Summary
For security reasons, the IMSVA anti-spoof policy checks all IP addresses in the Received headers. However, in some environment, when the trusted sender uses IPv6 in their mail flow for example, the current behavior may cause problem. In this scenario, you may prefer IMSVA anti-spoof policy to only check the connection IP address.
Details
Apply Hot Fix 1636 or a later build before proceeding.
To enable this option:
- SSH to IMSVA with root credentials.
- Backup and then open the "imss.ini" file in the "/opt/trend/imss/config" folder
cp /opt/trend/imss/config/imss.ini imss.ini.bak
vi /opt/trend/imss/config/imss.ini - Add the following setting under the general section and set the value to "yes".
[general]
antispoof_only_check_connect_ip=yesThe default value of this key is "no" which checks all of the IP addresses in the email. - Save the change and close the file.
- Restart the scanner service using the following command:
/opt/trend/imss/script/S99IMSS restart
