|
|
|
|
|
|
|
|
 |
 |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] Stopping SMTP Relay on CP FW4.1
Do you talk of eSafe Gateway for CVP Version 3.0 ? If so how do you do it ? I never saw any SMTP RELAY option in that product, it only ask for the list of internal host because it doesn't generate the same message inside processed emails depending if it's an incoming email or outgoing one... Anyway that is just one more place where you must put in all the IP address of networks you consider INSIDE the domains. At 07:48 2001-12-18 -0600, Bob Michael wrote: >Hi, > >I've been looking for the solution of the relay problem, and I've found that >eSafe (http://www.checkpoint.com/opsec/partners/aladdin.html) has a >workaround: you can run (antirelay) SMTP gateway on top of the CVP scanner. >It is according to their technical support. I'm planning to try this >solution as soon as I manage to free up some time. > >Bob > >>> >Yves Belle-Isle <[email protected]> wrote on 14-12-2001 20:06 >>> > >>> > >>> >You have to block SMTP relaying on on the FW-1 in a >>> >SMTP Security ressource because by default the FW-1 >>> >SMTP Security server is wide open to SMTP relaying. >>> > >>> >Use objects/rules like this: >>> > >>> > First: Name: SMTP-Reject_dest >>> > Comment: Reject common redirection characters >>> > Exception Track: Log >>> > Notify Sender On Error >>> > Match Recipient: *{*%*,*!*}* >>> > Strip MIME of type: >>> > Don't Accept Mail Larger Than 999999 KB >>> > CVP Server Anti_Virus >>> > CVP Read/Write >>> > Allowed Chars: 8-bit >>> > >>> > Second: Name: SMTP-RCV >>> > Comment: Receive email for our domains >>> > Exception Track: Log >>> > Notify Sender On Error >>> > Match Recipient: {*@ourdomain_1.com,...,*@ourdomain_N.com} >>> > Strip MIME of type: >>> > Don't Accept Mail Larger Than 999999 KB >>> > CVP Server Anti_Virus >>> > CVP Read/Write >>> > Allowed Chars: 8-bit >>> > >>> >With the two following roules: >>> > >>> >Source Destination Service Action Track Comment >>> >any our_SMTP_Server smtp -> SMTP-Reject_dest Reject Long EMAIL with redirect characters >>> >any our_SMTP_Server smtp -> SMTP-RCV Accept Long EMAIL for our domains >>> > >>> >All other incoming traffic is dropped by the catch all rule. >>> > >>> >If we put only the second rule with nothing in the Match Recepient, >>> >anyone can do SMTP relay thru our FW-1 Security server ! >>> > ------------------------------------------------------------ Yves Belle-Isle V.P. VE2YBI YB17 Email: [email protected] Responsable des Systemes Tel:Sogi Informatique Ltee. Fax:------------------------------------------------------------ ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= If you have any questions on how to change your subscription options, email Ron Alcatraz at: [email protected] =================================================
|
||||||||||
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
