Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1288
Views
1
Helpful
7
Replies

Outgoing policy

The-Messenger
Level 1
Level 1

‎12-30-2010 07:55 AM

I'm thinking of creating a second outlgoing mailflow policy for development servers that send e

mail.  Currently we do this through Exchange Hub Transport server but it seems to me that I could

control and secure this activity with the ironport - plus remove and pull on resources from the exchange server.  My plan was to create a new outgoing policy, a new sender group, start with default settings, then lock it down some.

I created the new sender group no problem here.  Then I created a new outbound mail policy under the mailflow policies menu.   I saved the policy, but I can't find it to select it for the sender group.  I know the policy is there because I tried to create it again, thinking maybe I didn't confirm the changes, but I couldn't create it again as the policy already existed.  Where is this policy now?  Shouldn't it be in the list below with other outbound policies?

Thanks for the help!!

outbound.JPG

Labels:
0 Helpful
7 Replies 7

jgandla
Cisco Employee
Cisco Employee

‎12-30-2010 09:15 AM

Greetings,

Did you create the new mail flow policy under the outbound listener? You can select the mail flow policy in a sendergroup only if it is created in the appropriate listener settings. From the screenshot you sent, it appears that there are only two mail flow policies under Outbound Listener which are "BLOCKED" and "RELAYED".

Regards,

Jyothi Gandla

Customer Support Engineer

0 Helpful

The-Messenger
Level 1
Level 1
In response to jgandla

‎12-30-2010 09:33 AM

Sorry, I'm a newby with this system...

I'm not sure what I did now, when I went through the process to document my steps then the policy is displayed on the screen that I pasted.

So, if "relay" is the default setting, when would "Accept" be appropriate?

0 Helpful

Christopher Smith
Level 4
Level 4
In response to The-Messenger

‎12-30-2010 09:57 AM

HI,

The Relay policy behavior should relayed. This is the one policy you do not typically change the behavior for.

Christopher C Smith
CSE

Cisco IronPort Customer Support 

0 Helpful

The-Messenger
Level 1
Level 1
In response to Christopher Smith

‎12-30-2010 10:07 AM

I realize I'm jumping all over here with a single discussion...  looking at the outgoing policy, what are some

good settings to consider when trying lock things a little.

0 Helpful

Christopher Smith
Level 4
Level 4
In response to The-Messenger

‎12-30-2010 12:40 PM

HI,

You may want to clarify what you mean by locking. Typically the only hosts allowed to relay outbound would be those that are specified in the relaylist sendergroup. One thing you may find helpful if this is an early or initial set up is the online documentation. If you click on help in the upper right hand corner of the GUI then select online help, it will give you help for the screen your on. It will also allow you to search the users guide and advanced users guide.  In addition there are a great number of knowledge base articles available online that cover best practices as well as many other topics.

http://www.ironport.com/support/vod1.html

http://www.cisco.com/web/ironport/index.html

Christopher C Smith

CSE

Cisco IronPort Customer Support

0 Helpful

The-Messenger
Level 1
Level 1
In response to Christopher Smith

‎12-30-2010 12:45 PM

Thank you. This isn't an initial setup, just one that I've inherited. For normal operations the Ironport is working great. I am interested in using the Ironport to manage relays from our development group and with that I would like to tighten the security a little bit. This is why I wanted to create new policies, Exchange company email would work as currently configured but I would relay the dev servers through a different policy.

So, I'm learning the system as I go and wondering if I can do more with it.

Thanks for the help

Christopher Smith
Level 4
Level 4
In response to The-Messenger

‎12-31-2010 04:43 PM

Hi,

I think I understand what your looking for now.  The systems that are allowed to relay outbound would be specified in the relaylist sender group as we mentioned before. That would ensure that only those systems can relay traffic out through the appliance. As for specific users you could use policies. In this case we would be talking about outgoing mail polices. By default there is a default policy however you can add additional polices.  The policies allow you to specify what users are a member of the policy. They also allow you to select specific filters that be turned on or off for the policy. Depending on what type of restriction you want to put in place it may be as simple as creating a policy and adding specific senders to that policy which has specific filters defined that determine your restrictions.  For example you could have a policy that users Joe, Frank and John are members of. This policy could have a filter assigned to it that does not allow message outbound to gmail.   There are of course other things you can do with filters and policies, however if your looking to do something like rate limiting that is typically handled by the Mail Flow Polices and those are typically limited to applying actions to a host and not a user. If I knew a bit more about what type of restrictions you wanted to put in place for additional security I think I could probably give you more verbose answer. Just let me know I will be glad to help.

Christopher C Smith

CSE

Cisco IronPort Customer Support

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents