View
223
Download
0
Category
Preview:
Citation preview
A
McAfee Email Gateway 7.6.0 Appliances
Copyright 2013 McAfee, Inc.
McAfeeMcAfee McAfee Active ProtectionMcAfee CleanBootMcAfee DeepSAFEePolicy OrchestratorMcAfee ePOMcAfee EMMFoundscoreFoundstonePolicy LabMcAfee QuickCleanSafe EyesMcAfee SECURESecureOSMcAfee ShredderSiteAdvisorMcAfee StingerMcAfee TotalProtectionTrustedSourceVirusScanWaveSecure McAfee, Inc.
mcafee.com
: : () ( CD Web )
2 McAfee Email Gateway 7.6.0 Appliances
http://mcafee.com
Preface 9 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9What's in this guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
1 McAfee Email Gateway 11McAfee Email Gateway . . . . . . . . . 11 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
. . . . . . . . . . . . . . . . . . . . . . . . . 15 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 . . . . . . . . . . . . . . . . . . . . . . 17
McAfee Email Gateway . . . . . . . . . . . . . . . . . . . . . . . . 18 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21(FAQ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22McAfee Email Gateway 7.x . . . . . . . . . . . . . . . . 23McAfee Email Gateway . . . . . . . . . . . . . . . . . . . . . . . . . 23
. . . . . . . . . . . . . . . . . . . . 23McAfee Email Gateway Appliance 7.0.3 McAfee Email Gateway Blade Server 7.0.3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24 McAfee Email Gateway Virtual Appliance 7.0.3 . . . . . . . . 25 McAfee ePolicy Orchestrator McAfee Email Gateway 7.0.3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27FIPS 140-2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
2 31 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
. . . . . . . . . . . . . . . . . . . . . . . . . . . . 32 . . . . . . . . . . . . . . . . . . . . . . . . . . . 33 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33 . . . . . . . . . . . . . . . . . . . . 34 . . . . . . . . . . . . . . . . . . . . . . . 35
. . . . . . . . . . . . . . . . . . . . . . 35 . . . . . . . . . . . . . . . . . . . . . . 38 - SMTP . . . . . . . . . . . . . . . . . . . . . . . . 40 - POP3 . . . . . . . . . . . . . . . . . . . . . . . . 43 . . . . . . . . . . . . . . . . . . . . . . . 44 . . . . . . . . . . . . . . . . . . . . 44 . . . . . . . . . . . . . . . . . . . . . 46 . . . . . . . . . . . . . . . . . . . . . . . . . . 47 . . . . . . . . . . . . . . . . . . . . . . . 49
McAfee Email Gateway 7.6.0 Appliances 3
- . . . . . . . . . . . . . . . . . . . . . . . . . . 51
3 53 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
. . . . . . . . . . . . . . . . . . . . . . . . . . . . 55 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61 . . . . . . . . . . . . . . . . . 62 - . . . . . . . . . . . . . 64 - . . . . . . . . . . . . . . 65 - . . . . . . . . . . . . . . . . . . . 65 - 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65 . . . . . . . . . . . . . . . . . 66 . . . . . . . . . . . . . . 66
. . . . . . . . . . . . . . . . . . . . . . . . . . . . 67 . . . . . . . . . . . . . . . . . . . . 67 . . . . . . . . . . . . . . . . . . 70 - 1 . . . . . . . . . . 70 - 10 PDF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71 .csv . . . . . . . . . . . 71 - . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
- . . . . . . . . . . . . . . . 72 - . . . . . . . . . . . . . . . . 72 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73
. . . . . . . . . . . . . . . . . . . . . . . . . 74 . . . . . . . . . . . . . . . . . . . . . . . . 74 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75 . . . . . . . . . . . . . . . . . . . . . . . . . 75 . . . . . . . . . . . . . . . . . . . . . . . . 77 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79 . . . . . . . . . . 79 . . . . . . . . . . . . . . . . . 80
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81 . . . . . . . . . . . . . . . . . . . . . . . . . 81 . . . . . . . . . . . . . . . . . . . . . . . . . 81 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81 . . . . . . . . . . . . . . . . . . . . . . . . . 82 . . . . . . . . . . . . . . . . . . . . . . . . . 82 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83 - . . . . . . . . . . . . . . . 83
4 85 . . . . . . . . . . . . . . . . . . . . . . . . . . 85 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88 - . . . . . . . . . . . . . . 101 - . . . . . . . . . . . . . . . . . . . 101 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115
4 McAfee Email Gateway 7.6.0 Appliances
MX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121 - MX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131 . . . . . . . . . . . . 138 - . . . . . . . . . . . 141 - ... . . . . . . . . . . . . . . . . . . . . . . . 143 . . . . 147 . . . . . . . . . . . . . . . 150 | | . . . . . . . . 151 | | . . . . . . 152 . . . . . . . . . . . . . . . . . . . . . . . . 153 . . . . . . . . . . . . . . . . . . . . . . . 153 / . . . . . . . . . . . . . . . . . . 153 . . . . . . . . . . . . . . . . . . . . . . . . . . . 155 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 180 . . . . . . . . . . . . . . . . . . . . . . . . . 201 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 248
[DLP ] . . . . . . . . . . . . . . . . . . . . . . . . . . 286 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 287 . . . . . . . . . . . . . . . . . . . . . . . . 291 . . . . . . . . . . . . . . . . . . . . 300 . . . . . . . . . . . . . . . . . . . . . . 300 - OR . . . . . . . . . . . . . . . . . . . . . . . . . . . 301 - AND . . . . . . . . . . . . . . . . . . . . . . . . . . . 301 . . . . . . . . . . . . . . . . . . . . . . . . 301
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 302 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 302Secure Web Mail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 304S/MIME . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 313PGP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 315TLS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 317Secure Web Mail . . . . . . . . . . . . . . . . . . . . . . . . . . 319 HIPAA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 322 S/MIME 323 S/MIME . . . . 324 PGP . . . . . . . . . . . 325 PGP . . . . . 325
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 326 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 326 - . . . . . . . . . . . . . . . . . . . 332CRL . . . . . . . . . . . . . . . . . . . . . . . . . . . 332
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 334 . . . . . . . . . . . . . . . . . . . 334 . . . . . . . . . . . . . . . . . . . . 336 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 336 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 339
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 342
McAfee Email Gateway 7.6.0 Appliances 5
. . . . . . . . . . . . . . . . . . . . . . . . . . . . 342 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 345 . . . . . . . . . . . . . . . . . . . 345 - . . . . . . . . . . . . . . . . . . . . . . . . . 346 . . . . . . . . . . . . . . . . . . . . . . . . . . 346 . . . . . . . . . . . . . . . . . . . . . 347 - . . . . . . . . . . . . . . . . . . . . . . . 347
. . . . . . . . . . . . . . . . . . . . . . . . . 348LDAP . . . . . . . . . . . . . . . . . . . . 348 - . . . . . . . . . . . . . . . . . 349 . . . . . . . . . . . . . . . . 350 - . . . . . . . . . . . . . . . . 351 - . . . . . . . . . . . . . 351 - Microsoft Exchange Server LDAP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 352 - LDAP . . . . . . . . . . . . . . . . . . . . . . 352
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 353 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 353 . . . . . . . . . . . . . . . . . . . . . . . . . . 355 . . . . . . . . . . . . . . . . 357 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 357
5 363 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 363
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 363 . . . . . . . . . . . . . . . . . . . . . 364DNS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 369 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 371 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 372Email Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . 378 . . . . . . . . . . . . . . . . . . . . . . 379UPS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 379UPS . . . . . . . . . . . . . . . . . . . . . . . . . 382 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 384
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 385 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 386 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 388 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 390 MAC . . . . . . . . . . . . . . . . . . . . . . . . 395 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 396 . . . . . . . . . . . . . . . . . . . . . . 397 . . . . . . . . . . . . . . . . . . . . . . . . . . . 399 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 401 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 406
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 408 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 408 - . . . . . . . . . . . . . . . . . . 410 - . . . . . . . . . . . . . . . . . . . 410 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 410 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 412 . . . . . . . . . . . . . . . . . . . . . . . . 413 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 415DoD CAC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 415 CAC . . . . . . . . . . . . . . . . . . . 417
6 McAfee Email Gateway 7.6.0 Appliances
- . . . . . . . . . . . . . . . . 417 . . . . . . . . . . . . . . . . . . . . . . . . . 417
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 418 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 418 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 421 - . . . . . . . . . . . . . . . . . . . . . 422 . . . . . . . . . . . . . . . . . . . . . . . . . . 422 - . . . . . . . . . . . . . . . . . . . . . 426 - . . . . . . . . . . . . . . . . . . . 426
SNMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . 427 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 428SNMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 434SNMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 435 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 436 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 444 . . . . . . . . . . . . . . . . . . 446 . . . . . . . . . . . . . . . . . . . . . 446
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 448 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 448 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 452ePO . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 453 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 456 . . . . . . . . . . . . . . . . . . . . . . . . 457 . . . . . . . . . . . . . . . . . . . . . . . . . 458 . . . . . . . . . . . . . . . . . . . . . . . . 460 . . . . . . . . . . . . . . . . . . . . . . . . . 462
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 462 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 462 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 464 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 467 . . . . . . . . . . . . . . . . . . . . . 477 . . . . . . . . . . . . . . . . . . . . . 482 . . . . . . . . . . . . . . . . . . . . . . . . . 482ePO . . . . . . . . . . . . . . . . . . . . . . . . . . . 489 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 495
6 503 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 503
Ping Traceroute . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 504 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 504 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 504 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 505 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 506 . . . . . . . . . . . . . . . . . . . . . . . . . . . 507FIPS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 507
. . . . . . . . . . . . . . . . . . . . . . . . . . . 508 . . . . . . . . . . . . . . . . . . . . . . . 508 . . . . . . . . . . . . . . . . . . . . . . 509 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 510 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 510 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 511
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 512 . . . . . . . . . . . . . . . . . . . . . . . . 512
McAfee Email Gateway 7.6.0 Appliances 7
7 Email Gatway ePolicy Orchestrator 515ePolicy Orchestrator . . . . . . . . . . . . . . . . . . . . . . . 515ePolicy Orchestrator Email Gateway . . . . . . . . . 516ePolicy Orchestrator . . . . . . . . . . . . . . . . . 519
ePolicy Orchestrator . . . . . . . . . . . . . . . . . . . . . 520ePolicy Orchestrator . . . . . . . . . . . . . . . . . . . . . 520 McAfee ePolicy Orchestrator McAfee Email Gateway 7.0.3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 521
8 McAfee Quarantine Manager 523McAfee Quarantine Manager . . . . . . . . . . . . . . . . . . . . . . . . . 523 McAfee Quarantine Manager . . . . . . . . . . . . . . . . 523
MQM . . . . . . . . . . . . . 524McAfee Quarantine Manager . . . . . . . . . . . . . . . . . 524
527
8 McAfee Email Gateway 7.6.0 Appliances
Preface
McAfee
[]
()
Web
: ()
:
/:
:
McAfee Email Gateway 7.6.0 Appliances 9
What's in this guide
McAfee McAfee KnowledgeBase
1 McAfee ServicePortal (http://mysupport.mcafee.com)
2 [Self Service]
1 [Product Documentation]
2
3
KnowledgeBase [Search the KnowledgeBase]
[Browse theKnowledgeBase]
Preface
10 McAfee Email Gateway 7.6.0 Appliances
http://mysupport.mcafee.com
1 McAfee Email Gateway McAfee Email Gateway McAfee Email Gateway
McAfee Email Gateway McAfee Email Gateway (FAQ) McAfee Email Gateway 7.x McAfee Email Gateway FIPS 140-2
McAfee Email Gateway
McAfee Email Gateway
McAfee Email Gateway
1
McAfee Email Gateway 7.6.0 Appliances 11
1 McAfee Email Gateway McAfee Email Gateway
12 McAfee Email Gateway 7.6.0 Appliances
McAfee Email Gateway
1-1
A
4 4
B
C
[]
[] []
[] []
McAfee Email Gateway 1
McAfee Email Gateway 7.6.0 Appliances 13
[] []
[]
[]
D
E
F
/
[][]
G
1 McAfee Email Gateway
14 McAfee Email Gateway 7.6.0 Appliances
1
2
:
[] [] [ ]
3 ?
4
5
6 [][OK]
7 [] [] [][]
McAfee Email Gateway
McAfee Email Gateway 1
McAfee Email Gateway 7.6.0 Appliances 15
1 []
[]
2 [Tab]
3
4 .
1
.
1
2 []
1
2 []
3
1
2
1 McAfee Email Gateway
16 McAfee Email Gateway 7.6.0 Appliances
3
4
1 [40 20 29 ]
2
1
2 []
McAfee Email Gateway
.csv ID
McAfee Email Gateway 1
McAfee Email Gateway 7.6.0 Appliances 17
1 []
2 []
[]
3 []
1-1 .CSV
DIP Dwww.example.com192.168.254.200
NIP IP
N192.168.254.200, 255.255.255.0
E Enetwork_user@example.com
.zip .pdf .csv
1-2 .CSV
DIP Dwww.example.com192.168.254.200
NIP IP N192.168.254.200, 255.255.255.0
E Enetwork_user@example.com
1 [][]
2 [][]
McAfee Email Gateway
1-3 McAfee Email Gateway
FTP 21
DAT HTTPFTP
8021
McAfee Global Threat Intelligence DNS 53
1 McAfee Email Gateway McAfee Email Gateway
18 McAfee Email Gateway 7.6.0 Appliances
1-3 McAfee Email Gateway ()
HTTP 80
FTP 21
McAfee Global Threat Intelligence SSL 443
URL SSL 443
Secure WebMail Client SSL 443
SSL 10443
URL HTTP 80
DNS DNS 53
McAfee Quarantine Manager HTTPHTTPS
80443
Active Directory 389
McAfee Global Threat Intelligence SSL 443
1-4
POP3 110
SMTP 25
1
1-5
POP3 110
SMTP 25
ePolicy Orchestrator
McAfee Email Gateway ePolicy Orchestrator ePolicyOrchestrator ePolicy Orchestrator
1-6 ePolicy Orchestrator
[ /] 80
[/] 443
[ ] 8081
McAfee Email Gateway McAfee Email Gateway 1
McAfee Email Gateway 7.6.0 Appliances 19
1-6 ePolicy Orchestrator ()
[ ] 8082
[ ] 8443
[/] 8444
McAfee Email Protection McAfee Email GatewayMcAfee Email Gateway McAfee Email Protection
1-7
SaaS Control Console TCP 25
SaaS API Web URL hybridapi.mxlogic.com TCP 443
McAfee Email Gateway McAfee Email Protection IP
McAfee Email Gateway McAfee Email Protection McAfee EmailProtection IP McAfee Email Gateway
CIDR Class 8 C
CIDR IP IP
208.65.144.0/21 208.65.144.0 208.65.151.255
208.81.64.0/21 208.81.64.0 208.81.71.255
CIDR Class 8 C
CIDR IP IP
208.65.144.0/24 208.65.144.0 208.65.144.255
208.65.145.0/24 208.65.145.0 208.65.145.255
208.65.146.0/24 208.65.146.0 208.65.146.255
208.65.147.0/24 208.65.147.0 208.65.147.255
208.65.148.0/24 208.65.148.0 208.65.148.255
208.65.149.0/24 208.65.149.0 208.65.149.255
208.65.150.0/24 208.65.150.0 208.65.150.255
208.65.151.0/24 208.65.151.0 208.65.151.255
208.81.64.0/24 208.81.64.0 208.81.64.255
208.81.65.0/24 208.81.65.0 208.81.65.255
1 McAfee Email Gateway McAfee Email Gateway
20 McAfee Email Gateway 7.6.0 Appliances
CIDR IP IP
208.81.66.0/24 208.81.66.0 208.81.66.255
208.81.67.0/24 208.81.67.0 208.81.67.255
208.81.68.0/24 208.81.68.0 208.81.68.255
208.81.69.0/24 208.81.69.0 208.81.69.255
208.81.70.0/24 208.81.70.0 208.81.70.255
208.81.71.0/24 208.81.71.0 208.81.71.255
CIDR Class 8 C Class 1 C IP
CIDR IP IP http://co.mcafeesaas.com/configtest/validiplist.txt
IP
[]
McAfee Email Gateway []
[]
[ ]
McAfee ServicePortal (https://mysupport.mcafee.com/Eservice/Default.aspx)
[ ] McAfee McAfee []McAfee
[ ]
McAfee
McAfee Email Gateway 1
McAfee Email Gateway 7.6.0 Appliances 21
http://co.mcafeesaas.com/configtest/validiplist.txthttps://mysupport.mcafee.com/Eservice/Default.aspx
[ McAfeeCustomerSubmissionTool ]
Microsoft Outlook McAfee Labs McAfeeCustomer Submission Tool 2.3 McAfee Email Gateway McAfeeQuarantine Manager
McAfee Customer Submission Tool
http://www.mcafee.com/us/downloads/free-tools/customer-submission-tool.aspx
[ ePO ]
Email and Web Security Appliance McAfee ePolicy Orchestrator
EWG EWS
EWG McAfee ePolicy Orchestrator
McAfee Email and Web Security Appliances 5.5
McAfee Email and Web Security Appliances 5.6
McAfee Web Gateway
McAfee Email Gateway
EWS McAfee Email and Web Security Appliances 5.6 McAfee ePolicy Orchestrator
McAfee ePolicy Orchestrator McAfee ePolicy Orchestrator ePO
[ ePO ]
ePO McAfee ePolicy Orchestrator
Email and Web Security Appliance McAfee ePolicy Orchestrator McAfee ePolicy Orchestrator
[ SMI ] Simple Network Management Protocol (SNMP) Structure of ManagedInformation (SMI) SNMP Management Information Base (MIB)
[ MIB ] SNMP MIB McAfee Email Gateway SNMP
[HP OpenViewNNM SmartPlug-in ]
HP OpenView McAfee Email Gateway HP OpenView
(FAQ) McAfee KnowledgeBase KB76144
1 McAfee Email Gateway (FAQ)
22 McAfee Email Gateway 7.6.0 Appliances
http://www.mcafee.com/us/downloads/free-tools/customer-submission-tool.aspxhttps://kc.mcafee.com/corporate/index?page=content&id=KB76144
McAfee Email Gateway 7.x McAfee McAfee Email Gateway
KnowledgeBase McAfee Email Gateway 7.x PD23748.
McAfee Email Gateway McAfee Email Gateway McAfee Email Gateway CD
McAfee Email Gateway
McAfeeEmail Gateway McAfee Email Gateway McAfee Email Gateway
McAfee Email Gateway Appliance 7.0.3 McAfee Email Gateway Blade Server 7.0.3
McAfee Email Gateway
LDAP McAfee Email Gateway
McAfee Email Gateway CD
McAfee Email Gateway CD
McAfee Email Gateway ISO [ ] ([] [] [ ] ) McAfee Email Gateway
McAfee Email Gateway McAfee Email Gateway 7.x 1
McAfee Email Gateway 7.6.0 Appliances 23
https://kc.mcafee.com/corporate/index?page=content&id=PD23748
McAfee Email Gateway Appliance 7.0.3 McAfee EmailGateway Blade Server 7.0.3 McAfee Email Gateway Appliance 7.0.3 McAfee Email Gateway Blade Server 7.0.3 McAfee Email Gateway
McAfee Email Gateway [] [] []
McAfee Email Gateway Appliance
McAfee Email Gateway Blade Server
1
2 1
a : [a]
McAfee Email Gateway Blade Server
[c] McAfee Email Gateway
[d]1
[e]
RETURN RETURN
b ENTER
c [a]ENTER
d RETURN
3 Web IP
a []
McAfee Email Gateway 7.0.3
[] [] [][]
1 McAfee Email Gateway McAfee Email Gateway
24 McAfee Email Gateway 7.6.0 Appliances
McAfee Email Gateway Virtual Appliance 7.0.3 .ISO McAfee Email Gateway Virtual Appliance 7.0.3 McAfee Email Gateway Virtual Appliance
McAfee Email Gateway Virtual Appliance 7.0.3
[] CD
1 McAfee McAfee Email Gateway Virtual Appliance .ISO
2 a [] [] [
]
b
c []
3 VMware ESX Server VMware Infrastructure Client (VMware ) VMware vSphere Client VMware Virtual Center Server (VMware )
4 [ ] CD
a [Inventory ()][Summary ()]
b [][][]
c Power-on-Boot () 10,000 [OK]
5
6 ESC
7 [Connect CD/DVD1 (CD/DVD1 )]
8 McAfee Email Gateway Virtual Appliance .ISO []
9 .ISO [CD-ROM Drive (CD-ROM )]ENTER
.ISO
10 [y]
McAfee Email Gateway McAfee Email Gateway 1
McAfee Email Gateway 7.6.0 Appliances 25
11 ENTER
12 [y]
McAfee Email Gateway Virtual Appliance 7.0.3
McAfee ePolicy Orchestrator McAfee EmailGateway 7.0.3 McAfee ePolicy Orchestrator (McAfee ePO) McAfee Email Gateway 7.0.3 McAfee Email Gateway
McAfee Email Gateway McAfee Email Gateway 7.0.3
McAfee ePO
McAfee Email Gateway McAfee Email Gateway 7.0.3
1 McAfee ePO [ ]McAfee Email Gateway 7.0.3
2 []
3 [Policies_for_McAfee_Email_Gateway_7.0.xml]
4 McAfee Email Gateway
5 [] [] [ePO]
6 [ePO ]
7 [Policies_for_McAfee_Email_Gateway_7.0.xml]
8 [epo_config_.xml]
9 McAfee Email Gateway [][ePO ] [ePO ]
10 McAfee ePO [ePO ][ePO ]
11 McAfee ePO [ ][McAfee Email Gateway]
12 [] 8 epo_config_.xml
McAfee ePO
McAfee ePO McAfee Email Gateway McAfeeePO [ ]
13 McAfee ePO [] [] [Email and Web Gateway]
1 McAfee Email Gateway McAfee Email Gateway
26 McAfee Email Gateway 7.6.0 Appliances
14 [][][epoConfig.zip]
15 McAfee Email Gateway [] [] [ePO] [ePO ][epoConfig.zip][OK]
McAfee ePO McAfee Email Gateway
16 [ePO ][ePO ]
17 McAfee Email Gateway
McAfee ePO
McAfee Email Gateway 7.0.3 Data Loss Prevention McAfee Email Gateway McAfee ePO
McAfee Email Gateway 7.0.3 DLP McAfeeEmail Gateway McAfee Email GatewayDLP
SMTP
T
T0 = 0
T1 [] [] [] [ (SMTP)] []EHLOMAIL FRIMRCPT TODATADATA RSET
T2 DATA
T3
T4
T5
:Connection
:220 banner
T1
:EHLO
:250 OK
T1
:MAIL FROM:from @.bc
McAfee Email Gateway 1
McAfee Email Gateway 7.6.0 Appliances 27
:220 OK
T1
:RCPT TO:rcpt@e.f
220 OK
T1
:DATA
: 354
T2
:
: 1234
Hello there
.
T4
T3 T5 T0 6 T3 4 2
:250 OK
FIPS 140-2 FIPS 140-2
FIPS FIPS Email Gateway ssh
FIPS [ k FIPS 140-2 1 ][ a - ]
[Email Gateway ]FIPS
1 McAfee Email Gateway FIPS 140-2
28 McAfee Email Gateway 7.6.0 Appliances
1-8
[]
FIPS
[] FIPS []
[ ]
[]
[SSLFIPS] OpenSSL FIPS OpenSSL OpenSSL FIPS
[] [FIPS ]
FIPS []FIPS 140-2 [][][]
[]
[ ]FIPS
OpenSSL
[ ]FIPS
McAfee Email Gateway FIPS 140-2 1
McAfee Email Gateway 7.6.0 Appliances 29
1 McAfee Email Gateway FIPS 140-2
30 McAfee Email Gateway 7.6.0 Appliances
2
[]
- SMTP - POP3 -
[]
[]
McAfee Email Gateway Blade Server McAfee Email GatewayBlade Server
2
McAfee Email Gateway 7.6.0 Appliances 31
[]
2-1
1 2
1 () 4
1
[]
[]
[]
[]
[]
[]
2
32 McAfee Email Gateway 7.6.0 Appliances
[]
[]
[]
McAfee Email Gateway [] () []
McAfee Email Gateway [] McAfee Email Gateway
[ ]
[ ]
[SMTP ] SMTP
[POP3 ]
[ ]
CPU
[ ]
UPS RAID
[ ]
[]
[]
[]
McAfee Email Gateway
[ ]
[] []
[] [/deferred] [ i ]
[] [/deferred] []
[] [/encryption] [ i ]
2
McAfee Email Gateway 7.6.0 Appliances 33
[] [/encryption] []
[] [/logs] [ i ]
[] [/logs] []
[] [/quarantine] [ i ]
[] [/quarantine] []
[] [/scandir] [ i ]
[] [/scandir] []
[] [/var] [ i ]
[] [/var] []
[] [/wk] [ i ]
[] [/wk] []
[ ] []
[ ] []
[ ] []
[]
[] [McAfee ePO] [ ]
[] [McAfee ePO] []
[] [McAfee ePO] []
[] [McAfee ePO] []
[] [McAfee ePO] [DLP DB ]
[ ]
McAfeeEmail Gateway
1 [] [ ]
2
3 ()
4 ([]) ([])
5
2
34 McAfee Email Gateway 7.6.0 Appliances
[]
[] McAfee ePolicy Orchestrator
McAfee ePolicy Orchestrator
1 [] []
2
3 ([]) ([])
4
[]
[SMTP ] []
2
McAfee Email Gateway 7.6.0 Appliances 35
[ ]
SMTP MAIL FROM
1
[TLS] TLS
[TLS ] TLS
[ ]
[]
[]
[TLS] TLS
[Secure Web Mail]
[]
[]
[/]
[S/Mime] S/MIME
[PGP] PGP
[]
[TLS ] TLS
[Secure Web Mail]
[]
[]
[/]
[S/Mime] S/MIME
[PGP] PGP
2
36 McAfee Email Gateway 7.6.0 Appliances
[ ]
[/]
[] [BATV]
[RBL] ( )
[SPF](Sender Policy Framework)
[FCrDNS]
[]
[] [LDAP ]
[ ] [ ]
[]
[]
[GTI ] []
[ ID] []
[DKIM] [ URL ]
[] [ URL DoS]
[] [DLP]
[ ] []
[ ] []
[ ] []
[ (DoS)]
[]
[]
[]
[]
2
[][]
[][]
[] [][]
2
McAfee Email Gateway 7.6.0 Appliances 37
[SMTP ] []
[ ]
SMTP MAIL TO
1
[TLS] TLS
[TLS ] TLS
[ ]
[]
[]
[TLS] TLS
[Secure Web Mail]
[]
[]
[/]l
[S/Mime] S/MIME
[PGP] PGP
[]
[TLS ] TLS
[Secure Web Mail]
[]
[]
[/]
[S/Mime] S/MIME
[PGP] PGP
2
38 McAfee Email Gateway 7.6.0 Appliances
[ ]
[/]
[] [BATV]
[RBL] ( )
[SPF](Sender Policy Framework)
[FCrDNS]
[]
[] [LDAP ]
[ ] [ ]
[]
[]
[GTI ] []
[ ID] []
[DKIM] [ URL ]
[] [ URL DoS]
[] [DLP]
[ ] []
[ ] []
[ ] []
[ (DoS)]
[]
[]
[ ]
[]
2
[] [][]
2
McAfee Email Gateway 7.6.0 Appliances 39
- SMTP
SMTP
1
2 - SMTP
40 McAfee Email Gateway 7.6.0 Appliances
[ ]
[/]
[] [BATV]
[RBL] ( )
[SPF](Sender Policy Framework)
[FCrDNS]
[]
[] [LDAP ]
[ ] [ ]
[]
[ ]
[]
[GTI ]
[ ID]
[DKIM]
[]
[]
[ ]
[ ]
[ ]
[ (DoS)]
[]
[]
[ URL ]
[ URL DoS]
[DLP]
[] McAfee Commtouch Command
[] McAfee Commtouch Command
[] McAfee Commtouch Command
[ ]
[/]
[] [BATV]
[RBL] ( )
[SPF](Sender Policy Framework)
- SMTP 2
McAfee Email Gateway 7.6.0 Appliances 41
[FCrDNS]
[]
[] [LDAP ]
[ ] [ ]
[]
[ ]
[]
[GTI ]
[ ID]
[DKIM]
[]
[]
[ ]
[ ]
[ ]
[ (DoS)]
[]
[]
[ URL ]
[ URL DoS]
[DLP]
[] McAfee Commtouch Command
[] McAfee Commtouch Command
[] McAfee Commtouch Command
[]
[/]
[] [BATV]
[RBL] ( )
[SPF](Sender Policy Framework)
[FCrDNS]
[]
[] [LDAP ]
[ ] [ ]
2 - SMTP
42 McAfee Email Gateway 7.6.0 Appliances
[]
[ ]
[]
[GTI ]
[ ID]
[DKIM]
[]
[]
[ ]
[ ]
[ ]
[ (DoS)]
[]
[]
[ URL ]
[ URL DoS]
[DLP]
[] McAfee Commtouch Command
[] McAfee Commtouch Command
[] McAfee Commtouch Command
- POP3 POP3
1
[ ]
[ ]
[ ]
[]
[]
- POP3 2
McAfee Email Gateway 7.6.0 Appliances 43
[]
[]
CPU
[]
[ ] 5
[]
[]
[]
[ ]
Inode
[ ]
UPS ()RAID
[ ]
2
44 McAfee Email Gateway 7.6.0 Appliances
[ ]
LAN1 LAN2
1
(Content Security Blade Server )
[ ]
[][] [] [ ]
[ UPS ]
[] UPS
[]
()
UPS
UPS
[] UPS
[]
2
McAfee Email Gateway 7.6.0 Appliances 45
[] McAfee Email Gateway
[RAID] RAID RAID
[] RAID
[] RAID 1
[] 1
McAfee Email Gateway RAID
[]
[]
[]
[ ] SMTP TCP
[ ]
SMTP TCP
[ ]
[] IP SYN GTI 10
[ ] [].
[ ] []
2
46 McAfee Email Gateway 7.6.0 Appliances
[]
[]
2
McAfee Email Gateway 7.6.0 Appliances 47
[ ] [] DAT 3
Commtouch
Command
[]30
[ ]
[]
[FIPS 140-2 ] FIPS McAfeeEmail Gateway FIPS FIPS [] [] [FIPS ]
[SMTP ] SMTP
[POP3 ]POP3
[]
[] [McAfee ePO] McAfee Email Gateway McAfee ePolicy Orchestrator
[Event Reports] ePolicy Orchestrator 25
[] McAfee ePO
[] ePolicy Orchestrator
McAfee ePO McAfee ePO
[]
[DLP DB ] Data Loss Prevention
[MQM] McAfee Email Gateway McAfee Quarantine ManagerMQM
McAfee Email Gateway MQM
[GTI ] McAfee Email Gateway McAfee Global ThreatIntelligenceMcAfee GTI
McAfee Email Gateway McAfee GTI
[GTI ] McAfee Email Gateway McAfee Global Threat Intelligence
2
48 McAfee Email Gateway 7.6.0 Appliances
McAfee Email Gateway McAfee GTI
[GTI ] McAfee Email Gateway McAfee GTI
DNS
[RBL] McAfee Email Gateway RBL
McAfee Email Gateway RBL
[Syslog] McAfee Email Gateway
McAfee Email Gateway
[LDAP] McAfee Email Gateway LDAP
[SNMP] SNMP
SNMPD
[DNS] McAfee Email Gateway DNS
McAfee Email Gateway DNS
[NTP] McAfee Email Gateway NTPNetwork Time Protocol
NTP
Email Gateway
[] 1
[ 1 ]
23 2 2
2
McAfee Email Gateway 7.6.0 Appliances 49
[]
[ ]
-
-
Email Gateway
[]
[] []
[]
[]
[]
[]
[]
[]
[]
[]
[]
[]
[]
[] 5
[]
[]
[ ]
DAT
2
50 McAfee Email Gateway 7.6.0 Appliances
-
[ ]
[ ]
[]
[]
[ ]
[SMTP] SMTP [ ]
[POP3] POP3 [ ]
[ ] -
[DLP ]
[ ]
[ ] IP
[ ]
[]
[] TLS S/MIME
[]
[]
[]
[]
- 2
McAfee Email Gateway 7.6.0 Appliances 51
[]
[ePO ] ePolicy Orchestrator
[] McAfee Quarantine ManagerMQM
[Syslog ]
[ ] LDAP
[SNMP ]
[DNS ] DNS
[]
[ ]
[ ]
[]
2 -
52 McAfee Email Gateway 7.6.0 Appliances
3 Email Gateway
[]
- -
ePolicy Orchestrator
[] [ SNMP]
[]
[] [ SNMP] McAfee ePolicyOrchestrator
3-1
[] [ SNMP]Splunk ArcSight
SNMP [] [ SNMP][SNMP ][SNMP]MIB []
3
McAfee Email Gateway 7.6.0 Appliances 53
3-1 ()
[] [ SNMP] [ ]
McAfee ePolicyOrchestrator
ePolicy Orchestrator
McAfee Web Reporter [] [ SNMP]URLUniform Resource Locator McAfee Web Reporter McAfee
[]
3-2
[]Web
[]
[]
DATA
McAfee ePolicy Orchestrator
[] []
[]
[] [ ] (RBL) McAfee Email Gateway [ ] [ ]
-
3
54 McAfee Email Gateway 7.6.0 Appliances
- - - 1
Email Gateway DATA
IP
ID
[ ][ ][]
3
McAfee Email Gateway 7.6.0 Appliances 55
[ ]
[]
[]
[]
[]
[]
[]
2
[][][]
[spam] [phish] []
* ?
*? \ \\*
3
56 McAfee Email Gateway 7.6.0 Appliances
[]
[][][][][]
Commtouch
Command
PUP
Data Loss Prevention
DKIM
SenderID
[][]
Commtouch
Command
PUP
Data Loss Prevention
3
McAfee Email Gateway 7.6.0 Appliances 57
2 McAfee Quarantine Manager
[:]
1 :
2
[]/[]
[][][][]
[ID]
ID
:from (mta1.example.com [192.168.254.200]) by meg_appliance1.example.com with smtp
id 1448_0004_4d37a0e8_93e1_11df_b43f_00114336c271
Tue, 20 Jul 2011 09:29:31 +0000
ID
[IP]
IP 1 MTA IP
IP
1 192.168.0.1 /192.168.0.0/255.255.255.0
[]
[][1 ][][][]
3
58 McAfee Email Gateway 7.6.0 Appliances
[]
[]
[]
[]
[]
[]
[][]1 4 1 3
[]
[/ ]
[ ]
3
McAfee Email Gateway 7.6.0 Appliances 59
[]
[ ][]
[ ]
[]
[]
[]
[]
[] McAfee
[ ]
[ ][]
[ ]
[]
[]
[]
[]
[] McAfee
[ ]
[ ]
[ ][]
[ ]
[]
[]
[]
[]
[] McAfee
[ ]
[ ]
McAfee Quarantine Manager []
[]
MTA SMTP []
1 []
3
60 McAfee Email Gateway 7.6.0 Appliances
[]
[]
[]
[]
.eml []
[]
[]
[ ]
[SMTP ][] [] [] [ (SMTP)] [SMTP ] [ ]SMTP
[]
.eml
[]
[]
[ ]
Secure Web Mail Clien
3
McAfee Email Gateway 7.6.0 Appliances 61
McAfee Quarantine Manager
TLS
McAfee Email Gateway Appliance
1 [] []
2 [ ] []
3 [/]
1 -
2 [] []
3 [/]
-
3
62 McAfee Email Gateway 7.6.0 Appliances
1
2
3 []
-
1
2 []
McAfee McAfee
McAfee EmailGateway
McAfee
1 [] []
2 [ ] []
3 [/]
4
5 [][]
6 []
3
McAfee Email Gateway 7.6.0 Appliances 63
McAfee
- Email Gateway
1 [] []
2 [ ] []
3 [/]
-
1 -
2 [] []
3 [/]
- Email Gateway
1 -
2
3 [] []
1 [][]
[]
Email Gateway
3
64 McAfee Email Gateway 7.6.0 Appliances
- Email Gateway
1 [] []
2 [ ] []
3 [/]
[/]
- Email Gateway
1 [] []
2 [ ] []
3 [/]
- 1
1 [] []
2 [ ] []
3 [] []
4 [/]
5 1
6 []
3
McAfee Email Gateway 7.6.0 Appliances 65
7 [] []
8 []
[] [ ][]
.csv
0
1 []
[] [] [] [] ([] [] [] [ ] )
[]
2
3 [Export]
.csv
4 .csv
ID
reason
[] [][][] 3
[] [] [] [ (SMTP)] [] []
3
66 McAfee Email Gateway 7.6.0 Appliances
1 [] [] [] [] [] ([] [] [] [ ] )
[]
2
3 [/]
4 []
[]
5
[] []
PDFHTML
[][] []
3
McAfee Email Gateway 7.6.0 Appliances 67
3-3
[]
[] [ ]
[ ]
[ ]
[ ]
[ ]
[ ]
[]1
[ ]
[]
[] [Disk utilization]
[Disk utilization trends]
[] []Web Web
3
68 McAfee Email Gateway 7.6.0 Appliances
3-3 ()
[]
[]
[]
[]
[]
[SMTP ] SMTP
[POP3 ] POP3
[ ]
[ ]
[ ] RAID UPS
[] McAfee Email Gateway
[] []
[] []
[] []
[SMTP ] [SMTP ] SMTP
[POP3 ] [POP3 ] POP3
[ ]
[ ]
[ ]
[ ]
[ ]
[ ] RAID UPS
[]
[] McAfee Email Gateway
3
McAfee Email Gateway 7.6.0 Appliances 69
[]
-
-
-
[]
[
]
[
]
[]
[]
[]
[OK] []
[]
[]
- 1 1
1 [] []
2 [][]
3 [] [1 ]
4 [OK]
5 []
3
70 McAfee Email Gateway 7.6.0 Appliances
- 10 PDF PDF
1 [] []
2 [][]
3 [] []
4 [][] []
5 []myboss@examplecompany.com
6 [OK]
.csv McAfee Email Gateway .csv
1 [] []
2 [][]
3 [][]
4 [].csv [ ][ 24 ]
5 [][CSV][]
6 [OK]
7 []
8
-
1 [] []
2 [][]
3 []emailadministrator@examplecompany.com
3
McAfee Email Gateway 7.6.0 Appliances 71
4 [][]
5 [OK]
6 []
-
[ ]
[ ] []
[ ]
-
3-4 -
[ ]
[][]
[][][] []
[ ]
2
1
1
[ ]
[ ] [ ][]
[ ] []
3-5 -
[ ]
[ ]
3 -
72 McAfee Email Gateway 7.6.0 Appliances
3-5 - ()
[ ]
[ ]
3-6 -
[ ]
HTML
Text
CSV
[ ] A4 (210x297 mm)
Letter (8.5x11 in)
[ ]
Unicode (UTF-8) () (GBK)
Unicode (UTF-7) () (BIG-5)
ASCII (SJIS)
Latin Alphabet No. 1(ISO-8859-1)
(ISO-2022-JP)
Windows Latin-1(WINDOWS-1252)
(ISO-2022-KR)
[ ]
[ ]
[ ]
[ ] []
[ ]
Email Gateway
[Reports] [Email Reports]
3
McAfee Email Gateway 7.6.0 Appliances 73
Email Gateway
[ ][ ][]
[]
[]
[]
[]
[]
[] 2
[]
[]
Email Gateway
[] [] (RBL)
3
74 McAfee Email Gateway 7.6.0 Appliances
[][]
3-7
[]
[]
[ ]
[]
[]
/ 24
[ ]
[]
[] [] 24
[] [] 24
[] [] 24
[] [] 24
[ ]
[] 24
Email Gateway
3
McAfee Email Gateway 7.6.0 Appliances 75
[ ]
[Reports] [Email Reports] [Email Interactive Reporting] [Total View]
[][][]
[][] [?]
[] Web
[ ] Web
[ ]
[Reports] [Email Reports] [Email Interactive Reporting] [Time View]
1 10 24 1 6 12
6 [][][]
[][] [?]
[]
[][] Web [][] 0
3
76 McAfee Email Gateway 7.6.0 Appliances
[ ]
[Reports] [Email Reports] [Email Interactive Reporting] [Itemized View]
[][][]
[][] [?]
[] Web
[] Web
[]
[][]
[] Web
[ ]
[Reports] [Email Reports] [Email Interactive Reporting] [Detail View]
IP
[][][]
[][] [?]
[] Web
[] XML
[Reports] [Email Reports] [ Selection] [Filter]
3
McAfee Email Gateway 7.6.0 Appliances 77
[]
3-8 -
[][]
1 1 [][][]
[] SMTP
[]
[] : user@example.com IDserver1.example.com 192.168.254.200 IP
[] : user@example.com IDserver1.example.com 192.168.254.200 IP
[] : [][][:]
b B
3-8 - ()
[ ID] ID ID
[]
[Reports] [Email Reports] [ Selection] [Favorites]
[Reports] [System Reports] [ Selection] [Favorites]
3-9
[]
[]
[] []
[]
24
24
1 [] [ ]
2 [][ ( 24 )]
3 []
24
3
McAfee Email Gateway 7.6.0 Appliances 79
-
1 []
2 []sender@examplecompany.com []
3 [][OK]
1 [] []
2 [][]
3 [][] 17:00
4
5 []
6 [OK]
17:00
1 [] [ ]
2 [][][]
3 []
3
80 McAfee Email Gateway 7.6.0 Appliances
4 []8
5 [] IP
[] [ ]
Email Gateway
[ ][ ][]
[ ]
McAfee Web
[] 2
[]
[]
Email Gateway
McAfee
[][]
3
McAfee Email Gateway 7.6.0 Appliances 81
3-10
[ 24 ]
[] URL
[]
[] URL
[] [ ] [ ] []
[][][]
[][] [?]
3-11
[ ]
[] Web
[] XML
[Reports] [System Reports] [ Selection] [Filter]
3-12 -
[][] 1 1 [][][]
[ ] []
[] [ ]
[] []
3
82 McAfee Email Gateway 7.6.0 Appliances
[Reports] [Email Reports] [ Selection] [Favorites]
[Reports] [System Reports] [ Selection] [Favorites]
3-13
[]
[]
[] []
[]
- Email Gateway
URL
1 [] [ ]
2 [][]
3 []
4 []
5 [][URL filter update failed] URL []
6 [][OK]
3
McAfee Email Gateway 7.6.0 Appliances 83
3
84 McAfee Email Gateway 7.6.0 Appliances
4 Email Gateway
[]
[DLP ]
[]
Kernel
CONNECT
RBL
RBL
EHLO/MAILFROM
4
McAfee Email Gateway 7.6.0 Appliances 85
SPFSender Policy FrameworkSPF ID DKIM
SMTP
RCPT TO
SMTP
LDAP
DATA RBL RBL MTA
SPF SPF ID DKIMMTA
McAfee Global ThreatIntelligence
McAfee Global Threat Intelligence
McAfee Global Threat Intelligence
ID SPF ID DKIM
DKIM SPF ID DKIM
[]
-
-
-
-
/
-
HTML HTML
4
86 McAfee Email Gateway 7.6.0 Appliances
McAfee GlobalThreat Intelligence PUP
-
- McAfee Anti-Spyware
-
-
DLP Data Loss Prevention
[]
DNS
Email Gateway
[] []
SMTP POP3 DKIM
4
McAfee Email Gateway 7.6.0 Appliances 87
- - MX - MX
[] [] []
SMTP POP3 SMTP TLS
SMTP SMTP SMTP POP3
SMTPSMTP SMTP
[] [] [] [ (SMTP)]
SMTP SMTP
[] [] [] [ (SMTP)] [ SMTP ]
4-2
[SMTP ]
SMTP
[] 25
4
88 McAfee Email Gateway 7.6.0 Appliances
4-2 ()
[ ]
25
[] 465 SMTPS
[DNS ]
DNS
SMTP
SMTP
[ ] 60
[ ] 180
[] 360
[] 60
[ MAIL ] 60
4
McAfee Email Gateway 7.6.0 Appliances 89
[RCPT ] 60
[DATA ] 60
[ ] 180
[] 300
SMTP SMTP
[SMTP ]
[] []
4-3
[ ]
McAfee Email Gateway
4-4
[ ]
[] 5
[ ]
24
SMTPSMTP SMTP
[] [] [] [ (SMTP)]
4
90 McAfee Email Gateway 7.6.0 Appliances
SMTP DATA
4-5
[ ]
[1 ]
[ ] 100
[ ]
[]
[ ]
(DoS)
4-6
[ ]
SMTP
[] DATA HELOEHLONOOPVRFY EXPN
100
[AUTH ] AUTH ( )SMTP AUTH
[] RFC 2821 CR-LF 512 999
[SMTP ] .
[] []
[]
4
McAfee Email Gateway 7.6.0 Appliances 91
4-6 ()
[]
[]
[]
[]
600
[]
SMTP
4-7
[ ]
[]
[ ] -
[] -
[ MX ]
MX 100
[ A ]
A 100
4
92 McAfee Email Gateway 7.6.0 Appliances
4-8
[SMTP ] 25
[:]
5
[ IP ]
IP
[]
IP
[HELO ]
HELO RSET RSET
[HELO EHLO ]
SMTP HELO EHLO SMTP
[]
[]
4
McAfee Email Gateway 7.6.0 Appliances 93
)
4-9
[ ]
SMTP
([] )
[]
[ ]
[DATA (NOOP ) ][Keepalive ]
DATA DATA [] DATA (NOOP)
55
4-10
[ ]
[]
[]
2
[]
2
[]
RCPT []
4
94 McAfee Email Gateway 7.6.0 Appliances
4-10 ()
[ ]
TLS SSL McAfee Email Gateway
McAfee Email Gateway STARTTLS SMTPS McAfee Email Gateway
TLS SSL 2 McAfeeEmail Gateway [ ] McAfee EmailGateway
[ESMTP ] Extended Simple Mail Transfer Protocol
[ESMTP ] -
[DSN][8BITMIME]8 [AUTH]-
[SIZE] -
[MicrosoftExchange ESMTP]
[X-EPS][X-LINK2STATE][XEXCH50][CHUNKING] -
2 Microsoft Exchange
user@example.com 2
@ - user
@ - example.com
4-11
[] RFC 64
[ ] RFC 255
[ RFC ]
ASCII
4
McAfee Email Gateway 7.6.0 Appliances 95
McAfee Secure Web MailMcAfee Secure Web Mail
4-12
[EHLO McAfeeSecure Web Mail ]
McAfee Email Gateway
McAfee Email Gateway McAfee Secure Web Mail
SMTP
[] [] [] [ (SMTP)]
info@example.com
1
[ ]
[]
Web
: http://www.regular-expressions.info/reference.html
[] LDAP
[]
^ $ < >
[]
[] LDAP LDAP
4
96 McAfee Email Gateway 7.6.0 Appliances
http://www.regular-expressions.info/reference.html
[]
[LDAP ]
LDAP
[] []
[]
[] Masquerade
[ ]McAfee Email Gateway
[ ]
[ ]
[return-path] [resent-sender]
[from] [reply-to]
[sender] [return]
[resent-from]
[] LDAP
[]
^ $ < >
[]
[] LDAP LDAP
4
McAfee Email Gateway 7.6.0 Appliances 97
[]
[LDAP ]
LDAP
[] []
[]
[] Masquerade
[]McAfee Email Gateway
[ ]
LDAP
LDAP
[ ]LDAP
[][LDAP ]
1 [] [] [] [ (SMTP)]
2 [ ][LDAP ]
3 .*@test.dom
4 []
4
98 McAfee Email Gateway 7.6.0 Appliances
5 [ ] []
[][ ]
6 []
originalsender@test.dom @test.dom
POP3POP3
[] [] [] [ (POP3)]
POP3 POP3
4-13
[POP3 ]
POP3
[] 110
[ ]
110
[ POP3 ]
POP 1024 1024 65535 [pop3server.example.com] (FQDN)
4
McAfee Email Gateway 7.6.0 Appliances 99
4-13 ()
[DNS ]
DNS
POP3
4-14
[POP3 ]
[] - 600
[] - 60
[POP3 ]
[] - 60
[] - 60
POP3 POP3
4-15
[]
POP3
[] -
[Keepalive ] - 60
[Keepalive ] -
[ ]
POP3 POP3
[] -
[Keepalive ] - 60
4
100 McAfee Email Gateway 7.6.0 Appliances
4-15 ()
[]
[user name]#[host name]:[port number]. # -
:
POP3
[CAPA ]
POP3 CAPA POP3
RFC 2449
-
[ ]
[ ]
[ ]
[]
[]
[][][]
-
[ ]
[ ]
[]
4
McAfee Email Gateway 7.6.0 Appliances 101
[ ]
[]
[]
[] []
[]
[ 1 ]
[]
[] []
[ ][][]
[] []
[]
[] []
[ ]
[] []
4
102 McAfee Email Gateway 7.6.0 Appliances
IP
[] [] [] []
1
- IP
4-16 -
[IP ]
[] IP []
[] IP []
[]
[]
1
CSV
4-17 -
[]
[IP ] IP
600 600 600
[] IP
[] 25
[VLAN ID] LAN ID 1 4094
4
McAfee Email Gateway 7.6.0 Appliances 103
4-17 - ()
[] IP
[]
[] IP
[] IP
[]
[] IP
5000
-
4-18
[]
[]
- : network_user@ example.com
IP - : 192.168.255.240
- www.example.com
[]
[]
IP
[]
[/IP ]
DNS IP SMTP
[ IP ]
DNS IP
[]
[]
1
CSV
4
104 McAfee Email Gateway 7.6.0 Appliances
-
1 [] [] [] [] [] []
2 []
3 [IP ]
4
IP
-
1 [] [] [] []
2 [][][][]
3
4 []
[][][]
-
McAfee Email Gateway
1
2 [] [] [] []
3 [][][][]
4
5 [OK]
4
McAfee Email Gateway 7.6.0 Appliances 105
[Email] [ Email Configuration] [ Receiving Email] [ Anti-Relay Settings]
[][]
1
*.local.dom 192.168.0.0/24
Email Gateway
SMTP RCPT TO
4
106 McAfee Email Gateway 7.6.0 Appliances
[]
[ ][ ][ ] McAfee
[]
[]
1
[MX ]
IP
[]
[//MX]
MX
[] [] example.dom A
[ ]192.168.0.2/32 192.168.0.0/24 user@[192.168.0.2] IP
[MX ] example.dom MX
[ ] *.example.dom
[] [ ]
[]
[]
4
McAfee Email Gateway 7.6.0 Appliances 107
[ IP]
DNS IP SMTP
[]
[] SMTP 550permanent failure
[] SMTP 550permanent failure SMTP 421Temporarily unavailable service due to potential threatmessage
[] SMTP 250 (OK) McAfee
[/ ]
[ ] CSV [ ]
-
%!| 1
@
[]
[]
*!* *%* *|*
[]
*%* (%-)
*!* -
*|* -
*[*]* - 192.168.254.200 10
*:* -
user@host@relay.com*@*
[]
*!* *%* *|*
[]
4
108 McAfee Email Gateway 7.6.0 Appliances
[]
[]
- Email Gateway
MTA IP
1 [] [] [] []
2 []
3 *example.dom
4 [ ][OK]
5 [] IP (192.168.0.2/32 192.168.0.0/24
6 [ ][OK]
-
1 [] [] [] []
2 []
3 *example.dom
4 [][OK]
5 [] sub.example.dom
6 [][][OK]
4
McAfee Email Gateway 7.6.0 Appliances 109
1 [] [] []
2 [ ] CSV
3
4 [] [] [][ ]
LD *
LN /
PD *
DD *
:
LD *inbri.bs.dom, LN 10.6.1.3/24, PD *qa.ext.bs.dom, DD *ext.bs.dom
[] [] [] []
McAfee Email Gateway
[]
[] LDAP
4
110 McAfee Email Gateway 7.6.0 Appliances
LDAP [] [] [ ]
[ ]
McAfee Email Gateway
[]
[SMTP ]
SMTP
[] 3600 1 1 86400 1
[ ]
8 96 4 4
[]
2160 90 864 36
[ ] 50,000 2,000,000 2000000
LDAP
[]
[]
[]
:user*@example.com
4
McAfee Email Gateway 7.6.0 Appliances 111
[]
LDAP LDAP [] [] [ ][]
[]
[] SMTP 250 OK
[] SMTP 550 Fail
-
4-19
[]
[]
[]
[]
[]
[]
[]
[ ]
[]
[]
[]
[ ]
[]
[]
[]
[]
[] 5
4
112 McAfee Email Gateway 7.6.0 Appliances
4-19 ()
[ ] 10
[ ... ]
5 10%
LDAP LDAP
1 [] [] [] [] []
2 []LDAP []
3
4
[Email] [ Email Configuration] [ Receiving Email] [ Bounce Address Tag Validation]
MTA MTA
BATV SMTP MailFrom
BATV
BATV http://mipassoc.org/batv/draft-levine-batv-03.txt
4
McAfee Email Gateway 7.6.0 Appliances 113
http://mipassoc.org/batv/draft-levine-batv-03.txt
-
[Bounce AddressTag Validation ]
BATV
[] 4 McAfee 4 7
[] 4 64
[] 20
[] BATV
[] BATV
4-20 Bounce Address Tag Validation
[ :]
BATV
[]
[]
[]
[]
BATV MAIL FROM 16 BATV 80 []|[]|[]|[SMTP]|[]
4
114 McAfee Email Gateway 7.6.0 Appliances
[] [] []
McAfee Email Gateway
[]
[]aaa@example.com example.com
[ ]
[ ]DNS MX MX A DNS MX
[]
IP
[]
[]
[]
[]
4
McAfee Email Gateway 7.6.0 Appliances 115
[ ]
*.example.com
[ ][ ] IP []
IP
[MX ][ ] IP MX
DNS MX
[LDAP ] MTA LDAP [ ]
[] [] [ ] [] LDAP
IPv4 IPv6 10.6.1.610.6.1.5:252001:db8:ac10:fe01:205:2cff:fe03:2a45 mailrelay.mydomain1.dom A IP
4
116 McAfee Email Gateway 7.6.0 Appliances
[ DNS ]
DNS DNS MX MX A
[ ]
[]
[ ][ ] IP []
IP
[MX ][ ] IP MX
DNS MX
[LDAP ] MTA LDAP [ ]
[] [] [ ] [] LDAP
-
1
[]
1
[ ]
[]
4
McAfee Email Gateway 7.6.0 Appliances 117
- DKIM DKIM DKIM
DKIMRSA DNS TXT ID
DKIM
DNS TXT
DKIM Web http://www.ietf.org http://www.dkim.org
DKIM
[DKIM ]
DKIM
DKIM
[][]
mail example.com mail._domainkey.example.com TXT DNS
[]
[DKIM ]
[]
[]
DNS
[]
DKIM
[]
DKIM
[][][]
[][simple][relaxed]
[][simple][relaxed]
[]
[ ID]DKIM ID
4
118 McAfee Email Gateway 7.6.0 Appliances
http://www.ietf.orghttp://www.dkim.org
[]
4-21
[]
500
[NDR ]
NDR 108 4.5
[] []*
[][]
1 10
[][]
MX MX
Email Gateway MX
Email Gateway MX
1 [] [] []
2 [][ ]
3 []example.com
4 []internal1.mailserver.com internal2.mailserver.com
5 []
Email Gateway
4
McAfee Email Gateway 7.6.0 Appliances 119
MX MX
MX mx.mailserver.com
1 [] [] []
2 [][MX ]
3 []example.com
4 [MX ]mx.mailserver.com
MX
LDAP LDAP
[] [] [ ] [] LDAP [][ MTA] LDAP
1 [] [] []
2 [][LDAP ]
3 []example.com
4 [ ][] LDAP
LDAP
1 [] [] []
2 [][ ]
3 []*
4 []internal3.mailserver.com
4
120 McAfee Email Gateway 7.6.0 Appliances
- LDAP Home MTA LDAP Home MTA
1 [] [] []
2 [][ ][LDAP ]
3 []LDAP
4 [OK]
MX MX
4-22
[ ]
[ ]
[]
[] []
[]
4-23 MX
[]
[MX ] IP MX
- MX MX
4-24 -
[ ]
[ ] : [ ]
[]
[]
4
McAfee Email Gateway 7.6.0 Appliances 121
4-25 - MX
[MX ] McAfee Email Gateway example.dom example.domMX server1.example.domserver1.exmaple.dom
[] : [ ]
[]
[]
1 1 MX
[Email] [ Email Policies]
SMTP Email Gateway SMTP
[Email] [ Email Policies] [SMTP]
:
McAfee GTI
McAfee Anti-Spyware
:
McAfee GTI
4
122 McAfee Email Gateway 7.6.0 Appliances
:
Data Loss Prevention
McAfee GTI URL
:
McAfee GTI
POP3 Email Gateway POP3
[Email] [ Email Policies] [POP3]
:
McAfee GTI
McAfee Anti-Spyware
:
:
:
Secure Web Mail McAfee Email Gateway Secure WebMail Client
[Email] [ Email Policies (McAfee Secure Web Mail]
4
McAfee Email Gateway 7.6.0 Appliances 123
:
McAfee GTI
McAfee Anti-Spyware
:
:
Data Loss Prevention
:
McAfee GTI
.
2 McAfee Email Gateway 2
MTA McAfee Email Gateway MTA McAfee Email Gateway 2
4
124 McAfee Email Gateway 7.6.0 Appliances
When McAfee Email Gateway MTA McAfee Email Protection McAfee Email Gateway
MTA MTA
[ ()][ ()][ ()]
4-26
Kernel
550
550
250
250
()
250
250
250
1 1
[ ()] 550 SMTP MTA IP
[ ()] 550 SMTP MTA
4
McAfee Email Gateway 7.6.0 Appliances 125
[ ()] 250SMTP MTA
[ ()]
[ ()]
[]
[] 5 [] []
[]
[ ()] MTA
[ ()] MTA
[ ()] () ()
2
2
2 [][]1
2
[]
[]
[]
[ ]
[1 ] []
[]
[ ]
[]
4
126 McAfee Email Gateway 7.6.0 Appliances
[]
[ ]
[] McAfee Email Gateway
[]/[]
[]
[] McAfee Email Gateway []
[] McAfee Email Gateway
[]
[]
URL
McAfee Email Gateway
100,000 KB
McAfee Email Gateway
1
4
McAfee Email Gateway 7.6.0 Appliances 127
McAfee Email Gateway
URL
URL
URL URL
URL
URL
1 [Email] [ Email Policies] [ Compliance]
2 [URL ]
3 [] []
4 a
:HR Exception1
b ()
:Exception to allow HR to view competitors job/vacancy sites
c
:[ 1 ]
5 1 a [ ] []
b [ ]
:[ ]
c []
:[]
d []
:*@hr.example.com
e [OK]
6 [OK]
[ ] []
4
128 McAfee Email Gateway 7.6.0 Appliances
1
URL
1 [Email] [ Email Policies] [ Compliance] [URL Reputation]
2 [URL ]
3 []
4 []
5 []
6 []
7 [OK]
8 [OK]
1
:[Email] [ Email Policies] [ Compliance] [URL Reputation]
2 [URL ]
3 []
4
:[URL ] [] URL
5 [OK]
1 [Email] [ Email Policies] [ Compliance] [URL Reputation]
2 [URL ]
4
McAfee Email Gateway 7.6.0 Appliances 129
3 []
[ ]
4
5 [OK]
6 ()
a
X
b [X] [OK]
McAfee Email Gateway 2
1
McAfee Email Gateway
1
4
130 McAfee Email Gateway 7.6.0 Appliances
: 5 5 2
:
:
:
McAfee Email Gateway
[]
1 [][ ]
2
3
4 []
5 [] [ ] [1 ]
6 []
7 [] []
8 []
9 []
10 [] [OK]
11
[] [ ] [ ]
4
McAfee Email Gateway 7.6.0 Appliances 131
Email Gateway
[ ]SMTP POP3 McAfee SecureWeb Mail
POP3 McAfee Secure Web Mail 1
4-27
[:]
[SMTP]
[POP3]
[McAfee Secure Web Mail]
[]
[]
(SMTP )
(SMTP )
4
132 McAfee Email Gateway 7.6.0 Appliances
4-27 ()
[]
[] [][]
[]
[ ] [ ]
[McAfee GTI ] [ ]
[ McAfeeAnti-Spyware]
[] [] []
[]
[ ]
[ ]
[ ]
[ ]
[]
[] (SMTP )
[ -- ]
GTI
[ -- RBL ]
[ -- SPF ID DKIM]
[ -- ]
[McAfee GTI ]
4
McAfee Email Gateway 7.6.0 Appliances 133
4-27 ()
[]
[] []
[ ](SMTP )
[Data Loss Prevention ](SMTP )
[ ]
[ -- ]
[ -- ]
[ -- ]
[]
[]
[]
[URL ]
4
134 McAfee Email Gateway 7.6.0 Appliances
4-27 ()
[ ]
[ ] [ ]
[]
[]
[]
[ ]
[] [ MIME ]
[] []
[]
[ HTML ]
[ ]
[]
[]
[Partial / external ]
[]
[ ]
[] (SMTP )
[ ] [ SMTP ]
[ ] [ ]
[ ]
[McAfee GTI ]
[]
[]
[]
[]
[]
4
McAfee Email Gateway 7.6.0 Appliances 135
4-27 ()
[]
[]
[ ]
-
1 [Email] [ Email Policies] [ Scanning Policies]
2
3
4
SMTPPOP3 McAfee Secure Web Mail SMTPPOP3 McAfee Secure Web Mail
SMTPPOP3 McAfee Secure Web Mail
POP3 POP3 [POP3]
1 [Email] [ Email Policies] [ Scanning Policies]
2 [:][SMTP][POP3] [McAfee Secure Web Mail]
[Email] [ Email Policies] [ Scanning Policies]
-
1 2
4
136 McAfee Email Gateway 7.6.0 Appliances
3
1 [Email] [ Email Policies] [ Scanning Policies]
2
3 [] 1
LDAP HR GTI
LDAP GTI
LDAP 1 [ ]
[ ]
1 [] [ ]
2 []
-
3
4
5
6
7 []
8 [LDAP ] [OK]
9 [OK]
4
McAfee Email Gateway 7.6.0 Appliances 137
10 GTI
11 [OK]
12
McAfee Email Gateway
138
139
140 McAfee Email Gateway
1 [] [DLP ] [ ]
2 [ ][]
3 []
4
5 [][]
6 [OK]
['' ][]
7 ['' ][]
8 []
[ ][]
9 [ ][ ]
4
138 McAfee Email Gateway 7.6.0 Appliances
10 [][]
11 [OK]
[]
12 ['' ][]
13 [] .*
14 [OK]
15
1 [] [DLP ] [ ]
2 [ ][]
3 []
4
5 [][]
6 [OK]
['' ][]
7 ['' ][]
8 []
[ ][]
9 [ ][ ]
10 [][]
11 [OK]
[]
4
McAfee Email Gateway 7.6.0 Appliances 139
12 ['' ][]
13 [] ^((re|fw):\s*)*policy match:
14 [OK]
15
re: fw:
re:Re:RE:fw:Fw: FW:
McAfee Email Gateway
1
2 [][]
3 [] []
4 []
1
5 - []
-
6 []
7
8 []
9 []
4
140 McAfee Email Gateway 7.6.0 Appliances
10 [ ] []
11 [][][]
12 []
13 [] []
14
%SUBJECT% :
%SUBJECT% :%SUBJECT%
15 [OK]
16 [OK]
17 []
18 []
19 [OK]
20
- McAfee EmailGateway
141 1
142 McAfee Email Gateway
1
4
McAfee Email Gateway 7.6.0 Appliances 141
1 [] [DLP ] [ ]
2 [ ][]
3 []
4
5 [][]
6 [OK]
['' ][]
7 ['' ][]
8 []
[ ][]
9 [ ][ ]
10 [][]
11 [OK]
[]
12 ['' ][]
13 [] .*
14 [OK]
15
McAfee Email Gateway
1
2 [][]
4
142 McAfee Email Gateway 7.6.0 Appliances
3 [] []
4 []
5 - []
6 []
7
8 []
9 []
10 [ ] []
11 [][][]
12 []
13 [] []
14
[]
15 [OK]
16 [OK]
17 1 []
18 []
19 [OK]
20
- ...
[Email] [ Email Policies] [Add Policy...]
[]
4
McAfee Email Gateway 7.6.0 Appliances 143
- |
[ ]
[ ]
[ ]
[ ]
[]
[]
[]
1
[]
LDAP
[]
[]
[]
[]
[][]
[ ]
LDAP
LDAP LDAP
4
144 McAfee Email Gateway 7.6.0 Appliances
[]
[]
[]
[]
[ ] [IP ]
[VLAN ]
[]
[]
[] []
[]
[]
[]
[]
[]
[] / []
[] []
-
1 [Email] [ Email Policies] [ Scanning Policies]
2 - SMTPPOP3 McAfee Secure Web Mail
3 []
4
McAfee Email Gateway 7.6.0 Appliances 145
4 [ - ]
a
b
c
d SMTP
e []
f
g
5 [OK]
-
LDAP
1 [] [] []
2 []
3 []
4 [ ][LDAP ]
[] LDAP
5 [OK]
6 [Email] [ Email Policies] [Add Policy...]
7 [] [ ]
8 [] [OK]
1 [] [] [ ]
2 []
4
146 McAfee Email Gateway 7.6.0 Appliances
3 []
4 [IP ]
5 [][is] 1 IP
6 [] 1 IP [OK]
7 3 6 IP
8 [Email] [ Email Policies] [Add Policy...]
[ ]
9
10 []
11 [ ][ ]
12 [OK]
4
McAfee Email Gateway 7.6.0 Appliances 147
[ ]
[ IP ] - IP
[is ()] IP (92.168.0.1)[is in ()] (192.168.0.0/24)
IP MTA MTA / NAT IP
[ IP ] - IP
[is ()] IP (92.168.0.1)[is in ()] (192.168.0.0/24)
IP MTA MTA / NAT IP
[ ]-
SMTP MAIL FROM
[is ()]
[is like ()] [*]
[] -
SMTP MAIL FROM
[is like ()] [*]
[ ] -
SMTP RCPT TO
- )
4
148 McAfee Email Gateway 7.6.0 Appliances
[] [] [SMTP] [] [] []
-
RCPT TO[] [] [SMTP] [ ] [] []
[is ()]
[is like ()] [*]
1
[ ] -
SMTP RCPT TO
[contains ()]
[contains addresses like ()] [*]
[ ] -
SMTP MAILFROM
[ ] -
SMTP MAILFROM
[VLAN ] - VLAN VLAN
4
McAfee Email Gateway 7.6.0 Appliances 149
0 4095
[]
[]
[]
[]
[ ]
[ ]
[ ]
[LDAP ]
[ ]
[] [LDAP ]
[ ] []
[]
[]
[]
[LDAP ] 2 [][]
[]
4-28
[]
[ ()]
[ ]
[]
[ ]
[]
4
150 McAfee Email Gateway 7.6.0 Appliances
4-28 ()
[]
[ ]
[ ]
4-29
[ ]
[]
[]
| |
[ ]
[][]
[ ]
LDAP
LDAP LDAP
[]
[]
[]
4
McAfee Email Gateway 7.6.0 Appliances 151
-
LDAP
1 [] [] []
2 []
3 []
4 [ ][LDAP ]
[] LDAP
5 [OK]
6 [Email] [ Email Policies] [Add Policy...]
7 [] [ ]
8 [] [OK]
| |
[ ]
[ ] [IP ]
[VLAN ]
[]
[]
[] []
[]
[]
[]
[]
[]
[] / []
[] []
4
152 McAfee Email Gateway 7.6.0 Appliances
[ ]
[ ]
[ ]
[ ]
[ ]
[ ]
[ ]
4-30
[ ]
[ ]
[ ]
[ ]
[ ]
[ ]
[ ]
[ ]
/
[]
4
McAfee Email Gateway 7.6.0 Appliances 153
[]
4-31 /
[ ] []
[ ]
[] []
[] []
[ ]
[]
[ HTML ]
[]
McAfee Email Gateway
4-32 /
[]
[]
4-33 /
[]
[]
[] [1 ]
4-34 /
[]
[] McAfee Email Gateway
4
154 McAfee Email Gateway 7.6.0 Appliances
4-35 /
[] ()
[]
Email Gateway
[Email] [ Email Policies] [ Anti-Virus]
PUP
.
PUP PUP
McAfee
McAfee
PKZipLHA ARJ
4
McAfee Email Gateway 7.6.0 Appliances 155
OLE
[Email] [ Email Policies] [ Anti-Virus]
PUP 1
PUPPUP
[Email] [ Email Policies] [ Anti-Virus] [ McAfee Anti-Spyware]
Email Gateway
[Email] [ Email Policies] [ Anti-Virus] [ Basic Options]
4
156 McAfee Email Gateway 7.6.0 Appliances
Microsoft WordMicrosoft Excel Microsoft Office
.zip .lzh
.exe .com 100
Microsoft Windows .exe .txt
PKLITE
PUP []
[Email] [ Email Policies] [ Anti-Virus] [Custom Malware Options]
PUP [ ]
[Email] [ Email Policies] [ Anti-Virus] [Custom Malware Options]
4
McAfee Email Gateway 7.6.0 Appliances 157
Melissa Bubbleboy
[Email] [ Email Policies] [ Anti-Virus] [ Basic Options]
[] []
McAfee Global Threat Intelligence - McAfee Global Threat Intelligence
[] []
McAfee Global Threat Intelligence
McAfee Global Threat Intelligence McAfee DAT 24 72
[Email] [ Email Policies] [ Anti-Virus] [ Basic Options]
4
158 McAfee Email Gateway 7.6.0 Appliances
McAfee Global Threat Intelligence DATEmail Gateway
1 DAT
2 McAfee McAfee Global ThreatIntelligence McAfee
3 McAfee
McAfee DAT
4-36
[]
4-37
[] []
[]
[]
[][ ]
[] []
2
[]
[ ]
[]
4
McAfee Email Gateway 7.6.0 Appliances 159
4-38
[]
[]
Microsoft Windows .exe .txt
[ ]
.exe .com 100
[ ]
[ (ZIPARJRAR ...) ]
.zip .lzh
Email Gateway
[ ]
(Microsoft WordMicrosoft Excel Microsoft Office )
[ ][]
[McAfee Global ThreatIntelligence ][]
McAfee Global Threat Intelligence
McAfee Global Threat Intelligence DAT McAfee DAT
() ()
[]
4
160 McAfee Email Gateway 7.6.0 Appliances
4-39
[]
[]
2
[]
[]
[]
[ ]
[1 ] []
[]
[ ]
[]
[]
[ ]
[] McAfee Email Gateway
[]/[]
[]
[] McAfee Email Gateway []
[] McAfee Email Gateway
[]
[ ]
4
McAfee Email Gateway 7.6.0 Appliances 161
4-39 ()
[]
[ ()] [()]
[ ()]
[ ()]
[ ()]
4
162 McAfee Email Gateway 7.6.0 Appliances
4-39 ()
[] 2 []
[]
[]
[ ]
[1 ] []
[]
[ ]
[]
[]
[ ]
[] McAfee Email Gateway
[]/[]
[]
[] McAfee Email Gateway []
[] McAfee Email Gateway
[]
[ 0 ]
0
[0 ]
[0 ]
[ ]
4
McAfee Email Gateway 7.6.0 Appliances 163
4-40
[]
4-41
[Commtouch Command ]
Commtouch Command
[] Commtouch Command
[] Commtouch
Command (McAfee )
McAfee
[] McAfee Command (McAfee )
McAfee Email Gateway 1
- McAfee Global Threat Intelligence McAfee Email Gateway McAfee Global Threat Intelligence
1 [Email] [ Email Policies] [ Anti-Virus] [ Basic Options]
2 [][McAfee Global Threat Intelligence ]
3 []McAfee Email Gateway McAfee Email Gateway
4 [OK]
5 []
McAfee Anti-Spyware McAfee Anti-Spyware
[Email] [ Email Policies] [ Anti-Virus] [ McAfee Anti-Spyware]
4
164 McAfee Email Gateway 7.6.0 Appliances
[] [McAfee Anti-Spyware] McAfee Anti-Spyware
McAfee Anti-Spyware McAfee Anti-Spyware
McAfee Anti-Spyware McAfee Anti-Spyware
PUP
Email Gateway
PUP
McAfee http://vil.nai.com/vil/default.aspx
McAfee Anti-Spyware McAfee Anti-Spyware
4-42
[] []
[]
[]
[][ ]
[] []
2
[]
[ ]
[]
4
McAfee Email Gateway 7.6.0 Appliances 165
http://vil.nai.com/vil/default.aspx
4-43 (PUP)
[]
[][]
[] (PUP)
PUP
[] []
[] []
4
166 McAfee Email Gateway 7.6.0 Appliances
4-44
[]
[ ()] [ ()]
[ ()]
[ ()]
[ ()]
[] 2 []
[]
[]
[ ]
[1 ] []
[]
[ ]
[]
[]
[ ]
[] McAfee Email Gateway
[]/[]
[]
[] McAfee Email Gateway []
[] McAfee Email Gateway
[]
[]
[ ]
4
McAfee Email Gateway 7.6.0 Appliances 167
Email Gateway
[Email] [ Email Policies] [ Anti-Virus] [Packers]
[] [] Email Gateway
[]
4-45
[] []
[]
[]
[][ ]
[] []
2
[]
[ ]
[]
4
168 McAfee Email Gateway 7.6.0 Appliances
4-46
[]
[][]
4
McAfee Email Gateway 7.6.0 Appliances 169
4-47
[]
[ ()] [ ()]
[ ()]
[ ()]
[ ()]
[] 2 []
[]
[]
[ ]
[1 ] []
[]
[ ]
[]
[]
[ ]
[] McAfee Email Gateway
[]/[]
[]
[] McAfee Email Gateway []
[] McAfee Email Gateway
[]
[]
[ ]
4
170 McAfee Email Gateway 7.6.0 Appliances
Email Gateway
[Email] [ Email Policies] [ Anti-Virus] [Custom Malware Options]
[] [ ] Email Gateway
()
4-48
[] []
[]
[]
[][ ]
[] []
2
[]
[ ]
[]
4
McAfee Email Gateway 7.6.0 Appliances 171
4-49
[][]
[] *? 1
[ ]
4
172 McAfee Email Gateway 7.6.0 Appliances
4-50
[] [ ()] [ ()]
[ ()]
[ ()]
[ ()]
[] 2 []
[]
[]
[ ]
[1 ] []
[]
[ ]
[]
[]
[ ]
[] McAfee Email Gateway
[]/[]
[]
[] McAfee Email Gateway []
[] McAfee Email Gateway
[]
[
4
McAfee Email Gateway 7.6.0 Appliances 173
4-50 ()
]
[ ]
McAfee
SaaS Email Protection Service Email Gateway
Email Gateway
Email Gateway
4-51
[] []
[]
[]
[][ ]
[] []
2
[]
[ ]
[]
4-52
[ ]
[ ]
SaaS Email Protection Service
[]
SaaS Email Protection Service Email Gateway
[]
4
174 McAfee Email Gateway 7.6.0 Appliances
4-52 ()
[]
Email Protection Service
[ ()] [ ()]
[ ()]
[ ()]
[() ]
4
McAfee Email Gateway 7.6.0 Appliances 175
4-52 ()
[] Email ProtectionService
[]
[]
[]
[ ]
[1 ] []
[]
[ ]
[]
[]
[ ]
[] McAfee Email Gateway
[]/[]
[]
[] McAfee Email Gateway
[]
[] McAfee Email Gateway
[]
[ ]
[]
[]
4
176 McAfee Email Gateway 7.6.0 Appliances
4-52 ()
[]
[ ]
[]
Email Protection Service
[ ()] [ () ]
[ () ]
[ ()]
[() ]
4
McAfee Email Gateway 7.6.0 Appliances 177
4-52 ()
[] Email ProtectionService
[]
[]
[]
[ ]
[1 ] []
[]
[ ]
[]
[]
[ ]
[] McAfee Email Gateway
[]/[]
[]
[] McAfee Email Gateway
[]
[] McAfee Email Gateway
[]
[ ]
[]
4
178 McAfee Email Gateway 7.6.0 Appliances
4-52 ()
[]
[]
[ ]
McAfee SaaS Email Protection ServiceSaaS
1 [][ ][][:]
[SMTP]
2 [ ]
[ ]
3 [ ]
4 Email Gateway []
5 Email Protection Service
a
b [] 2
c [ ][]
d []
e [ ]
6 PUP Email Protection Service
a PUP
b [] 2
c [ ][]
4
McAfee Email Gateway 7.6.0 Appliances 179
d []PUP
e [ ]
[]
Email Gateway
McAfee Email Gateway
[Email] [ Email Policies] [ Spam] [ Basic Options]
[] Email Gateway
()
4
180 McAfee Email Gateway 7.6.0 Appliances
4-53
[]
4-54
[] []
[]
[]
[][ ]
[] []
2
[]
[ ]
[]
4-55
[ ]
5 (6.25 )
5
[ ][]
[]
[ ][]
6 7 6
*
[ ]
[]
4
McAfee Email Gateway 7.6.0 Appliances 181
4-56
[ ]
[ ()] [ ()]
[ ()]
[ ()]
[ ()]
[] [ ]
[] 2 []
[]
[]
[ ] [1 ]
[]
[]
[ ]
[]
[]
[ ]
[] McAfee Email Gateway
[]/[]
[]
[] McAfee Email Gateway []
[] McAfee Email Gateway
4
182 McAfee Email Gateway 7.6.0 Appliances
4-56 ()
[]
[]
[ ]
4-57
[]
[ ]
[ ]
[Email] [ Email Policies] [ Spam] [ Advanced Options]
4-58
[] []
[]
[]
4
McAfee Email Gateway 7.6.0 Appliances 183
4-58 ()
[][ ]
[] []
2
[]
[ ]
[]
[ ]
250 KB
[ ]
[ ]
[ ]
76
[ ]
180
[][]
[ ]
[]
[ ]
-
Email Gateway
[Email] [ Email Policies] [ Spam] [ Blacklists and Whitelists]
4
184 McAfee Email Gateway 7.6.0 Appliances
Email Gateway
4-59
[] []
[]
[]
[][ ]
[] []
2
[]
[ ]
[]
4
McAfee Email Gateway 7.6.0 Appliances 185
[ ]
:user_?@example.*
[]
[]
[][]
4-60
[] []
[]
[]
[][ ]
[] []
2
[]
[ ]
[]
[ ]
:user_?@example.*
[]
[]
[][]
4
186 McAfee Email Gateway 7.6.0 Appliances
4-61
[] []
[]
[]
[][ ]
[] []
2
[]
[ ]
[]
[ ]
:user_?@example.*
[]
[]
[][]
4-62
[] []
[]
[]
[][ ]
[] []
2
4
McAfee Email Gateway 7.6.0 Appliances 187
4-62 ()
[]
[ ]
[]
4-63
[ ]
:user_?@example.*
[]
[]
[][]
McAfee Quarantine Manager
4-64
[] []
[]
[]
[][ ]
[] []
2
[]
[ ]
[]
4
188 McAfee Email Gateway 7.6.0 Appliances
4-65
[ ]
[][]
[] []
[][][]
[]
Email Gateway
[]
xml
[Email] [ Email Policies] [ Spam] [ Spam Rules]
-
McAfee Email Gateway
-
4-66
[] []
[]
4
McAfee Email Gateway 7.6.0 Appliances 189
4-66 ()
[]
[][ ]
[] []
2
[]
[ ]
[]
[ ]
[ ]
1 5
[ ]
[] []
[] []
^AA AA
BB$BB
CCCC
[][]
[Email] [ Email Policies] [ Spam] [ Spam Terms]
McAfee Email Gateway ()
McAfee Email Gateway
4
190 McAfee Email Gateway 7.6.0 Appliances
4-67
[] []
[]
[]
[][ ]
[] []
2
[]
[ ]
[]
4-68
[ ]
McAfee Email Gateway [ ] []
[ ]
[]
[ ]
1 [] [DLP ] [ ]
2 [] []
3 (: Spam Terms)
4
4
McAfee Email Gateway 7.6.0 Appliances 191
5 [OK]
6 [OR ][AND ][]
7 [OK]
8
1 [] [DLP ] [ ]
2 [] []
3 (: Spam Term Exclusions)
4
5 [OK]
6 [OR ][AND ][]
7 [OK]
8
1 [Email] [ Email Policies] [ Spam] [ Spam Terms]
2 []
3 []
4 ([])
5 [OK]
6 [] []
7
4
192 McAfee Email Gateway 7.6.0 Appliances
8 [OK]
9 []
10 [OK]
11
Email Gateway
[Email] [ Email Policies] [ Spam] [ Phish]
Email Gateway
[]
4-69
[] []
[]
[]
[][ ]
[] []
2
4
McAfee Email Gateway 7.6.0 Appliances 193
4-69 ()
[]
[ ]
[]
[ ]
UTF-8 ()
********
[]
X
[ ]
[]
4
194 McAfee Email Gateway 7.6.0 Appliances
[]
[ ()] [ ()]
[ ()]
[ ()]
[ ()]
[ ()]
[][ ]
[] 2 []
[]
[]
[ ] [1 ] []
[]
[ ]
[]
[]
[ ]
[] McAfee Email Gateway
[]/[]
[] [] McAfee Email Gateway
[]
[] McAfee Email Gateway
[]
4
McAfee Email Gateway 7.6.0 Appliances 195
[]
[]
[]
[]
[ RFC822 ]
[]
McAfee Global Threat Intelligence
McAfee Global Threat Intelligence
4
196 McAfee Email Gateway 7.6.0 Appliances
4-70
[ McAfee GTI ]
[]
[]
[]
[]
[]
[][]
[ ]
: [ ()]
[] 5[] []
[]
[ ()] 250 SMTP MTA
[ ()] MTA
[ ()] MTA
[ ()] () ()
[ ()]
4
McAfee Email Gateway 7.6.0 Appliances 197
4-71
[ McAfee GTI ]
[]
[]
[]
[]
[]
[][][]
[ ]
: [ ()]
[] 5 [] []
[]
[ ()] 250 SMTP MTA
[ ()] MTA
[ ()] MTA
[ ()] () ()
[ ()]
RBL IP
McAfee cidr.bl.mcafee.com
RBL McAfee RBL
Recommended