About the SMTP-Proxy

SMTP (Simple Mail Transport Protocol) is a protocol used to send email messages between email servers and also between email clients and email servers. It usually uses a TCP connection on Port 25. You can use the SMTP-proxy to control email messages and email content. The proxy scans SMTP messages for a number of filtered parameters, and compares them against the rules in the proxy configuration.

With an SMTP-proxy filter you can:

Adjust timeout, maximum email size, and line length limit to make sure the SMTP-proxy does not use too many network resources and can prevent some types of attacks.
Customize the deny message that users see when an email they try to receive is blocked.
Filter content embedded in email with MIME types and name patterns.
Limit the email addresses that email can be addressed to and automatically block email from specific senders.

To add the SMTP-proxy to your XTM device configuration, see Add a Proxy Policy to Your Configuration.

You can also configure subscription service settings for the SMTP proxy. For more information, see:

If you must change the proxy definition, you can use the Policy Configuration page to modify the definition. This page has three tabs: Policy, Properties, and Advanced.

Action Settings

At the top of the Policy Configuration page, you can set these actions:

Application Control Action — If Application Control is enabled on your device, specify the application control action to use for this policy. For more information, see Enable Application Control in a Policy.
Proxy action — Select the proxy action to use for this policy. For information about proxy actions, see About Proxy Actions.

Policy Tab

Connections are — Specify whether connections are Allowed, Denied, or Denied (send reset). Define who appears in the From and To lists.
For more information, see Set Access Rules for a Policy.
Use policy-based routing — To use policy-based routing in your proxy definition, see Configure Policy-Based Routing.
You can also configure static NAT or configure server load balancing.
For more information, see Configure Static NAT and Configure Server Load Balancing.

Properties Tab

On the Properties tab, you can configure these options:

To edit or add a comment to this policy configuration, type the comment in the Comment text box.
To define the logging settings for the policy, configure the settings in the Logging section. For more information, see Set Logging and Notification Preferences.
If you set the Connections are drop-down list (on the Policy tab) to Denied or Denied (send reset), you can block sites that try to use SMTP.
For more information, see Block Sites Temporarily with Policy Settings.
To change the idle timeout that is set by the XTM device or authentication server, see Set a Custom Idle Timeout.

Advanced Tab

You can also configure these options in your proxy definition:

Set an Operating Schedule
Add a Traffic Management Action to a Policy
Set ICMP Error Handling
Apply NAT Rules (Both 1-to-1 NAT and dynamic NAT are enabled by default in all policies.)
Enable QoS Marking or Prioritization Settings for a Policy
Set the Sticky Connection Duration for a Policy

Configure the Proxy Action

You can choose a predefined proxy action or configure a user-defined proxy action for this proxy. For more information about how to configure proxy actions, see About Proxy Actions.