No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Mail Filtering Does Not Take Effect on the USG6600 (V500R001C30SPC100)

Publication Date:  2019-07-03 Views:  221 Downloads:  0

Issue Description

The mail filtering function is configured on the firewall to block the mails sent from gmail mailboxes. The firewall has block informations, but the mails are still received.

Handling Process

1. Check logs. There are POP3 blocking logs and IMAP alarms. (IMAP does not support blocking.) It is confirmed that intranet users receive mails from the server through POP3, not IMAP. 

2. After confirmation, the firewall runs at Layer 2 and is located between the external router and core switch. The mail server is connected to the core switch in bypass mode. In this way, mail traffic sent from the mail server to intranet users does not pass through the firewall. There should be no POP3 or IMAP alarm. After confirmation, it is found that some intranet users may log in to external mailboxes (such as 163 and gmail). These alarms were generated at that time. The ultimate goal is to block mails before they reach the mail server. 

3. Check the configuration. The configuration is to filter received mails by sender address. 

4. Are the mails received by the mail server sent mails or received mails? This is described in product documentation as follows:

 SMTP is used for data transmission between mail servers. Therefore, the firewall considers the mails received by a mail server as the mails sent from an external server to an internal server.


Root Cause

SMTP is used for data transmission between mail servers. Therefore, the firewall considers the mails received by a mail server as the mails sent from an external server to an internal server.

Solution

Modify the configuration to filter sent mails by sender address. The test result shows that the mails sent from the Internet to the intranet mail server can be blocked.

END