Incoming Mail Configurations

slicciardola · ‎06-07-2017

Hi all,

i am going to setup a new ESA environment.

Just for beginning the customer wants to have ONLY the reputational service and after a month activate (licensing is already full) other modules, antispam and antivirus.

The question is:

can i make 2 incoming mail policies, the 1 with all disabled except SRBS scoring and reputational engine and number 2 with all other modules.

What if i make this with order 1 (all disabled) and order 2?

Do all the emails ONLY match the FIRST mail policy on the first row and ignore the second?

Thanks in advance for any support

Libin Varghese · ‎06-07-2017

Hi,

Senderbase check is linked with the anti-spam license, so you would not be able to use senderbase unless the anti-spam license is active.

Senderbase check happens at the connection level under HAT, incoming mail policies are further down the line after HAT.

You can enable/disable features like anti-spam, anti-virus, AMP, graymail, content filters and outbreak filters using incoming mail policies.

There is a default incoming mail policy already present, so you would just need to add one incoming mail policy if you wish to disable certain features for certain users.

Thank You!

Libin Varghese

slicciardola · ‎06-07-2017

Hi Libin

all licenses are up and running.

What i have to achieve is to start with only reputational service and then after a month with a full profile.

I don't have to enable features per user but for all users in my mail domain.

So i would like to know if i have 2 configs and in the order the 1 is the one with only reputational service active, the 2 with all features is "dormant"? all incoming emails will try to match ONLY the first one?

Thanks in advance

Libin Varghese · ‎06-08-2017

Hi,

One config sholud be sufficient. As senderbase check happens at HAT and all other scanning engines at incoming mail policies, you would just need to have anti-spam, anti-virus, AMP, graymail, content filters and outbreak filters are disabled for the default incoming mail policy.

When a server connects to the ESA to send an email, its reputation would be checked as per configuration under HAT Overview. Once the connection is accepted, the default incoming mail policy would match all incoming emails and deliver it forward. The default incoming mail policy would match for all incoming emails even though it won't perform any of the scanning which we disabled earlier.

- Libin V

slicciardola · ‎06-08-2017

One config is sufficient if you plan to stay on that one.

But i am going to change it in a near future, so, if i have 2, what about an email that is coming? which one of the 2 will use and match?

Libin Varghese · ‎06-08-2017

An incoming email would match incoming mail policies based on the mail-from, rcpt-to, from, to and reply-to headers. Senderbase is not checked on matching incoming mail policies.

Based on the sender recipient addresses, the two policies would be matched.

- Libin V

slicciardola · ‎06-08-2017

ok, so i can take the second one with "wrong" recipients and it will be as a sort of "disabled", isn't it?

Libin Varghese · ‎06-08-2017

Would be.

However, if you have LDAP integrated with RAT (Recipient Access Table) the email would not reach the incoming mail policies.

Would be as good as disabled if recipients are invalid in the mail policy.

Do note that incoming mail policies are matched top down for mail-from and rcpt-to.

- Libin V

Incoming Mail Configurations

Re: Block incoming Calls based off of ANI. (incoming or originating ph

SecureX Orchestration: Send Mail の設定例 : Gmail 利用時

Message Filter to filter based on Incoming Mail Policy

Configure Mail Relay Host for Email Notifications on FMC

CUCM mail notification