained database of long unique phrases found in some types of spam.

1. Click on the "Edit" link next to "Phrase Filter".
2. Select one of the four radio options next to the action you would like to take on email caught with this filter (REJECT Recommended).
3. Click on the "Set" button to save the changes.

SPF (Sender Policy Framework) Filter

The Sender Policy Framework (SPF) is an open standard to help fight sender address forgery. Forging the sender address is a common technique used by spammers to avoid delivery notifications and by defrauders to impersonate trusted senders for phishing scams.

SPF allows domain owners to publicize a list of servers authorized to send e-mail for that domain. This information can be used to determine if an e-mail message has a forged sender address.

The action below will be taken when the following are true:

1. The domain in the sender's address has SPF records established.
2. The e-mail message does not come from a server authorized by SPF to send e-mail for that domain.

When an anti-spam filter identifies a message, the filter action removes the message from the filter chain, preventing further processing. Because this isn't an anti-spam filter, the action of "Continue Filtering E-mail" is available, which continues processing the message through the remaining anti-spam filters in the chain. For this filter, "Modify Subject" doesn't end the filter chain and can be used together with "Continue Filtering E-Mail".

1. Click on the "Edit" link next to "SPF Filter".
2. Select whether you want messages identified by this filter tagged with the "Modify Subject" checkbox (Recommended).
3. Select one of the four radio options next to the action you would like to take on email caught with this filter (Continue Filtering E-mail Recommended).
4. Click on the "Set" button to save the changes.

SPF Record validation can cause false positives, but they will likley be caused by configuration problems with the sending domain's SPF records or due to senders unknowingly violating the domain owner's sending policy. In general, SPF validation is a very sound method to validate a sender and can safely be used to reject forged e-mail, regardless of whether it would otherwise be identified as spam.

IMPORTANT: When using an anti-spam service, you will need to disable any SPF record checking that you may have implemented on your own e-mail server. This is because e-mail will be delivered to you from the anti-spam service, and not directly from the sender's mailserver, breaking any SPF record validation done on your end. Instead, you will need to rely on the anti-spam service's SPF record validation, such as using the above feature.

Pattern Matching

Use this feature to configure the action taken after the filtering of email using the SpamStopsHere maintained database of heuristic type filters.

To change your pattern matching settings

1. Click on the "Edit" link next to "Pattern Matching".
2. Select one of the four radio options next to the action you would like to take on email caught with this filter (MODIFY SUBJECT Recommended).
3. Click on the "Set" button to save the changes.

Additional Filtering

These additional filtering rules enforce policies of what type of email to accept.

"Aggressive" options are not recommended, but may be suitable for small or family domains that want to block porn from minors. However they will block some legitimate emails.

To change the Additional Filtering:

1. Click on "Edit" next to "Additional Filtering".
2. Check the boxes next to the filters you would like to enable, or uncheck to disable.
3. Select one of the four radio options next to the action you would like to take on email caught with this filter.
4. Click on "Set" to save the changes.

Spammer IP Blacklist

This is an internally maintained IP blacklist of senders our Spam Analists have created.

To change the Spammer IP Blacklist function:

1. Click on the "Edit" link next to "Spammer IP Blacklist".
2. Select one of the four radio options next to the action you would like to take on email caught with this filter (MODIFY SUBJECT Recommended).
3. Click on the "Set" button to save the changes.

Country Blocking

Country blocking identifies email sent from mail servers that are in the IP address space assigned to a specific country. This option is not available for any political reason.

The Country Blocking is static. If a sender's email is coming from an IP address in a foreign country that you are subscribed to for the Country Blocking feature, the message will be identified by this filter. It doesn't matter whether the message is spam or not. However, if it may be coming from a country that is known for sending a lot of spam. If you only have contacts in the United States, it's possible that these messages are unwanted, but the email did not trigger any of our spam filters.

The default setting is to tag these messages with "[Foreign Sender]". The tag is informational only and it may help you to determine whether to look at the message.

To change your Country Blocking settings:

1. Click on the "Edit" link next to "Country Blocking".
2. Review the list of countries and place checkmarks next to ones you dont wish to recieve email from.
3. Select one of the four radio options next to the action you would like to take on email caught with this filter (MODIFY SUBJECT Recommended).
4. Click on the "Set" button to save the changes.

Real-Time Blacklists

This service uses several popular "Real-time Blacklists" (RBLs) of mail server IP addresses known for spamming. These currently include:

The third party Real-Time Blacklists are maintained by third parties. These blacklists are of IP addresses that were reported to have sent spam to their users. If a sender's email is coming from an IP address on one of the blacklists that you are subscribed to, the message will be identified by this filter.

We don't maintain these blacklists, and you will want to contact the list maintainer in order to determine why one of your senders was listed. The status of an IP address being listed does change, and it doesn't require any changes on your end to get more of your legitimate or spam email identified by this filter from one day to the next. It just depends on who you receive email from, and whether they're listed in the real-time blacklist that day. Therefore results will vary. It's possible that these messages are unwanted, but the email did not trigger any of our spam filters.

Many organizations get listed in a real-time blacklist because a workstation on their network is sending spam. This can be the result of a virus infection, or simply a malicious spamming user, or unsound mailing list policies. Many ISPs such as AOL or Comcast could also have their email servers listed temporarily for the same reason, causing all email from that ISP to be tagged for awhile.

The default setting is to tag these messages with "[Blacklisted Sender]". The tag is informational only and it may help you to determine whether to look at the message.

These filters typically will only identify less than 1% of your email. If you don't find these tags useful, you can disable them by unsubscribing from these filters in the SpamStopsHere Control Panel. Note that many anti-spam products only use these types of IP address based filters, and it used to be common to block messages identified by them. Due to their inaccuracy, we don't recommend DELETING or REJECTING messages caught by these filters, so there is no need to QUARANTINE (an Enterprise Edition feature) the messages either. These types of filters should simply be used to provide additional information about the source of the message.

To change the selected "blacklist" databases:

1. Click on "Edit" next to "Real-Time Blacklists".
2. Check the boxes next to the blacklists you would like to use, or uncheck to not use.
3. Select one of the four radio options next to the action you would like to take on email caught with this filter (MODIFY SUBJECT Recommended).
4. Click on "Set" to save the changes.

Personal Whitelist

You can create a personal "whitelist" to ensure that important clients and other contacts will never be blocked, even if they send you spam. Please keep your whitelist as small as possible to prevent allowing through spam. Whitelisting over 500 email addresses is not supported and should not be required.

Whitelisting by IP Address

1. Determine the IP address of the organization's mail server to be whitelisted.
   This can be done by examining the headers of e-mail messages from the organization. Or you can simply ask the administrator of their mail server for this information.
   
2. Click on "Edit" next to "Personal Whitelist".
3. Under "Whitelist Options", select "Whitelist by: IP Address" in the list box.
4. Enter the IP address of the mail server (in dotted decimal notation, ie. 123.123.123.123) in the "IP Address" text box under "Whitelist Arguments".
   Optionally, specify "Comments" that will help you to remember why this entry was created.
   
5. Click on the "Create" button to create the entry.

Whitelisting by Sender Email Address

1. Determine the sender's email address to be whitelisted.
2. Click on "Edit" next to "Personal Whitelist".
3. Click on the "Create new entry" link.
4. Under "Whitelist Options", select "Whitelist by: E-mail Address" in the list box.
5. Enter the email address in the "E-mail Address" text box under "Whitelist Arguments".
   
   Optionally, you can allow all email address at a specific domain by specifying just the domain preceded by the at (@) symbol in the "E-mail Address" text box. For example, to allow any email addresses@customer.com, you would enter:
   
   @customer.com
   
   Optionally, specify "Comments" that will help you to remember why this entry was created.
   
6. Click on the "Create" button to create the entry.

Personal Blacklist

Please be careful creating a blacklist or you may unintentionally block legitimate email.

You can create a personal "blacklist" to block email from specific sources. It can be used for things like blocking email from someone who is harassing you by email. Or you might want to block recruiters who are trying to steal your employees. Basically, it's to be used for blocking email that you receive that can't be considered Unsolicited Bulk Email (UBE) and blocked globally by us.

Please do not use this to block spam (UBE) that is making it past our filters. That's our job. Instead, send a plain text message including the complete headers and message source of the spam to us. That will allow us to investigate why the email made it past our filters and find the best way to prevent it from happening again for not only you, but for the rest of our customers.

Note: When you blacklist an IP address, you blacklist an entire mail system, and you will block all email from that organization. While this is probably acceptable with small organizations, be sure not to blacklist the IP address of a large ISP's mail system that any one of your clients or contacts may be using. (See Step 2. below for assistance.)

Blacklisting by IP Address

1. Determine the IP address of the organization's mail server to be blacklisted.
   This can be done by examining the headers of e-mail messages from the organization.
   
2. Go to www.dnsstuff.com and enter the IP address into the "IPWHOIS Lookup" box. This will tell you what country this IP address is assigned to, and, sometimes, the name of the company that owns the IP address. This will help you decide if you should blacklist the IP address.
   You probably do not want to blacklist major mail systems such as Yahoo, Hotmail, AOL, etc., or you won't receive any more email from anyone with those type of email services. These services are still used by many legitmate home and business users.
   
3. Click on "Edit" next to "Personal Blacklist".
4. Click on the "Create new entry" link.
5. Under "Blacklist Options", select "Blacklist by: IP Address" in the list box.
6. Enter the IP address of the mail server (in dotted decimal notation, ie. 123.123.123.123) in the "IP Address" text box under "Blacklist Arguments".
   Optionally, specify "Comments" that will help you to remember why this entry was created.
   
7. Click on the "Create" button to create the entry.

Blacklisting by Email Address

1. Determine the sender's email address to be blacklisted.
2. Click on "Edit" next to "Personal Blacklist".
3. Click on the "Create new entry" link.
4. Under "Blacklist Options", select "Blacklist by: E-mail Address" in the list box.
5. Enter the email address in the "E-mail Address" text box under "Blacklist Arguments".
   Optionally, you can allow all email address at a specific domain by specifying just the domain preceded by the at (@) symbol in the "E-mail Address" text box. For example, to block all email addresses@annoying.com, you would enter:
   @annoying.com
   Optionally, specify "Comments" that will help you to remember why this entry was created.
   
6. Click on the "Create" button to create the entry.

To change the Personal Blacklist action taken when the message is filtered

1. Click on "Edit" next to "Personal Blacklist".
2. Select one of the four radio options next to the action you would like to take on email caught with this filter.
3. Click on "Set" to save the changes.

Attachment Filters

Attachment filters allow you to enforce policies against email attachments based on filename. Since wildcards are supported, it is trivial to enforce policies against files based on filename extension.

If an attachment matches any of the file types indicated, the attachment can either be replaced with a warning or the entire e-mail can be filtered. If you chose to have the e-mail filtered, you may choose an action to take on the e-mail (click “Edit Filter Setting”).

1. Click on the "Edit" link next to "Attachment Filters".
2. Specify a filter (the asterisk(*) is available as a wildcard charcter) in the "Filter:" field.
3. Click on "Add Filter"

Anti-Virus

Anti-virus service is ran on all attachments using a constantly updated commercial anti-virus engine that we have licensed.

It is available at an extra cost, which is based on a percentage of your regular price. This is a valuable feature for removing viruses from virus laden email messages before they reach your organization. This not only decreases the size of the email messages, but also helps protect against infection.

Signing up for the Anti-Virus add-on service:

1. Click on the "Sign up" link next to "Anti-Virus".
2. Read and agree to the terms presented.
3. Click on the "Sign Up Now" button to pay for and activate the service.

Configuring the Anti-Virus add-on service:

1. Click on the "Edit" link next to "Anti-Virus".
2. Select the "Enabled" or "Disabled" radio selection button to enable or disable the scanning of attachments for viruses.
3. If enabled, make a selection for the minimum characters:
   Disable minimum: Disables the minimum character length of virus infected email bodies. You will receive the message no matter how long the body of the message is (not including the virus).
   Enable minimum: Enable a minimum character length for virus infected email bodies. You can use this feature to completely block (delete) all email messages if the only thing they contain is the virus. If there is no body to read, and we're deleting the virus, there's really no point in receiving a blank email message. This feature allows you to prevent receiving the blank email messages. You can then specify a minimum length in characters.
   
4. Click on the "Save" button to save the changes.

Custom Content Filter Rules

The advanced custom content filtering rules are for the unique situations that a power user may want to provide specific mail handling rules for. This document is not going to attempt to explain how email messages are formatted or what regular expressions are. This document is only designed to cover the terminology used in our interface and to document any differences from the standard.

This feature allows you to create custom, advanced string matching filtering rules based on parts of the message. The rules are checked against each email message in priority order until one matches or the last rule is processed. You can match on the following message parts:

Entire Message: Headers plus the first 20kb and last 2kb of the message body.
Header: Any header item and it's value.
Body: First 20kb and last 2kb of the message body.
From: The "mail from:" value. This is not necessarily the same as the "From:" header.
Recipient: The "rcpt to:" value. This is not necessarily the same as the "To:" or "Reply-To:" header.
Subject: The value of the "Subject:" header.

The string operators available are:

Contains: String is located within the message part (case insensitive)
Doesn't Contain: String is not located within the message part (case insensitive)
Equals: String exactly matches message part (case sensitive).
Reg Exp: Traditional NFA (perl) Regular expression, without seperators (what's normally between the "/" in perl.)

You are able to specify advanced actions for the match, including:

ACCEPT: Accept the email message (handle it normally).
REJECT: Do not accept message and state the reason for the rejection.
FORWARD: Forward the email message to another email address.
DELETE: Delete the message. No one is notified. The message is just forgotten about.

Creating a Custom Content Filter Rule:

1. Click on the "Edit" link next to "Custom Content Filter Rules".
2. Under "Filter Options", specify a detailed "Name:" and "Description:" that will help you to remember what this rule does.
3. Under "Filter Conditions", specify a message part, an operator, and a string to match on.
4. Optionally click on the "Add Condition" button to add another condition and specify a logical operator of "AND" or "OR".
5. Specify the "Filter Position" for this rule to "Run at":
   
   Before Blacklisting: Use this setting when creating rules to "whitelist".
   After Blacklisting: Use this setting when creating rules to "block".
   
   
6. Under "Filter Action", specify an "Action:" for this rule.
   
   If you specify "REJECT", you will have to specify the message to include in the rejection email message.
   
   If you specify "FORWARD", you will have to specify the email address to forward the message to.
   
   
7. Optionally, you can add a header item to the message if it is matched using the "Add Headers" fields.
   
   Header: The name of a header item to add to the email message. When creating a custom header, please start it with "X-" to be standards compliant. For example, you might specify "X-CustomFilter1".
   Header Content: The content of the header item to add to the email message. For example, you might specify "True".
   
   In the above examples, this would result in a header being added to the message like this:
   
   X-CustomFilter1: True
   
   You might use a header like this to tag a specific abusive email message that required special attention. You could then program your email server or email client to take a specific action when it saw messages containing this custom header.
   
   
8. Click on the "Add Rule" button to add the rule to your custom content filter.

Changing the priority (order) of your Custom Content Filter Rules:

1. Click on the "Edit" link next to "Custom Content Filter Rules".
2. Select the radio button next to the rule that you want to move up or down in priority (order).
3. Click on the "Move Up" button to move the rule up in priority, or "Move Down" to move the rule down in priority (order).
   

Customer Mail Server

Do not change this unless you fully understand the consequences. An incorrect change will stop all email to your organization! Only the person in charge of your organization's domain or mail server should make this change.

Our service must know where to relay (send) the email after it has been checked for spam. The correct Hostname (or IP) of your domain's mail server was determined by the Setup Wizard. In the rare case that your Hosting company changes the name of its mail server, or your organization changes the name (or IP) of its own mail server, then the new name must be entered into the SpamStopsHere service.

To change the Hostname or IP of your mail server:

1. Click on the "Edit" link next to "Customer Mailserver".
2. Confirm that you understand the consequences of this change.
3. Enter the new Hostname (or IP address) for the domain's mail server.
4. Click on "Set".
5. Test that your e-mail works. Using another mail system, e.g. an account on Yahoo or Hotmail, send several e-mail messages to your account. Examine the header of these emails to verify that they were relayed through our service.

Firewall

You can configure a firewall between your email server and the Internet to only allow our relays to connect to it on the SMTP service port. This will prevent email from bypassing our relays. Click here for more information.

If you do decide to set up a firewall as described, you will first want to remove any remaining MX records for your domain that contain your actual email server. After this is done, you will want to wait at least the TTL value of your DNS resource records, and preferably 72 hours before implementing a firewall.

The IP address information that you will need from us to configure the firewall is available in this section of the control panel. When implementing a firewall, you must also check the box in the control panel that notifies us that you are using a firewall. This will ensure that we only attempt to deliver email to your mail server from the listed IP addresses, which should not need to be updated even as we continually expand.

To view the firewall configuration information and notify us that you are using a firewall:

1. Click on the "Edit" link next to "Firewall", under "Mail Server Settings".
2. Check the "Firewall enabled for mail server:"e; box under "Firewall Settings".
3. Click on the "Save" button to save the changes.

Recommended MX Records for yourdomain.com

Using this option, you can view the recommended DNS (Domain Name Service) MX records for your domain. Using only the MX records listed here will prevent most email from bypassing our service and will also allow us to do load balancing, or quickly move specific customers' service to a different mail server.

IMPORTANT: If your domain uses an ISP's mail server, the ISP may not allow you to remove their mail server from your MX records. Not leaving in the MX records that you had prior to signing up might interfere with the successful handling of your email by your ISP's mail server. You should check with them before attempting it. More information is available here.