SecurityGateway for Email Servers v10.5

PTR

Perform reverse PTR record lookup on inbound SMTP connections

By default SecurityGateway performs pointer record lookups on all inbound SMTP connections. Clear this option if you do not wish to do this.

Send 501 and close connection if no PTR record exists (caution)

If this box is checked then SecurityGateway will send a 501 error code (syntax error in parameters or arguments) and close the connection if no PTR record exists for the domain. This option is disabled by default.

Send 501 and close connection if no PTR record match

If this box is checked then SecurityGateway will send a 501 error code (syntax error in parameters or arguments) and close the connection if the results of a pointer record lookup fail to match. This option is disabled by default.

Exclude authenticated sessions from punitive actions

When this checkbox is enabled SecurityGateway will defer the PTR lookup on inbound SMTP connections until after the SMTP MAIL command, in order to see whether or not the connection used authentication. If the session is authenticated then no punitive actions will be taken against the sender. This option is disabled by default.

Exclude global allowlisted IP addresses from punitive actions

Click this checkbox if you wish to exclude Globally allowlisted IP addresses from PTR record lookups. This option is disabled by default.

HELO/EHLO

Perform lookup on HELO/EHLO domain

By default SecurityGateway performs a lookup on the domain name that is reported during the HELO/EHLO portion of the session. The HELO/EHLO command is used by the client (sending machine) to identify itself to the server. The domain name passed by the client in this command is used by the server to populate the from portion of the Received header. Disable this option if you do not wish to perform these lookups.

Send 501 and close connection on forged identification (caution)

Click this check box if you want a 501 error code to be sent and then the connection closed when the result of a lookup appears to be a forged identification. This option if disabled by default.

Refuse to accept mail if a lookup returns 'domain not found'

When a lookup results in "domain not found", enabling this option will cause the message to be refused with a 451 error code (Requested action aborted: local error in processing) and then the session will be allowed to progress normally to its conclusion. This option is disabled by default.

...send 501 error code (normally sends 451 error code)

Enable this checkbox if you want the error code that is sent in response to a "domain not found" result to be 501 (syntax error in parameters or arguments) instead of 451.

...and then close the connection

Click this checkbox if you want the connection to be closed immediately instead of allowed to progress when "domain not found" is the result of the reverse lookup.

Exclude authenticated sessions from punitive actions

When this checkbox is enabled SecurityGateway will defer the lookup on inbound SMTP connections until after the SMTP MAIL command, in order to see whether or not the connection used authentication. If the session is authenticated then no punitive actions will be taken against the sender. This option is disabled by default.

Exclude global allowlisted IP addresses and hosts from punitive actions

Click this checkbox if you wish to exclude globally allowlisted IP addresses and globally allowlisted hosts from lookups on the HELO/EHLO domain. This option is disabled by default.

Mail

Perform lookup on value passed in the MAIL command

By default SecurityGateway will perform a lookup on the domain name that is passed during the MAIL command portion of the mail transaction. The address passed in the MAIL command is supposed to be the reverse-path for the message, and is usually the mailbox from which the message is originating. Sometimes, however, it is the address to which error messages should be directed instead. Disable this option if you do not wish to perform lookups on the MAIL value.

...send 501 and close connection on forged identification (caution)

Click this check box if you want a 501 error code to be sent and then the connection closed when the result of a lookup appears to be a forged identification. This option is disabled by default.

Refuse to accept mail if a lookup returns 'domain not found'

By default, when a lookup on the MAIL value results in "domain not found," the message will be refused with a 451 error code (Requested action aborted: local error in processing) and then the session will be allowed to progress normally to its conclusion. Clear this checkbox if you do not wish to refuse these messages.

...send 501 error code (normally sends 451 error code)

Enable this checkbox if you want the error code that is sent in response to a "domain not found" result to be 501 (syntax error in parameters or arguments) instead of 451.

...and then close the connection

Click this checkbox if you want the connection to be closed immediately instead of allowed to progress when "domain not found" is the result of the lookup.

Exclude messages from authenticated sessions

Messages arriving over authenticated sessions are excluded from lookups on the MAIL command value by default. Disable this option if you do not wish to exclude those messages.

Exclude globally allowlisted senders

Message from any globally allowlisted senders are excluded from lookups by default. Clear this checkbox if you do not wish to exclude messages from those senders.

Configuration

Insert warning headers into suspicious messages

By default, SecurityGateway will insert a warning header into any message that fails a reverse lookup. The receiving mail server or client could then optionally use this header to filter the message. Uncheck this box if you do not wish to insert a warning header into suspicious messages.