It’s time for a new tutorial but this time with another subject Trend Micro Interscan Messaging Security Suite, IMSS for short. IMSS is the antivirus/imss solution from Trend Micro which is available for Windows, Linux, Solaris and as appliance.</p>

With policies we can define our own rules, we will create a rule which will prevend spoofing. To do this we need to login to the admin console of IMSS. This can be done by selecting the option policy and then select the option policy list in the left menu.

Next we will choose the option new and choose the option other from the drop-down menu. Standard the option is selected that this rule needs to be applied to incoming mails.

First we define the sender/recipient en exclusions.

First the recipient, this can be done by clicking on the link recipient

As recipient we select all the users in the domain

When you are responsible for multiple domains you can fill in all domains here. When all domains are added you can click on the save button. The next step is choosing the sender, this can be done by clicking on the link sender. Here we fill in the same domains as defined in the recipient option. When ready we will click on save again when all domains are added.

The last option is to define the exceptions, this can be done when using a form on your website which uses an e-mail address which exists in your domain as the sender. In this case we choose the address

In this case we only allow from to but this can also be the complete domain.

When we have defined all three options it's time to define the scanning conditions. Here we only need to specify one thing. In this case we want to check every mail which is bigger then 1 Kb.

When we are statisfied with the settings we click on next to continue and specify the action.

Because we don't want the spoofing mails to arrive in the mailbox of users we select the option delete entire message. In case you want to first have a look what the result is you can choose the option quarantine to this will ensure that mail is placed in quarantine.

When the action is defined it's time for the last step, define the name and rulenumber. This last two fields can be defined with whatever you like. In our case we defined the name of the rule as anti-spoofing and placed it as the 8th rule.

Were finished now with creating the anti-spoofing rule. Keep in mind that this wil also block mails from sites which let you forward articles and use your e-mail address as sender, inform your users about this.


Johan Veldhuis