How to configure the Antispam module of Bitdefender Security for Exchange
This article describes a typical setup for the Antispam section of the Bitdefender for Exchange.
Configuring the Global filters options
Allow/Deny IP List
In this pane you can whitelist or specify known spam sending servers or IP classes. Click the „Add" button and you can enter either a server's IP or an entire class that your server will accept mails from.
Simmilar to the „Allow/Deny IP List" - here you can enter known mail addresses that will be rejected by the server regardless of the IP they are sent from.
Usually the „Check authenticated connections" is left unchecked as authenticated connections are usually safe.
„Use IP Match" - this option can be used to filter out spoffed mails. Enter your domain IP class/domain name to filter SPAM mails sent from email@example.com. You can also enter other IP/domain pairs when needed.
Real-time Blackhole List
At this section you can enter RBL servers to add an additional layer of protection. A list of RBL servers can be found at this KB article.
Basic Antispam policies configuration
We have previously created 2 SMTP groups that will be used during our setup: Administrators and Users. Depending on your particular needs you can use multiple groups to create advanced mail scanning configurations.
We will create 3 custom policies to enable the following:
- mails sent to the administrators group will not be scanned - administrators will receive all mails including SPAM ones
- mails sent by a member of the administrators group to everyone will not be scanned (note we have checked the „Check authenticated connections" option so these mails will be scanned even though they are sent by authenticated users.
- mails received by members of the Users group will be scanned and if marked as SPAM a copy of the mail will be sent to firstname.lastname@example.org (the original mail will be marked accordingly and delivered).
- mails that are sent by the Users group will be scanned
- mails sent/received by any other group except the Users and Administrators will be scanned and a copy of the mails detected as SPAM will be quarantined
In order to create the setup above we will need 3 custom rules + the default „Default rule".
Admins to All
All to admins
All to users