How to allow specific Email addresses to bypass DPI Detection and Prevention
03/26/2020 6 11644
It is possible to establish a number of specific e-mail senders whose mail is not to be scanned by the SonicWall appliance's deep packet inspection (DPI) security services, such as Gateway Anti-Virus, Gateway Anti-Spyware or Intrusion Prevention Service (IPS).This document provides an example Application Firewall configuration for permitting e-mail from certain addresses to completely bypass all DPI detection and prevention.
Follow these steps to create a Match Object:
- Go to Firewall | Match Objects.
- Click the Add New Match Object button and enter the following:
- Object Name: 'Bypassed Email Senders'
- Match Object Type: Email From
- Match Type: Partial Match
- Content: [List all e-mail addresses to be allowed to bypass DPI security services]
- Click the Add button for each additional e-mail address.
- Click OK.
Follow these steps to create the Application Firewall policy:
- Go to Firewall | App Rules.
- Click the Add New Policy button and enter the following:
- Policy Name: Email Senders Bypassing DPI Security Services
- Policy Type: SMTP Client
- (Optional) Source Address: [Create or select an address or FQDN object representing the SMTP server from which bypassing messages originate.]
- Service Destination: SMTP
- Match Object: Bypassed Email Senders
- Action: Bypass DPI
- Direction: Incoming
- Click OK.