Tests
This help section explains the test settings available under in the Administration Tool.
General Information
A brief description of each test is displayed when the name of the test or the down arrow icon is clicked. ORF tests could be enabled or disabled on this page globally, and the filtering point assignments of enabled test can be also managed here: tests could run at the Before Arrival, the On Arrival or both filtering points. For more information, see the Filtering Points Concept section.
Selecting the right filtering point for your setup
The right filtering point for tests depends on your email delivery setup and intentions. There are many things to consider. Please see the Filtering Point Selection section for detailed information.
Managing Tests
Enabling or disabling tests
Click the ON / OFF button next to the name of the test to enable or disable it. When a test is disabled, ORF skips performing the given test.
Assigning a test to filtering points
Enable or disable the selected test at the Before Arrival, On Arrival or both filtering points by clicking the 
and 
symbols (the latter means the test is enabled for the filtering point). Filtering point assignments can be edited only when the test is enabled. Some tests, such as the Keyword blacklist and Attachment filtering work at On Arrival only, so they cannot be assigned to the Before Arrival filtering point.
Configuring a test
Click Settings to jump to the configuration page of the test.
Whitelist Test Exceptions
See the Whitelist Test Exceptions topic.
Filtering Point Selection
Basically, there are two setup elements that affect the filtering point selection: perimeter servers and secondary MXs (also called "backup email servers"). These are called Intermediate Hosts in ORF.
Perimeter servers (a.k.a. front-ends)
The front-end is a host which receives the email before ORF would filter the email. The front-end is not necessarily a separate box, it may be e.g., an anti-virus proxy on the same server where ORF runs.
Secondary MXs
The secondary MX or backup email server is another server which receives emails for your domain when your server (the primary MX) is down. Spammers often send to the secondary MX directly to bypass spam filtering software, which typically runs on the primary MX only and trusts the secondary MX.
The following table summarizes the effective filtering selections for the various email delivery setups.
| Case | Setup | Before Arrival | On Arrival | Both |
|---|---|---|---|---|
| A | Direct Delivery (no front-end or secondary MX) | Yes | Yes | Yes |
| B | No front-end, but there is a secondary MX | No | Yes | Yes |
| C | Front-end | No | Yes | No |
- Case A) You receive emails directly from the Internet, so you can take advantage of ORF's full filtering capabilities. To stop spam at the earliest stage of delivery, it is suggested to assign all blacklist tests possible to the Before Arrival filtering point. Of course, exclusively On Arrival tests (like the SURBL, Keyword and Attachment filtering tests) will still run at On Arrival.
- Case B) Your secondary MX address has to be on the Intermediate Host List. Due to this, emails from your secondary MX will be whitelisted at the Before Arrival filtering point. This would result in a decreased filtering effectiveness, but you can work this around by assigning all tests to Both filtering points. This way, emails sent directly to your primary MX will be tested at Before Arrival whenever it is possible, but emails relayed from the secondary MX will be tested at On Arrival.
- Case C) The front-end address has to be on the Intermediate Host List and due to this, all emails will be whitelisted at the Before Arrival filtering point. The only reasonable selection is the On Arrival filtering point in this case.
Accepting Blacklisted Emails
The above is a good starting point if you want to reject all blacklisted emails as soon as possible. However, if you want to accept and tag or redirect them (because you want to allow users to review blacklisted emails) assign all tests to On Arrival instead. See the On Arrival Action Settings section for more information.
Sample filtering point assignments I.
The below table shows an optimal filtering point selection for the following case:
- Setup: no front-end or secondary MX
- Intention: drop blacklisted emails
| Test | Before Arrival | On Arrival | Both |
|---|---|---|---|
| DNS Whitelist | | ||
| Automatic Sender Whitelist | | ||
| Reverse DNS | | ||
| DNS blacklists | | ||
| HELO domain blacklist | | ||
| SPF test | | ||
| IP blacklist | | ||
| Sender blacklist | | ||
| Recipient blacklist | | ||
| Recipient validation | | ||
| DHA protection test | | ||
| Honeypot test | |
Sample filtering point assignments II.
The below table shows an optimal filtering point selection for the following case:
- Setup: No front-end, but there is a secondary MX
- Intention: drop blacklisted emails
| Test | Before Arrival | On Arrival | Both |
|---|---|---|---|
| DNS Whitelist | | ||
| Automatic Sender Whitelist | | ||
| Reverse DNS | | ||
| DNS blacklists | | ||
| HELO domain blacklist | | ||
| SPF test | | ||
| IP blacklist | | ||
| Sender blacklist | | ||
| Recipient blacklist | | ||
| Recipient validation | | ||
| DHA protection test | | ||
| Honeypot test | |
Sample filtering point assignments III.
The below table shows an optimal filtering point selection for the following case:
- Setup: Front-end (and maybe a secondary MX in addition to the front-end)
- Intention: any
| Test | Before Arrival | On Arrival | Both |
|---|---|---|---|
| DNS Whitelist | | ||
| Automatic Sender Whitelist | | ||
| Reverse DNS | | ||
| DNS blacklists | | ||
| HELO domain blacklist | | ||
| SPF test | | ||
| IP blacklist | | ||
| Sender blacklist | | ||
| Recipient blacklist | | ||
| Recipient validation | | ||
| DHA protection test | | ||
| Honeypot test | |
Notes
If you have a front-end and all tests are assigned to On Arrival, make sure Tarpit delay is disabled for that filtering point, otherwise you will "punish" your front-end only when delaying SMTP responses.