Home > How-to Guides > How to Enable IP Filtering Service

How to Enable IP Filtering Service

This article applies to the following products:

  • Messageware EPG 2019
  • Messageware EPG 2016
  • Messageware EPG 2013

 


OVERVIEW

The Filtering Service allows administrators to import and manage downloaded lists of high-risk IP addresses from trusted sites. Navigate to EPG – Admin > IP Filtering > Filtering Service.

 


Enabling Filtering Service

  • Set Enable Block List to Enabled
    • Enabled - EPG will enforce imported block lists
    • Disabled - EPG will not enforce (ignore) imported block lists
  • Set Import Block List to Enabled
    • Enabled - EPG will import the configured block lists according to the configured schedule
    • Disabled - EPG will not import configured block lists. If lists are already imported they will continue to be used

 

 

Enabling Filtering Service

Update Mode - Choose the update mode to be Daily (once per day) or Weekly (once per week)
 

Day - if weekly, choose the day of the week the filtering service will download and import the configured IP Block Lists
 

Time - choose what time the Filtering Service will download and import the configured IP Block Lists.


First Import:  To schedule and test the first import, select today and “manually” type the time approximately 10 minutes from the current time.  Wait and reload the Admin page to ensure the process started. If the process has not started, check the Eventlog on the server where EPG Monitor is installed.


The EPG Monitor component, installed on one server in your environment, is responsible for the download and import of the IP Block Lists.  Some IP Block Lists are quite large and can take some time to process.

 

 

Adding IP Block Lists

  1. Select “Add new record”  
  2. Set the Enabled checkbox to ensure the list will be turned on
  3. Select the Type of list or choose “Custom”. The list type does not impact how the file is processed in any way and is only for your reference
  4. Enter a file name for referencing the IP Block List – note that this is just for reference purposes and does not need to match any filename that the provider may suggest
  5. Add a Description for reference
  6. Enter the URL or full path to a local file for downloading the block list
  7. Select Insert to add the new record to the list


Example for entering UCE Protect level 1 IP Block List


Example for entering a local IP Block List file


Recommended IP Block Lists

The following block list providers and URLs are recommended:

UCE Protect

Level 1: http://wget-mirrors.uceprotect.net/rbldnsd-all/dnsbl-1.uceprotect.net.gz

Level 2: http://wget-mirrors.uceprotect.net/rbldnsd-all/dnsbl-2.uceprotect.net.gz

Level 3: http://wget-mirrors.uceprotect.net/rbldnsd-all/dnsbl-3.uceprotect.net.gz

For more info, see http://www.uceprotect.net/en/index.php

 

SPAMHaus

Drop List: https://www.spamhaus.org/drop/drop.txt

E-Drop List: https://www.spamhaus.org/drop/edrop.txt

For more info, see: https://www.spamhaus.org


Checking IP Block List status

The Filtering Service web page will show the status of downloading and importing each of the configured Block Lists.

IP Block Lists are processed in sequential order, not in parallel, so it is possible that there will be no status for some block lists while others are processing.

To refresh the status, click on the ‘Refresh’ button in the lower-right corner rather than the web-browser reload which will return to the main Admin pages.

 

If additional details are available, a button next to the status will appear. 

Status messages during the Block List download and import are:

Status

Description

Pending initial download

This status occurs after an IP Block List is first configured, before the Filtering Service has started to download and process the IP Block List file.

Update successful

This status occurs after the Filtering Service has successfully processed the IP Block List file.

No update

This status occurs when the Filtering Service has determined that there were no new updates since the last time the IP Block List file was processed.

Processing IP Ranges (25%)

This status occurs when the Filtering Service is parsing the IP Block List file.

Importing into DB

This status occurs when the Filtering Service is adding the blocked IP ranges into the EPG database

 

If an issue occurs when the Filtering Service is attempting to download and process the IP Block List file via the URL, an error status may appear.

Common errors are:

Status (Error)

Description

Failed to connect to URL

EPG was unable to retrieve the list from the configured URL.  This can occur if the URL has a typo, or if the block list provider is rate limiting or requiring authentication to access the list.

Failed to extract list

EPG was unable to extract the list.  This can occur if an unexpected response like an error page was returned instead of the IP Block List file when EPG pulled the URL for the list.  Please check the URL to see whether it downloads an IP Block List file.

Failed to parse list

EPG was unable to parse the list.  This can occur if an unexpected response like an error page was returned instead of the IP Block List file when EPG pulled the URL for the list. Please check the URL to see whether it downloads an IP Block List file.

Unsupported format

The IP Block List file downloaded does not appear to be in a supported format.  EPG supports P2P and CIDR for the line format, and ZIP, GZ, TXT extensions representing the compression format.

File path invalid
File access denied
File path not found
File path too long
File IO error
File path not supported
File opening error

These statuses are I/O related failures and should generally not occur.  Please contact Messageware Support if you see one of these status errors.

 

 

Example: