Hi All,

I have an issue with BM3.8SP3 and MessageLabs exceptions...

MessageLabs require users to allow large subnetted blocks inbound access to
their mail servers, so in BM IP filters you need to specify a "network" as
the source for the packets, not just a host...

Like Markus (see below), I've found that "any address" works but specifying
a "subnetted network" doesn't; inbound email is blocked (reason (1)..!!)

This seems to be a failure of the filters, as I've checked everything every
which way. I've got private "networks" listed as both source and
destinations in other filters, but the MessageLabs subnet are quite large,
and seem problematic ( they are /20 networks, or 4096 nodes/hosts i.e the
subnet mask is 255.255.240.0 )

Wayne Poll
NHNZ

In January 2005, Markus Herbert wrote-

Hi,
I have a BM38SP2a Border Manager Server based on NetWare 6.5SP2.

This filter works as expected
Packet Type: smtp-st
Source:
All Circuits
Any Address
Destination: PUBLIC
All Circuits
80.xxx.xxx.xxx (PUBLIC Address of BM-Server)
Comment: Testfilter

But for my E-Mail Provider I must set 4 rules for incoming E-Mails.
This rules are not working at all. But how can I make it?
Is it allowed to set more than one Filter for the E-Mail Servers
(especially a complete Subnet for messagelab)?
#1
Packet Type: smtp-st
Source:
All Circuits
194.106.220.0/255.255.254.0
Destination: PUBLIC
All Circuits
80.xxx.xxx.xxx
Comment: Message Lab Filter 4

#2
Packet Type: smtp-st
Source:
All Circuits
195.216.16.211
Destination: PUBLIC
All Circuits
80.xxx.xxx.xxx
Comment: Message Lab Filter 3

#3
Packet Type: smtp-st
Source:
All Circuits
195.245.230.0/255.255.254.0
Destination: PUBLIC
All Circuits
80.xxx.xxx.xxx
Comment: Message Lab Filter 2

#8
Packet Type: smtp-st
Source:
All Circuits
193.109.254.0/255.255.254.0
Destination: PUBLIC
All Circuits
80.xxx.xxx.xxx
Comment: Message Lab Filter 1

My filter has the folowing configuration:
Status: Enabled
Action: Deny Packets Not in Filter List
Filter: (List of Denied Packets)
Exceptions: (List of Packets Always Permitted) -> see before