Messaging Gateway

 View Only

  • 1.  Compliace policy to allow send mails to specific domain only else it get rejected

    Posted Oct 27, 2009 07:22 AM
    I want to create a compliance policy to allow a specific user to send mails to a specific domain only i.e.  abc.com and any other domain should be get rejected. I have created a dictionary for Allowed Domain List in which I have defined abc.com After that I have created compliance policy  with following condition :

    If text in Envelope recepient part of the message header does not contain domain name from dictionary  "Allowed Domain List"
    Action :
    Delete message & Send notification "Emain policy voilation"

    Now problem is that when user add any other domain in to, cc or bcc field along with domain name from dictionary  "Allowed Domain List"
    the message got delivered.

    So I have created new dictionary for Restrcited Domain  List. In this list I have defined some domains for testing e.g. hotmail.com, yahoo.com and added one more condition in above complaince policy as following :-

    If text in Envelope recepient part of the message header contains Domain name from the dictionary "Restricted Domain List"
    Action :
    Delete message & Send notification "Emain policy voilation"


    Now I am close to my requirement it is rejecting mails if user add any domain from restricted domain list in to, cc or bcc field along with domain name from dictionary  "Allowed Domain List"

    But issue is that there are hunderds/thousands of email domain are avaialble on internet and I can not add all of them in "Restricted Domain List".
    Is there is any method to use wildcard in "Restricted Domain List" or rejected/drop mails if user add any unknown domain in to, cc or bcc field with domain name from dictionary  "Allowed Domain List" ?






  • 2.  RE: Compliace policy to allow send mails to specific domain only else it get rejected

    Broadcom Employee
    Posted Dec 09, 2009 02:06 PM
    This is hard to do becuase we don't have an 'unless' option in our rules. So you can't tell the rule to block 'unless' its to these domains. I see that you have opened several cases for this issue and we have given you similar answers. You might want to look into some of our other Mail Security products depending on what mail server you are running or look into filtering your mail server may be able to do.


  • 3.  RE: Compliace policy to allow send mails to specific domain only else it get rejected
    Best Answer

    Posted Dec 11, 2009 02:29 PM
    Hi Vijay,

    Instead of using the dictionary based rule, try using regex as follows:

    If text in Envelope recipient part of the message does not match regular expression "^.*@abc.com$"

    Here is the screenshot from the Control Center of how you would create the above condition:

    SBG-GUI-Compliance-BlockAllDomainsExceptOne.png

    This is how the final rule looks like:

    Policy Name: Whatever
    Apply To:
    Outbound messages

    Conditions:
      (If text in Envelope recipient part of the message does not match regular expression "^.*@abc.com$" )

    Actions:
    Delete message

    I did not see any problem with this rule in the lab with limited testing.  Please let me know the results of your testing.

    Regards,

    Adnan


  • 4.  RE: Compliace policy to allow send mails to specific domain only else it get rejected

    Posted Jan 16, 2010 03:23 AM
    Hi Vijay,

    Did the suggestion above resolve your issue?  If so, please close this thread by marking it as a solution.

    Thanks

    Adnan