3.8.1 Configuring incoming threat protection
In order to and configure MetaDefender Email Gateway Security incoming threat protection, you must configure the routing of the inbound security rules.
For the examples below let us assume that the following is configured:
Asset |
Property |
Value |
Email gateway |
IP |
192.168.0.10 |
Mail server |
IP |
192.168.0.20 |
Corporate domain (domain in inbound emails) |
domain name |
example.com |
Routing configuration
Server profile
Under Inventory > Server profiles create an SMTP type server profile that contains the mail server(s).
Set the following:
Field |
Value |
Example |
SERVER PROFILE TYPE |
SMTP |
SMTP |
PROFILE NAME |
Unique name for this profile |
Mail server |
SERVER SPECIFICATIONS |
Specification of the mail server(s) in URI syntax |
smtp://192.168.0.20:25 |
For further details about server profiles see 3.7 Server profiles.
Security rules
Under Policy > Security rules add or modify inbound security rules.
Set the following:
Tab |
Field |
Value |
Example |
FILTER |
SENDER IP ADDRESS |
IP address of email gateway(s) |
192.168.0.10 |
|
RECIPIENT DOMAIN OR ADDRESS |
Email address(es) of potential organization internal recipients (QRegExp syntax may be used) |
.+@example.com |
RELAY |
FORWARD PROCESSED EMAILS TO |
Server profile containing the mail server(s) |
Mail server |
For further details about security rules see 4.2 Security rules.
Verify Settings
Send an email to MetaDefender Email Gateway Security's SMTP service (port 10025 by default) with a recipient with the corporate internal domain and check whether the email was handled by the proper rule and delivered to the mail server(s).