Applies To:
Show VersionsBIG-IP ASM
- 13.1.5, 13.1.4, 13.1.3, 13.1.1, 13.1.0
Overview: Securing SMTP traffic using system defaults
This implementation describes how to secure SMTP traffic using system defaults. When you create an SMTP security profile, the BIG-IP® Advanced Firewall Manager™ (AFM) provides several security checks for requests sent to a protected SMTP server. When you enable a security check, the system either generates an alarm for, or blocks, any requests that trigger the security check.
You can configure the SMTP security profile to include the following checks:
- Verify SMTP protocol compliance, as defined in RFC 2821.
- Validate incoming mail using several criteria.
- Inspect email and attachments for viruses.
- Apply rate limits to the number of messages.
- Validate DNS SPF records.
- Prevent directory harvesting attacks.
- Disallow or allow some of the SMTP methods, such as VRFY, EXPN, and ETRN, that spam senders typically use to attack mail servers.
- Reject the first message from a sender, because legitimate senders retry sending the message, and spam senders typically do not. This process is known as greylisting. The system does not reject subsequent messages from the same sender to the same recipient.
Task Summary
Creating an SMTP service profile with security enabled
Creating an SMTP virtual server with protocol security
Reviewing violation statistics for security profiles
Overview: Creating a custom SMTP security profile
This implementation describes how to secure SMTP traffic. When you create an SMTP security profile, the system provides several security checks for requests sent to a protected SMTP server. When you enable a security check, the system either generates an alarm for, or blocks, any requests that trigger the security check.
You can configure the SMTP security profile to include the following checks:
- Verify SMTP protocol compliance as defined in RFC 2821.
- Validate incoming mail using several criteria.
- Inspect email and attachments for viruses.
- Apply rate limits to the number of messages.
- Validate DNS SPF records.
- Prevent directory harvesting attacks.
- Disallow or allow some of the SMTP methods, such as VRFY, EXPN, and ETRN, that spam senders typically use to attack mail servers.
- Reject the first message from a sender, because legitimate senders retry sending the message, and spam senders typically do not. This process is known as greylisting. The system does not reject subsequent messages from the same sender to the same recipient.