Technote (FAQ)
Question
Can you use the IP based Spam detection methods if your appliance is configured behind another SMTP gateway?
This information applies to:
Proventia Network Mail Security (1.6 and above)
Lotus Protector for Mail Security (2.1 and above)
Answer
If the appliance sits behind another gateway it is unnecessary to use DNSBL and Dynamic Host Reputation on the SMTP level (it might cause the gateway that has already accepted the messages to get into trouble).
Therefore, it is necessary to use DNSBL on the policy level. Create an Analysis Module of the type Spam DNSBL Check and use this in the Spam detection rules.
Policy Object:
Quarantine Spam rule with ‘Spam DNSBL’ enabled:
For the Dynamic Host Reputation, it is necessary to set the Rejected Host Handling to Tag (at ‘SMTP | Configuration | Receiving SMTP | Dynamic Host Reputation Filter’) and to create an Analysis Module that checks for the existence of this tag. Message Field Check > Field Name = 'X-MSHostReputation' > Expression = . > Match Mode = Literal String Search. This Analysis Module also has to be added to the Spam detection rules.
Rejected Host Handling for Dynamic Host Reputation:
Message Field Check for 'X-MSHostReputation':
Quarantine Spam rule with ‘Dynamic Host Reputation tag’ enabled:
To insure the appliance ignores the IP addresses of the gateway, it is necessary to add the IP addresses of all gateways as border IP addresses.
Mail Security > Policy > Advanced Parameters > new option > Name = host_reputation.border_ips > Value = String = A semicolon separated list of IP addresses.
Specify Border IPs:
If the above information does not resolve your issue, please contact IBM Security Systems Technical Support.
| Segment | Product | Component | Platform | Version | Edition |
|---|---|---|---|---|---|
| Security | Lotus Protector for Mail Security | Not Applicable | Platform Independent | 2.8, 2.5.1, 2.5, 2.1, 1.6 | All Editions |
Historical Number
5135
Product Alias/Synonym
Lotus Protector for Mail Security
Proventia Network Mail Security
Rate this page:
Copyright and trademark information
IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.