C. Create a custom Service for IMAP:
Command-Line Interface
gw-world:/> add Service ServiceTCPUDP my_imap_service
D. Add an IPPolicy to allow IMAP traffic and associate the profile with it:
gw-world:/> add IPPolicy SourceInterface=lan
Web Interface
A. Create an EmailProfile object for filtering the mail:
1.
Go to: Policies > Firewalling > Email Control > Add > Email Control Profile
2.
Now enter:
•
Name: my_email_profile
•
Anti-Spam: Enable
•
Domain Verfication Score: 5
•
Malicious Link Protection Score: 5
•
DNS Blacklists: Enable
•
Blacklist 1: zen.spaumhaus.org
•
Tag Subject Text: *** Probably SPAM ***
3.
Select OK
B. Add an EmailFilter object to the profile for whitelisting:
1.
Go to: Policies > Firewalling > Email Control
2.
Select my_email_profile
3.
Select Whitelist/Blacklist
4.
Select Add > Email Filter
5.
Now enter:
•
Action: Whitelist
•
Source Type: Email Address
Type=TCP
DestinationPorts=143
Protocol=IMAP
SourceNetwork=lan_net
DestinationInterface=dmz
DestinationNetwork=dmz_net
Service=my_imap_service
Name=lan_to_dmz
Action=Allow
EmailControl=Yes
EC_Policy=my_email_profile
533
Chapter 6: Security Mechanisms