Save & ShareEmail Reputation Services Advanced
Important Note
Bizanga IMP
Cisco exim Internet Mailer IronPort
NetIQ MailMarshal OmniTI Ecelerity Openwave Edge GX Postfix qmail Secure Computing Sidewinder Sendmail Sun ONE Messaging Server Trend Micro InterScan Messaging Security Suite for Windows Tumbleweed Enterprise Mail Firewall ZixCorp Message Inspector
Whether you have signed up for a 30-day trial or purchased the Network Reputation Services, you will receive an Activation Code (AC) that you will need to use when configuring your Mail Transfer Agent (MTA). |
| Bizanga’s IMP solution is highly customizable. In order to ensure that you have the most comprehensive and effective solution to meet your needs, please refer to the technical configuration document provided with the product and/or contact Bizanga’s customer support for assistance. If you have questions regarding setting up the appropriate DNSBL zone, the proper error message to utilize, testing that your configuration is set-up correctly, or need general assistance in accessing the service, please contact the Trend Micro Support Team, by sending an email to ers_support@trendmicro.com. |
| Reputation Services, please refer to your Trend Micro product manual. If you have questions regarding testing that your configuration is set-up correctly, or need general assistance in accessing the service, please contact the Trend Micro Support Team, by sending an email to ers_support@trendmicro.com. |
Note: Insert your unique valid "activation code" to replace the instructional text example; do not include any dashes. Configure your exim server to use Trend Micro Network Anti-Spam Service DNSBL zone with a custom error messages, follow the steps below.
deny message = $sender_host_address blocked using Trend Micro RBL+. Please see http://www.mail-abuse.com/cgi-bin/lookup?ip_address=$sender_host_address defer message = $sender_host_address blocked using Trend Micro Network Anti-Spam. Please see http://www.mail-abuse.com/cgi-bin/lookup?ip_address=$sender_host_address
|
Note: Insert your unique valid "activation code" to replace the instructional text example; do not include any dashes. Using Trend Micro ERS Advanced service with IronPort units (C series); this requires configuration for both Trend Micro ERS Standard and ERS Advanced: This guide is based on a C600 unit running ASyncOS 5.1.2-004, but steps should be the same for other versions and series. The configuration is done via the web GUI. Using the values, one can configure via the CLI instead. It assumes a currently running/configured IronPort unit that is handling inbound mail. 1) Via the "Mail Policies" tab, select "Mail Flow Policies" item on the left pane. Select the "Policies" list for the appropriate "Interface". First step is to add "Policies" for the two lists. Press the "Add Policy" button. Give the Policy a name, eg: "Trend Micro ERS Standard". Select the "Connection Behaviour" to be "Reject". Select the appropriate setting for "Use SenderBase for Flow Control" and "Group by Similarity of IP Addresses". Using "SenderBase" will apply limits to other IP addresses from those networks listed in the Trend Micro ERS Standard databases. Other settings can be left as default. Press "Submit". Press the "Add Policy" button again. Give the Policy a name, eg: "Trend Micro ERS Advanced". Select the "Connection Behaviour" to be "Accept". Apply the following settings: "Max. Messages Per Connection" = "1" "Max. Recipients Per Message" = "1" "Max. Message Size" = "8192" "Max. Concurrent Connections From a Single IP" = "1" "Max. Recipients Per Hour" = "0" "Max. Recipients Per Hour Code" = "Use Default (452)" or use "452" "Max. Recipients Per Hour Text" = "Mail from your IP is blocked using Trend Micro ERS Advanced. Please see https://securecloud.com/" "Use SenderBase for Flow Control" = "Off" (strongly recommended to be off) "Group by Similarity of IP Addresses" = "Off" (strongly recommended to be off) "Max Invalid Recipients Per Hour" = "0" The rest of the settings can be left at their default values. Press "Submit". 2) Next, you need to add the "Sender Groups" that will use these policies against the RBL services. Press the "HAT Overview" button on the left pane. Select the "Sender Groups" list for the appropriate "Interface". Press the "Add Sender Group" button. Use the Policy defined above for the Trend Micro ERS Standard service as this Sender Group's policy. Enter the DNS zone to query for the "DNS List" option for the Trend Micro ERS Standard service. eg: "activationcode.r.mail-abuse.com" Change the "Order" number to a more appropriate place in the list (the first match wins. This entry should be before any Sender Groups that accept mail from the Internet.) Name the Sender Group and give it an appropriate comment. Press the "Submit" button. Press the "Add Policy" button again. Use the Policy defined above for the Trend Micro ERS Advanced service as this Sender Group's policy. Enter the DNS zone to query for the "DNS List" option for the Trend Micro ERS Advanced service. eg: "activationcode.q.mail-abuse.com" Change the "Order" number to a more appropriate place in the list. (place it right after the ERS Standard Sender Group). Name the Sender Group and give it an appropriate comment. Press the "Submit" button. 3) All the required changes are in place. Press the "Commit Changes" button on the left pane to commit the changes and make them live. |
Note: Insert your unique valid "activation code" to replace the instructional text example; do not include any dashes. Configure your MailMarshal server to use Trend Micro Network Anti-Spam Service DNSBL zones with custom error messages, follow the steps below. 1. Under Server Properties, select the Host Validation tab. You'll need to create two DNS Blacklist entries: Name: Trend Micro RBL+ If your version does have separate boxes for Message Number and Description Message Number: 550
Message Description: 550 {SenderIP} blocked using Trend Micro RBL+ Please see http://www.mail-abuse.com/cgi-bin/lookup?ip_address={SenderIP}
Name: Trend Micro NRS If your version does have separate boxes for Message Number and Description Message Number: 450 If your version does not have separate boxes for Message Number and Description, then enter both in the box. Message Description: 450 {SenderIP} blocked using Trend Micro Network Anti-Spam Service. Please see http://www.mail-abuse.com/cgi-bin/lookup?ip_address={SenderIP} |
Edit your ecelerity.conf file (/opt/ecelerity/etc/ecelerity.conf): Module generic/spf_macros spf_macros { } Validate validate/sieve sieve { connect_phase1 = /opt/ecelerity/etc/rbl.siv } Place the following in /opt/ecelerity/etc/rbl.siv: $a = ec_dns_lookup "%{spfv1:ir}.activationcode.r.mail-abuse.com" "a"; if ec_test :matches "${a}" "127.1.0.*" { ec_disconnect 550 "Your IP address is in the TrendMicro RBL+ list, please see http://www.mail-abuse.com/cgi-bin/lookup?%{spfv1:i}"; } $a = ec_dns_lookup "%{spfv1:ir}.activationcode.q.mail-abuse.com" "a"; if ec_test :is "${a}" "127.0.0.32" { ec_disconnect 450 "Your IP address is in the TrendMicro NAS list, please see http://www.mail-abuse.com/cgi-bin/lookup?%{spfv1:i}"; } This will disconnect the connection right after it is created, in lieu of the SMTP banner. This is ideal for most situations, except for when XCLIENT is used. In those cases, connect_phase1 should be changed to mailfrom_phase1, which will process the script with the XCLIENT address. |
| We currently do not have instructions on how to configuration this product to utilize Trend Micro Reputation Services. Please refer to your product manual for information on the proper method to configure your MTA to utilize DNSBLs or block lists. Your vendor’s Technical Support organization should also be able to assist you with detailed configuration and set-up options. When you are configuring this product you will need to access our DNSBL zone. Please insert this string where indicated: activationcode.r.mail-abuse.com Note: You will need to insert your unique valid "activation code" to replace the instructional text example: do not include any dashes. If you have questions regarding setting up the appropriate DNSBL zone, the proper error message to utilize, testing that your configuration is set-up correctly, or need general assistance in accessing the service, please contact the Trend Micro Support Team, by sending an email to ers_support@trendmicro.com. |
Note: Insert your unique valid "activation code" to replace the instructional text example; do not include any dashes. Follow the steps below to configure your Postfix to use Trend Micro Network Reputation Services DNSBL zone with a custom error message Postfix 2.x 1. Find out if your OS supports hash or dbm tables. If you see hash, use hash in steps 2 and 3 below. 2. Edit main.cf and add our RBL and rbl_reply_maps entries. While it's really a client check, we have it in NOTE: Be sure the smtpd_recipient_restrictions = is one really long line. We had to add line breaks to show you the example. rbl_reply_maps = hash:/$config_directory/rbl_reply 3. Create the rbl_reply map and "postmap" it. NOTE: Be sure each line is one really long line. Also be sure there are no leading spaces in front of the activationcode lines. ....contents of rbl_reply file.... Save and then type 'postmap hash:rbl_reply' to create the hash table. NOTE: If postmap complains about unknown "hash", type postconf -m 4. Reload postfix by typing "postfix reload" |
Note: Insert your unique valid "activation code" to replace the instructional text example; do not include any dashes. Configure your qmail server to use Trend Micro Network Anti-Spam Service DNSBL zones with custom error messages. NOTE: Trend Micro DNSBL zones do not contain TXT messages, so you MUST compile RBLSMTPD to use the "A" record patch or our services will not work. ….sample /var/qmail/supervise/qmail-smtpd/run file…. Qmail will log rblsmtpd rejections in /var/log/qmail/smtpd/current |
Note: Insert your unique valid "activation code" to replace the instructional text example; do not include any dashes. Configure your Sidewinder firewall to use Trend Micro Network Anti-Spam Service DNSBL zones with custom error messages. If you have the newer version of Sidewinder, follow the steps below: 1. On the Sidewinder, go to Service Configuration Tab 2. Click Servers and the click Sendmail 3. Click m4 config on external burb (This will bring up a text editor) 4. Locate the following line: FEATURE(`blacklist_recipients')dnl · FEATURE(`dnsbl',`activationcode.r.mail-abuse.com', ` "550 Mail from " $&{client_addr} " blocked using Trend Micro RBL+. Please see http://www.mail-abuse.com/cgi-bin/lookup?ip_address=" $&{client_addr} ')dnl · FEATURE(`dnsbl',`activationcode.q.mail-abuse.com', ` "450 Mail from " $&{client_addr} " blocked using Trend Micro Network Reputation Service. Please see http://www.mail-abuse.com/cgi-bin/lookup?ip_address=" $&{client_addr} ')dnl 5. Save and Exit the file apply the change (that will rebuild the Sendmail config and restart Sendmail) If you have the older version of Sidewinder: On Sidewinder v5.2.1.10, the following file has to be edited: /etc/sidewinder/sendmail/sidewinder.X.mc 1. Locate the following line: FEATURE `blacklist_recipients')dnl. · FEATURE(`dnsbl',`activationcode.r.mail-abuse.com', ` "550 Mail from " $&{client_addr} " blocked using Trend Micro RBL+. Please see http://www.mail-abuse.com/cgi-bin/lookup?ip_address=" $&{client_addr} ')dnl · FEATURE(`dnsbl',`activationcode.q.mail-abuse.com', ` "450 Mail from " $&{client_addr} " blocked using Trend Micro Network Reputation Service. Please see http://www.mail-abuse.com/cgi-bin/lookup?ip_address=" $&{client_addr} ')dnl 2. Save the file. 3. Rebuild the sendmail server with the following command: |
Note: Insert your unique valid "activation code" to replace the instructional text example; do not include any dashes. Configure your Sendmail server to use Trend Micro Network Anti-Spam Service DNSBL zones with custom error messages. Here are working sendmail.mc entries for Trend Micro service. FEATURE(`dnsbl',`activationcode.r.mail-abuse.com', ` "550 Mail from " $&{client_addr} " blocked using Trend Micro RBL+. Please see http://www.mail-abuse.com/cgi-bin/lookup?ip_address=" $&{client_addr} ')dnl FEATURE(`dnsbl',`activationcode.q.mail-abuse.com', ` "450 Mail from " $&{client_addr} " blocked using Trend Micro Network Reputation Service. Please see http://www.mail-abuse.com/cgi-bin/lookup?ip_address=" $&{client_addr} ')dnl |
Note: Insert your unique valid "activation code" to replace the instructional text example; do not include any dashes. NOTE: Trend Micro RBL+ service does not have TXT records for the error message. Please see the Sun ONE Messaging Server 6.0 Administrator's Guide, December 2003 http://docs-pdf.sun.com/816-6738-10/816-6738-10.pdf There is an example at the bottom of page 420 to specify the error message. Example: Edit your MAPPINGS file and look for the FROM_ACCESS section. NOTE: Make sure there are two spaces at the start of the TCP line. NOTE: Make sure each line is less than 252 characters. FROM_ACCESS TCP|*|25|*.*.*.*|*|SMTP*|*|tcp_local|* $[IMTA_LIB:dns_verify.so,dns_verify,+$4.$3.$2.$1.activationcode.r.mail-abuse.com.+$$N$$X5.5.0|IP$ $$1.$$2.$$3.$$4$ found$ on$ MAPS-RBL$ list+$$CTCP|$$0|25|$$1.$$2.$$3.$$4|$$5|SMTP$$6|$$7|tcp_local|$$8] TCP|*|25|*.*.*.*|*|SMTP*|*|tcp_local|* $[IMTA_LIB:dns_verify.so,dns_verify,+$4.$3.$2.$1.activationcode.q.mail-abuse.com.+$$N$$X4.5.0|IP$ $$1.$$2.$$3.$$4$ found$ on$ MAPS-QIL$ list+$$CTCP|$$0|25|$$1.$$2.$$3.$$4|$$5|SMTP$$6|$$7|tcp_local|$$8] Now rebuild and restart the mail service. imsimta cnbuild imsimta restart dispatcher For more information on configuring Sun ONE Messaging Server, see http://docs-pdf.sun.com/816-6738-10/816-6738-10.pdf |
Note: If you have InterScan Messaging Security Suite for Windows, this requires InterScan Messaging Security Suite 5.5 SP4 or newer. Configure your InterScan Messaging Security Suite to use Trend Micro Network Reputation Services DNSBL zone with a custom error message. 1. Open the GUI and click 'Configuration' 2. Under 'Configuration', click 'Product Licenses' 3. Under 'Network Reputation Services', click 'View license details' 4. Enter your activationcode 5. Under 'Configuration', select 'Network Reputation' 6. Check the box next to 'Enable Network Reputation Service' 7. Under 'Action:', select 'Default: intelligent action' |
Note: Insert your unique valid "activation code" to replace the instructional text example; do not include any dashes. Follow the steps below to configure your Tumbleweed Enterprise Mail Firewall to use Trend Micro Network Reputation Services Login to the web manager DNSBL Source Domain: activationcode.r.mail-abuse.com DNSBL Source Domain: activationcode.q.mail-abuse.com Click "Setup" |
Note: Insert your unique valid "activation code" to replace the instructional text example; do not include any dashes. Configure your Message Inspector server to use Trend Micro Network Anti-Spam Service DNSBLzone with a custom error message. 1. Launch the Administration Client, login and go to Manage | MTA Configuration. 2. Scroll downwards to the Custom Configuration field. 3. Enter the Realtime Blackhole List entries. For Trend Micro Network Anti-Spam Service, please use the following: FEATURE(`dnsbl',`activationcode.r.mail-abuse.com', ` "550 Mail from " $&{client_addr} " refused. Please see http://www.mail-abuse.com/cgi-bin/lookup?ip_address=" $&{client_addr} " for further information."')dnl FEATURE(`dnsbl',`activationcode.q.mail-abuse.com', ` "450 Mail from " $&{client_addr} " blocked using Trend Micro Network Anti-Spam Service. Please see http://www.mail-abuse.com/cgi-bin/lookup?ip_address=" $&{client_addr} ')dnl NOTE: Make sure each FEATURE line you enter is one long line when you add them. 4. Click the Apply button at the bottom to implement the change. |
- Worldwide
- This site is for visitors in the United States & Canada
Copyright (c) 1989-2008 Trend Micro Incorporated. All rights reserved.
