search cancel

Implementing DNS IP reputation on Symantec Messaging Gateway for Service Providers

book

Article ID: 162006

calendar_today

Updated On:

Products

Messaging Gateway for Service Providers

Issue/Introduction

This article contains general instructions on implementing DNS IP reputation on Symantec Messaging Gateway for Service Providers.

Resolution

Information on how to enable Sender DNS IP reputation on Symantec Messaging Gateway for Service Providers (SMG-SP) can be found in the product's Implementation Guide, starting at page 59.

Steps

- Ensure the SMG-SP Server has full Internet DNS connectivity

- On the SMG-SP server, edit the configuration file bmiconfig.xml and apply the following changes.

- Locate the "spamhunter" module section, and change settings to reflect the ones below:

    <dnsReputationLookups enabled="true"/>
    <dnsReputationDomain>zodiac.brightmail.com</dnsReputationDomain
>

- Locate the following entry and set it to true:

    <dnsLatencyTracker enabled="true">

- Locate the following entry and change it to the desired action:

 <filtering_policy name="static-opl" desc="static opl" type="consent" visible="false" enabled="true">
                <destination>Subject: [DNSREP]%s</destination>
            </filtering_policy>

- Consider increasing the logging level of the component "bmserver" to INFO for better troubleshooting

- Restart all SMG-SP services


The following sample section from bmserver log shows the events related to emails matching DNS Reputation policies:

2015-07-10T09:45:54Z (INFO:5623.3249850112): [27219] A message from <[email protected]> source <external> to <[email protected]> using recipient's group policy <Default> returned Disposition: <opl> triggering filtering policy <static opl> with destination <Subject: [DNSREP]%s>.