The McAfee Email Gateway makes use of protocol presets to allow an administrator to differentiate protocol behavior applied to a given connection/request based on a range of criteria, such as:
- Source / Destination IP address
- VLAN ID
- Incoming / outgoing network connection (interface)
- Source / destination host name
- Source / destination network group (a pre-defined group of host addresses and / or subnet ranges)
- Any combination of the above (Policy rules)
The purpose of protocol presets is to provide granularity of configuration for the protocol settings as required by an organization. It helps the administrator with defining different behaviors of the appliance based on whether a specific zone of their internal network requires a certain set of policies,and also to differentiate external organizations depending on specific requirements.
Protocol presets are available for the following options in the MEG interface:
Under Email / Email Configuration /Protocol Configuration:
- Protocol Settings (SMTP)
- Address Masquerading (SMTP)
- Protocol Settings (POP3)
Under Email / Email Configuration /Receiving Email:
- Anti-Relay Settings / Anti-Relay options
- Recipient Authentication
- Bounce Address Tag Validation / Configuration
Under Email / Email Configuration /Sending Email:
- Quarantine digest messages
- DKIM Signing
Examples of the usefulness of protocol presets can be:
1. When the administrator configured the on-box e-mail quarantine feature of MEG, the preset feature allows him/her to specify when digests should be sent. More detail about this specific configuration can be found on our Knowledge Base article KB78575.
2. To make use of LDAP for recipient validation, the administrator needs the ability to specify what e-mails are incoming into the organization (if an outgoing message was to require an LDAP lookup for recipient validation, this validation would fail and the e-mail would be blocked/dropped). Protocol presets allow the appliance administrator to do this. Further details are available on our Knowledge Base article KB76232.
The caveat to using protocol presets is that the administrator must be careful when determining the criteria that will make up the preset, to ensure its scope is adequate.
Another issue that is worth of notice is a limitation of using a protocol preset whose criteria uses a destination IP address or destination host name as part of its definition, when the appliance is deployed in Explicit Proxy mode. As stated on our Knowledge Base article KB71202, this limitation exists because, at the point of enforcement, no onward connection has been made, hence the appliance is unable to determine the destination.