www.mailcleaner.net Technical description V2017.8 Rev: 30-08-17
INTERNET SECURITY APPLIANCE PWR SYS AUX CARD RESET USB WAN1 WAN2 OPT LAN1/LAN2/DMZ 1 2 P1 P2 P3 P4 P5 P6 P7 MASTER SLAVE(S) MailCleaner Copyright Fastnet SA 1996 17 MAILCLEANER GLOBAL PROCESSING Random Distribution Redistribution per domain MX 3 Exchange Domain 1 MX 2 ZyWALL USG 200 MX 1 POP3 / IMAP Domain 2 Database & Web interfaces Virus scan Spam detection Content detection Quarantine POP3 / IMAP Domain 3
SMTP - Checks SMTP STAGE1 incoming dialog REFUSE? REFUSE? REFUSE? REFUSE? REFUSE? SMTP STAGE2 outgoing dialog SMTP checks Verify sender Domain, SPF RBLs Connecting hosts Anti Macro Outgoing Scan virus Connection control Allow relaying IPs Reject hosts IPs Reject senders Address Resources control SMTP Timout Rate limit Per host CALLOUT RCPT TO: = user refused Option per domain Validation via: SMTP or LDAP Greylisting Option per domain cache From IP From: To: Database SMTP LDAP
MAIN FILTERING PROCESS SMTP STAGE2 dialog From INCOMING MAILCLEANER PROCESS filtering queue outgoing queue Newsl tagged Spam tagged Cleaned and tagged Cleaned and tagged Newsletter ANTISPAM ANTIVIRUS Dangerous content MODULES MODULES 3rd parties MODULES IPRBLs UriBLs Newls Rules TrustedSources NiceBayes ClamSpam 3rd parties PreRBLs UriRBLs Spamc ClamAV (SecuriteInfo) (Kaspersky) HTML controls Message format Attachement
MAILCLEANER PROCESS spam/ham tagged ANTISPAM TrustedSources SPF authenticated DNS whitelists Anti-Spam NiceBayes ClamSpam PreRBLs UriRBLs! Configuration sample: order of modules and choices 3rd parties options SpamC RBL Syntax Botnet Bayes Special OCR
MAILCLEANER PROCESS Cleaned / tagged Dangerous content HTML controls Scripts Iframe objects Formulars Codebase objects Web Bugs block Disarm allow Content filtering Message format Encrypted Password protected Partial contents Extaernal bodies block Disarm allow Attachement File name regexp File type content block Disarm allow
Quarantine Drop QUARANTINE QUARANTINE ENGINE quarantine / tagged / drop (User pref.) To mail servers Tagged QUARANTINE Spam mail storage Newsletter quarantine reports (periodic or on demand) periodic purge script A B C D message release Accept Newsletter Web User Interface filter adjustment request
ADMIN INTERFACE Configuration Management Monitoring Base System Network settings DNS settings Localization Date and time Proxies Registration General settings Defaults Company Quarantines Periodic tasks Logging Domains Global settings Add, modify SMTP SMTP checks Connection control Resources control Greylisting Anti-Spam Modules Content protection Global settings Anti-virus HTML controls Message format controls Attachment name Attachment type Accesses Administrator Services Web interface SNMP monitoring Database Users Search by user Search by email Search by domain Manage preferences Spam quarantines Search by email Search by date Search by sender Search by subject Release messages Message preview Request filter adjustment Content quarantines Search by email Search by date Search by sender Search by subject Search by ID Release messages Tracing Search Manage Reporting Per domain By date Logs Flat Search Status Processes Spools Memory Load Stats Admin Interface
Increase filtering quality & updates False negatives False positives Email Redirect MailCleaner user feedback Web User Interface MAILCLEANER ANALYSIS CENTER ANTIVIRUS ROUTINELY FINE TUNING FILTERING PROCESS AUTOMATIC UPDATE to all MailCleaner servers Every hour Every 15 minutes
DANGEROUS CONTENT VIRUSES NEWSLETTERS SPAM SPAM CLEAN MESSAGES Efficiency Viruses deleted Dangerous content retained Newsletters retained Spam retained in quarantine 99.99 % filtered depending on 3rd parties options Clean messages