Reflexion and You: RTC Advanced Settings
Posted by Max McElroy, Last modified by Max McElroy on 31 July 2020 03:06 PM
This article will: describe advanced message filtering options
This article will not: Infer best practices.
Reflexion RTC offers a number of "advanced" options to further filter messages that pass through the spam filter. These options can be used to limit exposure, prevent specific types of files from coming through, block regional IPs, and more. Read on for further information.
The Permitted Languages feature allows the blocking of categories of languages and alphabet types. If users are receiving spam messages in foreign languages or alphabets, these settings can be used to prevent their delivery. Alternatively, if a client should only be receiving messages in English (or its relatives), then all languages other than "Western European" family can be blocked. This can be applied to individual users, or on the Enterprise level
Permitted Countries allows for blocking of messages from specific regional IP bands. This option does NOT check to see who owns the IP, only WHERE the IP is registered. This can have adverse effects on organizations that have international datacenters (O365, GSuites), but will block IPs owned/registered by the specified countries' IP registrar. This option will not block messages from country specific top tier domains; please use the block list feature to block the domain name. Permitted Countries can be applied to individual users, or on the Enterprise level. Reflexion services use the IP2Location Geo-location services. To confirm where an IP is registered, please use the Demo on the ip2location website: https://www.ip2location.com/demo/
The subject filtering option will search subject lines of messages for a matching string. The entry is not case sensitive, and will is not looking for an exact match. This means that if the subject entry is just "milf" then "Milford" will be flagged as a subject violation. The entries will accept spaces before and after the entry to help expand the match criteria, and not flag Milford as a subject violation. Subject Filtering can be applied to individual users, or on the Enterprise level.
The attachment filtering rules are designed to build a "do not deliver" list for specific file types. The entries on this page WILL overrule the Allow List.
Block executable files (...) within compressed files: This option will check compressed files for various types of executable files, as long as the compressed archive is not password protected.
Block messages with attachments that violate RFC2183: This option checks the attachments of a message to ensure that they are RFC2183 RFC2183 is more deeply explained on this KB: https://tickets.reflexion.net/index.php?/Knowledgebase/Article/View/1/1/
Block all files containing macros: This option is as described. If there is a macro embedded into the attachment itself, this option will quarantine the message. This option does NOT execute URLs or links within attachments, and will only check to see if the macro is embedded into the encoding of the attachment.
While Reflexion does maintain subscriptions to various IP blacklists, the IP Filtering option allows you to set up your own IP based blocking. Creating a new entry will allow you to add individual IPs or specified subnets, and also specify if you want to Allow the entry, or block it as spam.