Configuring Local List Antispam (NSM Procedure)
This section includes the following topics:
- Configuring Whitelist and Blacklist Entries
- Configuring a Custom URL Category List Custom Object
- Configuring Server-Based Antispam
- Configuring a UTM Policy for SNMP
Configuring Whitelist and Blacklist Entries
To configure local whitelist and blacklist custom objects:
- In the NSM navigation tree, select Device Manager > Devices.
- Click the Device Tree tab, and then double-click the device for which you want to configure whitelist and blacklist custom objects.
- Click the Configuration tab. In the configuration tree, select Security > Utm > Custom Objects.
- Select Url Pattern and click New.
- Enter a unique name for the list.
- Select Value and add a new entry.
- Enter a value for the URL
pattern for whitelist or blacklist antispam filtering.
Note: For URL pattern wildcard support, the wdildcard rule is as follows: \*\.[]\?* and you must precede all wildcard URLs with http://. You can only use an asterisk (*) if it is at the beginning of the URL and is followed by a dot (.). You can only use a question mark (?) at the end of the URL.
The following wildcard syntax is supported: http://*.juniper.net, http://www.juniper.ne?, http://www.juniper.n??. The following wildcard syntax is not supported: *.juniper.net , www.juniper.ne?, http://*juniper.net, http://*.
- Click OK to save the changes.
Configuring a Custom URL Category List Custom Object
To configure a custom URL category list custom object:
- In the NSM navigation tree, select Device Manager > Devices.
- Click the Device Tree tab, and then double-click the device for which you want to configure URL category list custom objects.
- Click the Configuration tab. In the configuration tree, select Security > Utm > Custom Objects.
- Select Custom Url Category and click New.
- Enter a unique name for the list.
- Select Value and add a new entry.
- Enter the name of the URL pattern list you created for bypassing scanning.
- Click OK to save the changes.
Configuring Server-Based Antispam
Antispam filtering allows you to use both a third-party server-based spam block list (SBL) and to optionally create your own local whitelists (benign) and blacklists (malicious) for filtering against e-mail messages. The antispam feature is not meant to replace your antispam server, but to complement it.
To configure server-based antispam:
- In the NSM navigation tree, select Device Manager > Devices.
- Click the Device Tree tab, and then double-click the device for which you want to configure server-based antispam.
- Click the Configuration tab. In the configuration tree, select Security > Utm > Feature Profile > Anti Spam.
- Select Symantec Sbl and enable the feature.
- Expand Symantec Sbl and select Profile.
- Add or modify antispam profile settings as specified in Table 1.
- Click one:
- New—Adds a new profile.
- OK—Saves the changes.
- Cancel—Cancels the modifications.
Table 1: Server-Based Antispam Profile Settings
Configuring a UTM Policy for SNMP
To configure a UTM policy for SNMP:
- In the NSM navigation tree, select Device Manager > Devices.
- Click the Device Tree tab, and then double-click the device for which you want to a UTM policy for SNMP.
- Click the Configuration tab. In the configuration tree, select Security > Utm > Utm Policy.
- Click New to add a new UTM policy entry.
- Enter a unique name for the UTM policy.
- Select Antispam and enter the name of the antispam profile.
- Click OK to save the changes.
Once you have configured a UTM policy for SNMP, attach the UTM policy to a security policy that you create.
