F-Secure Internet Gatekeeper for Linux/Administrator’s Guide
39
authenticated through the POP proxy are permitted to use the SMTP proxy for a fixed time
period.
If you use SMTP authentication simultaneously on the Internet Gatekeeper and mail server,
e-mail can be sent if either SMTP authentication or POP-before-SMTP authentication is
successful.
If you have enabled also the
Restrict e-mail recipients
setting, e-mail to the specified
domains can be sent even without authentication.
For examples, see “
Access Control
”, 65.
Timeout
Expire
(pbs_lifetime)
How long POP-before-SMTP authentication remains valid (minutes).
LAN access settings
LAN Access settings
(lan)
With these settings, you can specify different operation for connections from specific hosts and
networks.
Hosts and networks within LAN
LAN hosts
Specifies the list of hosts and networks to which the
LAN access settings
apply.
If you have enabled
DNS Reverse Lookup
, you can also specify <host name>.<domain
name>.
For examples, see “
Access Control
”, 65.
If you edit the
Hosts and networks within LAN
setting by using the web
console, the smtp lan field is updated in /opt/f-secure/fsigk/conf/hosts.allow.
Parent server
Parent Server
(lan_parent_server, lan_parent_server_host, lan_parent_server_port)
Specifies another SMTP server. Specify this setting if you want to use a different SMTP
server than the one you specified in “Parent server”. This SMTP server is used for
connections from the hosts that you specified in
Hosts and networks within LAN
.
The standard port number is 25.
What to do when a virus is detected
Action on Viruses
(action)
Virus e-mails often use spoofed (fake) sender and recipient addresses. The recommended
setting for incoming e-mail is to delete or notify the recipient, and for outgoing mail, to delete
or block sending.
Log and notify
Pass
(action=pass)
Allows e-mail to pass even if a virus is detected.
In this case, the detection is recorded in the log, the administrator is notified, and
X-Virus-Status: is added to the header.
This setting is not usually used.
Block and notify the sender
Delete
(action=deny)
Blocks the sending of infected e-mails.
The SMTP session returns the following error to notify the mailer and mail server directly: