This article applies to:
- Trustwave MailMarshal (SEG) 6.4.5 and above
Question:
- How can I adjust the behavior of MailMarshal SMTP Receiver checking "Where sender's name is/is not a fully qualified domain name"?
Procedure:
The MailMarshal SMTP Receiver rule condition "Where sender's name is/is not a fully qualified domain name" allows you to take action based on the server name that a remote server provides as part of the HELO SMTP command.
By default this condition has the following settings:
- Minimum 3 domain parts
- Maximum 10 domain parts
For instance, the following are not valid FQDNs by default:
- mailserver
- mailserver.com
- mailserver.some.very.long.set.of.sub.domains.at.an.ISP.somewhere.com
To configure these settings:
- On the Array Manager, edit the Registry (10.X: use Advanced Settings in the Management Console)
- Navigate to the SEG Receiver key:
- In version 8.X: HKEY_LOCAL_MACHINE\SOFTWARE\Trustwave\Secure Email Gateway\Default\Receiver
- 10.X: value names have the prefix Receiver. (Receiver dot).
- For full details of the location for each product version, see article Q10832.
- Enter one or more of the following DWORD values:
- HELOCheckMinSubDomains: The minimum number of domain parts required.
- HELOCheckMaxSubDomains: The maximum number of domain parts allowed.
- Commit configuration changes
- Restart the Receiver service on each email processing server
Warning: Using the Registry Editor incorrectly can cause serious problems that may require you to reinstall your operating system. Trustwave cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Make sure that you back up your Registry prior to making any changes.
Notes:
- The default maximum for earlier MailMarshal 6.4 releases was 5 domain parts.
- Some well known ISPs such as Yahoo (and regional ISPs affiliated with Yahoo) use FQDNs with at least 6 parts.