This help section describes the URL Blacklist settings dialog of ORF.
Use this dialog to edit the URL blacklist-related settings ORF.
A single email may contain multiple URL domains. You can control the maximum number of domains checked in SURBLs using this value.
Consider that a single domain check requires as many DNS lookups as many active SURBLs you have. The more SURBLs you have enabled, the lower this value should be set.
ORF can recognize email addresses, FTP and web (HTTP/HTTPS) URLs. Spam can be recognized best based on the web URLs.
The URL extraction and de-obfuscation is a processor-intensive operation. The larger the email part scanned, the more processor time the extraction takes. Spam emails rarely exceed 50-80Kb text or HTML part size, but legitimate emails may be significantly larger.
Enable this option to skip extracting URL domains from the text part of the email if there are both text and HTML parts. Most modern email clients display the HTML part of such multi-part messages only, so it is very likely spammers put spamvertized domains in the HTML part only: scanning the text part is a waste of system resources.
Click the Presets button to select a preset which reflects your preference. If the email throughput is relatively high (i.e., millions of emails per day), select Optimized for maximized throughput. Servers with lower traffic (a few thousand emails per day) should have no problem with throughout scanning of each email, so the Normal and even Optimized for maximum spam catch rate presets can be used without issues.