Note: Note:
|
This facility only appears if you have selected the Advanced Configurable Rule Filter. It does not appear if you have selected the Basic Pre-configured Rule Filter. |
This is the main control page for all the rules you can create in Praetor. From here, the links are provided to create new rules, both conditional and global, based on the different message directions. You can also import rules from the periodic updates you receive via email from CMS that contain additional capabilities to deal with new spamming techniques.
Note:
|
For outbound rules, if Praetor is installed directly onto an Exchange 200x server, it will never see the outbound SMTP message. This is true even if you try to configure Exchange to deliver to itself by declaring its own IP address as the smarthost for all outbound mail. The reason for this is because Exchange 200x detects that the IP address specified is its own address, and therefore bypasses it to deliver directly to the receiving mailhost. In this way it prevents a message loop. The only way to allow Praetor to perform outbound mail filtering for Exchange 220x is to install it onto a separate machine. Then your smarthost setup will work as expected. |
To view the list of all existing rules simply select the appropriate node in the tree structure you see in the left pane. The right pane will then show the available rules, which are listed in the order by which they will be performed, with the top-most rule being performed first.
Note:
|
As supplied, these default rules simulate the preset and system internal Bayesian and pre-filter rules. If you want to manipulate the order of these default rules, keep in mind that your enable rule order will only be recognized if you disable the preset "Bayesian Filtering" on this page, relying instead on the user rules that test the Bayesian spamicity values as seen above. Also two default rules near the very top of the list deal with attachments. One rule will reject messages with banned attachments known to be virus infections and the second rule deals with quarantining suspicious attachments. It is this second rule that has protected all Praetor customers from email-borne virus infections without the need to wait for any updates. CMS highly recommends that you leave these two rules active and positioned near the top of the list. |
Many of the default inbound conditional rules deal with spam and they are enabled as you can see above. One in particular deals with a new spamming technique we call a "Reverse NDR" attack. The rule to defend against this is left disabled so that you can populate the list of local user addresses. This attack essentially turns your mail server into an indirect mail relay. Spammers have found that most mail servers are immune for a direct attempt to relay mail, but they are vulnerable to this indirect relay attack, most especially Exchange and Domino. Read how to set up Praetor to defend against this attack.
You may deactivate any default enabled inbound conditional rules. We do suggest, however, that you continue to quarantine those messages until you have some experience with what messages these rules will trap. Do not change the primary action from quarantine to reject until you are familiar with what messages might get trapped.
If you find too many messages are getting quarantined, perhaps you might want to let your users decide for themselves. This can be done if you are using Microsoft Exchange server and the users have the Outlook desktop client. Read this FAQ to learn how this is set up.
If you select on any rule in the right pane and press the right-mouse button, a menu will appear to give you several options on making rule changes. Also notice the appearance of additional icons on the toolbar at the top of the window when a rule has been selected in the right pane.
|
Icon |
Menu item |
Description |
|
|
Create a new rule in the same direction and the same type, conditional or global, as the others in the list. | |
|
|
Save changes |
Save any changes you made so that they take effect immediately. |
|
|
Move the selected rule down in the list so that it is performed by Praetor after other rules above it. | |
|
|
Move the selected rule up in the list so that it is performed by Praetor before other rules below it. | |
|
- |
Enable / Disable |
Enable or disable the selected rule(s). |
|
|
Delete |
Delete the selected rule. An alternative is to simply uncheck the rule so that it is de-activated and not used by Praetor. |
|
|
Open the rule to change any of the conditions, exceptions, or actions of the selected rule. If you want to change or add new word criteria, you can easily do this by clicking on the appropriate entry in the lower window containing the rule description details. | |
|
|
Help |
Open the online help manual. |
For a discussion on rule ordering and its importance in the optimal performance of Praetor, click here.
Note:
|
Unlike changes to lists which take effect immediately, Praetor
rule additions, changes in position, enable/disable, etc. only
take effect after you press the |
