smaller reset larger        English         

Main Menu

All times are in GMT -8 (DST) :: The time is now 4:03 pm.

Sub Menu

Article Data
Article Ref
8142-WUJZ-0660
Written By
Philip Slater
Date Created
Tue, 23rd Oct 2007
Updated By
Philip Slater
Date Modified
Tue, 23rd Oct 2007
 
(Lost?)

   External Content Filters & Users and reducing SPAM using direct IP address of CGP server

Question 

I have an external appliance doing my SPAM filtering. I have mobile users that submit messages from various, read non-client, IP addresses. If I leave 25 and 587 open, spammers may submit messages directly to the CommuniGate Pro server using the fixed IP address and bypass my content filter. If I block all inbound SMTP to non-client addresses, my mobile users can not submit any mail. What can be done to make this environment work?

Answer 

As you are not using content filters on the CommuniGate Pro server, you become limited in the solution that you have for avoiding the scenario that you described.

The first thing that is going to be required is a server rule with the following parameters.

Conditions

    * Submit Addresses is not SMTP [IP addresses of content filter]
    * Source not in Trusted,Authenticated

Actions

    * Reject with All mail deliveries  from your location must use the front door or show proper identification.


Explanation of Conditions

Submit Address is not SMTP [IP address] will take a look at where the message is coming in from and the protocol being used. What we are looking for here is whether or not mail is coming in via SMTP from a specific IP address. If the mail is not from that location, then the statement is 'True'.

Source not in Trusted,Authenticated is broken into two parts. Trusted being those IP addresses that are in your Client IP address range. Authenticated being a message submitted with either SMTP Authentication or via MAPI or via WEB or via POP XMIT or PIPE.

So in effect we are stating that if the message IS NOT from your content filter AND IS NOT from your trusted networks OR your authenticated users then it is coming from elsewhere and should be rejected.

How Useful Was This Article?      (Rating: 100%    Votes: 2)  

Select a Rating

Article Comments 

There are currently no comments.