capa=PIPELINING
To indicate that the pipelining extension was removed from the SMTP server reply to an EHLO
client command.
Although ESMTP extensions may be removed by the ALG and related log messages generated, this
does not mean that any emails are dropped. Email transfers will take place as usual but without
making use of unsupported extensions removed by the ALG.
SMTP ALG with ZoneDefense
SMTP is used for both mail clients that want to send emails as well as mail servers that relay emails
to other mail servers. When using ZoneDefense together with the SMTP ALG, the only scenario of
interest is to block local clients that try to spread viruses in the outgoing emails.
Using ZoneDefense for blocking relayed emails to an incoming SMTP server would be inadvisable
since it would disallow all incoming emails from the blocked email server. For example, if a remote
user is sending an infected email using a well known free email company, blocking the sending
server using ZoneDefense would block all future emails from that same company to any local
receiver. Using ZoneDefense together with the SMTP ALG should therefore be used principally for
blocking local email clients.
To implement blocking, the administrator configures the ZoneDefense network range to include all
local SMTP clients. It is made sure that the SMTP-server is excluded from this range.
Tip: Exclusion can be manually configured
It is possible to manually configure certain hosts and servers to be excluded from
being blocked by adding them to the ZoneDefense Exclude List.
When a client tries to send an email infected with a virus, the virus is blocked and ZoneDefense
isolates the host from the rest of the network.
The steps to setting up ZoneDefense with the SMTP ALG are:
•
Configure the ZoneDefense switches to be used with ZoneDefense in the ZoneDefense section
of the Web Interface.
•
Set up the SMTP ALG to use Anti-Virus scanning in enabled mode.
•
Choose the ZoneDefense network in the Anti-Virus configuration of the ALG that is to be
affected by ZoneDefense when a virus is detected.
For more information about this topic refer to Chapter 12, ZoneDefense.
6.2.5.1. Anti-Spam Filtering
Unsolicited email, often referred to as Spam, has become both a major annoyance as well as a
security issue on the public Internet. Unsolicited email, sent out in massive quantities by groups
known as spammers, can waste resources, transport malware as well as try to direct the reader to
webpages which might exploit browser vulnerabilities.
Integral to the NetDefendOS SMTP ALG is a spam module that provides the ability to apply spam
filtering to incoming email as it passes through the NetDefend Firewall on its way to a local SMTP
email server. Filtering is done based on the email's origin. This approach can significantly reduce
the burden of such email in the mailboxes of users behind the NetDefend Firewall.
NetDefendOS offers two approaches to handling spam:
6.2.5. The SMTP ALG
Chapter 6. Security Mechanisms
262
Summary of Contents for NetDefend DFL-260E
Page 27: ...1 3 NetDefendOS State Engine Packet Flow Chapter 1 NetDefendOS Overview 27...
Page 79: ...2 7 3 Restore to Factory Defaults Chapter 2 Management and Maintenance 79...
Page 146: ...3 9 DNS Chapter 3 Fundamentals 146...
Page 227: ...4 7 5 Advanced Settings for Transparent Mode Chapter 4 Routing 227...
Page 241: ...5 4 IP Pools Chapter 5 DHCP Services 241...
Page 339: ...6 7 Blacklisting Hosts and Networks Chapter 6 Security Mechanisms 339...
Page 360: ...7 4 7 SAT and FwdFast Rules Chapter 7 Address Translation 360...
Page 382: ...8 3 Customizing HTML Pages Chapter 8 User Authentication 382...
Page 386: ...The TLS ALG 9 1 5 The TLS Alternative for VPN Chapter 9 VPN 386...
Page 439: ...Figure 9 3 PPTP Client Usage 9 5 4 PPTP L2TP Clients Chapter 9 VPN 439...
Page 450: ...9 7 6 Specific Symptoms Chapter 9 VPN 450...
Page 488: ...10 4 6 Setting Up SLB_SAT Rules Chapter 10 Traffic Management 488...
Page 503: ...11 6 HA Advanced Settings Chapter 11 High Availability 503...
Page 510: ...12 3 5 Limitations Chapter 12 ZoneDefense 510...
Page 533: ...13 9 Miscellaneous Settings Chapter 13 Advanced Settings 533...