Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
880
Views
0
Helpful
1
Replies

message filter - for multiple IP - do no any security check

hckim0003
Level 1
Level 1

‎03-02-2017 12:15 AM

Hello,

 

I want to do not any checks(email security) for multiple IPs.

 

=== ESA diagram====

Internet  --   MTA(Other Email Security Gateway) ---  MTA(Cisco ESA C690X) Mail Server

 

I entered [Message filter] for  do not any security check 2.2.2.0/24 and 1.1.1.1

Whitlist_1: if remote-ip == "2.2.2.0/24" {

              skip-spamcheck();

              skip-viruscheck();

              skip-ampcheck();

              skip-vofcheck();

          }

 

Whitlist_2: if remote-ip == "1.1.1.1" {

              skip-spamcheck();

              skip-viruscheck();

              skip-ampcheck();

              skip-vofcheck();

          }

I have a question.

If i want to do not any check for 300 IPs or subnets. (1.1.1.1 2.2.2.2 3.3.3.0/23 .......  5.5.5.5 7.7.7.7 ......  200.1.1.0/24 ......)

Do I need to type the following grammar 300 times?

Or Is there a way to shorten it?

Please advice.

Thank you.

Labels:
0 Helpful
1 Reply 1

Libin Varghese
Cisco Employee
Cisco Employee

‎03-02-2017 05:01 AM

Hi

Adding the condition 300 times would be one way of doing it.

Alternatively you could add all IP's to a single sendergroup under Mail Policies -> HAT Overview and then use the message filter condition

if (sendergroup == "NameOfSenderGroup")

The remote-IP condition currently does not support using a dictionary or another form of list so using a sendergroup could be a viable workaround.

Thank You!

Libin Varghese

0 Helpful
Customers Also Viewed These Support Documents