How-To: Disable Outbound Filtering for Specific Users

 

Product: All

Version & Build: All

 

Background:

You may want to completely disable spam, virus and/or attachment scanning - both inbound and outbound - for specific users while continuing to provide those services for everyone else on the system.  However, simply disabling scanning at the user or mailbox level may not be enough to prevent OUTbound messages from being scanned and quarantined.

In order to ensure that scanning is completely disabled for these users, they must have an authenticated connection.

NOTE: This is very different from scanning INbound messages scanned for everyone and having OUTbound scanning turned off.  In this case, please see: How-To: Disable scanning for trusted sources.

 

ModusMail

Users must be set up to connect via SMTP Authentication or POP/IMAP Authentication for the disable option to apply on outbound messages.

Server configuration:

  • SMTP Authentication is configured on the Modus server in Security - Properties - SMTP Security
    • Put a check-mark at Enable SMTP Authentication
  • POP/IMAP Authentication is configured in Security - Properties - Pop/IMAP Auth
    • Put a check-mark at Enable Authenticatication using POP3 / IMAP4 access

 

Mail client configuration:

SMTP Authentication is configured in the Servers or SMTP Server settings for the email account properties.  The only setting that needs to be enabled is My server requires authentication.  Secure Password Authentication (or SPA) should not be enabled. 

POP/IMAP Authentication does not require special configuration on most standard mail client programs.  Users must remember to download messages before sending a message out. Once the POP or IMAP connection has been established, they can then send a message.

NOTE: Because of the variety of available email client programs, the above descriptions are generic.  Before giving your end users instructions for setting up either authentication method, you should first verify the email client program and its specific settings.

 

ModusGate

To disable filtering on outbound messages for ModusGate users so that outgoing messages are sent directly through ModusGate to the Internet:

  • Users must point their mail clients directly to the ModusGate server as the Outgoing or SMTP serve
  • SMTP Authentication must be configured on both the server and mail client (see above for configuration details)

  

Workaround:

If the primary mail (MTA) server is instead configured to use ModusGate as an outbound smarthost, your only option is to use a sieve script to turn off outbound filtering.  This is because users are authenticated on the primary mail server, not ModusGate.

 

 

Sieve Script Example:

  • The IP address of the main MTA is 10.10.10.10 and you want to disable outbound attachment blocking of WMF files for user X: 
    • In the Console, go to Attachments/F.A. - Properties - Forbidden Attachments 
    • Expand Extreme
    • Locate *.wmf and click on Remove
  • Create the following script in Anti-Spam - Properties - Custom Filters (4.35.480 and below) or Rules - Properties - Custom Filters (4.4.543 +)

if attachment :matches "*.wmf*" {
   if envelope :contains "origin-IP" "10.10.10.10" {
      if envelope :contains "from" "
user@domain.com" { stop; }
      }
  }

if attachment :matches "*.wmf*" { discard; stop; }

 

This sieve script will ake over blocking *.wmf files for all users except those specified in the From list.