A. Create an SMTP ALG object:
1. Go to: Objects > ALG > Add > SMTP ALG
2. Under General enter:
• Name: SMTP_inbound_alg
3. Under File Integrity enter:
• Select exe and msi for blocked file types
• Enable the option Block file with extension that does not match MIME type
4. Under Anti-Virus enter:
• Mode: Protect
5. Under Anti-Spam enter:
• Enable DNS Anti-Spam Filter
• Under DNS Blacklists add zen.spamhaus.org with a value of 5 and dnsbl.dronebl.org with
a value of 3.
6. Under Whitelist/Blacklist select Add and enter:
• Action: Blacklist
• Type: Sender
• Email: *.@example.com
7. Click OK
B. Create a new Service object for inbound SMTP:
1. Go to: Objects > Services > Add > TCP/UDP Service
2. Now enter:
• Name: smtp_inbound_service
• Type: TCP
• Destination: 110
• Enable SYN Flood Protection
• ALG: smtp_inbound_alg
3. Click OK
C. Create an IP Rule for email traffic to the mail server from the Internet:
i. Create a SAT IP rule to translate the server address:
1. Go to: Policies > Firewalling > Main IP Rules > Add > IP Rule
2. Now enter:
Chapter 6: Security Mechanisms
455
To Next Page
Loading...
