Smtp Alg Processing Order - D-Link NetDefend DFL-210 User Manual

6.2.5. The SMTP ALG
Chapter 6. Security Mechanisms
4. Anti-virus scanning (if enabled).
As described above, if an address is found on the whitelist then it will not be blocked if it also found
on the blacklist. SPAM filtering, if it is enabled, is still applied to whitelisted addresses but emails
flagged as SPAM will not be tagged nor dropped, only logged. Anti-virus scanning, if it is enabled,
is always applied, even though an email's address is whitelisted.
Notice that either an email's sender or receiver address can be the basis for blocking by one of the
first two filtering stages.
Figure 6.3. SMTP ALG Processing Order
Using Wildcards in White and Blacklists
Entries made in the white and blacklists can make use of wildcarding to have a single entry cover a
large number of potential email addresses. The wildcard character "*" can be used to represent any
sequence of characters.
For instance, the address entry *@some_domain.com can be used to specify all possible email
addresses for some_domain.com.
If, for example, wildcarding is used in the blacklist to block all addresses for a certain company
called my_company then the blacklist address entry required could be *@my_company.com.
If we want to now explicitly allow mails for just one department called my_department in
my_company then this could be done with an entry in the whitelist of the form
my_department@my_company.com.
Enhanced SMTP and Extensions
Enhanced SMTP (ESMTP) is defined in RFC 1869 and allows a number extensions to the standard
SMTP protocol.
When an SMTP client opens a session with an SMTP server using ESMTP, the client first sends an
EHLO command. If the server supports ESMTP it will respond with a list of the extensions that it
supports. These extensions are defined by various separate RFCs. For example, RFC 2920 defines
the SMTP Pipelining extension. Another common extension is Chunking which is defined in RFC
3030.
220