[Setup Step 3]: Firewall lockdown options for Email & LDAP Discovery

[Setup Step 3]: Firewall lockdown options for Email & LDAP Discovery

If you have control over your mail server and it’s firewall, make sure that it can receive incoming SMTP (TCP port 25) connections from Spambrella IP addresses, which are:

Please review our actively maintained list: IP Address List

If these addresses cannot deliver then no mail can arrive.

NOTE: If other IP addresses are accepted, it is possible to bypass Spambrella completely and spammers are known to save MX records for a long time and still attempt to deliver directly to any server that is willing. You can test whether your firewall is open by launching a command prompt (in Windows: Start->Run->”cmd”) and typing “telnet a.b.c.d 25” where you replace “a.b.c.d” with either the IP address or the DNS hostname of the server you wish to test.  Make sure that you do this test from a different network to the one in which the server is located. If you connect successfully the firewall is open and the server is vulnerable to direct spamming.

Also, some firewalls do not allow multiple ranges to exist in the same place. Please consult with your vendor to ensure how to add ranges with different rolls in.

If you are running a blacklist on your firewall, please ensure that you have our IP’s white listed, otherwise this may result in connection problems.

If you are using Microsoft Exchange and do not have a firewall that can be configured to the above preference, you can configure the Microsoft Exchange access connection range to only accept email from your internal domain ( e.g companyname.local) and *.ppe-hosted.com like so:

  • From within the Exchange systems manager: select > Administrative Groups > First Administrative Groups > Servers > Select default or bridgehead server > Protocols > Default SMTP virtual Server > right click and select properties > Access > Connection…
  • Select “Only in the List Below” and add the following:

– companyname.local (e.g.)

– *.ppe-hosted.com 

If you have no control over your mail server’s firewall (eg. you use a hosting service, and/or POP, etc.), there is still a way. All email that passes through Spambrella gets marked with the header labeled “X-MDID”. So, if the firewall cannot be locked down, a filter rule should be created in your server to automatically *junk* into the recipient’s spam folder every email that does NOT possess such a header field.

If you have no control over your mail server’s firewall AND have no way to make global rules on the mail server, rules can still be created on users’s email clients. The example here is for Microsoft Outlook, but something similar can be used for any email client. Create two rules: The first one, placed second-to-last in the list of rules, should be created from a blank template, and it must catch all messages with “X-MDID” in the header and the action should be to stop processing more rules. The second new rule, placed very last, should be to catch EVERYTHING, and Move them to the Junk folder. If this account need any more rules, they should be listed before the two rules specified here.. Be aware that, if any of those custom rules use the action to “stop processing more rules”, it might circumvent this setup.

If none of the above scenarios are applicable, be aware that we cannot support spam-related queries where the email did not pass through us. Legitimate email will still pass through us, as those will use the public MX records for a domain as they should.

LDAP synchronisation requirements

For Spambrella Email filtering LDAP synchronisation to work correctly, make sure that you can receive incoming LDAP (TCP port 389) connections from our IP addresses, which are:

UPDATED For Spambrella WEBaware LDAP synchronisation to work correctly, make sure that you can receive incoming LDAP (TCP port 389) connections from our IP addresses, which are:

  • Fremont, United States: 72.52.96.0/26 and 216.218.133.192/26
  • Atlanta, United States: 216.52.207.64/26
  • New York, United States: 209.51.184.0/26
  • Chicago, United States: 208.100.40.32/27
  • Frankfurt, Germany: 95.172.68.144/28
  • Amsterdam, Netherlands: 95.172.88.0/27
  • Singapore: 203.116.198.64/26

PROCEED TO [Setup Step 4] – (Optional): Instructions on activating outbound email


Spambrella Email Security & Archiving Setup Steps

[Setup Step 1]: Instructions for activating Spambrella for a domain’s inbound email

[Setup Step 2]: Instructions on importing users

[Setup Step 3]: Firewall Lockdown Options For Email & LDAP Discovery

[Setup Step 4]: (Optional): Activating outbound email protection / DLP

[Setup Step 5]: Data Center – IP Addresses / DNS-MX Records

[Setup Step 6]: Configuring additional features