If you have a specific host that you need to exempt from dynamic screening, but still have messages from it still go through other security tests such as Spam and Anti-Virus filtering (for instance a secondary mail server that needs to relay through SecurityGateway) this can be accomplished through a Sieve script.
- Log into the SecurityGateway administration website with a global administrator account
- Click on Security
- Locate the Advanced section
- Click on Sieve Scripts
- Click New
- Enter a descriptive Script Name, such as 'Do not screen host 10.0.0.1'
- Select Auth from the 'Mail Event' dropdown
- The only choice in the Scope dropdown will be global - you cannot apply an AUTH level script to a specific domain
- Specify the following for the Script Text, replacing 10.0.0.1 with the IP of machine which you wish to exempt from dynamic screening: require ['securitygateway']; if allof(not whitelisted 'ip,host',not auth 'succeeded',ip :is '10.0.0.1') { dynamicscreen 'disable'; }
- Click Save & Close
- Ensure that this script is below the system generated 'Dynamic Screening' script in the list of scripts using the up or down arrows in the order column
Additional Comments
More information on how to create new sieve-rules can be found in the SecurityGateway helpfile, which can be opened by clicking the 'Help' link in the upper-right corner of the SecurityGateway window.