Does IP Reputation accept address ranges?

I have not been able to find any information on this.

We have a new EAP provider that uses an external email service.

They have provided whitelisting information that includes 3 IP address subnets.

Has anyone tried entering a range instead of just single addresses?

Will it work with a range?

Thanks.

Parents
  •  

    IP reputation can be specified at the SMTP Interface under Connection Drop Services. It will affect all connections to SMG and the only way to exclude some IP addresses is to use the slider.

    SMTP IP reputation 1.PNG

    IP reputation can also be specified in a policy by using an IP Reputation filter:

    SMTP IP reputation.PNG

    The IP Reputation filter works the same way but you can attach an Address Exception to exclude specific IP addresses.

    I don't know if the Address Exception will accept ranges. It may accept subnets e.g. 10.0.2.0/30.

     

     

  • Thanks Kevin.

    I used to use connection drop, but had to switch to policy to make some very specific exceptions.

    Just wondering if the exceptions to the filter would work with subnets such as your example?

    I can certainly add them, but may never know if it actually works.

  • If you go for exceptions then take care to use single filters instead of filter groups. You will find some more information in this forum because of exceptions. Handling can be tricky ...


  •  wrote:

    Thanks Kevin.

    I used to use connection drop, but had to switch to policy to make some very specific exceptions.

    Hi Chris,

    When the SLES appliance was changed to use Bitdefender, IP reputation was assessed differently. For one thing, the concept of a temporary failure no longer applies. SMG still can assess some IP reputations as deserving of a temporary fail but Bitdefender has no way to dynamically adjust an IP addresses reputation. Each time a message is received from that IP address it will be processed exactly the same way and get a another temporary fail. The only way to circumvent this is to avoid temporary failures altogether and use IP address exceptions for messages from IP addresses whose IP reputation is not good enough.

    Just wondering if the exceptions to the filter would work with subnets such as your example?

    I can certainly add them, but may never know if it actually works.


    You can always test it.

    • Create a test filter policy.
    • Add the specific filter components you want to test.
    • Go to Systems Management / Scanner Diagnostic
    • Choose a simple email to test
    • Add applicable message envelope information (i.e. source IP address)
    • Select your test scan policy
    • Run the scan and check the results.
Reply

  •  wrote:

    Thanks Kevin.

    I used to use connection drop, but had to switch to policy to make some very specific exceptions.

    Hi Chris,

    When the SLES appliance was changed to use Bitdefender, IP reputation was assessed differently. For one thing, the concept of a temporary failure no longer applies. SMG still can assess some IP reputations as deserving of a temporary fail but Bitdefender has no way to dynamically adjust an IP addresses reputation. Each time a message is received from that IP address it will be processed exactly the same way and get a another temporary fail. The only way to circumvent this is to avoid temporary failures altogether and use IP address exceptions for messages from IP addresses whose IP reputation is not good enough.

    Just wondering if the exceptions to the filter would work with subnets such as your example?

    I can certainly add them, but may never know if it actually works.


    You can always test it.

    • Create a test filter policy.
    • Add the specific filter components you want to test.
    • Go to Systems Management / Scanner Diagnostic
    • Choose a simple email to test
    • Add applicable message envelope information (i.e. source IP address)
    • Select your test scan policy
    • Run the scan and check the results.
Children