Barracuda Barracuda Spam AND Virus Firewall V4 Manual
Barracuda Barracuda Spam AND Virus Firewall V4, size: 594 KB
Here you can find all about Barracuda Barracuda Spam AND Virus Firewall V4 like manual and other informations. For example: review.
Barracuda Barracuda Spam AND Virus Firewall V4 manual (user guide) is ready to download for free.
On the bottom of page users can write a review. If you own a Barracuda Barracuda Spam AND Virus Firewall V4 please write about it to help other people. [ Report abuse or wrong photo | Share your Barracuda Barracuda Spam AND Virus Firewall V4 photo ]
User reviews and opinions
|sneegalop||12:22pm on Thursday, November 4th, 2010|
|This product is terrible. It keeps disconnecting, Slow, Unreliable I love this great router for the time that it does work. I have had purchased 2 of these things in a row.|
|ghee||4:48pm on Tuesday, October 26th, 2010|
|This unit replaced an older D-Link Router and was easy to set up and begin using. It is noticeably faster than the old router. [...] Easy To Set Up",... This product does everything that it says it does, but that is not the real story.|
|cameronbraid||6:05pm on Friday, October 1st, 2010|
|Good, reliable, inexpensive wireless router. [...]I had a long distance to travel between the internet source and the use point.|
|AceHarddrive||1:04pm on Friday, September 24th, 2010|
|I think the router is a big improvement as far as signal strength, speed and lack of dead spots is concerned. I had a regular 802. Replaced my Belkin Pre-N router with this since Xbox live wasnt working too well with it.|
|hjjaeger||2:26am on Monday, September 6th, 2010|
|will never buy a d-link product ever again!!! I wish there was a pro bad tech support! have to change the channel every aprrox.|
|iClubberP||11:38am on Thursday, August 5th, 2010|
|I replaced a Linux firewall and a failed Netgear wireless A/P with this unit and I am very happy with it - the web interface is one of the better I ha...|
|Planes||8:58am on Friday, July 16th, 2010|
|This things works great. The only thing I would beware of is that there are several different hardware versions of this device out there. This router replaces my burnt out Belkin G router and it is night and day, especially if your system can handle N speeds of up to 300 MBPS.|
|oldtraveler||4:46pm on Wednesday, June 23rd, 2010|
|I highly recommend this product******* For folks having issues with any make or model of wireless routers: I would highly recommend checking the $3 ex... Junk, Trash, Garbage, ETC. It works perfectly fine if you are WIRED to this router. WIRELESS is terrible.|
|jturner49||2:42pm on Monday, March 15th, 2010|
|This product is awful! I bought it first on December, and it was broken like a month after! I asked for a replacement at the store. I use it for my home network, which has iMac Desktop and Dell Inspiron Laptop.|
Comments posted on www.ps2netdrivers.net are solely the views and opinions of the people posting them and do not necessarily reflect the views or opinions of us.
Barracuda Spam & Virus Firewall
The Barracuda Spam & Virus Firewall provides an intuitive Web interface with which the administrator can monitor system performance. Additionally, using the Barracuda Spam & Virus Firewall SNMP agent, administrators can use their SNMP monitor to query the system for status on CPU health, queue size, latency and other important statistics. The administrator can also use SNMP monitoring to receive traps reporting system load and other vitals of the Barracuda Spam & Virus Firewall. This document covers the basics of using the Barracuda SNMP agent with the Barracuda Spam & Virus Firewall, firmware version 4.0 and higher.
Configure the Barracuda Spam & Virus Firewall
To use your SNMP monitor with the Barracuda Spam & Virus Firewall, you will first need to log into the Web interface of the Barracuda Spam & Virus Firewall as the administrator and configure SNMP settings. Navigate to the BASIC > Administration page and, in the SNMP Manager section, begin by setting Enable SNMP Agent to Yes. Follow the online help instructions on the page for configuring SNMP Version and other settings, and make sure to set the Allowed SNMP IP/Range. The IP addresses/networks you enter will be allowed SNMP access to the Barracuda Spam & Virus Firewall and will also have the ability to change configuration information through the Barracuda API.
You will need to obtain and import two MIB files to your SNMP monitor: 1. The Barracuda Reference MIB (standard across all Barracuda Networks products) 2. The Barracuda Spam & Virus Firewall MIB You can use reference objects included in these MIBs for monitoring either from custom scripts or from your SNMP monitor. The MIB files are located on the appliance and can be obtained by replacing YOURBARRACUDA in the following links with the IP address of your Barracuda Spam & Virus Firewall: http://YOURBARRACUDA:8000/Barracuda-SPAM-MIB.txt http://YOURBARRACUDA:8000/Barracuda-REF-MIB.txt
If you are using an SNMP monitor tool, all you need to do is import the MIBs as mentioned above into the SNMP monitor. You can refer to the MIBs for the Object IDs (OIDs) that correspond to the type of status you want to monitor. Please refer to the objects and traps listed in the next section. If you are querying the Barracuda Spam & Virus Firewall from code, use the following syntax (where System IP or hostname or localhost is the IP address of the Barracuda Spam & Virus Firewall). Note that, if using the snmpwalk command, if you dont include an OID you will get a listing of all of the OIDs in the MIB. This example checks the Inbound Queue size on the Barracuda Spam & Virus Firewall, where the OID for Inbound Queue is 18.104.22.168.4.1.20632.2.2 (see Objects and Traps below). Note that Barracuda Networks currently supports SNMP version 2c for the Barracuda Spam & Virus Firewall. snmpget -v 2c -c public [System IP or hostname or localhost].22.214.171.124.4.1.20632.2.2
Copyright 2004-2011, Barracuda Networks Inc. V4.x-110119-01-0119
Page 1 of 3
Example: Getting Accurate SNMP values for CPU Load
The standard SNMP MIB reports the CPU load values averaged since the time the Barracuda Spam & Virus Firewall was last booted. To obtain a periodic CPU load value, measurements for active CPU and idle CPU must be taken at two different times. The calculations are as follows: active_cpu = ssCpuRawSystem.0 + ssCpuRawNice.0 + ssCpuRawUser.0 idle_cpu = ssCpuRawIdle.0 Commands for the raw values are: ssCpuRawSystem.0: ssCpuRawNice.0: ssCpuRawUser.0: ssCpuRawIdle.0: snmpwalk -Os -v1 -c public 127.0.0.1 126.96.36.199.4.1.2021.11.52 snmpwalk -Os -v1 -c public 127.0.0.1 188.8.131.52.4.1.2021.11.51 snmpwalk -Os -v1 -c public 127.0.0.1 184.108.40.206.4.1.2021.11.50 snmpwalk -Os -v1 -c public 127.0.0.1 220.127.116.11.4.1.2021.11.53
Let active_cpu and active_cpu be two values taken after an interval of time has passed, and let idle_cpu and idle_cpu be values taken, respectively, at the same time. The total CPU usage as a percentage is: ((active_cpu -active_cpu) * 100) / ((active_cpu - active_cpu) + (idle_cpu - idle_cpu))
Page 2 of 3
Objects and Traps
As you will see in the Barracuda Spam & Virus Firewall MIB, the system provides the following objects: OID 18.104.22.168.4.1.20632.2.2 22.214.171.124.4.1.20632.2.3 Object inQueueSize outQueueSize Description Number of messages waiting to be processed by the Barracuda Spam & Virus Firewall. Number of messages waiting to be sent to the mail server. Note that alerts and notifications are queued separately from outbound email. Number of messages deferred because they could not be processed, and will be requeued for processing. Difference between the time a message was received by the Barracuda Spam & Virus Firewall and the time it is sent to the mail server.
The system provides the following traps: OID 126.96.36.199.4.1.206188.8.131.52 184.108.40.206.4.1.206220.127.116.11 18.104.22.168.4.1.20622.214.171.124 126.96.36.199.4.1.206188.8.131.52 184.108.40.206.4.1.206220.127.116.11 18.104.22.168.4.1.20622.214.171.124 126.96.36.199.4.1.206188.8.131.52 184.108.40.206.4.1.206220.127.116.11 18.104.22.168.4.1.20622.214.171.124 126.96.36.199.4.1.206188.8.131.52 184.108.40.206.4.1.206220.127.116.11 Object cpuFanDead sysFanDead cpuTempHigh firmwareStorageHigh mailStorageHigh raidDegrading inQueueHigh "Severity: Alert. In-queue size is high" outQueueHigh "Severity: Alert. Out-queue size is high notifyQueueHigh latencyHigh noMailForTooLong
Note that the Barracuda Spam & Virus Firewall communicates SNMP information using a community string of public by default. To change the string on version 4.x and lower, please contact Barracuda Networks Technical Support. It can be changed for version 5.x on the BASIC > Administration page in the SNMP Manager section of the page.
Page 3 of 3
C h a p t e r 4 S e c u r i n g t h e B a r r a c u d a Spa m & Vir u s F i r e w a l l 43
Securing Network Access. SSL Certificates. Secure Links in Notification Emails. Limiting Access to the API. Tracking Changes to the Configuration and User Login Activities Limiting User Access. Securing User Access With Single Sign On. LDAP, POP or RADIUS Authentication. Limiting User Access to a Clustered System. Advanced Email Security Policy. SMTP/TLS (Transport Layer Security) encryption. Securing the Outbound Relay of Email. Invalid Bounce Suppression. 47
C h a p t e r 5 A d v a n c e d I n b o u n d Spa m F i l t e r i n g P o l i c y. 49
Rate Control. When Rate Control Takes Effect Exemptions from Rate Control. IP Analysis. Trusted Forwarders. IP Reputation. Barracuda IP Reputation (BBL).
4 Barracuda Spam & Virus Firewall Administrators Guide
Exempting IP Addresses from the BBL and Other Blacklists Subscribing to External Blacklist Services. Sender Whitelisting - Precedence. Reverse DNS Blocking. Content Analysis - Inbound. Custom Content Filters. Attachment Filtering. Blocking Email by Country. Fingerprint Analysis. Intent Analysis. Image Analysis. Bayesian Analysis. How Bayesian Analysis Works. Global Bayesian Filtering Versus Per-User. Getting the Best Accuracy From the Bayesian Database. When to Use Bayesian Analysis. Outlook and Lotus Notes Plugins.
C h a p t e r 6 O u t b o u n d C o n f i g u r a t i o n. 59
Spam Filtering and Quarantine of Outbound Mail Spam Scoring. Managing Outbound Quarantine. Rate Control for Outbound Mail. IP Analysis of Outbound Mail. Reverse DNS Blocking. Content Analysis - Outbound. Custom Content Filters. Attachment Filtering. Fingerprint Analysis. Intent Analysis. Image Analysis. 62 63
C h a p t e r 7 A d v a n c e d C o n f i g u r a t i o n. 65
Sender Authentication. Mail Protocol (SMTP) Checking. Sender Spoof Protection. Invalid Bounce Suppression. Sender Policy Framework (SPF). Domain Keys (DKIM) Inspection. Custom policies. Recipient Verification. LDAP lookup. Explicit Users to Accept For (Valid Recipients). Alias Linking. Remote IMAP/POP Accounts. Clustering the Barracuda Spam & Virus Firewall. Setting Up Clustered Systems. Centralized Policy Management With a Quarantine Host. Redundancy of user quarantine data on the cluster. Data Not Synchronized Across the Cluster. 71
Virus Scanning takes precedence over all other Mail Scanning techniques and is applied even when mail passes through the Connection Management layers. As such, even email coming from whitelisted IP addresses, sender domains, sender email addresses or recipients are still scanned for viruses and blocked if a virus is detected.
User-specified rules (custom policy)
Administrators can choose to define their own policies, perhaps for compliance or governance reasons, which take precedence over spam blocking rules delivered to the system automatically through Barracuda Energize Updates. Administrators can set custom content filters for inbound and/or outbound mail based on the subject, message headers, message bodies and attachment file type.
A message fingerprint is based on commonly used message components (e.g., an image) across many instances of spam. Fingerprint analysis is often a useful mechanism for blocking future instances of spam once an early outbreak is identified. Engineers at Barracuda Central work around the clock to identify new spam fingerprints which are then updated on all Barracuda Spam & Virus Firewalls through hourly Barracuda Energize Updates. Both inbound and outbound email messages are subject to Fingerprint Analysis
All spam messages have an intent to get a user to reply to an email, to visit a Web site or to call a phone number. Intent analysis involves researching email addresses, Web links and phone numbers embedded in email messages to determine whether they are associated with legitimate entities.
Barracuda Spam & Virus Firewall Concepts 21
Frequently, Intent Analysis is the defense layer that catches phishing attacks. The Barracuda Spam & Virus Firewall applies various forms of Intent Analysis to both inbound and outbound mail, including real-time and multi-level intent analysis.
While Fingerprint Analysis captures a significant percentage of images after they have been seen, the Barracuda Spam & Virus Firewall also uses Image Analysis techniques on both inbound and/or outbound mail which protect against new image variants. These techniques include: Optical character recognition (OCR)- Enables the Barracuda Spam & Virus Firewall to analyze the text rendered inside embedded images. Image processing - To mitigate attempts by spammers to foil OCR through speckling, shading or color manipulation, the Barracuda Spam & Virus Firewall also utilizes a number of lightweight image processing technologies to normalize the images prior to the OCR phase. More heavyweight image processing algorithms are utilized at Barracuda Central to quickly generate fingerprints that can be used by the Barracuda Spam & Virus Firewall to block messages. Animated GIF analysis - The Barracuda Spam & Virus Firewall contains specialized algorithms for analyzing animated GIFs for suspect content.
Chapter 3 Getting Started
This chapter will guide you in installing the Barracuda Spam & Virus Firewall and beginning to scan and monitor email traffic. Initial Setup.... 26 Initial Configuration of the System.. 30 Route Incoming Email to the Barracuda Spam & Virus Firewall.. 33 Administrative Settings and the Web Interface.. 35 Tune and Monitor the Default Spam and Virus Settings. 38 Viewing Performance and Email Statistics.. 40 Setting up Quarantine.. 41
Getting Started 25
Checklist for Unpacking
Before installing your Barracuda Spam & Virus Firewall, match the items on this list with the items in the box. If any item is missing or damaged, please contact your Barracuda Networks Sales representative. Barracuda Spam & Virus Firewall (check that you have received the correct model) AC power cord Mounting rails (Barracuda Spam & Virus Firewall 600, 800, and 900 only)
Also required for installation: VGA monitor PS2 keyboard Ethernet cables
Barracuda Spam & Virus Firewall Behind Corporate Firewall
The figure below shows the Barracuda Spam & Virus Firewall behind your corporate firewall. In this example, the Mail Server has an IP address of 10.10.10.2 and the Barracuda Spam & Virus Firewall has an IP address of 10.10.10.3.
Figure 3.1: The Barracuda Spam & Virus Firewall behind the corporate firewall
In this type of setup, perform the following tasks: Forward (port redirection) incoming SMTP traffic on port 25 to the Barracuda Spam & Virus Firewall at 10.10.10.3. Configure the Barracuda Spam & Virus Firewall to forward filtered messages to the destination mail server at 10.10.10.2.
There is no need to modify any MX records for this type of setup.
Barracuda Spam & Virus Firewall in the DMZ
The figure below shows the Barracuda Spam & Virus Firewall in front of your corporate firewall in the DMZ. In this example, the Mail Server has an IP address of 18.104.22.168 and the Barracuda Spam & Virus Firewall has an internal IP address of 22.214.171.124.
Figure 3.2: The Barracuda Spam & Virus Firewall in the DMZ
In this type of setup, perform the following tasks: Assign an available external IP address to the Barracuda Spam & Virus Firewall. Change the MX (Mail Exchange) records on the DNS (Domain Name Server) to direct traffic to the Barracuda Spam & Virus Firewall. Create an A record and an MX record on your DNS for the Barracuda. The following example shows a DNS entry for a Barracuda Spam & Virus Firewall with a name of barracuda and an IP address of 126.96.36.199.
barracuda.yourdomain.com IN A 188.8.131.52
The following example shows the associated MX record with a priority number of 10:
You can view the download status by clicking the Refresh button next to the firmware download progress. A Firmware downloaded message displays once the download is complete, and the Refresh button will turn into Apply Now.
The apply process takes several minutes to complete. It is important to not power-cycle the unit during the download. Inbound and outbound traffic for mail resumes automatically when the update process is complete.
Click Apply Now to activate the newly-downloaded firmware. This process will automatically reboot your system when completed, which can cause your Web interface to disconnect momentarily. This is normal and expected behavior, so there is no need to perform a manual reboot. A Status page displays the progress of the reboot. Once the reboot is complete, the login page will reappear.
To apply the newest definitions provided by Energize Updates:
1. 2. 3. 4.
Select ADVANCED > Energize Updates. Select On for Automatically Update. The recommended setting is On for all available definitions. Check to see if the current version is the same as the latest general release. If the rules are up-todate, proceed to the next section. If the rules are not up-to-date, continue to the next step. Click Update to download and install the latest available definitions onto the Barracuda Spam & Virus Firewall.
Route Incoming Email to the Barracuda Spam & Virus Firewall
The next step in setting up your Barracuda Spam & Virus Firewall is to route incoming email to the system so it can scan incoming messages for spam and viruses. You can use either of the following methods to route messages to your Barracuda Spam & Virus Firewall: Use Port forwarding to redirect incoming SMTP traffic (port 25) to the Barracuda Spam & Virus Firewall if it is installed behind a corporate firewall running NAT (Network Address Translation). Configure this option on the ADVANCED > Advanced Networking page. For more information about port forwarding, refer to your firewall documentation or network administrator. MX records are used when your Barracuda Spam & Virus Firewall is located in a DMZ with a routable public IP address. If your Barracuda Spam & Virus Firewall is in the DMZ (not protected by your corporate firewall), do the following to route incoming messages to the system: 1. Create a DNS entry for your Barracuda Spam & Virus Firewall.
Getting Started 33
The following example shows a DNS entry for a Barracuda Spam & Virus Firewall with a name of barracuda and an IP address of 184.108.40.206:
barracuda.yourdomain.com IN A 220.127.116.11
2. Change your DNS MX Records. The following example shows the associated MX record with a priority number of 10:
You can configure specific SMTP settings from the ADVANCED > Email Protocol page. After you route incoming email to the Barracuda Spam & Virus Firewall, it will begin filtering all email it receives and routing good email to your mail server.
Sender Whitelisting - Precedence
The userssender whitelists (if the whitelist/blacklist setting is enabled for user accounts) can be overridden by global settings. For example, if the administrator turns on Spoof Protection, which is a global setting, it will supersede any users whitelist entry. If a user needs to supercede an global IP address block, that user should communicate to the administrator and request that the email or IP address be added to a global whitelist on the Barracuda Spam & Virus Firewall.
Reverse DNS Blocking
The Barracuda Spam & Virus Firewall can do a reverse DNS lookup on inbound and outbound IP connections and finds the hostname associated with the IP address of the sender. By configuring rules on the BLOCK/ACCEPT > Reverse DNS page, you can choose to apply common reverse DNS rules by country, custom rules that you define, or both to tag (inbound only), quarantine or block messages from those domains.
The last part of a hostname is known as the top level domain, or TLD. Most TLDs include a country identifier, such as.ca for Canada,.ru for Russia, etc. If most or all of the mail that you receive from a particular country is spam, you can use the Common Reverse DNS Rules to tag (inbound only), block or quarantine any message that has an associated hostname that includes that country's TLD. Email which is not blocked is subject to all of the usual spam and virus checks. Use the Custom Reverse DNS Rules to tag, quarantine or block messages from hostnames ending with values that you specify. List the sending domains or subdomains you want to whitelist on the BLOCK/ACCEPT > Sender Domain page.
Content Analysis - Inbound
Custom Content Filters
The Barracuda Spam & Virus Firewall enables administrators to set custom content filters based on the subject line, message headers, message body and attachment file type. In general, administrators do not need to set their own filters for the purposes of blocking spam, as these forms of rules are delivered to Barracuda Spam & Virus Firewalls automatically through Barracuda Energize Updates. See the filtering pages on the BLOCK/ACCEPT tab for details on settings. The online help for the BLOCK/ACCEPT > Content Filters page includes a link to a Regular Expressions help page that covers expressions you can use for advanced filtering. You can specify actions to take with messages based on pre-made patterns in the subject line or message body. Credit card, Social Security numbers, privacy information such as drivers license numbers, phone numbers or expiration dates and HIPAA data can be automatically checked and acted upon by blocking, tagging or quarantining inbound messages. Outbound mail can be blocked or quarantined. Note that HTML comments and tags imbedded between characters in the HTML source of a message are filtered out so content filtering applies to the actual words as they appear when viewed in a Web browser.
Getting the Best Accuracy From the Bayesian Database
All Bayesian systems rely on the fact that messages classified are not much different than new messages arriving. Over time however, spam messages change drastically and the Bayesian system while initially able to compensate for the new format gradually declines in its effectiveness. When this happens new classifications are needed to update the Bayesian database. To keep a Bayesian database accurate: For a global Bayesian database, the administrator should periodically clear it out by resetting it from the BASIC > Spam Checking page, then, from the BASIC > Message Log page, marking at least 200 messages as either Spam or Not spam using the buttons on the page. Bayesian filtering will NOT take effect until 200 or more of each spam and notspam messages are marked as such. For each per-user database, the user should can reset their own Bayesian database and follow up with marking 200 or more messages as spam or not spam, either in their quarantine inbox (QUARANTINE > Quarantine Inbox page) or from their regular email client if they have installed either the Outlook plugin or Lotus plugin (see below).
When to Use Bayesian Analysis
Barracuda Networks does not recommend using Bayesian filtering in most circumstances. With Energize Updates constantly updating the Barracuda Spam Firewall with protection against the latest spam and virus threats, spam accuracy should not be an issue for most organizations. A case for using Bayesian Analysis would depend on the following: You are using global Bayesian as opposed to per-user, and the users in the organization tend to be a homogenous population with regard to the kind of content considered to be valid email versus spam. This situation would make it easier for an administrator to train the global Bayesian database as to what is spam and what is not spam for the organization. Your organization requires a very high granularity of accuracy for identifying spam. If enabling Bayesian at the per-user level, users are sophisticated and can be trained to properly identify valid messages versus spam so as to train the Bayesian database, and are willing to consistently mark BOTH valid messages and spam messages in equal numbers so as to maintain the Bayesian database. The administrator and/or users are disciplined about resetting the Bayesian database(s) on a regular basis and re-initializing with 200 each of marked spam and not spam messages to keep current with new spam techniques over time.
Outlook and Lotus Notes Plugins
If per-user Bayesian is enabled, on the Barracuda Spam & Virus Firewall 300 and higher, the administrator can choose to allow users to download a plugin that allows messages to be classified as Spam or Not Spam directly from the email client.
56 Barracuda Spam & Virus Firewall Administrators Guide
Plugins are available for the Lotus Notes mail client and for Microsoft Outlook. See the USERS > User Features page to enable users to download the Microsoft Outlook plugin, which they can do from the login page if this feature is enabled, or, as the administrator, to download and install the Lotus Notes Plugin and view an overview document of how it works.
If the SMTP option Remove Barracuda Headers is turned off in the ADVANCED > Email Protocol page, any custom X-headers that the Barracuda Spam & Virus Firewall has applied
before the message leaves the appliance will be removed. This is not a recommended setting, and if these headers are removed, any Barracuda Outlook add-in or other add-in will not work correctly.
Some spammers will insert content in messages intended to bypass spam rules, such as excerpts of text from books or other content that may look legitimate in order to fool spam filtering algorithms. This tactic is called Bayesian Poisoning and could reduce the effectiveness of a Bayesian database if many of these messages are marked as either spam or not spam. The Barracuda Networks Bayesian engine is, however, very sophisticated and protects against Bayesian Poisoning if administrators or users consistently maintain their databases.
Advanced Inbound Spam Filtering Policy 57
Chapter 6 Outbound Configuration
Spam filtering rules for email coming into your organization may differ from rules you want to apply to outgoing email. After configuring basic outbound mail for the Barracuda Spam & Virus Firewall (as covered in Configure Scanning of Outgoing Mail, page 34), consider applying sender-based rate control as well as IP address, domain name and email address filtering on outbound mail traffic to identify the most spam messages or other email abuse without blocking valid messages. This chapter steps through configuration of spam identification methods, as described in detail in Advanced Inbound Spam Filtering Policy, page 49, which are applicable to outbound mail. Spam Filtering and Quarantine of Outbound Mail.. 60 Rate Control for Outbound Mail.. 60 IP Analysis of Outbound Mail... 61 Content Analysis - Outbound... 62
Outbound Configuration 59
Spam Filtering and Quarantine of Outbound Mail
The last filtering event applied to an outbound email message is assignment of a score based on the probability that it is spam. The administrator can decide how to deal with outbound messages suspected be spam based on the Outbound Spam Scoring Limits as configured on the BASIC > Spam Checking page. Spam scoring limits (from 0 to 10) can determine whether to send, quarantine or block outbound messages: Quarantining the message means that the message is suspected to be spam or in violation of policy, and will be stored on the Barracuda Spam & Virus Firewall for the administrator to review. The message can then be whitelisted, rejected, deleted or delivered by the administrator. Blocking the message means it will not be delivered. If the Send Bounce option for Outbound is set to Yes in the Spam Bounce (NDR) Configuration section of the ADVANCED > Bounce/NDR Settings page, a non-delivery receipt (NDR/bounce message) is also sent to the sender by the Barracuda Spam & Virus Firewall.
Sender Based Rate Control, including specifying email addresses you wish to exempt, is configured on the BLOCK/ACCEPT > Rate Control page.
IP Analysis of Outbound Mail
After applying rate controls, the Barracuda Spam & Virus Firewall performs analysis on the IP address, applying quarantine or block policies that you configure in the BLOCK/ACCEPT pages.
BLOCK/ACCEPT policies created at the per-domain level do NOT apply to outbound messages. So, for example, navigating to the DOMAINS page, then clicking Manage Domain for a particular domain, then configuring policies on the BLOCK/ACCEPT pages ONLY applies to inbound
messages for that domain.
Once the true sender of an outbound email message is identified, the intent of that sender should be determined before accepting the message as valid, or not spam. The best practice is to know the IP addresses of trusted senders and forwarders of email and define those on the Barracuda Spam & Virus Firewall as Allowed by adding them to a whitelist of known good senders. Various methods for discerning good senders of email versus spammers are described in this section to help you to quickly configure your Barracuda Spam & Virus Firewall per the needs of your organization.
The Barracuda Spam & Virus Firewall does a reverse DNS lookup on inbound and outbound IP connections and finds the hostname associated with the IP address of the sender. By configuring rules on the BLOCK/ACCEPT > Reverse DNS page, you can choose to apply common reverse DNS rules by country or create custom rules to quarantine or block outbound messages from those domains. The last part of a hostname is known as the top level domain, or TLD. Most TLDs include a country identifier, such as.ca for Canada,.ru for Russia, etc. If most or all of the mail that you receive from a particular country is spam, you can use the Common Reverse DNS Rules to tag (inbound only), block or quarantine any message that has an associated hostname that includes that country's TLD. Email which is not blocked is subject to all of the usual spam and virus checks. Use the Custom Reverse DNS Rules to quarantine or block outbound messages from hostnames ending with values that you specify. List the sending domains or subdomains you want to whitelist on the BLOCK/ACCEPT > Sender Domain page.
Outbound Configuration 61
Content Analysis - Outbound
Custom content filtering based on the subject line, message headers, message body and attachment file type can be applied to outbound mail just as it can be to inbound mail. See the filtering pages on the BLOCK/ACCEPT tab for details on settings. Note that for content filters, the action drop-downs list Block, Quarantine, Off for outbound mail. Tagging messages suspected to be spam is only available for inbound mail. The online help for the BLOCK/ACCEPT > Content Filters page includes a link to a Regular Expressions help page that covers text patterns you can use for advanced filtering. Note that HTML comments and tags imbedded between characters in the HTML source of a message are filtered out so content filtering applies to the actual words as they appear when viewed in a Web browser.
All outbound messages, including those from whitelisted senders, go through attachment filtering. From the BLOCK/ACCEPT > Attachment Filters page you can block or quarantine messages if they contain attachments with certain file extensions. For outbound messages, both the message and attachment(s) are sent to the Outbound Quarantine. This means that if a sender on your whitelist sends a message containing an unallowed attachment type, that message is either blocked or quarantined (depending on your settings). The Archive Filtering feature, configurable with attachment filtering, can be set to search the contents of attached archives (zip, tar, etc.) and block or quarantine inbound or outbound messages based on file extensions or types. Block or quarantine can be specified separately for messages with attached archive files that require a password to unpack.
Outbound messages can undergo Fingerprint Analysis if you enable this feature for both inbound and outbound mail on the BASIC > Spam Checking page. In order to detect real-time spam fingerprints, Barracuda Real-Time Protection must be enabled on the BASIC > Virus Checking page. Engineers at Barracuda Central work around the clock to identify new spam fingerprints which are then updated on all Barracuda Spam & Virus Firewalls through hourly Barracuda Energize Updates.
As for inbound mail, this feature is applicable for outbound mail, and block or quarantine actions can be specified accordingly on the BASIC > Spam Checking page.
Fingerprint Analysis captures a significant percentage of images after they have been seen, while Image Analysis techniques protect against new image variants. The techniques detailed in Image Analysis, page 55, also apply to outbound messages. Image Analysis is configured on the BASIC > Spam Checking page.
Outbound Configuration 63
Chapter 7 Advanced Configuration
This chapter covers advanced administration topics including configuring sender authentication, recipient verification, advanced networking topics, clustering the Barracuda Spam & Virus Firewall and remote administration via the Barracuda API. Sender Authentication.. 66 Recipient Verification... 68 Remote IMAP/POP Accounts.. 69 Clustering the Barracuda Spam & Virus Firewall.. 69 Advanced Networking.. 72 Non-Delivery Reports (NDRs)... 72 Remote Administration... 73
Advanced Configuration 65
This is a key feature of the Barracuda Spam & Virus Firewall to protect your network and users from spammers who might spoof a domain or otherwise hide the identity of the true sender. The following techniques are used to verify the from address of a message.
Mail Protocol (SMTP) Checking
The Barracuda Spam & Virus Firewall can perform thorough checks on incoming email for RFC 821 compliance, require mail clients to introduce themselves with an SMTP "HELO" or "EHLO" command before stating a sender, and otherwise manage SMTP protocol to block spammers. See the ADVANCED > Email Protocol page for these and other optional SMTP settings.
Sender Spoof Protection
The Barracuda Spam & Virus Firewall has the option to prevent spoofing of an organizations own domain by blocking emails with that domain name in the From field that are sent from outside the organization. Note that sender spoof protection should not be enabled if the organization sends messages from outside their internal email infrastructure (e.g., in the case of marketing bulk-mail services). The Sender Spoof Protection feature can be configured at the global level from the ADVANCED > Email Protocol page or at the per-domain level on the DOMAINS > Manage Domain > ADVANCED > Email Protocol page. At the domain level, however, this feature is labeled as Reject messages from my domain. Note that if the administrator enables Sender Spoof Protection at the global level it will supersede any whitelist entry created at the per-user level by a User, Helpdesk or Domain Admin account holder.
The Invalid Bounce Suppression feature is used to determine whether or not the bounce address specified in a message is valid. It is designed to reduce the number of bounce messages to forged return addresses; i.e., you dont want to get bounced messages from spammers who spoof your domain or email address. Every email sent from the Barracuda Spam & Virus Firewall is tagged with an encrypted password and expiration time. With Invalid Bounce Suppression enabled, any bounced email received by the Barracuda Spam & Virus Firewall that does not include that tag is blocked. Each blocked message is recorded in the Message Log with the reason "Invalid Bounce".
To use the Invalid Bounce Suppression feature, the Barracuda Spam & Virus Firewall must have Outbound Relay configured on the BASIC > Outbound page. For more details about Outbound Relay, refer to Configure Scanning of Outgoing Mail34.
Configure Invalid Bounce Suppression on the BLOCK/ACCEPT > Sender Authentication page and enter a Bounce Suppression Shared Secret as a non-null password which will be included in the headers of valid emails sent from and bounced back to the Barracuda Spam & Virus Firewall. Email bounces that dont include the password will be blocked if this feature is enabled.
Managing Inbound Quarantine 81
When you enable retention policies, keep in mind that if your system has been accumulating email without retention policies for a period of time, the first day retention policies are enabled results in an impact on system performance. The longer a system runs without retention policies, the larger the performance impact. After the first day or two, the load stabilizes as the system is able to keep large quarantine fluctuations to a minimum. Retention policies are run daily starting at approximately 02:30 AM.
Chapter 9 Managing Accounts and Domains
If your Barracuda Spam & Virus Firewall is responsible for filtering messages for more than one mail server or domain, the domains associated with each mail server will need to be added to the system. With the Barracuda Spam & Virus Firewall model 400 and higher, you can configure various spam settings, filtering policy, authentication and quarantine settings on a per-domain basis. If per-user quarantine is enabled, the Barracuda Spam & Virus Firewall will create user accounts to enable access to quarantine settings and messages. The Barracuda Spam & Virus Firewall 600 and higher supports per-user account spam score settings. Use this chapter to understand managing user accounts and domains on the Barracuda Spam & Virus Firewall and configuring per-domain and per-user settings. Creating and Managing Domains.. 84 Creating and Managing Accounts... 85 Role-based Administration... 88
Managing Accounts and Domains 83
Creating and Managing Domains
Your Barracuda Spam & Virus Firewall will only accept emails addressed to domains that it has been configured to recognize. Settings for individual domains can be configured by the administrator and, with some restrictions, by the Domain Admin and Helpdesk account roles as described below under Role-based Administration, page 88. All three roles will see a DOMAINS tab from which they can click Manage Domain next to the domain for which to edit the domain-level settings. Only an administrator can add or delete domains using the controls available in the DOMAINS page. The administrator can also add domains from the BASIC > IP Configuration page. Domains added from either page will be initially configured with whatever you have specified your default global settings to be. If the administrator deletes a domain, all user accounts associated with that domain will also be deleted from the Barracuda Spam & Virus Firewall. A confirmation dialog box will prompt you to confirm whether or not you want to delete a domain. Clicking the Manage Domain link for a particular domain will show some or all of the BASIC, USERS, BLOCK/ACCEPT, OUTBOUND QUARANTINE and ADVANCED tabs, depending on the permissions level of the logged in account role.
122 Barracuda Spam & Virus Firewall Administrators Guide
Open Source Licensing
Barracuda products may include programs that are covered by the GNU General Public License (GPL) or other "open source" license agreements. The GNU license is re-printed below for you reference. These programs are copyrighted by their authors or other parties, and the authors and copyright holders disclaim any warranty for such programs. Other programs are copyright by Barracuda Networks.
GNU GENERAL PUBLIC LICENSE, (GPL) Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by the GNU Library General Public License instead.) You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of such a program, whethergratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, there is no warranty for this free software. on, we want its recipients to know that what introduced by others will not reflect on the we want to make certain that everyone understands that If the software is modified by someone else and passed they have is not the original, so that any problems original authors' reputations.
Limited Warranty and License 125
This General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Library General Public License instead of this License. Barracuda Products may contain programs that are copyright (c)1995-2005 International Business Machines Corporation and others. All rights reserved. These programs are covered by the following License: "Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, provided that the above copyright notice(s) and this permission notice appear in all copies of the Software and that both the above copyright notice(s) and this permission notice appear in supporting documentation." Barracuda Products may include programs that are covered by the BSD License: "Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. The names of the authors may not be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE." Barracuda Products may include the libspf library which is Copyright (c) 2004 James Couzens & Sean Comeau All rights reserved. It is covered by the following agreement: Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS MAKING USE OF THIS LICENSE OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. Barracuda Products may contain programs that are Copyright (c) 1998-2003 Carnegie Mellon University. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. The name "Carnegie Mellon University" must not be used to endorse or promote products derived from this software without prior written permission. For permission or any other legal details, please contact Office of Technology Transfer Carnegie Mellon University 5000 Forbes Avenue Pittsburgh, PA 15213-3890 (412) 268-4387, fax: (412) 268-7395 firstname.lastname@example.org.Redistributions of any form whatsoever must retain the following acknowledgment: "This product includes software developed by Computing Services at Carnegie Mellon University (http://www.cmu.edu/computing/)." CARNEGIE MELLON UNIVERSITY DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO EVENT SHALL CARNEGIE MELLON UNIVERSITY BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. Barracuda products may include programs that are covered by the Apache License or other Open Source license agreements. The Apache license is reprinted below for you reference. These programs are copyrighted by their authors or other parties, and the authors and copyright holders disclaim any warranty for such programs. Other programs are copyright by Barracuda Networks. Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License. "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types. "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below).
RGR682 TTM56 20MF15GT MX-600 SM-230 K7VM3 SMX-C10LP DPF-E710 Iroise 3 Urc-3110 GT-B5310 DL-103 SCX-4824HN Photo 20 Kxtg7321E Polar F5 Type 6012 TR2-1700 SGH-C100 VC-405N SD-HX500 Audi 100 DSC-H50 B AZ291MA AG4AH09-12-bwf01 1 SP2 C-5050 Zoom Components Systems DMR-T3040 KF310 CDM-9803R PCN-4545 Graph35 RM313P Clavier 636 CL-29Z58MQ TDM-7584R Yamaha SY35 AW900AA EHC30200X F7280 2436VH HD 372 Seiko 7009 GT704-WG 105 TXT SP-PW3000 ND-G500 Aspire 3690 CFD-Z110 MZ35-216 Tough-6000 Review MY X6-2 SL-DZ1200 Software SP JAS SC4147 Tv410 DVP-NS725P FB162-A0U WV-CU360 MP303 Printer 2159 CWH MB280 L72810 S1600 KX-TG1090E MRF-350 H1940 96750 VGN-FS940 Of NEO Singer 6212 PLT3043A Canon ZR65 VSX-806RDS Printer Instincts Ngvb28-2H WF-T502A Sa-10 M2343A-BZ HTS5110 Quickstart Xl DUO JA-83K RX-E300 3720C DVD-1000 BK1059 T2766NO 250 WX T2440 PSR-740-PSR-640 Cyclocomputer Travelmate C310 DV235 SB-600
manuel d'instructions, Guide de l'utilisateur | Manual de instrucciones, Instrucciones de uso | Bedienungsanleitung, Bedienungsanleitung | Manual de Instruções, guia do usuário | инструкция | návod na použitie, Užívateľská príručka, návod k použití | bruksanvisningen | instrukcja, podręcznik użytkownika | kullanım kılavuzu, Kullanım | kézikönyv, használati útmutató | manuale di istruzioni, istruzioni d'uso | handleiding, gebruikershandleiding
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101