• Scan all allowed attachments for viruses.
Command-Line Interface
A. Create a POP3 ALG object:
gw-world:/> add ALG ALG_POP3 pop3_client_alg
HideUser=Yes
FileListType=Block
File=exe,msi
VerifyContentMimetype=Yes
Antivirus=Protect
B. Create a new Service object for POP3:
gw-world:/> add Service ServiceTCPUDP pop3_client_service
Type=TCP
DestinationPorts=110
ALG=pop3_client_alg
C. Create an IP Rule for email traffic from the mail server:
gw-world:/> add IPRule Action=Allow
Service=pop3_client_service
SourceInterface=lan
SourceNetwork=lan_net
DestinationInterface=dmz
DestinationNetwork=mail_server_ip
Name=pop3_mail
Web Interface
A. Create a POP3 ALG object:
1. Go to: Objects > ALG > Add > POP3 ALG
2. Under General enter:
• Name: pop3_client_alg
• Enable the option Prevent a user from revealing a user does not exist
3. Under File Integrity enter:
• Select exe and msi for blocked file types
• Enable the option Block file with extension that does not match MIME type
4. Under Anti-Virus enter:
• Mode: Protect
5. Click OK
B. Create a new Service object for POP3:
Chapter 6: Security Mechanisms
460
To Next Page
Loading...
