Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Configuring System Settings > Managing domain and IP address groups
Managing domain and IP address groups
Administrator Help | Forcepoint Email Security | Version 8.5.x
A collection of domain names or IP addresses can be defined in a single group for use in email functions. For example, you can define a domain name group to establish domain-based delivery options, or you can define an IP address group for which Reputation Service, Real-time Blacklist (RBL), or directory attack prevention analysis is not performed. IP address groups can also be used for the email encryption functions. Domain groups are added and configured on the page Settings > Users > Domain Groups; IP groups are added and configured on the page Settings > Inbound/Outbound > IP Groups.
You can perform the following operations on domain or IP address groups:
*
*
*
*
There are two special default groups of domain or IP addresses:
*
*
See Third-party encryption application for information about using the Encryption Gateway default IP address group. Default groups cannot be deleted.
Protected Domain group
The Protected Domain group should contain all the domains that an organization owns and needs the email system to protect. Message direction in the system is determined on the basis of an organization's protected domains:
*
*
*
An open relay results when both the sender and recipient addresses are not in a protected domain.
Unless you entered a protected domain name in the Domain-based Route page of the First-time Configuration Wizard, the default Protected Domain group is empty after product installation. Domains may be added to or deleted from the Protected Domain group, the Protected Domain group itself cannot be deleted.
 
Important 
The email hybrid service uses the Protected Domain group during Forcepoint Email Security Hybrid Module registration to verify that the domains specified in its delivery routes are all from this group. The Protected Domain group should not be used to configure email delivery routes (on the page Settings > Inbound/Outbound > Mail Routing) if you need to define domain-based delivery routes via multiple SMTP servers. See User directory-based routes.
Trusted IP Address group
Like the Protected Domain group, the Trusted IP Addresses default group is empty after product installation. IP addresses may be added to or deleted from the Trusted IP Addresses group, but the Trusted IP Addresses group itself cannot be deleted. The Trusted IP Addresses group may include up to 1024 addresses.
Trusted IP addresses may include your internal mail servers or a trusted partner mail server.
Mail from an address in the Trusted IP Addresses group can bypass some inbound email analysis. Use of the Trusted IP Addresses group can result in improved email processing time.
Specifically, mail from trusted IP addresses bypasses the following email analysis:
*
Global Always Block List (Main > Policy Management > Always Block/Permit)
*
*
Recipient validation (Settings > Users > User Authentication)
*
All connection controls except the connection control timeout (Settings > Inbound/Outbound > Connection Control)
*
Directory harvest attack (Settings > Inbound/Outbound > Directory Attacks)
*
Relay controls (Settings > Inbound/Outbound > Relay Control)
*
Note 

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Configuring System Settings > Managing domain and IP address groups
Copyright 2022 Forcepoint. All rights reserved.