Hello, A bounce attack occurs when a spammer obscures message origins by using one email server to bounce spam to an address on another server. The spammer does this by inserting a target address into the “Mail From” value in the envelope of their messages then sending those messages to another address. Symantec Brightmail Gateway product does not come configured off the box to prevent bounce attacks. Rule of thumb before doing this configuration is that all your outgoing e-mail should be going through Brightmail Gateway so that they can processed. So here is what you need to do to configure the Brightmail to protect you against those attacks. (This procedure is accurate for Brightmail Gateway version 9.0.x. For earlier versions, you just need to find the proper configuration points for the same actions) We basically need to do three configuration changes to prepare for these attacks: A. Assigning a seed value B. Configure policy groups C. Creating a policy So, step by step, here is what we need to do: A. Assign a Seed Value
(Click on image for original size) This seed will be used when creating validation tags for outgoing messages. You need to do this for each Brightmail which has a Control Center role in your environment. B. Configure Policy Groups
(Click on image for original size)
(Click on image for original size) If you do not configure at least one policy group, bounce attack prevention will remain disabled. C. Create a Spam Policy You need a spam policy to define the action when there is a bounce attack. To do so:
(Click on image for original size) Now your Brightmail Gateway is ready to protect your environment against bounce attacks. Regards, Bekir Burak Durmaz
Grate Artical Mr.Bekir
i am siva kesava,i am learning about Symantec messiging gatewayi have an small doubt regarding Symantec messaging gateway
how to integrate exchange 2010 with smg, is any possible way to intigrate because in my exchange i have 100 users soo i have 100mails so it not possible to create a users in smg soo import is best option for protect my user mail with malware, unwanted mail
please send any document for about my question with graphical pics and also if have documents for creating policys for smg please send me, my mail id kesava.alla1995@gmail.com
Hi,
I've added the suggested Bounce Attack in the first url. Seems to work ok, but how can I test this from an external souce (as I've only added for the inbound messages) ?
Thanks, Trond
Excellent...thanks a lot!!!