Documentation | Support

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Configuring System Settings > Managing domain and IP address groups
Managing domain and IP address groups
Administrator Help | Forcepoint Email Security | Version 8.5.x
A collection of domain names or IP addresses can be defined in a single group for use in email functions. For example, you can define a domain name group to establish domain-based delivery options, or you can define an IP address group for which Reputation Service, Real-time Blacklist (RBL), or directory attack prevention analysis is not performed. IP address groups can also be used for the email encryption functions. Domain groups are added and configured on the page Settings > Users > Domain Groups; IP groups are added and configured on the page Settings > Inbound/Outbound > IP Groups.
You can perform the following operations on domain or IP address groups:
*
Adding a domain group
*
Editing a domain group
*
Adding an IP address group
*
Editing an IP address group
There are two special default groups of domain or IP addresses:
*
Protected Domain group
*
Trusted IP Address group
See Third-party encryption application for information about using the Encryption Gateway default IP address group. Default groups cannot be deleted.
Protected Domain group
The Protected Domain group should contain all the domains that an organization owns and needs the email system to protect. Message direction in the system is determined on the basis of an organization's protected domains:
*
Inbound – The sender address is not from a protected domain and the recipient address is in a protected domain.
*
Outbound – The sender address is from a protected domain and the recipient address is not in a protected domain.
*
Internal – Both the sender and recipient addresses are in a protected domain.
An open relay results when both the sender and recipient addresses are not in a protected domain.
Unless you entered a protected domain name in the Domain-based Route page of the First-time Configuration Wizard, the default Protected Domain group is empty after product installation. Domains may be added to or deleted from the Protected Domain group, the Protected Domain group itself cannot be deleted.
 
* 
Important 
Ensure that the Protected Domain group contains all the domains you want your email system to protect.
An open relay is created when mail from an unprotected domain is sent to an unprotected domain within your organization. As a result, all mail from any domain that is not protected may be rejected. Mail from an external trusted IP address to an unprotected domain within your organization bypasses analysis and is delivered.
The email hybrid service uses the Protected Domain group during Forcepoint Email Security Hybrid Module registration to verify that the domains specified in its delivery routes are all from this group. The Protected Domain group should not be used to configure email delivery routes (on the page Settings > Inbound/Outbound > Mail Routing) if you need to define domain-based delivery routes via multiple SMTP servers. See User directory-based routes.
Trusted IP Address group
Like the Protected Domain group, the Trusted IP Addresses default group is empty after product installation. IP addresses may be added to or deleted from the Trusted IP Addresses group, but the Trusted IP Addresses group itself cannot be deleted. The Trusted IP Addresses group may include up to 1024 addresses.
Trusted IP addresses may include your internal mail servers or a trusted partner mail server.
Mail from an address in the Trusted IP Addresses group can bypass some inbound email analysis. Use of the Trusted IP Addresses group can result in improved email processing time.
Specifically, mail from trusted IP addresses bypasses the following email analysis:
*
Global Always Block List (Main > Policy Management > Always Block/Permit)
*
All message controls except message size, invalid recipient, and internal sender verification settings (Settings > Inbound/Outbound > Message Control)
*
Recipient validation (Settings > Users > User Authentication)
*
All connection controls except the connection control timeout (Settings > Inbound/Outbound > Connection Control)
*
Directory harvest attack (Settings > Inbound/Outbound > Directory Attacks)
*
Relay controls (Settings > Inbound/Outbound > Relay Control)
*
Personal Email Manager Always Block List
* 
Note 
Mail from trusted IP addresses does not bypass policy and rule application, and is always subject to antispam and antivirus analysis.
 

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Configuring System Settings > Managing domain and IP address groups
Copyright 2022 Forcepoint. All rights reserved.