Welcome, Guest
Please Login or Register.    Lost Password?

Blocking unwanted email addresses with Ironmail
(1 viewing) (1) Guest
High level security related questions and answers
Go to bottomPage: 1
TOPIC: Blocking unwanted email addresses with Ironmail
#42
Blocking unwanted email addresses with Ironmail 10 Years, 7 Months ago Karma: 2
We ended up having an email management problem with our Email Secure Gateway / Ironmail appliance collecting
a series of emails from past employees that signed up for many of the Google Alerts, subscriptions, etc...

Many of those sites send out email blasts, but don't accept return emails which we could successfully bounce back to them.
Bad Netiquette but that's life.

This ended up making more of an administrative nightmare for us than we cared to manage daily. These messages would
end up in the superQ and take up space. We get a lot, but know that we're not alone.

Ironmail does support LDAP lookups to validate legitimate email addresses for a domain, but our central email server isn't based on a
standard LDAP schema that could be used.

Below is a low maintenance technique that support helped us with that could be used when you can't authenticate against LDAP,
but want to stop emails from getting into your system and clogging up the email flow. Use this to stop receiving mail for invalid users:

The messages will still make it past smtpproxy, but will be dropped within SuperQ. It is one Envelope Analysis rule that will require its own apply rule.

First, you will need to make two groups within Compliance < Compliance Advanced < Group Manager:

1) A domain group for all of your routed domains(comma separated)
2) A user group with all of the email addresses and possible aliases for those users(comma separated)

Add a new rule within Envelope Analysis < Manage Rules:

1) Monitored field - Recipient
2) Type - Group. Use your Domain based group that was just created.
3) Action - whichever action you wish to take (quarantine/drop/etc...)
4) Submit
Add a new rule within Envelope Analysis < Apply Rules:

1) Apply to: The user based group that you created earlier
2) Exlude : This is essential, this needs to be checked.
3) Direction: At your leisure
4) Enable the rule you had just created within Manage Rules
5) Submit


This is essentially a drop all rule. It will drop ALL mail destined to your routed domains, unless they are directed towards users within your user based group.
The only time you will have to adjust any settings would be if you began routing for another domain, or if you added/removed users.


Hope this helps!
The administrator has disabled public write access.
 
Go to topPage: 1
Moderators: halls
get the latest posts directly to your desktop