beautypg.com

Ip_profile check, Syntax, Ip_profile – Fortinet FortiMail 3.0 MR4 User Manual

Page 175

background image

set

ip_profile check

FortiMail™ Secure Messaging Platform Version 3.0 MR4 CLI Reference
06-30004-0420-20080814

175

ip_profile check

Use these commands to configure various session checks.

Syntax

set ip_profile check 3_way {enable | disable}

set ip_profile check allow_pipelining {no | loose | strict}

set ip_profile check domain {enable | disable}

set ip_profile check eom_ack {enable | disable}

set ip_profile check helo {enable | disable}

set ip_profile check open_relay {enable | disable}

set ip_profile check recipient {enable | disable}

set ip_profile check rewrite_helo {enable | disable}

set ip_profile check rewrite_helo_custom {enable | disable}

set ip_profile check send_dsn {enable | disable}

set ip_profile check sender {enable | disable}

set ip_profile check splice {enable | disable}

{seconds | kilobytes}

set ip_profile check stop_empty_domains {enable | disable}

set ip_profile check stop_encrypted {enable | disable}

set ip_profile check syntax {enable | disable}

Keywords and Variables Description

Default

Enter the name of the session profile.

3_way

{enable | disable}

Enable or disable message rejection if recipient and HELO domain match
but sender domain is different.
This check only affects unauthenticated sessions.

disable

allow_pipelining

{no | loose |

strict}

Disable, enable, or enable strict command pipelining.
• {no} The FortiMail unit accepts only a single command at a time during

an SMTP session.

• {loose} Some SMTP command sequences are accepted and

processed as a group, increasing performance over high-latency
connections.

• {strict} Pipelining is enabled, but limited to strict compliance with

RFC-2920.

no

domain

{enable | disable}

Enable or disable rejection of EHLO/HELO commands with invalid
characters in the domain.

disable

eom_ack

{enable | disable}

Enable or disable immediately acknowledging end of message (EOM)
signal. If disabled, the antispam check is run on the message before
acknowledgement is sent. The sending server could time-out while
waiting for EOM acknowledgement.

disable

helo {enable |

disable}

Enable to disable checking of the existence of the domain reported in the
client’s HELO command by looking up both the MX record and A record.

disable

open_relay

{enable | disable}

Enable or disable open relay check. This check only affects
unauthenticated sessions.

disable

recipient

{enable | disable}

Enable or disable checking the recipient address for a valid domain.

disable

rewrite_helo

{enable | disable}

Enable or disable rewriting the EHLO/HELO domain to the IP string of the
client address. The rewritten EHLO/HELO will be in the format x.x.x.x

disable

rewrite_helo_custom

{enable | disable}

Select to rewrite the HELO domain to the specified value for any session
this profile applies to.

disable

See also other documents in the category Fortinet Hardware: