Mail Flow Scanning

Created by Jason Carreiro, Modified on Mon, 21 Jun, 2021 at 10:15 AM by Abderrahim Ibnou el kadi

Mail Flow Scanning

 

Inbound mail will get scanned in the below order, and may get rejected at the first stage.

 


  • Proofpoint Dynamic IP reputation (PDR) check and Cloudmark Sender Intelligence (CSI) check
  • Service level DNS checks
  • Anti-virus check
  • Attachment Defense check (if licensed)
  • Anti-spoofing check
  • Customized filter checks (see next section)
  • Spam engine check
  • URL Defense modification


 

PDR Rejection


The Proofpoint Dynamic Reputation service is our proprietary block list. IP owners can review

the PDR listing and removal KB for further information. Proofpoint will bounce messages indicating blocked by prs.proofpoint.com.

 

Custom Filter List Order Of Operations

 

The custom filter list is based upon both Sender Lists and a Filter created. This goes in the top down order in the table below:

 

Filter Order

 

In the filter page, filters are prioritized by a top-down selection in itself.

 

Scope Order

 

In filter order in the table below, it should be noted that the hierarchy of similar filter type goes:

  • End-user has highest priority
  • Group has middle priority
  • Organization has lowest priority

 


 

Order Number

Type

Scope

Action

Entry action

 

1

 

Filter

 

End-User

N\A

N\A

 

2

 

Filter

 

Group

N\A

N\A

 

3

 

Filter

 

Organization

N\A

N\A

 

4

Sender List

 

End-User

 

Block

 

IP Address

 

5

Sender List

End-User

Safe

IP Address

6

 

Sender list

 

End-User

 

Block

 

SMTP Address

 

7

 

Sender list

 

End-User

 

Safe

 

SMTP Address

 

8

 

Sender

list

 

End-User

 

Block

 

Domain

 

9

 

Sender list

 

End-User

 

Safe

 

Domain

10

 

Sender list

 

End-User

 

Block

 

Wildcard Domain

 

11

 

Sender

list

 

End-User

 

Safe

 

Wildcard Domain

 

12

 

Sender

list

 

End-User

 

Block

 

Wildcard IP

13

 

Sender list

 

End-User

 

Safe

 

Wildcard IP

14

 

Sender list

 

End-User

 

Block

 

CIDR

15

Sender list

 

End-User

 

Safe

 

CIDR

16

 

Sender list

 

Group

 

Block

 

IP Address

 

17

Sender list

 

Group

 

Safe

 

IP Address

 

18

Sender list

Group

Block

SMTP Address

19

 

Sender list

 

Group

 

Safe

 

SMTP Address

20

 

Sender list

 

Group

 

Block

 

Domain

21

 

Sender list

 

Group

 

Safe

 

Domain

22

 

Sender list

 

Group

 

Block

 

Wildcard Domain

23

 

Sender list

 

Group

 

Safe

 

Wildcard Domain

24

 

Sender list

 

Group

 

Block

 

Wildcard IP

25

 

Sender list

 

Organization

 

Safe

 

Wildcard IP

26

 

Sender list

 

Organization

 

Block

 

CIDR

27

 

Sender list

 

Organization

 

Safe

 

CIDR

28

 

Sender list

 

Organization

 

Block

 

IP Address

29

 

Sender list

 

Organization

 

Safe

 

IP Address

30

 

Sender list

 

Organization

 

Block

 

SMTP Address

 

31

Sender list

Organization

Safe

SMTP Address

32

 

Sender list

 

Organization

 

Block

 

Domain

33

 

Sender list

 

Organization

 

Safe

 

Domain

34

 

Sender list

 

Organization

 

Block

 

Wildcard Domain

35

 

Sender list

 

Organization

 

Safe

 

Wildcard Domain

36

 

Sender list

 

Organization

 

Block

 

Wildcard IP

37

 

Sender list

 

Organization

 

Safe

 

Wildcard IP

38

 

Sender list

 

Organization

 

Block

 

CIDR

39

 

Sender list

 

Organization

 

Safe

 

CIDR