ScreenOS Firewalls (NOT SRX)
Reply
Contributor
seaweed
Posts: 52
Registered: ‎11-20-2008
0

configuring antispam

hello i have an ssg 140 with screenos 6.1.0r2 and i want to use the antispam  feature.
i have enabled it from untrust zone to the mail servers zone with  junipers predefined server,and then tried sbl-xbl.spamhaus.org server.It doesnt seem to work.i tried setting manually a black list address and  worked.
here is an output of debug on ssg of the  antispam server. can anyone tell me if the output is normal?

 

 


## 2009-02-12 16:00:38 : ===get request "" ip 193.92.150.19
## 2009-02-12 16:00:38 : ===request pass "", ip 193.92.150.19 didn't match any
## 2009-02-12 16:00:38 : free_sbl_dns_request_by_sblreq add8a64
## 2009-02-12 16:00:38 : AS: sbl insert queue: add8a64
## 2009-02-12 16:00:38 : ===get request "mx-relayin-01.forthnet.gr" ip 0.0.0.0
## 2009-02-12 16:00:38 : ===query whitelist servers
## 2009-02-12 16:00:38 : ===query blacklist servers
## 2009-02-12 16:00:38 : ===request pass "mx-relayin-01.forthnet.gr", ip 0.0.0.0 didn't match any
## 2009-02-12 16:00:38 : free_sbl_dns_request_by_sblreq add8a64
## 2009-02-12 16:00:38 : AS: sbl insert queue: add8a64
## 2009-02-12 16:00:38 : ===get request "andjola.jaupi@corp.tring.al" ip 0.0.0.0
## 2009-02-12 16:00:38 : ===query whitelist servers
## 2009-02-12 16:00:38 : ===query blacklist servers
## 2009-02-12 16:00:38 : ===request pass "andjola.jaupi@corp.tring.al", ip 0.0.0.0 didn't match any
## 2009-02-12 16:00:38 : free_sbl_dns_request_by_sblreq add8a64
## 2009-02-12 16:00:58 : AS: sbl insert queue: add8a64
## 2009-02-12 16:00:58 : ===get request "andjola.jaupi@corp.tring.al" ip 0.0.0.0
## 2009-02-12 16:00:58 : ===query whitelist servers
## 2009-02-12 16:00:58 : ===query blacklist servers
## 2009-02-12 16:00:58 : ===request pass "andjola.jaupi@corp.tring.al", ip 0.0.0.0 didn't match any
## 2009-02-12 16:00:58 : free_sbl_dns_request_by_sblreq add8a64
## 2009-02-12 16:01:52 : AS: sbl insert queue: add8a64
## 2009-02-12 16:01:52 : ===get request "" ip 82.201.254.137
## 2009-02-12 16:01:52 : ===query whitelist servers
## 2009-02-12 16:01:52 : ===query blacklist servers
## 2009-02-12 16:01:52 : query send to sbl: 137.254.201.82.sbl-xbl.spamhaus.org 2bdbe34
## 2009-02-12 16:01:52 : sbl_dns_callback 2bdbe34
## 2009-02-12 16:01:52 : sbl_dns_callback get ip 0.0.0.0
## 2009-02-12 16:01:52 : request_pattern "", ip 82.201.254.137
## 2009-02-12 16:01:52 : server_name sbl-xbl.spamhaus.org
## 2009-02-12 16:01:52 : blackserver
## 2009-02-12 16:01:53 : ===get request "" ip 82.201.254.137
## 2009-02-12 16:01:53 : ===request pass "", ip 82.201.254.137 didn't match any
## 2009-02-12 16:01:53 : free_sbl_dns_request_by_sblreq add8a64
Trusted Contributor
Gavrilo
Posts: 279
Registered: ‎07-14-2008
0

Re: configuring antispam

Hi,

 

I found these with a web search and they may help:

 

On a netscreen firewall device, console in and you wuold get a prompt:
ns25->
Issue command:
ns25-> get license-key
You would get some output and at the end, something like:
AV:                 Disable(0)
Anti-Spam:          Disable(0)
Url Filtering:      Disable
Or you might get AV: Expiry Date or Enabled.
This would give idea if you have the license keys or not. If you have license keys then you can use CLI or webUI to configure AV/AntiSpam/URL filtering.

 

1) To find the detailed info about the licenses following cli can come handy,
"get tech-support | in license"
2) To know about just the available license keys on the device,
- Using CLI,
"get license-key" should help out.
- If you have Network Management software NSM then the "Capabilities" tab inside every device can tell you about all the keys and its limitations.
3) To install any of the keys on a device using cli following cli would be handy once you obtain the keys from the entitlement server (support guys),

exec license-key 'and the string'

For example:
ns5400(M)-> exec license-key ?
<string>             Version 2 license key
delete               Delete one license
nsrp                 Version 1 NSRP feature
update               Update license key from entitlement server
vrouter              Version 1 Virtual router feature
vsys                 Version 1 Vsys feature
zone                 Version 1 Zone feature

Most important information regarding the license keys you can obtain using 'get tech-support | in license' cli is,
- regarding the auto update for the license keys whether its enabled or disabled.

 

Regards

 

Gavrilo

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.