set ip_profile check
FortiMail™ Secure Messaging Platform Version 3.0 MR4 CLI Reference
06-30004-0420-20080814 175
ip_profile check
Use these commands to configure various session checks.
Syntax
set ip_profile <name_str> check 3_way {enable | disable}
set ip_profile <name_str> check allow_pipelining {no | loose | strict}
set ip_profile <name_str> check domain {enable | disable}
set ip_profile <name_str> check eom_ack {enable | disable}
set ip_profile <name_str> check helo {enable | disable}
set ip_profile <name_str> check open_relay {enable | disable}
set ip_profile <name_str> check recipient {enable | disable}
set ip_profile <name_str> check rewrite_helo {enable | disable}
set ip_profile <name_str> check rewrite_helo_custom {enable | disable}
<helo_str>
set ip_profile <name_str> check send_dsn {enable | disable}
set ip_profile <name_str> check sender {enable | disable}
set ip_profile <name_str> check splice {enable | disable} <integer>
{seconds | kilobytes}
set ip_profile <name_str> check stop_empty_domains {enable | disable}
set ip_profile <name_str> check stop_encrypted {enable | disable}
set ip_profile <name_str> check syntax {enable | disable}
Keywords and Variables Description Default
<name_str> Enter the name of the session profile.
3_way
{enable | disable}
Enable or disable message rejection if recipient and HELO domain match
but sender domain is different.
This check only affects unauthenticated sessions.
disable
allow_pipelining
{no | loose |
strict}
Disable, enable, or enable strict command pipelining.
• {no} The FortiMail unit accepts only a single command at a time during
an SMTP session.
• {loose} Some SMTP command sequences are accepted and
processed as a group, increasing performance over high-latency
connections.
• {strict} Pipelining is enabled, but limited to strict compliance with
RFC-2920.
no
domain
{enable | disable}
Enable or disable rejection of EHLO/HELO commands with invalid
characters in the domain.
disable
eom_ack
{enable | disable}
Enable or disable immediately acknowledging end of message (EOM)
signal. If disabled, the antispam check is run on the message before
acknowledgement is sent. The sending server could time-out while
waiting for EOM acknowledgement.
disable
helo {enable |
disable}
Enable to disable checking of the existence of the domain reported in the
client’s HELO command by looking up both the MX record and A record.
disable
open_relay
{enable | disable}
Enable or disable open relay check. This check only affects
unauthenticated sessions.
disable
recipient
{enable | disable}
Enable or disable checking the recipient address for a valid domain. disable
rewrite_helo
{enable | disable}
Enable or disable rewriting the EHLO/HELO domain to the IP string of the
client address. The rewritten EHLO/HELO will be in the format x.x.x.x
disable
rewrite_helo_custom
{enable | disable}
<helo_str>
Select to rewrite the HELO domain to the specified value for any session
this profile applies to.
disable
To Next Page
Loading...
