Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 12 replies
  • Subscribers 5 subscribers
  • Views 23630 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM: DKIM & DMARC what are you guys doing??

twister5800

Hi,

Apparently the UTM cannot do DMARC, allthough there are feature requests for it.

But do to the CEO fraud, and PCI Compliance, more and more companies (customers) are getting a low score, due to this, and cannot understand, why this perfect NSG cannot do this.

I am having a hard time explaining, as I come to the part now, where I do not understand it either :-)

So for the time being, how do you guys solve theese requirements today?

Using 3.party antispam soulution/provider??

Appliance with ASSP? :-)

Would be great to hear / share some good ideas :-)



This thread was automatically locked due to age.
Parents
  • 0

    I would always front-end a mail server with either a hosted solution or an on premise security appliance.  It offloads that functionality and gives you a place to quarantine, inspect, or isolate traffic.

  • 0 in reply to darrellr

    Hi darrellr,

    darrellr said:

    I would always front-end a mail server with either a hosted solution or an on premise security appliance.  It offloads that functionality and gives you a place to quarantine, inspect, or isolate traffic.

     

     

    Thanks for replying.

    Yes but as you cannot use the UTM for DMARC, what do you use for on-premise spam solution?

    -----

    Best regards
    Martin

    Sophos XGS 2100 @ Home | Sophos v20 Technician

  • 0 in reply to twister5800

    Err why can't you use it for DMARC?

    We have SPF, DKIM & DMARC set up for our domains. The records are setup in DNS rather than the UTM with the exception of DKIM where you need to provide the private key.

    With regards to setups, we use:

    Exchange transport servers are the only servers to be able to send and receive mail via the UTM
    DNS Servers are the only server to use the dns proxy. Clients use the internal DNS servers.
    Exchange web and outlook is reverse proxied via the UTM

  • 0 in reply to twister5800

    I do not use anything on-premise.  But when I said on-premise I meant an email security appliance rather than a UTM appliance, sorry that was unclear.  A separate kit.  I am not judging which is best, but it includes Cisco, Barracuda, Fortinet, etc..  There are lots out there.  As stated, I use a hosted solution.  Those might include Microsoft Exchange online with ATP, Google, Proofpoint, etc..

Reply
  • 0 in reply to twister5800

    I do not use anything on-premise.  But when I said on-premise I meant an email security appliance rather than a UTM appliance, sorry that was unclear.  A separate kit.  I am not judging which is best, but it includes Cisco, Barracuda, Fortinet, etc..  There are lots out there.  As stated, I use a hosted solution.  Those might include Microsoft Exchange online with ATP, Google, Proofpoint, etc..

Children
No Data
Unfiltered HTML