3.8.1 Configuring incoming threat protection

In order to and configure MetaDefender Email Gateway Security incoming threat protection, you must configure the routing of the inbound security rules.
images/download/attachments/37404464/image2017-6-28_15-37-46.png

For the examples below let us assume that the following is configured:

Asset

Property

Value

Email gateway

IP

192.168.0.10

Mail server

IP

192.168.0.20

Corporate domain (domain in inbound emails)

domain name

example.com

Routing configuration

Server profile

Under Inventory > Server profiles create an SMTP type server profile that contains the mail server(s).

Set the following:

Field

Value

Example

SERVER PROFILE TYPE

SMTP

SMTP

PROFILE NAME

Unique name for this profile

Mail server

SERVER SPECIFICATIONS

Specification of the mail server(s) in URI syntax

smtp://192.168.0.20:25

For further details about server profiles see 3.7 Server profiles.

images/download/attachments/37404464/screencapture-localhost-8058-2018-03-21-14_41_04.png

Security rules

Under Policy > Security rules add or modify inbound security rules.

Set the following:

Tab

Field

Value

Example

FILTER

SENDER IP ADDRESS

IP address of email gateway(s)

192.168.0.10

 

RECIPIENT DOMAIN OR ADDRESS

Email address(es) of potential organization internal recipients (QRegExp syntax may be used)

.+@example.com

RELAY

FORWARD PROCESSED EMAILS TO

Server profile containing the mail server(s)

Mail server

For further details about security rules see 4.2 Security rules.

images/download/attachments/37404464/screencapture-localhost-8058-2018-03-21-14_42_07.png

images/download/attachments/37404464/screencapture-localhost-8058-2018-03-21-14_42_15.png

Verify Settings

Send an email to MetaDefender Email Gateway Security's SMTP service (port 10025 by default) with a recipient with the corporate internal domain and check whether the email was handled by the proper rule and delivered to the mail server(s).