Los estudios escolarizados en la Iglesia Adventista

To add an IP address to the Approved List:

1. Choose IP Filtering > Approved List from the menu. The Approved List screen appears.

2. Click Add. The Add IP/Domain to Approved List screen appears.

3. Select the Enable check box.

4. Type the domain or IP address that you would like to add to the Approved List.

5. Click Save. The domain or IP address appears in the Approved List.

Step 3: Adding IP Addresses to the Blocked List

To add an IP address to the Blocked List:

1. Choose IP Filtering > Blocked List from the menu. The Blocked List screen appears.

2. Click Add. The Add IP/Domain to Blocked List screen appears.

3. Select the Enable check box.

4. Type the domain or IP address.

5. Select Block temporarily or Block permanently.

6. Click Save. The domain or IP address is added to the blocked list.

Step 4: Enabling IP Profiler Rules

Rules are set to monitor the behavior of all IP addresses and block them according to the threshold setting. Rules can be set for the following:

• Spam

• DHS attacks • Bounced mail

WARNING! Before enabling IP Profiler Rules, add all of your email servers’ IP addresses (that send outgoing email messages to IMSS) to the IP Filter- ing Approved List. To configure the IP Filtering Approved List, see Step 2: Adding IP Addresses to the Approved List on page 2-9.

To specify IP Filtering spam settings:

1. Choose IP Filtering > Rules from the menu. The Rules screen appears with 4 tabs, one for each type of threat.

2. Click the Spam tab. The Spam screen appears.

3. Select the Enable check box to enable blocking of spam.

4. Specify a value for the following:

• Duration to monitor: The number of hours that IMSS monitors email traffic to see if the percentage of spam email messages exceeds the threshold you set. • Rate (%): Type the maximum number of allowable email messages with spam

threats.

• Total mails: Type the total number of spam email messages out of which the threshold percentage is calculated.

Consider the following example.

During each one-hour period that spam blocking is active, IMSS starts blocking IP addresses when more than 20% of the messages it receives contain spam and the total number of messages exceeds 100.

5. Next to Triggering action, select one of the following:

• Block temporarily: Block email messages from the IP address and allow the upstream MTA to try again.

• Block permanently: Never allow another email message from the IP address and do not allow the upstream MTA to try again.

6. Click Save.

To specify IP Filtering virus settings:

1. Choose IP Filtering > Rules from the menu. The Rules screen appears with 4 tabs, one for each type of threat.

2. Click the Virus tab. The Virus screen appears.

3. Select the Enable check box to enable blocking of viruses.

4. Configure the following:

• Duration to monitor: The number of hours that IMSS monitors email traffic to see if the percentage of email messages with viruses exceeds the threshold you set.

• Rate (%): Type the maximum number of allowable email messages with viruses (the numerator).

• Total mails: Type the total number of infected email messages out of which the threshold percentage is calculated (the denominator).

Consider the following example.

During each one-hour period that virus blocking is active, IMSS starts blocking IP addresses when more than 20% of the messages it receives contain viruses and the total number of messages exceeds 100.

5. Next to Triggering action, select one of the following:

• Block temporarily: Block email messages from the IP address and allow the upstream MTA to try again.

• Block permanently: Never allow another email message from the IP address and do not allow the upstream MTA to try again.

6. Click Save.

To specify IP Filtering Directory Harvest Attack (DHA) settings:

1. Choose IP Filtering > Rules from the menu. The Rules screen appears with 4 tabs, one for each type of threat.

2. Click the DHA Attack tab. The DHA Attack screen appears.

3. Select the Enable check box to enable blocking of directory harvest attacks.

4. Configure the following:

• Duration to monitor: The number of hours that IMSS monitors email traffic to see if the percentage of email messages signaling a DHA attack exceeds the threshold you set.

• Rate (%): Type the maximum number of allowable email messages with DHA threats (the numerator).

• Total mails: Type the total number of DHA email messages out of which the threshold percentage is calculated (the denominator).

• Sent to more than: Type the maximum number of recipients allowed for the threshold value.

• Non-existing recipients exceeds: Type the maximum number of non-existent recipients allowed for the threshold value. DHA attacks often include randomly generated email addresses in the receiver list.

Note: The LDAP service must be running to determine non-existing recipients. Consider the following example.

Duration to monitor: 1 hour at a rate of 20 out of 100 sent to more than 10 recipients when the number of non-existing recipients exceeds 5.

During each one-hour period that DHA blocking is active, IMSS starts blocking IP addresses when it receives more than 20% of the messages that were sent to more than 10 recipients (with more than five of the recipients not in your organization) and the total number of messages exceeds 100.

5. Next to Triggering action, select one of the following:

• Block temporarily: Block email messages from the IP address and allow the upstream MTA to try again.

• Block permanently: Never allow another email message from the IP address and do not allow the upstream MTA to try again.

6. Click Save.

To specify IP Filtering Bounced Mail settings:

1. Choose IP Filtering > Rules from the menu. The Rules screen appears with 4 tabs, one for each type of threat.

3. Select the Enable check box to enable blocking of bounced mail.

4. Configure the following:

• Duration to monitor: The number of hours that IMSS monitors email traffic to see if the percentage of email messages signaling bounced mail exceeds the threshold you set.

• Rate (%): Type the maximum number of allowable email messages signaling bounced mail (the numerator).

• Total mails: Type the total number of bounced email messages out of which the threshold percentage is calculated (the denominator).

Consider the following example.

Duration to monitor: 1 hour at a rate of 20 out of 100

During each one-hour period that blocking for bounced mail is active, IMSS starts blocking IP addresses when more than 20% of the messages it receives are bounced messages and the total number of messages exceeds 100.

Note: The LDAP service must be running to check bounced mail.

5. Next to Triggering action, select one of the following:

• Block temporarily: Block email messages from the IP address and allow the upstream MTA to try again.

• Block permanently: Never allow another email message from the IP address and do not allow the upstream MTA to try again.

6. Click Save.