Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1279
Views
0
Helpful
1
Replies

Block specific IPs from sending outside local domain

Greg Dickinson
Level 1
Level 1

‎11-01-2017 03:37 PM - edited ‎03-08-2019 07:27 PM

I have a task to configure our ESA to prevent our network scanners from sending email outside our local domain.  Is there an easy way to specify a list of IP addresses (or hostnames), and then only allow those IPs to send email to [something]@localdomain.com?

Labels:
0 Helpful
1 Reply 1

Libin Varghese
Cisco Employee
Cisco Employee

‎11-01-2017 07:46 PM

Hi,

 

You could add a sendergroup under Mail Policies -> HAT Overview with the IP's and hostnames you would like to limit to the local domain and then add a message filter to look at the recipient domain.

 

Local_Domain:

if (sendergroup == "NameOfSendergroup") AND (rcpt-to != "@localdomain.com")

{

log-entry("Sender IP not allowed to send to this domain");

quarantine("Policy");

}

 

The filter would quarantine any email from the added IP's which are not intended for the mentioned local domain.

 

It is recommended you test the filter before bringing it into production to ensure it matches your requirement.

 

Regards,

Libin Varghese

0 Helpful
Customers Also Viewed These Support Documents