Smtp Alg Processing Order - D-Link NetDefendOS User Manual

Using Wildcards in White and Blacklists
Entries made in the white and blacklists can make use of wildcarding to have a single list entry
cover a large number of potential email addresses. The wildcard character "*" is used to represent
any sequence of characters of any length.
For instance, the list entry *@example.com can be used to specify all possible email addresses
related to the domain example.com.
To explicitly allow emails destined for my_department, add the whitelist entry
my_department@example.com and this will have precedence over the blacklist entry with the
wildcard.
Enhanced SMTP and Extensions
Enhanced SMTP (ESMTP) is defined in RFC 1869 and allows a number extensions to the standard
SMTP protocol.
When an SMTP client opens a session with an SMTP server using ESMTP, the client first sends an
EHLO command. If the server supports ESMTP it will respond with a list of the extensions that it
supports. These extensions are defined by various separate RFCs. For example, RFC 2920 defines
the SMTP Pipelining extension. Another common extension is Chunking which is defined in RFC
3030.
The NetDefendOS SMTP ALG does not support all ESMTP extensions including Pipelining and
Chunking. The ALG therefore removes any unsupported extensions from the supported
extension list that is returned to the client by an SMTP server behind the NetDefend Firewall.
When an extension is removed, a log message is generated with the text:
unsupported_extension
capability_removed
The parameter "capa=" in the log message indicates which extension the ALG removed from the
server response. For example, this parameter may appear in the log message as:
Figure 6.5. SMTP ALG Processing Order
452
Chapter 6: Security Mechanisms