capa=PIPELINING
To indicate that the pipelining extension was removed from the SMTP server reply to an EHLO
client command.
Although ESMTP extensions may be removed by the ALG and related log messages generated,
this does not mean that any emails are dropped. Email transfers will take place as usual but
without making use of unsupported extensions removed by the ALG.
Example 6.5. SMTP ALG Setup
In this example which is illustrated above, an SMTP ALG is to be used to monitor email traffic that
is flowing to a mail server on a DMZ network from the public Internet. It is assumed that the mail
server has a private IPv4 address which is defined by the address book object mail_server_ip so a
SAT IP rule will be needed to translate the firewall's public IP address to this private address.
It is assumed that the wan interface of the firewall is connected to the public internet and the
public IP address of the interface is defined by the wan_ip address book object.
The SMTP ALG will perform the following actions:
• Block any attached .exe or .msi files.
• Block any attachments where the file extension differs from the file's MIME type.
• Scan any remaining attachments for viruses and do not allow them through if a virus is
detected.
• Tag any mails flagged as SPAM by a DNSBL lookup at zen.spamhaus.org (weighted 5) and
dnsbl.dronebl.org (weighted 3).
• Drop any mails that come from the domain example.com.
Chapter 6: Security Mechanisms
453
To Next Page
Loading...
