C. Create a custom Service for IMAP:
Command-Line Interface
gw-world:/> add Service ServiceTCPUDP my_imap_service
Type=TCP
DestinationPorts=143
Protocol=IMAP
D. Add an IPPolicy to allow IMAP traffic and associate the profile with it:
gw-world:/> add IPPolicy SourceInterface=lan
SourceNetwork=lan_net
DestinationInterface=dmz
DestinationNetwork=dmz_net
Service=my_imap_service
Name=lan_to_dmz
Action=Allow
EmailControl=Yes
EC_Policy=my_email_profile
Web Interface
A. Create an EmailProfile object for filtering the mail:
1. Go to: Policies > Firewalling > Email Control > Add > Email Control Profile
2. Now enter:
• Name: my_email_profile
• Anti-Spam: Enable
• Domain Verfication Score: 5
• Malicious Link Protection Score: 5
• DNS Blacklists: Enable
• Blacklist 1: zen.spaumhaus.org
• Tag Subject Text: *** Probably SPAM ***
3. Select OK
B. Add an EmailFilter object to the profile for whitelisting:
1. Go to: Policies > Firewalling > Email Control
2. Select my_email_profile
3. Select Whitelist/Blacklist
4. Select Add > Email Filter
5. Now enter:
• Action: Whitelist
• Source Type: Email Address
Chapter 6: Security Mechanisms
533
To Next Page
Loading...
