How to enable Symantec Messaging Gateway's bounce attack prevention for specific domains.

book

Article ID: 180543

calendar_today

Updated On:

Products

Messaging Gateway

Issue/Introduction

 

Resolution

Administrators want to enable the BATV only for specific domains or sub-domains of their organization.

Configure the ControlCenter with the seed you prefer of eight alphanumeric characters:

1 In the Control Center, select Administration > Settings > Control Center.
2 Click the Certificates tab.
3 Under Control Center Certificate, enter a Bounce attack prevention seed. This seed value should consist of eight alphanumeric characters.
The PRVS scheme includes a modest protection against replay attacks, by virtue of its using an expiry time, which prevents very old addresses from being used by attackers. It does not prevent replay attacks of young addresses.

Symantec suggests to modify the seed time to time based on the mail profile, security policies of the organization and volume of messages. Three month seed change could be a good starting point.

4 Click Save.

 

To enable BATV for the domains you prefer:

1 In the Control Center, select Administration > Users > Policy Groups.
2 Select the default policy group if you want to apply it to all the domains and users, otherwise create a new one and list the domains, then select the
Spam tab for that policy group.
3 Under Email, check Enable bounce attack prevention for this policy group.
4 For the Bounceattack prevention policy, select the policy you want to apply to bounced messages.
5 Click Save.
 

Create the policy to stop unwanted bounce messages:

1 In the Control Center, click Spam > Policies > Email.
2 Click Add to create a new policy.
3 Enter a name for the new policy, and for If the following condition is met:
select "If a message fails bounce attack validation". The apply to field will automatically be set to "inbound messages" and disabled. You can only configure an inbound policy for this condition. The outbound policy is static and cannot be modified.
4 Select the actions that should be applied if a bounce message fails validation. An action "Reject messages failing bounce attack validation" is provided, or you can select any other action as desired. Be sure to consider your existing spam policies and how they might affect your overall email configuration.
5 Under Applytothefollowingpolicygroups, select the policy groups to which you want to apply this policy.
6 Click Save.