The Pop3 Alg; The Pptp Alg - D-Link NetDefend DFL-210 User Manual

6.2.7. The PPTP ALG

6.2.6. The POP3 ALG

POP3 is a mail transfer protocol that differs from SMTP in that the transfer of mail is directly from a
server to a user's client software.
POP3 ALG Options
Key features of the POP3 ALG are:
Block Clear Text Authentication
Hide User
Allow Unknown Commands
Fail Mode
Verify MIME type
Block/Allow filetype
Anti-Virus Scanning
6.2.7. The PPTP ALG
Why the PPTP ALG is Needed
The PPTP ALG is provided to deal with a specific issue when PPTP tunnels are used with NAT.
Let us suppose we have two clients A and B on a protected inner network behind a NetDefend
Firewall. The firewall is connected to the external Internet and a NAT rule is defined to allow traffic
from the clients to flow to the Internet. Both clients will therefore appear to have from the same IP
address as they make connections to servers across the Internet.
One client A now establishes a PPTP tunnel to an external host C across the Internet. The tunnel
endpoints are the client and the external server. Because of the NAT IP rule, the tunnel connection
will appear to be coming from the external IP address on the firewall.
This first connection will be successful but when the second client B also tries to connect to the
Block connections between client and server that send the
username/password combination as clear text which can be
easily read (some servers may not support other methods than
this).
This option prevents the POP3 server from revealing that a
username does not exist. This prevents users from trying
different usernames until they find a valid one.
Non-standard POP3 commands not recognized by the ALG
can be allowed or disallowed.
When content scanning find bad file integrity then the file can
be allowed or disallowed.
The content of an attached file can be checked to see if it
agrees with its stated filetype. A list of all filetypes that are
verified in this way can be found in Appendix C, Verified
MIME filetypes. This same option is also available in the
HTTP ALG and a fuller description of how it works can be
found in Section 6.2.2, "The HTTP ALG".
Filetypes from a predefined list can optionally be blocked or
allowed as mail attachments and new filetypes can be added
to the list. This same option is also available in the HTTP
ALG and a fuller description of how it works can be found in
Section 6.2.2, "The HTTP ALG".
The NetDefendOS Anti-Virus subsystem can optionally scan
email attachments searching for malicious code. Suspect files
can be dropped or just logged. This feature is common to a
number of ALGs and is described fully in Section 6.4,
"Anti-Virus Scanning".
227
Chapter 6. Security Mechanisms