D-Link DFL-260-IPS-12 Product Manual - Page 255
The Ordering for SMTP Filtering, Appendix C, Verified, MIME filetypes, The HTTP ALG
View all D-Link DFL-260-IPS-12 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 255 highlights
6.2.5. The SMTP ALG Chapter 6. Security Mechanisms Email address blacklisting Email address whitelisting Verify MIME type Block/Allow filetype Anti-Virus scanning The administrator should therefore add a reasonable margin above the anticipated email size when setting this limit. A blacklist of sender or recipient email addresses can be specified so that mail from/to those addresses is blocked. The blacklist is applied after the whitelist so that if an address matches a whitelist entry it is not then checked against the blacklist. A whitelist of email addresses can be specified so that any mail from/to those addresses is allowed to pass through the ALG regardless if the address is on the blacklist or that the mail has been flagged as Spam. The content of an attached file can be checked to see if it agrees with its stated filetype. A list of all filetypes that are verified in this way can be found in Appendix C, Verified MIME filetypes. This same option is also available in the HTTP ALG and a fuller description of how it works can be found in Section 6.2.2, "The HTTP ALG". Filetypes from a predefined list can optionally be blocked or allowed as mail attachments and new filetypes can be added to the list. This same option is also available in the HTTP ALG and a fuller description of how it works can be found in Section 6.2.2, "The HTTP ALG". This same option is also available in the HTTP ALG and a fuller description of how it works can be found in Section 6.2.2, "The HTTP ALG". The NetDefendOS Anti-Virus subsystem can scan email attachments searching for malicious code. Suspect files can be dropped or just logged. This feature is common to a number of ALGs and is described fully in Section 6.4, "Anti-Virus Scanning". The Ordering for SMTP Filtering SMTP filtering obeys the following processing order and is similar to the order followed by the HTTP ALG except for the addition of Spam filtering: 1. Whitelist. 2. Blacklist. 3. Spam filtering (if enabled). 4. Anti-virus scanning (if enabled). As described above, if an address is found on the whitelist then it will not be blocked if it also found on the blacklist. Spam filtering, if it is enabled, is still applied to whitelisted addresses but emails flagged as Spam will not be tagged nor dropped, only logged. Anti-virus scanning, if it is enabled, is always applied, even though an email's address is whitelisted. Notice that either an email's sender or receiver address can be the basis for blocking by one of the first two filtering stages. 255