ORF Features

Features

The list below describes the features of ORF Enterprise Edition in details. Please select the feature that you are interested in to learn more about it.

• Filtering based on DNS blacklists
• SURBL support
• Greylisting
• Attachment and keyword filtering
• Automatic Sender Whitelist
• Recipient validation
• SPF client
• External Agents
• Tarpit delay
• Reviewing emails caught by the filter
• Dual filtering points model
• Reporting
• Logging and monitoring
• Real-time statistics
• IP blacklist, sender and recipient email blacklists
• IP whitelist, sender and recipient email whitelists
• Reverse DNS test
• Sender Score Certified™ DNS whitelist support
• HELO blacklist
• DNS cache
• Exportable/importable lists

• Filtering based on DNS blacklists
  ORF Enterprise Edition allows using multiple DNS blacklists at the same time for spam filtering, which greatly reduces administration costs and provides high spam filtering efficiency. ORF is shipped with a predefined set of selected DNS blacklist definitions, but users can also extend the definitions. See screenshot.
  Top of the page
• SURBL support
  SURBLs are online databases of "spamvertized" domains. ORF can check the links found in emails in these databases and so detect spam emails. Multiple SURBLs can be used concurrently and the default SURBL definition set can be extended.
  Top of the page
• Greylisting
  Another anti-spam feature based on temporary rejection of emails from unknown senders. While greylisting provides an outstanding spam catch rate, it causes about 15 minutes delay of emails from unknown senders as well.
  (This feature can be used at the Before Arrival filtering point only)
  Top of the page
• Attachment and keyword filtering
  Using the attachment filter you can drop emails with malicious attachments or replace them with a customisable warning text. Both the keyword and the attachment filtering support using Perl-compatible regular expressions, which makes the filtering extremely flexible. Both features are Unicode-aware, so you can block emails with foreign charsets or words with accented characters. See screenshot.
  Top of the page
• Automatic Sender Whitelist
  A self-learning whitelist which monitors your outgoing emails and builds a sender email address whitelist from the recipients of the outgoing emails. In other words, the recipients of the emails that you send become whitelisted senders.
  Top of the page
• Recipient validation
  This feature can be used to validate recipients and accept emails only for valid users. Spam is often sent with fake sender email address that which do not exist to recipients that are no longer or never been valid, which results in a large number of NDR's filling up the mail queue. Validation can happen based on the Active Directory, SQL databases or text address lists.
  Top of the page
• SPF client
  The Sender Policy Framework (SPF) is an email authentication protocol which helps recognizing email address forgery. As most of the spam arrives with forged sender address, SPF can do a great job in reducing spam.
  Top of the page
• External Agents
  This feature allows integrating third-party applications, such as anti-virus or anti-spam products, with ORF. Depending on which agents are used, it can boost ORF's spam filtering performance significantly or act as another layer of defense against viruses. You can download agent definitions for a few software from our website or define your own. See screenshot.
  Top of the page
• Tarpit Delay
  Delays your server's response to blacklisted mails. Can be used to slow down/stop Directory Harvest Attacks or to fight back to spammers.
  Top of the page
• Reviewing emails caught by the filter
  The blacklist actions are customizable, the blacklisted emails can be dropped, redirected to a specific email address or they can can be tagged (header or subject) with a customizable indicator of spam. These tagged emails can be moved to separate folders automatically by Microsoft® Outlook at the users for later review.
  (This feature can be used at the On Arrival filtering point only)
  Top of the page
• Dual filtering points model
  ORF's unique ability is to filter emails both before email arrival and on email arrival. Blacklist tests performed by ORF can be assigned to the Before Arrival, the On Arrival or both filtering points. It is useful, for example, to bounce emails sent to non-existent local recipients before arrival, while performing DNS blacklist tests at the On Arrival filtering point provide you the ability of reviewing emails caught by the DNS blacklists. More about filtering points is available in the FAQ. See screenshot of the test assigments.
  Top of the page
• Reporting
  Using the ORF Reporting Tool you can generate detailed printable reports for arbitrary periods, which helps you to fine-tune the spam filtering performance and understand your email traffic better. See screenshot.
  Top of the page
• Logging and monitoring
  ORF provides detailed, customisable logs about its activity. Multiple log destinations are supported (text log, Windows Event Log, BSD syslog and email notifications). ORF text logs can be viewed by any text file viewer or by ORF's built-in log viewer tool, which also provides powerful searching and filtering features. See screenshot.
  Top of the page
• Real-time statistics
  The Enterprise Edition provides real-time statistics about its activity. Statistics can be sent automatically to our company which creates DNS blacklist popularity statistics from user reports. These statistics can be viewed on our website (see DNS blacklist statistics). See screenshot.
  Top of the page
• IP blacklist, sender and recipient email blacklists
  ORF allows you to block specific IP addresses (and IP ranges), message senders or message recipients (local mailboxes) as determined in the blacklists. The IP blacklist supports both IP addresses and subnet definitions. Addresses on the sender/recipient blacklist can be defined by either the address, simple wildcarded mask or Perl-compatible regular expressions.
  Top of the page
• IP whitelist, sender and recipient email whitelists
  The IP and sender address whitelist can be used to exclude specific email sources from filtering (e.g. business partners), while the recipient whitelist provides an easy way to exclude specific local mailboxes from filtering. The IP whitelist supports both IP addresses and subnet definitions. Addresses on the sender/recipient whitelist can be defined by either the address, simple wildcarded mask or Perl-compatible regular expression.
  Top of the page
• Reverse DNS test
  Using the reverse DNS (RDNS) test you can reject emails coming from fake, non-existent domains.
  Top of the page
• Sender Score Certified™ DNS whitelist support
  Return Path, Inc's Sender Score Certified™ service provides a public DNS whitelist. ORF can use this whitelist to recognize trusted senders. More information about this program is available at www.senderscorecertified.com.
  Top of the page
• HELO blacklist
  This blacklist test allows identifying poorly written spammer software and viruses based on HELO domain rules.
  Top of the page
• DNS cache
  The Enterprise Edition can keep the DNS lookup results in an internal cache for a user-specified period of time. This saves you bandwidth and increases spam filtering speed.
  Top of the page
• Exportable/importable lists
  The IP, sender and recipient whitelists and blacklists can be exported/imported to and from various text formats, including CSV which can be imported by Microsoft® Excel®. DNS blacklist definitions, keyword and attachment filtering expression and other type of lists can be exported/imported in XML format.
  Top of the page