Transcription

VersionBarracuda Spam Firewall Administrator’s GuideBarracuda Networks Inc.385 Ravendale DriveMountain View, CA 94043http://www.barracudanetworks.com1

Copyright NoticeCopyright 2005, Barracuda Networkswww.barracudanetworks.comv3.2.22All rights reserved. Use of this product and this manual is subject to license. Information in this document is subject to change without notice.TrademarksBarracuda Spam Firewall is a trademark of Barracuda Networks. All other brand and product names mentioned in this document are registeredtrademarks or trademarks of their respective holders.2Spam Firewall Administrator’s Guide

ContentsChapter 1 – Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 9Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Energize Updates Minimize Administration and Maximize ProtectionUnderstanding Spam Scoring . . . . . . . . . . . . . . . . . .Inbound and Outbound Modes . . . . . . . . . . . . . . . . . . . .Technical Support . . . . . . . . . . . . . . . . . . . . . . . . . . .Warranty Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . .Barracuda Spam Firewall Models. . . . . . . . . . . . . . . . . . . . .Locating Information in this Document . . . . . . . . . . . . . . . .Basic Tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Block/Accept Tab . . . . . . . . . . . . . . . . . . . . . . . . . . .Users Tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Domains Tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Advanced Tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10101112121213141415151516C h a p t e r 2 – P r e - i n s ta l l a t i o n . . . . . . . . . . . . . . . . . . . . . 19Deployment Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20Standard Network Configuration Deployment . . . . . . . . . . . . . . . . . . 21ISP Installation Deployment 22High Availability Deployment . . . . . . . . . . . . . . . . . . . . . . . . . . 23C h a p t e r 3 – S e t u p . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25Step 1. Verify you Have the Necessary Equipment . . . . . . .Step 2. Choose a Setup Type . . . . . . . . . . . . . . . . . .Step 3. Install the Barracuda Spam Firewall . . . . . . . . . .Step 3. Configure the System IP Address and Network SettingsStep 4. Configure your Corporate Firewall . . . . . . . . . . .Step 5. Configure the Barracuda Spam Firewall . . . . . . . .Step 6. Update the System Firmware . . . . . . . . . . . . . .Step 7. Verify your Subscription Status . . . . . . . . . . . . .Step 8. Route Incoming Email to the Barracuda Spam Firewall.Port Forwarding . . . . . . . . . . . . . . . . . . . . . .MX Records . . . . . . . . . . . . . . . . . . . . . . . .Step 9. Tune the Default Spam Settings . . . . . . . . . . . .Installation Examples . . . . . . . . . . . . . . . . . . . . . .Barracuda Spam Firewall Behind Corporate Firewall . . . . . .Barracuda Spam Firewall in the DMZ . . . . . . . . . . . . . .Configuring your System for Outbound Mode. . . . . . . . . .Outbound Mode Configuration Process . . . . . . . . . . . . .Changing to Outbound Mode . . . . . . . . . . . . . . . . . .Setting up your Email Server as a Smart/Relay Host . . . . . .25262627272829293131313132323333343434iii

C h a p t e r 4 – B a s i c Ta b . . . . . . . . . . . . . . . . . . . . . . . . . . 37Monitoring System Status . . . . . . . . . . . . . . . . . . . . .Using the Status page . . . . . . . . . . . . . . . . . . . . . . .Email Statistics . . . . . . . . . . . . . . . . . . . . . . . . . .Performance Statistics . . . . . . . . . . . . . . . . . . . . . .Subscription Status . . . . . . . . . . . . . . . . . . . . . . . .Hourly and Daily Mail Statistics . . . . . . . . . . . . . . . . . .Understanding the Indicator Lights . . . . . . . . . . . . . . . .Monitoring the Message Log . . . . . . . . . . . . . . . . . . .Legend . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Classifying Messages . . . . . . . . . . . . . . . . . . . . . . .Overview of the Message Log. . . . . . . . . . . . . . . . . . .Changing the Viewing Preferences of the Message Log . . . . .Viewing Message Details . . . . . . . . . . . . . . . . . . . . .Clearing the Message Log . . . . . . . . . . . . . . . . . . . .Configuring the Global Spam Scoring Limits . . . . . . . . . . .Specifying the Subject Text and Priority of Tagged Messages . .Enabling and Disabling Virus Checking and Notification . . . . .Setting Up Quarantine Policies . . . . . . . . . . . . . . . . . .Specifying the Quarantine Type . . . . . . . . . . . . . . . . . .Specifying the Global Quarantine Settings . . . . . . . . . . . .Specifying the Per-User Quarantine Settings . . . . . . . . . . .Configuring System IP Information . . . . . . . . . . . . . . . .Controlling Access to the Administration Interface . . . . . . . .Changing the Password of the Administration Account . . . . . .Limiting Access to the Administration Interface and API . . . . .Changing the Web Interface Port and Session Expiration LengthShutting Down the System . . . . . . . . . . . . . . . . . . . .Resetting the System Using the Front Panel . . . . . . . . . . .Automating the Delivery of System Alerts and Notifications . . .Changing the Operation Mode of the System . . . . . . . . . . .Enabling Users to Classify Messages from a Mail Client . . . . .Using the Microsoft Outlook and Lotus Notes Plug-in. . . . . . .Managing the Bayesian Database . . . . . . . . . . . . . . . .Resetting the Bayes Database . . . . . . . . . . . . . . . . . .Sending Spam Messages to Barracuda Networks . . . . . . . .Synchronizing the Bayesian Database . . . . . . . . . . . . . .Enabling Intent Analysis. . . . . . . . . . . . . . . . . . . . . .Reducing Backscatter . . . . . . . . . . . . . . . . . . . . . . .Changing the Language of the Administration Interface . . . . 15252535353545555555656565757C h a p t e r 5 – U s i n g t h e B l o c k a n d A c c e p t F i l t e r s . . . . . . . 59Subscribing to Blacklist Services . . . . . . . . . . . . . . .Blacklist Services Descriptions . . . . . . . . . . . . . . . .What Happens if your Domain or IP Address is on a BlacklistIP Address Filters . . . . . . . . . . . . . . . . . . . . . . .Sender Domain Filters . . . . . . . . . . . . . . . . . . . .Sender Email Address Filter . . . . . . . . . . . . . . . . .Recipient Email Address Filter . . . . . . . . . . . . . . . .Attachment Type Filter . . . . . . . . . . . . . . . . . . . .ivBarracuda Spam Firewall Administrator’s Guide.5960616162636364

Subject Line Filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65Body Filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66Header Filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66C h a p t e r 6 – M a n a g i n g A c c o u n ts a n d D o m a i n s . . . . . . . . 69How the Barracuda Spam Firewall Creates New Accounts . . .Viewing User Accounts . . . . . . . . . . . . . . . . . . . . .Using Filters to Locate Accounts . . . . . . . . . . . . . . . .Editing User Accounts . . . . . . . . . . . . . . . . . . . . . .Removing Invalid User Accounts 72Assigning Features to User Accounts . . . . . . . . . . . . . .Overriding the Quarantine Settings for Specific User Accounts.Example . . . . . . . . . . . . . . . . . . . . . . . . . .Overriding Quarantine Settings . . . . . . . . . . . . . . . . .Backing Up and Restoring User Settings . . . . . . . . . . . .Setting Retention Policies . . . . . . . . . . . . . . . . . . . .Adding New Domains . . . . . . . . . . . . . . . . . . . . . .Editing Domain Settings. . . . . . . . . . . . . . . . . . . . .Using LDAP to Authenticate Message Recipients . . . . . . .Using LDAP for User Authentication . . . . . . . . . . . . . .Impact of a Down LDAP Server . . . . . . . . . . . . . . . . .Common LDAP Settings for Standard Mail Servers. . . . . . .69697071.727374747475757677778080C h a p t e r 7 – A d v a n c e d A d m i n i s t r a t i o n . . . . . . . . . . . . . . 83Modifying the Email Protocol Settings. . . . . . . . . . . . . .Configuring Message Rate Control . . . . . . . . . . . . . . .Activating Individual Accounts. . . . . . . . . . . . . . . . . .Backing Up and Restoring System Configuration . . . . . . . .Performing Desktop Backups . . . . . . . . . . . . . . . . . .Automating Backups (inbound mode only) . . . . . . . . . . .Restoring from a Backup File . . . . . . . . . . . . . . . . . .Updating Spam and Virus Definitions Using Energize Updates .Spam Definition Updates . . . . . . . . . . . . . . . . . . . .Virus Definition Updates. . . . . . . . . . . . . . . . . . . . .Updating the System Firmware Version. . . . . . . . . . . . .Customizing the Appearance of the Administration Interface . .Using a Syslog Server to Centrally Manage System Logs . . .Setting up Trusted Relays and SASL/SMTP Authentication . .Customizing the Outbound Footer . . . . . . . . . . . . . . .Configuring the Network Interfaces on Models 600 and Above .Setting Up Clustered and Standby Systems . . . . . . . . . .Cluster Set up Process . . . . . . . . . . . . . . . . . . . . .Data Propagated to the Clustered Systems . . . . . . . . . . .Field Descriptions for the Clustering Page . . . . . . . . . . .Impact of Changing the IP Address of a Clustered System . . .Implementing Single Sign-on . . . . . . . . . . . . . . . . . .Enabling SSL . . . . . . . . . . . . . . . . . . . . . . . . . .Detecting Spam in Chinese and Japanese Messages . . . . .Customizing Non-Delivery Reports (NDRs) . . . . . . . . . . .Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . 83. 85. 86. 86. 87. 87. 88. 89. 89. 90. 90. 91. 92. 93. 94. 95. 95. 95. 96. 97. 98. 99100102102104v

Generating System Reports . . . . . . . . . . . . . . .Displaying and Emailing Reports . . . . . . . . . . . .Automating the Delivery of Daily System Reports . . .Specifying Report Properties . . . . . . . . . . . . . .Example Report . . . . . . . . . . . . . . . . . . . . .Enabling SMTP over TLS/SSL . . . . . . . . . . . . .Using the Task Manager to Monitor System Tasks . . .Replacing a Failed System . . . . . . . . . . . . . . .Rebooting the System in Recovery Mode. . . . . . . .Tasks to Perform Before Rebooting in Recovery Mode .Performing a System Recovery or Hardware Test . . .Reboot Options . . . . . . . . . . . . . . . . . . . . .105105106106107107108108108109109109C h a p t e r 8 – O u t b o u n d . . . . . . . . . . . . . . . . . . . . . . . . . 111Tabs and Pages Supporting Outbound Mode . . . . . . .About Outbound Mode . . . . . . . . . . . . . . . . . .Viewing Outbound Messages in the Message Log . . . .Changing the Footers on Outbound Messages . . . . . .Specifying Allowed Senders. . . . . . . . . . . . . . . .Specifying Allowed Senders by Domain and IP Address .Specifying Allowed Senders Using SMTP Authentication.Additional Email Protocol Settings for Outbound Mode . .Enabling Intent Analysis and Spam Scoring . . . . . . .Managing the Quarantine Box . . . . . . . . . . . . . .Sending NDRs for Quarantined Messages . . . . . . . .Viewing and Classifying Quarantined Messages . . . . .Using Filters to Locate Specific Messages . . . . . . . .Configuring Message Rate Control . . . . . . . . . . . .Adding a Relay Server . . . . . . . . . . . . . . . . . .Setting Up Subject and Body Filtering . . . . . . . . . . 8.118.119120C h a p t e r 9 – M a n a g i n g You r Q u a r a n t i n e I n b o x . . . . . . . 121Receiving Messages from the Barracuda Spam Firewall . . . . . . . . . .Greeting Message. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Quarantine Summary Report . . . . . . . . . . . . . . . . . . . . . . . .Using the Quarantine Interface . . . . . . . . . . . . . . . . . . . . . . .Logging into the Quarantine Interface. . . . . . . . . . . . . . . . . . . .Managing your Quarantine Inbox . . . . . . . . . . . . . . . . . . . . . .Changing your User Preferences . . . . . . . . . . . . . . . . . . . . . .Changing your Account Password . . . . . . . . . . . . . . . . . . . . .Changing Your Quarantine Settings. . . . . . . . . . . . . . . . . . . . .Enabling and Disabling Spam Scanning of your Email . . . . . . . . . . .Adding Email Addresses and Domains to Your Whitelist and BlacklistChanging the Language of the Quarantine Interface . . . . . . . . . .121121122122122123124124124125126127A p p e n d i x 1 – R e g u l a r E x p r e s s i o n s . . . . . . . . . . . . . . . 129Using Special Characters in Expressions . . . . . . . . . . . . . . . . . . . 130Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130viBarracuda Spam Firewall Administrator’s Guide

Appendix 2 – Limited Warranty and Licensing133Exclusive Remedy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133Exclusions and Restrictions . . . . . . . . . . . . . . . . . . . . . . . . . . 134Open Source Licensing . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134Appendix 3 –C o m p l i a n c e . . . . . . . . . . . . . . . . . . . . 137Notice for the USA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137Notice for Canada . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137Notice for Europe (CE Mark) . . . . . . . . . . . . . . . . . . . . . . . . . 137I n d e x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139vii

viiiBarracuda Spam Firewall Administrator’s Guide

Chapter 1IntroductionThis chapter provides an overview of the Barracuda Spam Firewall and includes the following topics:Overview . 10Barracuda Spam Firewall Models . 13Energize Updates Minimize Administration and Maximize Protection10Inbound and Outbound Modes . 12Technical Support . 12Warranty Policy . 12Locating Information in this Document. 14Introduction 9

OverviewThe Barracuda Spam Firewall is an integrated hardware and software solution that provides powerfuland scalable spam and virus-blocking capabilities that do not impede the performance of your e-mailservers. The system has no per-user license fee and can be scaled to support tens of thousands of activee-mail users.Using the Web-based administration interface, you can configure up to ten defense layers that protectyour users from spam and viruses. The ten defense layers are: Denial of service and security protectionIP block listRate controlVirus check with archive decompressionProprietary virus checkUser-specified rulesSpam fingerprint checkIntention analysisBayesian analysisRule-based spam scoringThe following figure shows each of these defense layers in action:Figure 1.1:Energize Updates Minimize Administration and Maximize ProtectionTo provide you with maximum protection against the latest types of spam and virus attacks,Barracuda Networks maintains a powerful operations center called Barracuda Central. From thiscenter, engineers monitor the Internet for trends in spam and virus attacks and post updated definitionsto Barracuda Central. These updates are then automatically retrieved by your Barracuda SpamFirewall using the Energize Update feature.By identifying spam trends at an early stage, the team at Barracuda Central can quickly develop newand improved blocking techniques and virus definitions that are quickly made available to yourBarracuda Spam Firewall.10Barracuda Spam Firewall Administrator’s Guide

Energize Updates provide your Barracuda Spam Firewall with the following benefits: Access to known offending IP addressesKnown spam messages instantly blockedKnown spam content blockedVirus definitions constantly updatedThe following figure shows how Barracuda Central provides the latest spam and virus definitionsthrough Energize.Figure 1.2:Understanding Spam ScoringThe Barracuda Spam Firewall scrutinizes all the characteristics of a message and uses a complexsystem of scores to determine whether a message is spam. When an e-mail reaches the spam scoringfilter, the Barracuda Spam Firewall assigns scores to all the properties of the message.For example, the Barracuda Spam Firewall srutinizes: A message’s header and subject line for offensive characters or wordsThe percentage of HTML in the messageWhether a message contains an “unsubscribe” linkThese properties (along with many others) help the Barracuda Spam Firewall determine the spamscore for a message that is displayed on the Message Log page of the administration interface.Energize Update keeps the spam rules and scores up-to-date so the Barracuda Spam Firewall canquickly counteract the latest techniques used by spammers.Introduction 11

Inbound and Outbound ModesThe Barracuda Spam Firewall can be configured in one of the following two modes: Inbound Mode (default) scans all incoming messages for viruses and spam probability. Thismode ensures all e-mail delivered to your users is virus-free and legitimate.Outbound Mode scans all outgoing messages (from your users) for viruses and spam probability.This mode ensures all e-mail leaving your network is virus-free and legitimate.Your Barracuda Spam Firewall can only operate in one of these two modes. By default, all BarracudaSpam Firewalls are configured for inbound mode when shipped.For information on how to configure your Barracuda Spam Firewall for outbound mode, refer toConfiguring your System for Outbound Mode on page 33. F or information about the specific featuresrelating to outbound mode, refer to Chapter 8.Technical SupportTo contact Barracuda Networks technical support: By phone, call (408) 342-5400, (888) Anti-Spam, or (888) 268-4772By e-mail, use [email protected] forum: http://forum.barracudanetworks.comWarranty PolicyThe Barracuda Spam Firewall has a 90 day warranty against manufacturing defects.12Barracuda Spam Firewall Administrator’s Guide

Barracuda Spam Firewall ModelsThe Barracuda Spam Firewall comes in a variety of models. Refer to the following table for thecapacity and features available on each model:Table 1.1:Model200Model300Model 400Model600Model800Model 900Email capacity perday1 million2 million5 million10 million15 million20 millionActive e-mail 5,000Feature300–1,000 ble with all email servers999999Hardened and secureOS999999Spam blocking999999Virus 99Outbound mode999999STARTTLSencryption support999999SSL support999999Per-user settings andquarantine99999MS Exchange/LDAPAccelerator99999Syslog support99999SNMP/API9999Per Domain Settings9999Clustering9999Redundant Disk Array(RAID)9999Per-user on 13

Table 1.1:Model800Model 900Hot Swap RedundantDisk Array (RAID)99Hot Swap RedundantPower Supply99FeatureModel200Model300Model 400Model6009Network StorageLocating Information in this Document This section lists the topics associated with each page in the administration interface.Basic TabThe following table lists the topics associated with each page on the Basic tab.Table 1.2:Admin Interface PageRefer to.StatusMonitoring System Status on page 37Message LogMonitoring the Message Log on page 40Spam Scoring(inbound mode only)Configuring the Global Spam Scoring Limits on page 44Specifying the Subject Text and Priority of TaggedMessages on page 45Virus CheckingEnabling and Disabling Virus Checking and Notification onpage 46QuarantineSetting Up Quarantine Policies on page 46IP ConfigurationConfiguring System IP Information on page 49AdministrationControlling Access to the Administration Interface on page51Shutting Down the System on page 52Automating the Delivery of System Alerts and Notificationson page 53Changing the Operation Mode of the System on page 53Bayesian/Intent(inbound mode only)Enabling Users to Classify Messages from a Mail Client onpage 54Managing the Bayesian Database on page 55Enabling Intent Analysis on page 5614Barracuda Spam Firewall Administrator’s Guide

Block/Accept TabThe following table lists the topics associated with each page on the Block/Accept tab.Table 1.3:Admin Interface PageRefer to.External Blacklists(inbound mode only)Subscribing to Blacklist Services on page 59IP Block/AcceptIP Address Filters on page 61Sender Domain Block/AcceptSender Domain Filters on page 62Email Sender Block/AcceptSender Email Address Filter on page 63Email Recipient Block/AcceptRecipient Email Address Filter on page 63Attachment FilteringAttachment Type Filter on page 64Subject FilteringSubject Line Filter on page 65Body FilteringBody Filter on page 66Header FilteringHeader Filter on page 66Users TabThe following table lists the topics associated with each page on the Users tab. This tab is not availablein outbound mode or in models 200, 300 and 400).Table 1.4:Admin Interface PageRefer to.Account ViewViewing User Accounts on page 69Editing User Accounts on page 71Removing Invalid User Accounts on page 72User FeaturesAssigning Features to User Accounts on page 72User Add/UpdateOverriding the Quarantine Settings for Specific User Accounts onpage 73User Backup/RestoreBacking Up and Restoring User Settings on page 74Retention PoliciesSetting Retention Policies on page 75Domains TabThe following table lists the topics associated with each page on the Domains tab. This tab is notavailable in models 200 and 300.Introduction 15

Table 1.5:Admin Interface PageRefer to.Domain ManagerAdding New Domains on page 75Editing Domain Settings on page 76Using LDAP to Authenticate Message Recipients on page 77Advanced TabThe following table lists the topics associated with each page on the Advanced tab.Table 1.6:16Admin Interface PageRefer to.Email ProtocolModifying the Email Protocol Settings on page 83Rate ControlsConfiguring Message Rate Control on page 85Explicit Users(inbound mode only)Activating Individual Accounts on page 86.BackupBacking Up and Restoring System Configuration on page 86Energize UpdatesUpdating Spam and Virus Definitions Using Energize Updates onpage 89Firmware UpdateUpdating the System Firmware Version on page 90Appearance(inbound mode only)Customizing the Appearance of the Administration Interface onpage 91 (not supported in models 200/300/400)SyslogUsing a Syslog Server to Centrally Manage System Logs on page92 (not supported in model 200)Outbound / Relay(inbound mode only)Setting up Trusted Relays and SASL/SMTP Authentication onpage 93Outbound FooterCustomizing the Outbound Footer on page 94Advanced IP Configuration(inbound mode only)Configuring the Network Interfaces on Models 600 and Above onpage 95ClusteringSetting Up Clustered and Standby Systems on page 95 (notsupported in model 200/300)Single Sign-on(inbound mode only)Implementing Single Sign-on on page 99 (not supported in model200/300)SSLEnabling SSL on page 100Regional SettingsDetecting Spam in Chinese and Japanese Messages on page102Bounce/NDR MessagesCustomizing Non-Delivery Reports (NDRs) on page 102TroubleshootingTroubleshooting on page 104Barracuda Spam Firewall Administrator’s Guide

Table 1.6:Admin Interface PageRefer to.ReportingGenerating System Reports on page 105SMTP / TLSEnabling SMTP over TLS/SSL on page 107Task ManagerUsing the Task Manager to Monitor System Tasks on page 108Introduction 17

18Barracuda Spam Firewall Administrator’s Guide

Chapter 2Pre-installationThis chapter provides an overview of the Barracuda Spam Firewall deployment issues that you mustconsider before you install the Barracuda Spam Firewall on your network. Deployment Types on page 20Pre-installation 19

Deployment TypesWhen deciding how best to deploy your Barracuda IM Firewall, consider both the capabilities of theBarracuda IM Firewall and the components in your network. You can deploy the appliance in avariety of deployment types depending on your needs. The Barracuda IM Firewall provides theflexibility to meet the needs of complex enterprise networks. It supports multiple external networkconnections, asymmetric routing, servers containing sensitive and important information, multipleVLANs, and more.The recommended installation deployment type is the Standard Network Configuration. In thisdeployment, the Barracuda Spam Firewall is able to scan all inbound and outbound Internet traffic forspam and viruses. The descriptions below give a general information each deployment type.NoteThe deployment for your network may vary. 20Standard Network Configuration: The Barracuda Spam Firewall is connected to your coreInternet network components and all network traffic to the Internet passes through the BarracudaSpam Firewall.ISP Installation: This deployment is used by Internet Service Providers. In this deployment theBarracuda Spam Firewall is configured to interact with these ISPs.High Availability: The Barracuda Spam Firewall is installed and configured in separatenetworks and are then clustered to interact with each other.Barracuda Spam Firewall Installation Guide

Standard Network Configuration DeploymentStandard Network Configuration requires all Internet requests to pass through the Barracuda SpamFirewall. The Barracuda Spam Firewall is installed directly to the Internet firewall/router. With theBarracuda Spam Firewall connected to your core Internet network components, it is able to filter andscan all Internet traffic requests. It performs content filtering and scans downloads for spam andviruses. It also detects and blocks outbound spam protocol requests, which identifies infected clientson your network.The most straightforward deployment of the Barracuda Spam Firewall is the Standard NetworkConfiguration Deployment. The Barracuda Spam Firewall scans all outbound traffic for spam activityon all ports to detect infected clients.Figure 2.1 illustrates a basic installation using the Standard Network Configuration.Figure 2.1: Standard Network Configuration DeploymentSenderInternetMailServerWANBarracuda Spam FirewallLANMailServerClientPre-installation 21

ISP Installation DeploymentThis deployment type is typically used by Internet Service Providers. The Barracuda Spam Firewallis configured to interact with these providers.In this deployment, the Barracuda Spam Firewall detects all network traffic. The proxy serverconnects directly to the Barracuda Spam Firewall LAN port. The Barracuda Spam Firewall scans forall inbound and outbound HTTP traffic from the proxy server. All outbound traffic on other ports arescanned for normal spam communication. Figure 2.2 illustrates the ISP Installation Deployment. .Figure 2.2: ISP Installation DeploymentCompany 1Mail ServerBarracuda Spam FirewallInternetCompany 2Mail ServerCompany 3Mail Server22Barracuda Spam Firewall Installation Guide

High Availability DeploymentThe High Availability deployment is configured in two separate networks and these networks are thenclustered to interact with one another. You can combine the Barracuda Spam Firewall appliance withother nodes and appliances into a cluster. One node within the cluster functions as the master node,and the others act as slaves. You can access and configure all nodes in the cluster from the same WebGUI. You can configure cluster parameters on the master node, which then propagate to the slavenodes.The Barracuda Spam Firewall scans the HTTP traffic for spam and viruses; it also providescontent filtering.Figure 2.3 illustrates a basic installation using the High Availability Deployment.Figure 2.3: High Availability DeploymentXMInternetMXWANWANBarracuda Spam FirewallBarracuda Spam erPre-installation 23

24Barracuda Spam Firewall Installation Guide

Chapter 3SetupThis chapter covers:Installation Examples . 32Barracuda Spam Firewall Behind Corporate Firewall . 32Barracuda Spam Firewall in the DMZ . 33Configuring your System for Outbound Mode. 33Outbound Mode Configuration Process . 34Changing to Outbound Mode . 34Setting up your Email Server as a Smart/Relay Host .

The Barracuda Spam Firewall scrutinizes all the characteristics of a message and uses a complex system of scores to determine whether a message is spam. When an e-mail reaches the spam scoring filter, the Barracuda Spam Firewall assigns scores to all the properties of the message. For example,