04-22-2014 07:12 AM
HI
I have two organizational unit in which some users resides in it and I want them to allow 20 mb for one organizational unit and 10 mb for another organizational unit of mail to be downloaded.Can this be achieved in IRONPORT email security .
Thanks
Mathew
Solved! Go to Solution.
04-22-2014 08:21 PM
Matthew,
Assuming for inbound mail , I think you can solve this problem by
1. Set default "accepted" mail flow policy message size limit at 20 M
2. create a incoming mail policy with a LDAP Group Query specifying a LDAP "Recipient" group for OU
3. Create a content filter, condition " Message Size", Message Size is less than or equal to ____youdothemath _____Bytes. Action of drop/quarantine/notify?
4. Apply content filter to your incoming mail policy in step 2.
04-22-2014 12:02 PM
Mail Policies -> Mail Flow Policies -> Policy is where the message size would be set and allowed through the appliance. You could create new (or alter exisiting) mail flow policy/policies to meet your size expectations. After that - adding a Sender Group (Mail Policies -> HAT Overview) and placing the sender(s) into those groups allow those users to be matched to the mail flow policy you need.
Senders can be added to Sender Group with the following limitations:
The following formats are allowed:
IPv6 addresses such as 2001:420:80:1::5
IPv6 subnets such as 2001:db8::/32
IPv4 addresses such as 10.1.1.0
IPv4 subnets such as 10.1.1.0/24 or 10.2.3.1
IPv4 and IPv6 address ranges such as 10.1.1.10-20, 10.1.1-5 or 2001::2-2001::10.
Hostnames such as example.com.
Partial hostnames such as .example.com.
Please see the 8.0.1 User Guide, Defining Which Hosts Are Allowed to Connect Using the Host Access Table (HAT), for further detailed information and assistance.
http://www.cisco.com/c/dam/en/us/td/docs/security/esa/esa8-0/user_guide/ESA_8-0-1_User_Guide.pdf
I hope this helps!
-Robert
(*If you have received the answer to your original question, and found this helpful/correct - please mark the question as answered, and be sure to leave a rating to reflect!)
04-22-2014 08:21 PM
Matthew,
Assuming for inbound mail , I think you can solve this problem by
1. Set default "accepted" mail flow policy message size limit at 20 M
2. create a incoming mail policy with a LDAP Group Query specifying a LDAP "Recipient" group for OU
3. Create a content filter, condition " Message Size", Message Size is less than or equal to ____youdothemath _____Bytes. Action of drop/quarantine/notify?
4. Apply content filter to your incoming mail policy in step 2.
05-01-2014 11:43 PM
Hi
I enabled group query in LDAP profile and created a new incoming policy in which we selected the specific group and addedd the conditon of the attachment and permitted it
Its working Thanks for the idea.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide