A pass through is a manual block set with Pass Through as the action.
Configure a manual pass through whenever you have a trusted relay server which sends you unfiltered traffic, the volume of mail will be enough to trigger an attack. However, in order for an attack rule to trigger, the majority of email from the source needs to fit the content profile of a DHA (little or no message content), email bomb (large messages), spam attack (spam messages), or virus outbreak (virus-laden messages).
Once the second criteria is met, then an attack block will be triggered. Since the server is trusted, you know that it is not initiating the attack, so you should set a pass through to prevent automatic attack blocking from preventing all traffic from the server.
If you do not trust that the server sends you valid traffic, it would be unwise to set up a pass through.
Note: A pass through will not cause the mail traffic from the server to bypass filters, so this does not create email security holes.
Comments
0 comments
Please sign in to leave a comment.