Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
5477
Views
0
Helpful
4
Replies

Whitelist a whole domain in IronPort C370?

Go to solution
David Rahmn
Level 1
Level 1

‎07-08-2014 04:31 AM

Hi!

I have a customer that can't send emails to us cause of bad reputation.  Not sure how am going to whitelist their domain.

Their domain is: domainABC.com

Their SMTP servers is A.domainXYZ.com, B.domainXYZ.com, C.domainXYZ.com.

What should i put in the HAT - Whitelist?

domainABC.com? domainXYZ.com? A, B, C.domainXYZ.com? The IPs of the SMTP-servers?

 

Thanks for the help!

 

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Tom Foucha
Cisco Employee
Cisco Employee

‎07-08-2014 11:22 AM

To whitelist or blocklist any domain including subdomains use .domainABC.com, the "." in front of domainABC.com instructs any sub domain as well. Now you have to understand if domainABC.com is sending from their own servers. If they are using a hosted system that is shared by others it could create issues. Generally it would be advisable to get the IP address of the servers with the bad reputation and put them in a temporary allow list. I say allow because if you use the default whitelist please understand it by default does not do spam scanning.

 

Tom

View solution in original post

0 Helpful

Go to solution
Tom Foucha
Cisco Employee
Cisco Employee
In response to David Rahmn

‎07-09-2014 07:58 AM

On the spoofing depends on where you whitelist the domain and if you have it configured to perform reverse DNS validation. 

White listing the IP is not bad unless that IP also sends mail for other domains as well. 

Both methods have good points and bad points. 

Glad your mail is flowing again!

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Tom Foucha
Cisco Employee
Cisco Employee

‎07-08-2014 11:22 AM

To whitelist or blocklist any domain including subdomains use .domainABC.com, the "." in front of domainABC.com instructs any sub domain as well. Now you have to understand if domainABC.com is sending from their own servers. If they are using a hosted system that is shared by others it could create issues. Generally it would be advisable to get the IP address of the servers with the bad reputation and put them in a temporary allow list. I say allow because if you use the default whitelist please understand it by default does not do spam scanning.

 

Tom

0 Helpful

Go to solution
David Rahmn
Level 1
Level 1
In response to Tom Foucha

‎07-08-2014 11:44 PM

Hi!

 

Thanks for the answer! So if i white list the domain: ".domainABC.com". Can anyone with a sender address of *domainABC.com email us? In this case it would be easy to just spoof the sender address.

I actually did what you said and just whitelisted the IP of the bad SMTP-server and it started ti work again. I will remove them from the whitelist in a while.

 

Thanks!

0 Helpful

Go to solution
Tom Foucha
Cisco Employee
Cisco Employee
In response to David Rahmn

‎07-09-2014 07:58 AM

On the spoofing depends on where you whitelist the domain and if you have it configured to perform reverse DNS validation. 

White listing the IP is not bad unless that IP also sends mail for other domains as well. 

Both methods have good points and bad points. 

Glad your mail is flowing again!

0 Helpful

Go to solution
David Rahmn
Level 1
Level 1
In response to Tom Foucha

‎07-10-2014 12:27 AM

Ok, then i understand!

Thank you so much for the help Tommy!

0 Helpful
Customers Also Viewed These Support Documents
Top