Controlling Phishing Filter by Using Group Policy
End-users of Internet Explorer 7 and 8 may always change the settings of the Phishing Filter for IE7 or the SmartScreen Filter in IE8. The only settings the end-users have are to enable and disable the filtering feature from the browser's tools menu or in the Advanced tab of Internet Options.
An administrator who manages many computers in an organization or business could prefer to control the settings of Phishing Filter or SmartScreen Filter for IE using the Group Policy Editor. This allows the administrators to set one setting for Phishing for all computers in their network and prevent the users of the computers at work to modify the settings.
The group policy object (GPO) for the Phishing Filter in IE7 is easy to manage by opening the Group Policy Editor (type gpedit.msc in the run command in Windows, then hit OK key on the keyboard). Navigate from Computer Configuration to User Configuration > Administrative Templates > Windows Components > Internet Explorer. In the details or right pane, double-click the "Turn off Managing Phishing filter" to start managing the Microsoft Phishing Filter in IE.
By default, the "Turn off Managing Phishing filter" is not configured which means the settings that the Phishing Filter in IE7 may be configured using the browser by any user who have access to IE.
Selecting "Enabled" and configuring the phishing filter mode to "Automatic" means the browser will always check a website without prompting the user to check whether a website is a reported phishing site. Selecting a "Manual" phishing filter mode will display a balloon or phishing filter icon as a prompt to check a website for its status from the Microsoft URL Reputation service. Note that selecting Manual will automatically check the URL or website using the local analysis or based on the legitimate lists. If the administrator do not want any computers in the network to use the Phishing Filter, the "Off" phishing filter mode will be selected. The end-users of the computers in the network will not be able to change the settings using the browser settings or tools menu.
The settings of Phishing Filter for IE7 using Group Policy Editor applies to all security zones of Internet Explorer except the "Local Intranet" Zone which by default disabled or not in use. This because the database that the Phishing Filter is using will ignore or will not take action on any websites, URL or IP addresses that are listed in the legitimate lists and Intranet sites.
Please note that the Phishing Filter group policy object only applies to Internet Explorer 7. If you are using IE8 or the upcoming Version 9 of Internet Explorer; the Phishing Filter group policy object does not apply but you need to use the SmartScreen Filter GPO:
Image credit: Screenshot taken by the author.