Previous | Next | Contents | Index |
This chapter describes how to use the pmdf configure
firewall
utility to create an initial configuration for use on
an e-mail firewall system. In many cases the configuration created by
following these steps will suffice for a firewall system without
further modification. Additional customization, for instance,
implementing centralized naming on the e-mail firewall, the addition of
some channels such as UUCP channels or PhoneNet channels not generated
by the utility, implementation of address-specific e-mail access
controls, implementation of mail storm or denial or service safeguards,
or hooking in a virus scanner via the PMDF conversion channel, will
require manual editing of the configuration files.
Manual editing of the configuration files may also be required as your
environment evolves. For example, as nodes or networks are added you
may need to add rewrite rules or channel blocks to your
pmdf.cnf
file. In many cases you may find it easier to
rerun the configuration generator supplying new answers reflecting the
changes in your environment.
A history of the configuration run is saved in the file
firewall_configure.history
in the PMDF table directory
when you run the pmdf configure firewall
utility. When you
run pmdf configure firewall
again, you will be prompted as
to whether the answers from the history file should be used as default
answers. The history file should not be deleted casually, as it could
save you from typing the same answers over again, and may prove useful
to technical support should you encounter problems.
Previous | Next | Contents | Index |