Multi Gateway Policy Routing | Surf Control 5.2.4 manual

5

RISKFILTER SYSTEM MANAGEMENT CONSOLE

The System Tab

MULTI GATEWAY POLICY ROUTING

This module sets up dynamic routing to preserve ipv4 source addresses.

Caution: This should only be used if you are using NAT on your mail servers to forward mail to RiskFilter.

Multi Gateway Policy Routng enables you to override the default gateway setting in your routing table. Connections forwarded to RiskFilter will have their packets routed back through the source's configured gateway. This is needed if these connections are from multiple mail servers which do not perfom SNAT packet modifications. With this enabled, RiskFilter is able to see the original source of a forwarded connection and route packets back through this gateway.

Multi-Gateway Policy Routing must have mail server(s) that support iptables, so that emails can be relayed to RiskFilter before being forwarded.

To set up Multi Gateway Policy Routing:

1Select Multi Gateway Policy Routing in the System tab.

Figure 5 - 7 The Multi-Gateway Policy Routing screen

2Select an Interface from the drop-down list box.

3Enter the MAC address of the Gateway into the Ethernet (MAC) address field.

4Enter the IP address of the Gateway into the IP Address field.

5Click Add.

Note: To test RiskFilter, run this command on the mail server:

iptables -A PREROUTING -t nat -p tcp -m tcp ! -s RF-IP --dport 25 -j DNAT. To use this feature, you MUST run this command on the mail server.

140 Administrator’s Guide

SurfControl RiskFilter - E-mail V5.2.4

Image 145

Surf Control 5.2.4 manual Select Multi Gateway Policy Routing in the System tab

Contents

SurfControl RiskFilter E-mail Contents Policy Manager Riskfilter System Management Console Appendix Chapter Managing Your Messages with Riskfilter HOW Riskfilter Works Control ConnectionRelay Control Mail Exchanger IP Address MX Preference Load Balancing with Riskfilter Load balancing with RiskFilter Riskfilter System Management Console Launching Surfcontrol RiskfilterHttps//hostnameoripaddress10000 Https//hostnameoripaddress/admin Riskfilter Management Console AdministratorOpening the RiskFilter Management Console Before YOU Start System Settings What can be Configured in the System Settings TAB? System Settings TABTerminology Used Select General Configuration from the System Settings tab ConfigurationGeneral Postmaster e-mail address Admin Console Other SettingsSession Timeout Smtp greeting Editing User Directories User Directories Open the User Directories screen Deleting a User Directory Click Add in the User Directories screen Microsoft Active Directory Select IBM Ldap Server IBM Ldap server Click Add in the User Directories screen Select Generic Ldap Generic Ldap Esmtp Server Information Validation settings Local Database Recipient File To add a local database Click Add Secure Proxy Select General Secure Proxy from the System Settings tabLocal Database Add/Edit Address screen is displayed Select Enable Webmail Proxy Select Enable POP3 ProxySelect Enable Imap Proxy Select General Directories from the System Settings tab Setting up the storage directoriesLogs and Archives Notifications Certificate Importing Certificates Select General Certificate from the System Settings tabExporting Certificates Certificate Signing Request Connection Settings Receive SettingsConnection Control Allow Access List Smtp Greeting Delay 16 The Directory Attack Control screen Directory Attack Control Relay Control SPF Authentication ConfigurationControlling relaying of messages Allowing relaying to specific domains Relay for Internal Senders Adding details of domains Recipient ValidationAdd validation servers 19 The Message Control screen Message Control 20 Set what action is taken on messages Exception Control To configure exception control Adding an IP or subnet address to the blacklist Black List Adding domain or e-mail addresses to the blacklist Importing and exporting Lists Adding an IP or subnet address to the White List White ListDynamic White List Receive Settings Setting up the destination domains Send SettingsDOMAIN-BASED Delivery Delivering the messages Select Forward mail to the following Smtp servers Using TLS authentication Transport Layer Security Advanced Delivery Traffic Control Send Settings Account Manager User Management Specifying Administrator Access Changing the Administrator Account Password Setting up Administrator Access Personal E-MAIL Manager Editing Administrator AccountsSelect Account Manager from the User Management menu Setting up the PEM message 31 What the user sees Personal E-mail Manager Exporting lists of users Adding usersImporting lists of users Setting up End User Control End-user Bypass Anti-Spam SettingEND-USER Control User List Authenticating PEM users User Authentication Authenticating remote users Update NOW License & Updates AVA and ASA License Expired Updating your Anti-Spam Agent Definitions Select the Anti-Virus Agent Update check box Scheduled UpdateUpdating the Anti-Virus Agent License Status Select the Anti-Spam Agent Update check boxUpdating the Anti-Spam Agent Updating Component Licenses Manually setting up a license server Update ServerViewing component licenses User Number Exceeded License Server Select Help Contact Support from the System Settings tab Admin Guide Contact SupportHelp Submitting a Support Request Configuration Wizard Firstboot Wizard KEY Points Key Points Policy Manager Policy Manager TAB What can be Configured in the Policy Manager TAB? Defining Users Creating a PolicyDefining the Action Global Policy Filter List Defining the Rules Importing and Exporting Lists Address Group Deleting Address Groups Adding Queues Queue Manager Select Queue Manager from the Policy Manager tab Editing a Queue Surfcontrol Dictionaries Dictionary ManagerEditing SurfControl Dictionary properties Adding words to the SurfControl Dictionaries Changing the value of words in the SurfControl DictionariesDeleting a word or phrase Create a new dictionary Custom Dictionaries Importing a SurfControl Dictionary Pack Importing Dictionaries Worthlesstab space15 balancetab space10 Creating a unicode text file Exporting a dictionary Importing a unicode text fileSelect Import from a Unicode text file Creating a NEW SUB-POLICY Global Policy 15 Enter the details of the new Sub-policy Select Global Policy from the Policy Manager tab Deleting a SUB-POLICY Editing a SUB-POLICYAdding Filters to the Policy 18 The Global Policy Filter List screen Defining a Filter Creating a new filter ANTI-VIRUS Agent FilterEditing the Anti-Virus Agent Filter Select Global Policy Filters from the Policy Manager tab Global Policy Select Anti-Spam Agent DFP ANTI-SPAM Agent Filters Select Anti-Spam Agent Heuristics Configuring the Anti-Spam Agent Heuristics Filter Select Anti-Spam Agent LexiRules Configuring the Anti-Spam Agent LexiRules Filter 23 The Internet Threat Database Filter screen Internet Threat Database Filter Editing the Internet Threat Database Filter Standard DisclaimerSelect the Internet Threat Database Filter and click Next Select the Standard Disclaimer Filter Editing the Standard Disclaimer Filter Editing the General Content Filter General Content FilterSelect the General Content Filter and click Next Editing the Advanced Content Filter Advanced Content FilterSelect the Advanced Content Filter and click Next 27 The Expression screen Using the Expression List Using Logical Operators RiskFilter and Gateway and Innovation Examples showing the use of OperandsRiskFilter or Gateway or Innovation Occur gateway Assume Frequency =2 28 Message Attachment Filter screen Message Attachment Filter Select the Message Attachment Filter and click Next Editing the Message Attachment Filter Creating a new Content Guardian filter Content GuardianSelect the Internet Content Guardian Filter and click Next Adding a filtering rule Deleting a filtering rule Dictionary Threshold FilterHow the Dictionary Threshold Filter works Select the Dictionary Threshold Filter and click Next Configuring the Dictionary Threshold Filter Global Policy KEY Points Key Points Reports & Logs Reports and Logs TAB What can be Configured in the Reports and Logs TAB? Server status monitoring Dashboard Querying the Master Report Master ReportSelect Master Report from the Reports and Logs tab Select Specified date range from the Logs for list box Master Report Querying the Message Report Message Report Querying the Policy Report Policy Report Querying the Virus Report Virus Report Querying the Spam Report Spam Report Querying the Connection Report Connection Report Connection Report System Report Managing Isolated Messages Isolated MessagesSelect Isolated Messages from the Reports and Logs tab Click View Messages Isolated Messages Managing the Virus Messages Virus MessagesSelect Virus Messages from the Reports and Logs tab 14 An Archived message Managing Spam Messages Spam MessagesSelect Spam Messages from the Reports and Logs tab To view a message click the subject Managing Archived Messages Archived MessagesSelect Archived Messages from the Reports and Logs tab Export Messages View Messages Reprocess MessagesClick Reprocess Messages 19 Select the check box alongside the message Querying Deferred Messages Deferred MessagesSelect Deferred Messages from the Reports and Logs tab 22 An Archived message KEY Points Key Points RiskFilter System Management Console Overview What can be Configured with the System Management CONSOLE? Rfmngr Account Accessing the Riskfilter System Management Console Webmin TAB What can be Configured in the Webmin TAB? IP access control Webmin ConfigurationSelect Webmin Configuration from the Webmin tab Webmin Actions LOG Select Logging from the Webmin Configuration screen Select Language from the Webmin Configuration screenLanguage Ports and Addresses Proxy Servers Webmin Servers IndexAdding Webmin Servers Select Webmin Servers Index in the Webmin System TAB What can be Configured in the System TAB? Change Passwords Bootup and ShutdownSelect Change Passwords in the System tab Historic System Statistics Select Multi Gateway Policy Routing in the System tab Multi Gateway Policy Routing Network Interfaces Network Configuration Setting up additional NICs Multi-NIC configuration in RiskFilterEnter an IP Address Routing and Gateways 11 The Create Bootup Interface screen DNS Client Select DNS Client from the Network Configuration tab 15 Host Addresses Host Addresses System Time Running ProcessesSelect System Time in the System tab Click Sync system time System and Server Status Riskfilter TAB What can be Configured in the Riskfilter TAB? Riskfilter Backup Manager Riskfilter Services Manager Click Complete Riskfilter Cluster Wizard 25Load balancing Load balancing with RiskFilter 26 RiskFilter in a cluster set up Select Web Access Manager in the RiskFilter tab Riskfilter WEB Access Manager 28 The Update RiskFilter-E-mail screen Update Riskfilter E-MAIL KEY Points Key Points Appendix # sudo /etc/init.d/smgd status Using the Command Line Interface QTOOL.SH Clean queues Using the Command Line Interface Using the Command Line Interface Using the Command Line Interface Example 6 uninstalling the RiskFilter software UNINSTALL.SH All items were successfully uninstalled Internet Theat Database Categories Internet Threat Database CategoriesCore / Liability Categories Productivity Categories Core / Liability Categories Productivity Categories Other Special Events Index Administrator’s Guide SurfControl RiskFilter E-mail SurfControl RiskFilter E-mail Administrator’s Guide OpenSSL Sun RPC Apache Software License, Version Expat XML Parser Toolkit SPFJava Ldap