Restricting Email Size

[roadrunner]

Restricting Email Size
I personally recommend performing this restriction on the mail server itself. Most mail servers support this. To do this with FireWall-1, you create a SMTP resource that restricts the size and apply this resource to the rulebase.

To create an SMTP resource, pull down "Resources" from the Manage menu. Click on new, pull down "SMTP". In the General Tab, specify a name (e.g. "size-limit"), set the Exception Track to Log, check Notify on Sender. On the Action2 tab, set the "Don't accept mail larger than" field to whatever size you wish (the default is 1,000k, or 1mb). Click OK.

When you add this resource in as a rule you will need to do an "Add with Resource," select SMTP, and select your resource (e.g. "size-limit"). If you want to restrict outbound email of a particular size, your rule would look like:

Source Destination Service Action
Internal-Nets Any SMTP->size-limit Accept


If you want to restrict inbound email, your rule would look like:

Source Destination Service Action
Any smtp-server SMTP->size-limit Accept


Note: I do not recommend filtering outbound email. In FireWall-1 4.1 and earlier, MX records are completely ignored. In FireWall-1 NG, you can configure it to use MX records, but FireWall-1 still has issues with this configuration.

-- PhoneBoy - 01 Jan 2004


FAQForm
FAQs.Class: ContentSecurityFAQs
OperatingSystem?:
FAQs.Version: