Cipafilter Documentation - E-mail Configuration
Posted by Jim Giseburt, Last modified by Jim Giseburt on 11 April 2017 03:19 PM
This feature is deprecated.
Cipafilter provides several e-mail security and content-filtering features, including a robust anti-spam system. The filter acts as a proxy and firewall to protect your mail server from the Internet; this allows you to take full advantage of your mail server's advanced features without the risk of having it accessible to hackers and worms. We recommend placing your existing server behind the Cipafilter and configuring it with only a private IP address; then, change your
Because of the problems with spam in recent years, many companies have become more cautious about the mail servers with which they communicate. Many unofficial rules have been adopted in a piecemeal fashion across the Internet. If your mail server is configured incorrectly, you may find that most people will receive your messages but for some they arrive marked as spam — and for some they don't arrive at all. Please allow us to help you through setting up your mail server to be compliant with all official and unofficial guidelines for message processing.
However, if you are an expert, and wish to configure the server yourself, please be certain to comply with the following guidelines. If you don't understand the reasoning behind any of the following, our tech support representatives will be happy to go over it with you.
E-Mail Content Filtering
The E-Mail Content Filtering option applies the Web content filtering technology to incoming and outgoing mail messages. If a message is inappropriate, an e-mail is sent to the person in your organization who either was sending it or was the intended recipient, and the message is blocked. This is useful for filtering out pornographic spam.
The E-mail Archive option can be set to one of three settings:
Archived messages can be browsed via the E-mail Archive page. If you are archiving mail for retention purposes, be sure to speak with tech support about creating a suitable backup and recovery plan.
The Cipafilter can automatically append a message footer to each e-mail passing through it. Simply compose your desired footer and upload it through the Web interface. Footers can be selected for plain-text messages as well as HTML-formatted mail.
To configure the Cipafilter to proxy e-mail for an existing server, add a route for your domain pointing to your mail server's private IP address in the Mail Routes table.
Subnets Authorized for SMTP Relay
Only e-mail clients using IP addresses matching IPs or subnets listed here can use the Cipafilter as an outgoing mail server. Addresses may be entered as bare IPs, CIDR-style subnets, or
The Anti-Spam Sensitivity option controls how aggressively the filter's automated anti-spam system will score suspicious e-mail attributes. Different sensitivity levels may be added from time to time; higher sensitivity levels will block more spam, but they may also increase the risk of blocking legitimate mail.
The Cipafilter can redirect all spam with a score above a certain threshold to a spam mailbox instead of delivering this mail to the intended recipient. To use this feature, select the desired Spam Forwarding Level and then enter the spam mailbox address as the Spam Forwarding Address.
E-mail to and from servers on this list will not be intercepted by the anti-spam system. Enter the server IP, domain name, or subnet here if you have difficulty receiving e-mail from another party. Cipafilter's anti-spam system works with all standards-compliant mail servers; however, some older and custom systems may have problems.
Note: The Anti-Spam Whitelist does not bypass virus scanning for e-mail items.
All e-mail from the specified domains, subnets, and e-mail addresses will be rejected with a
Custom Anti-Spam Rules
While Cipafilter's anti-spam detection system is designed to function without manual user configuration, some organizations may find that their individual circumstances require a more active approach. For those customers, the Custom Anti-Spam Rules table can be used to define scoring rules for the anti-spam system.
Each custom rule will trigger a search of the message attribute selected under the Match Against column for the text or expression defined in the Match Expression column. If found, the anti-spam system will increase or decrease the overall score of the message as specified in the Score option.
The following message attributes are available from the Match Against drop-down:
Three Match Expression syntaxes are supported:
Cipafilter's anti-spam detection system uses a scoring mechanism whereby higher scores indicate more suspicious e-mail. For example, the score 10.0 is very suspicious, while the score -10.0 is very trustworthy. Messages with a final score of 5.0 or greater are classified as spam. By default, scores are assigned according to rules developed by the greater anti-spam community (with some proprietary additions/modifications); these rules are updated frequently and all Cipafilter units receive the latest changes daily.
Custom spam rules, upon match, add or subtract from a message's final score, potentially causing or preventing a spam classification. For simplicity, Cipafilter provides score modifiers of +/- 0.250, 1.000, 3.000, and 999.0. Because a score of only 5.0 is required to classify a message as spam, it does not take very much to affect the final classification; it is preferable, therefore, to use the minimum score modifier (+/-0.250) whenever feasible. Greater score modifiers should be used only when lower ones have been tested and found not to provide the desired effect.
The +/-999.0 scores are so high/low that usually nothing but another +/-999.0 score can counter it. This means that (e.g.) giving a custom rule a +999.0 score will result in a near 100% spam classification (block) rate for any message matching the rule. This score modifier should be used extremely sparingly.
Notes about anti-spam
Cipafilter provides a very "hands-off" anti-spam solution which does not rely on intervention from end users or administrators. This differs from many other vendors, whose solutions involve users/administrators manually classifying mail as spam or not spam.
The manual classification approach does have merit; it often results in exceptionally high accuracy, for example, especially in environments with a very large number of users participating in classification. This is the way most Web-mail providers' spam filters work, for instance — the Web interface allows users to easily mark their messages as spam or not spam, and, after this happens to a certain type of message a certain number of times, that information is used to block those messages for all other users of the service.
The primary advantage of the Cipafilter approach — and the Cipafilter product in general — is ease of configuration and use. Administrators do not need to provide a large body of mail to train the filter during set-up, nor must they become mail experts in order to configure policies and rules, nor must they or end users continuously monitor their mail for spam. The disadvantage is that, although the Cipafilter solution does have a very high rate of success, it may never be quite as accurate as a major Web-mail provider or an enterprise product that requires manual user intervention.
Please also be aware that, by design, the Cipafilter product does not consider newsletters, social-networking notifications, legitimate advertising, and other forms of user-solicited bulk mail to be spam. The Cipafilter anti-spam system does not and will not ever (intentionally) block these legitimate mailings, however irritating some users may find them. It is recommended that users simply unsubscribe from legitimate bulk mailings they do not wish to receive.