Email Protection Administrator Guide
158
Proprietary: Not for use or disclosure outside McAfee without written permission.
November 2012
Transfer Agent (MTA) servers (a.k.a. inbound servers) on your premises configured in
each domain. if you change the addressing in your network for your inbound servers, you
must update the configurations in Email Protection.
At any time in Email Protection, you may change configuration of the IP address of your
inbound servers. Be prudent when making changes to your delivery MTA configuration as
any applied modifications will be enabled instantly and affect inbound SMTP routing.
Question: I want to temporarily stop filtering a domain’s emails, but I do
not want to delete the domain’s information. How do I do this?
Answer:
You can set the inbound servers for the Domain to be inactive. This action causes
all emails received for that domain to be tempfailed. Be aware that email traffic for that
domain will still consume bandwidth because it is likely that the sending email servers
will reattempt multiple times to send the email until it finally permfails the email as
“undeliverable.” This process matches standard SMTP protocols.
Question: Why is Email Protection refusing connections from my
inbound email servers?
Answer:
If Email Protection received a minimum of 20 attempted connections from an IP
address where more than 60% of the recipients are invalid, it adds the IP address to a
temporary “global blacklist” for 4 hours (by default – the time period is configurable at the
system level). After the time period has passed, Email Protection will remove the IP
address from the temporary global blacklist and again accept connections from it.
This process helps protect against Dictionary Harvest Attacks, where spammers are
attempting all combinations of email addresses to glean valid email addresses for
subsequent spamming. It also helps protect against Denial of Service attacks.
This feature and its configurations are controlled at the system level. The above values are
the defaults.
Question: The Internet Explorer Content Advisor keeps blocking the
Control Console. How do I prevent that?
Answer:
You must disable the Content Advisor feature of the Internet Explorer to be able
to use the Control Console. Do the following to disable the Content Advisor feature if it is
enabled:
1
In the Internet Explorer window, click
Tools
|
Internet Options
.
2
In the
Internet Options
window, click the
Content
tab.
3
In the
Content Advisor
area in the
Content
tab, click the
Disable
button.
If there is an
Enable
button, but no
Disable
button, this means that Content Advisor is
already disabled. Click the
Cancel
button until you return to the browser window.
4
Enter the password in the
Supervisor Password Required
dialog.
5
Click the
OK
button.
6
Continue clicking the
OK
button until you return to the Internet Explorer window.