McAfee MAP-3300-SWG Product Guide - Page 95
Recipient Checks, Directory harvest prevention, Table 72, Option definitions
UPC - 731944547008
View all McAfee MAP-3300-SWG manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 95 highlights
Overview of Email features Email Configuration Recipient Checks Use this section to prevent directory-harvest attacks and attacks that issue large numbers of email messages (known as flooding). You can provide the appliance with a list of permitted recipients. Your network might already have this information on its LDAP servers. Alternatively, you can import a list of email addresses from a text file. Table 72 Option definitions Option Definition Protocol preset Specifies the policy (and network group) to which these settings apply. If the recipient is not in When selected, checks the recipient address against email addresses in the list. the following list Email address Lists the acceptable email addresses. You can use wildcards, for example: user*@example.com. We recommend that you do not overuse wildcards, because you will defeat the intention. Or if the recipient is not When selected, checks the recipient address against email addresses in the listed in LDAP LDAP. To connect to an LDAP server, select System | Users, Groups and Services | Directory Services on the navigation bar. Take the following action • Accept and ignore the recipient - Accepts the email message and ignores it. The appliance sends an acceptance code (SMTP 250 OK). We do not recommend this option because it suggests to the sender that the message was received as intended. • Reject - Sends a rejection code (SMTP 550 Fail). We recommend this option because the sender is normally informed that the message was not accepted. Directory harvest prevention Use this section to prevent directory harvest attacks. The appliance examines the number of known and unknown email addresses to determine whether an attack is taking place. When used with some email servers, Directory Harvest Prevention might not function as expected. Table 73 Option definitions Option Protocol preset When the appliance is in transparent mode Definition Specifies the policy (and network group) to which these settings apply. • None - Takes no action. • Tarpit - Delays a response to email that has several recipient addresses. • Tarpit then deny connection - Delays a response to the email, then adds the sender to the Denied Connections list. • Deny connection - Adds the sender to the Denied Connections list. Default value is Deny connection. When the appliance is in proxy mode • None - takes no action. • Deny connection - adds the sender to the Denied Connections list. Default value is Deny connection. McAfee Email and Web Security Appliances 5.6.0 Product Guide 95