1.5 Basic security rules

After installation, successful license activation and basic configuration MetaDefender Email Gateway Security is ready to be used.

However, MetaDefender Email Gateway Security blocks all emails by default. To allow both inbound and outbound email traffic some basic security rule configuration is needed.

The basic security rules created in this chapter may be too permissive and may not be suitable for production deployments.

Prerequisites

The following information is needed to create the basic security rules:

  1. SMTP type server profile containing the email gateway (see 1.4 Creating relay and notification SMTP server profile)

  2. SMTP type server profile containing the mail server (see 1.4 Creating relay and notification SMTP server profile)

  3. MetaDefender Core type server profile containing the Core (see 1.3 Creating MetaDefender Core server profile)

  4. Internal email addresses (email address or QRegExp pattern; may be restricted to organization internal addresses only, or allow any email address)

  5. External email addresses (email address or QRegExp pattern)

Configuration

To allow both inbound and outbound email traffic go to Policy > Security rules and create the following two basic security rules.

In the examples below we assume that

  • The email gateway IP address is 10.0.0.1 and the SMTP type server profile GateWayRelayProfile contains it,

  • The mail server IP address is 10.0.0.9 and the SMTP type server profile MailServerRelayProfile contains it,

  • Both are on the same /24 subnet.

  • The Core server is configured in the MetaDefender Core type serve profile CoreProfile.

Inbound

Properties not listed in the table below may be left on their default values (if they have, e.g. settings on ACTIONS or ADVANCED tabs) or filled according to the organizational policies (e.g. USE TLS).

Tab

 

FILTER

SCAN

RELAY

Field

DIRECTION

SENDER IP ADDRESS

SENDER DOMAIN OR ADDRESS

RECIPIENT DOMAIN OR ADDRESS

METADEFENDER CORE

FORWARD PROCESSED EMAILS TO

Value

INBOUND

Email gateway IP address

External email addresses

Internal email addresses

MetaDefender Core type server profile containing the Core

SMTP type server profile containing the mail server

Examples

INBOUND

  1. 10.0.0.1

  2. 10.0.0.0/24

  1. .+@example.com (example.com emails only)

  2. test@example.com (this single sender only)

  1. .+@.+ (any email recipient)

  2. .+@opswat.com (opswat.com emails only)

  3. mengineer@opswat.com (this single recipient only)

CoreProfile

MailServerRelayProfile

Outbound

Properties not listed in the table below may be left on their default values (if they have, e.g. settings on ACTIONS or ADVANCED tabs) or filled according to the organizational policies (e.g. USE TLS).

Tab

 

FILTER

SCAN

RELAY

Field

DIRECTION

SENDER IP ADDRESS

SENDER DOMAIN OR ADDRESS

RECIPIENT DOMAIN OR ADDRESS

METADEFENDER CORE

FORWARD PROCESSED EMAILS TO

Value

OUTBOUND

Mail server IP address

Internal email addresses

External email addresses

MetaDefender Core type server profile containing the Core

SMTP type server profile containing the email gateway

Example

OUTBOUND

  1. 10.0.0.9

  2. 10.0.0.0/24

  1. .+@.+ (any email recipient)

  2. .+@opswat.com (opswat.com emails only)

  3. mengineer@opswat.com (this single recipient only)

.+@.+ (any email recipient)

CoreProfile

GateWayRelayProfile

For details about security rules in MetaDefender Email Gateway Security see 4.2 Security rules.