|
|
|
What can I do here?
Use this window to create or edit an SMTP resource.
|
Getting Here - Object Explorer > New > Resource > SMTP > General |
Resources are used to match content that you are looking for, and to run an action on the content.
To specify the content, wildcards and regular expressions can be used.
The Resource is triggered when a Rule includes the Resource, and a packet matches the rule. A Resource is applied per Service.
Tell me about the fields
In both the Mail Delivery section, and the Error Mail Delivery sections, specify the server to which mail is forwarded. Error mail delivery happens if the SMTP security server is unable to deliver the message within the abandon time, and Notify Sender on Error is checked.
If the server fields are empty, mail is forwarded to the server specified under default_server in $FWDIR/conf/smtp.conf. If this too is empty, then mail is forwarded to the server specified in the original mail message. If multiple servers are defined, they are tried one after the other until successful. To specify multiple mail servers, use the format {errormailserver1, errormailserver2, …}. For more detailed information, see Using Regular Expressions and Wildcards in Resources.
An MX (Mail eXchange) query is a kind of DNS resolving. The Security Gateway receives the name of a recipient (for example: fred@example.com) and asks the DNS server to resolves its MX and DNS domains, and the DNS returns the IP address. Firewall also maintain a cache to make the DNS lookup more efficient.
This is a kind of a proxy mode for SMTP, and it enables the SMTP security server to be the last among the SMTP entities handling the mail for outbound traffic. If a mail file has recipients in more than one domain, the Security Gateway will split the original message by domain.
In the Mail Delivery section, if Deliver messages using DNS/MX records is selected, MX record resolving is used to set the destination IP address of the connection.
In the Error Mail Delivery section, if Deliver messages using DNS/MX records is selected, MX record resolving will be used to set the source IP address of the connection used to send the error message. Messages are sent after the IP address is resolved.
All the resource actions, such as header rewriting and CVP, are decided according to the last rule matched. The new resolved IP address will be fetched from the MX record resolving or from the server IP address.
For mail delivery within the organization using an SMTP security server, it is recommended to use a static mail server configuration. do this by configuring Mail Deliver Server or Error Mail Delivery Server in the SMTP Resource, and unchecking the MX resolving option.
If Check Rule Base with new destination or Check Rule Base with new error destination are selected, the Rule Base will be rechecked with the new resolved IP address for mail or error mail delivery.
For example, if a user sends an email to fred@example.com, and the original connection is from Client_A to Outgoing_Mail_Server_B. The SMTP security server intercepts the email and the resource specifies Deliver messages using DNS/MX record and Check Rule Base with new destination. The SMTP security server asks the DNS server to resolve fred@example.com. The DNS server returns the IP address of Example mail server that is different to the original destination (Outgoing_Mail_Server_B). If Check Rule Base with new destination is checked, the Rule Base is rechecked to see if there is another rule that can match this mail — maybe sent Example emails should be Encrypted rather than Accepted.
Exception Track determines if an action specified in the Action 2 and CVP tabs taken as a result of a resource definition is logged. For example, if the user attempts to send a message that is too large, the tracking specified here is performed. The Rewriting Rules defined in the Acion1 tab are logged by setting the Track column in the Rule Base. This makes it possible for example to log mails that have been changed in Action2 or had viruses (CVP), while not logging Rewriting Rules.
