Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Managing Messages > Managing connection options
Managing connection options
Administrator Help | Forcepoint Email Security | Version 8.5.x
The page Settings > Inbound/Outbound > Connection Control is used to configure connection settings, such as limiting the number of simultaneous connections per IP address and enabling real-time blacklist checking or reverse DNS verification.
The following settings can be configured on the page Connection Control:
*
*
*
*
*
*
*
*
*
To collect and view detailed information about some connections, allow connection control functions to save these details in the mail processing log, accessed via an appliance. When the function is activated, the log collects detailed data regardless of whether the connection control itself is enabled. This function is available for the following connection control options:
*
*
*
*
Configuring simultaneous connections
Limiting the number of simultaneous connections can improve system performance. The Connection Options section is used to limit these connections.
Limit simultaneous connections
1.
Navigate to the page Settings > Inbound/Outbound > Connection Control.
2.
From the section Connection Options, in the text field Simultaneous connections per IP, enter the maximum number of allowed simultaneous connections per IP address, from 1–500.
The default is 10.
3.
In the text field Timeout, specify the maximum number of seconds of inactivity allowed before a connection is dropped, from 1–43200.
The default is 300.
4.
The settings are saved.
Using a real-time blacklist
A Real-Time Blacklist (RBL) is a third-party published list of IP addresses that are known sources of spam. When RBL checking is enabled, messages from a sender listed on an RBL are prevented from entering your system. The Email Security module supports the use of the Spamhaus Datafeed server or the entry of up to three third-party RBLs for RBL lookups. Functionality is configured from the section Real-time Blacklist Options on the page Settings > Inbound/Outbound > Connection Control.
Configure the RBL
1.
Navigate to the page Settings > Inbound/Outbound > Connection Control.
2.
This feature is enabled by default.
3.
If you enable this option without designating a third-party RBL, the email protection system still collects log information that email content filters can use for subsequent message analysis.
4.
*
Use the Spamhaus server for RBL lookups.
*
Enter up to three domain addresses of the RBL services to use. Separate multiple addresses with a semicolon (;).
5.
The settings are saved.
Using reverse DNS verification
Reverse DNS lookup uses a pointer (PTR) record to determine the domain name that is associated with an individual sender IP address. The reverse DNS lookup function can determine whether email sent to your system is from a legitimate domain. Use of this option can enhance the detection of commercial bulk email. See Commercial bulk email.
However, if you enable Reverse DNS, server performance may be affected, or legitimate users may be rejected. This function is not enabled by default, but can be enabled from the section Reverse DNS Lookup Options on the page Settings > Inbound/Outbound > Connection Control.
Enable reverse DNS lookup
1.
Navigate to the page Settings > Inbound/Outbound > Connection Control.
2.
Selection enables the corresponding check boxes.
3.
*
*
*
If you select this option, a connection is terminated when the following events occur:
*
*
*
*
4.
5.
The settings are saved.
Using the reputation service
The email protection system can check an email sender's IP address against the reputation service, which classifies email senders based on past behavior. With this function, the email system can block mail from known spam senders. The reputation service is enabled from the section Reputation Service Options on the page Settings > Inbound/Outbound > Connection Control.
Configure the reputation service
1.
Navigate to the page Settings > Inbound/Outbound > Connection Control.
2.
This is the default setting. Selection enables the corresponding radio buttons.
3.
*
Blocks mail from addresses that send spam 100% of the time.
*
Blocks mail from addresses that send spam 99% of the time.
*
Blocks mail from addresses that send spam 97% of the time. This is the default.
*
Selection enables the corresponding text field in which to enter a custom spam percentage. The email system blocks mail from addresses that send spam the specified percentage of time.
4.
5.
The settings are saved.
Delaying the SMTP greeting
An SMTP greeting message can be delayed for a specified time interval, so that a connection from a client will be dropped if the client tries to send data during this time interval. This option can help prevent mail from spam-sending applications that send a high volume of messages very quickly. The connection is dropped as soon as a message is sent to the SMTP server before it is ready. This feature is not enabled by default, but can be enabled from the section SMTP Greeting Delay Options on the page Settings > Inbound/Outbound > Connection Control.
Configure the SMTP greeting delay
1.
Navigate to the page Settings > Inbound/Outbound > Connection Control.
2.
Selection enables the corresponding field.
3.
The default is 3 seconds.
4.
5.
The settings are saved.
Enabling the SMTP VRFY command
The SMTP VRFY command can be used to verify an email username. When asked to validate a username, a receiving mail server responds with the user's login name. The SMTP VRFY Command section on the page Settings > Inbound/Outbound > Connection Control is used to configure this option.
Important 
Enable the SMTP VRFY command
1.
Navigate to the page Settings > Inbound/Outbound > Connection Control.
2.
3.
The settings are saved.
Enabling SMTP authentication for email hybrid service
By default, SMTP authentication is enabled for inbound messages that enter the system via the email hybrid service. This type of authentication provides additional authentication protection for email that is relayed to the email protection system from the hybrid service. The Email Hybrid Service SMTP Authentication section on the page Settings > Inbound/Outbound > Connection Control is used to enable or disable this option.
Disable SMTP authentication for Forcepoint Email Security Hybrid Module
1.
Navigate to the page Settings > Inbound/Outbound > Connection Control.
2.
This option is available only when your subscription includes Forcepoint Email Security Hybrid Module and the hybrid service is registered and enabled.
3.
The settings are saved.
Changing the SMTP port
The default SMTP port number is 25. Proper communication with the email hybrid service requires the use of port 25 for SMTP. However, the SMTP Port Option settings on the page Settings > Inbound/Outbound > Connection Control can be used to customize the port number.
 
Note 
Change the SMTP port
1.
Navigate to the page Settings > Inbound/Outbound > Connection Control.
2.
Valid values are from 25 to 5000.
3.
The settings are saved. The Email Security module services are restarted.
Using access lists
An access list enables you to specify an IP address group for which certain email analysis is not performed. The Allow Access List Options on the page Settings > Inbound/Outbound > Connection Control are used to identify these IP addresses. Mail from these addresses bypasses the following email analysis:
*
*
*
*
*
*
*
*
IP address groups are defined on the page Settings > Inbound/Outbound > IP Groups. The groups defined on that page appear for selection in the Connection Control Allow Access List Options section.
Create and modify an access list
1.
Navigate to the page Settings > Inbound/Outbound > Connection Control.
2.
The IP addresses in the group display in the list of IP addresses list and the Edit button is enabled.
3.
Click Edit.
The Edit IP Groups page displays to configure the IP addresses. See Editing an IP address group.
4.
In the section IP Address Group, add a predefined IP address group; from the field IP address file, click Browse and navigate to the desired text file.
The file format should be one IP address per line, and its maximum size is 10 MB.
Because mail from the Trusted IP Addresses group bypasses additional email analysis, that group should not be entered in the Allow Access List. See Managing domain and IP address groups.
5.
Manually add IP address entries; in the field IP address, enter an individual IP address and click >.
The information is added to the Added IP Addresses box on the right.
 
Note 
6.
7.
8.
The Connection Control page displays with the newly configured IP addresses.
9.
The settings are saved.

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Managing Messages > Managing connection options
Copyright 2022 Forcepoint. All rights reserved.