Solution
For filters that make use of milter interfaces for interconnection, AXIGEN provides the means of defining and activating them directly in the SMTP traffic flow.
Note: Up to the 6.x AXIGEN release, all the AV/AS filters were activated in the Processing component of the traffic flow.
By defining such a filter in the SMTP flow chain, you can stop malicious data entering your system immediately during the communication process with external servers/hosts.
1. Defining the filter details in AXIGEN can be done from the WebAdmin interface -> Security & Filtering -> Acceptance & Routing -> Advanced Settings context. You should define a new Acceptance / Routing Rule with the following coordinates:
- Define a distinctive rule name for ease of tracking
- Unless otherwise required, leave the Conditions section unmodified as the default policies will apply to all SMTP connections
- From the Actions section, making use of the drop-down box select Filters->Add Filter and select the +Add condition button. You should next define a corresponding name for this filter. Note that this name can be used for tracking the filter entries in the AXIGEN log entries.
The filter address accepts entries in the formats, depending if the filter binds on a TCP or local socket:
inet://ip.add.re.ss:port
Example: inet://127.0.0.1:2222
or
local:///local/filter/address.socket
Example: local:///var/run/somefilter.sock
By selecting to Save Configuration the new filter details will be saved.
2. In order to activate the filter, from the same Advanced Settings context you should create a second policy that will ensure the filter execution.
For this, from the corresponding Actions select Filters -> Execute filters and define the filter name pattern for use.
Also make sure that a conform name is defined for this new rule for further tracking.
After selecting to Save Configuration all the traffic will be processed by this filter.