Symantec 10744983 Administration Guide - Page 107
Managing Email Firewall policies, Configuring attack recognition
UPC - 037648279321
View all Symantec 10744983 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 107 highlights
Configuring email filtering 107 Managing Email Firewall policies To set compliance policy order 1 In the Control Center, click Policies > Compliance. 2 Check the box next to a compliance policy. 3 Click Move Up or Move Down. Enabling and disabling compliance policies On the Content Compliance Policies page, the Enabled column indicates one of the following policy statuses: ■ Enabled, indicated by a green check ■ Disabled, indicated by a red x. To enable this policy, check it and click Enable. To enable or disable a compliance policy 1 In the Control Center, click Policies > Compliance. 2 Check the box next to a compliance policy. 3 Click Enable or Disable. Managing Email Firewall policies Symantec Mail Security can detect patterns in incoming messages to thwart certain types of spam and virus attacks. You can block and allow messages based on email addresses, domains, or IP address. Messages can be checked against Open Proxy Senders, Suspected Spammers, and Safe Senders lists maintained by Symantec. Sender authentication provides a way to block forged email. Configuring attack recognition Symantec Mail Security can detect the following types of attacks originating from a single SMTP server (IP address): Directory harvest attacks Spam attack Spammers employ directory harvest attacks to find valid email addresses at the target site. A directory harvest attack works by sending a large quantity of possible email addresses to a site. An unprotected mail server will simply reject messages sent to invalid addresses, so spammers can tell which email addresses are valid by checking the rejected messages against the original list. By default, connections received from violating senders are deferred. A specified quantity of spam messages has been received from a particular IP address. By default, connections received from violating senders are deferred.