What is Mail Alerts?
Mail Alerts is a Vigor router function that is used to notify a user that a router is undergoing DoS attacks or shows which websites blocked by the URL filter rules are attempted by internal users.
The demo shows the Vigor 2920T series for an explanation of how to install DoS Defense.
')
If you want to receive information about DoS attacks, please check Enable DoS Defense before configuring Mail Alerts.
1. Log into the WUI Vigor 2920.
2. Open Firewall >> DoS Defense Setup (Firewall >> Configure DoS Protection).
3. Check the necessary items.
If you want to receive information from the URL Access Log, please activate the Enable URL Access Log function before setting up Mail Alerts.
1. Log into the WUI Vigor 2920.
2. Open CSM >> URL Content Filter Profile (CSM >> URL Content Profile Filter).
3. Click Index 1 and open the next page.
4. Open System Maintenance >> Syslog / Mail Alert (System Support >> Syslog / Mail Alerts) and set up Mail Alerts as shown below.
SMTP Server Enter the IP address of the SMTP server you use to send email alerts.
Submit Enter the email address that will receive mail error notifications.
Return path Specify the email address of another mailbox to receive all returned messages in case of serious problems with the recipient's mailbox.
The email address typed in this area also acts as the Sender address while the Vigor router sends an alternate email.
Authentication If the SMTP server you have configured needs user authentication, please enable it and enter the appropriate username and password in the following paragraphs.
Username Please enter SMTP server username authentication.
Password Please enter the SMTP server password authentication.
Note: Only the SMTP server IP address can be entered in the SMTP server field. You cannot enter the domain name of the SMTP server directly. To get the IP address of the SMTP server, use the nslookup command to get the IP address.
Note: There are several free SMTP servers without Internet authentication. If you enter them as an SMTP server, then you do not need to activate the Authentication element and configure the User Name and Password (User Name and Password).
After completing the above settings, you will periodically receive e-mail notifications (including DoS attacks and URL Access Log). If you leave the Return-Path option empty, you will receive the following email notification. Sender will be displayed with “MAILER-DAEMON”.
Note: If you select Both in the Priority field on the CSM >> URL Content Filter Profile (CSM >> URL Content Filter Profile) field and some internal users try to visit websites, you will find relevant entries, for example , "CF Keyword Block 172.17.1.21,38096 -> www.google-analytics.com , 80 PR tcp len 20 861 -PA -1618639177 -479936808".
If you configure the Return-Path function, you will receive the following email notification. The "Sender" item from the mail alert will display the mailboxes that you set up in the "Item Return Path".
The demo shows the Vigor 2920T series for an explanation of how to install DoS Defense.
')
If you want to receive information about DoS attacks, please check Enable DoS Defense before configuring Mail Alerts.
1. Log into the WUI Vigor 2920.
2. Open Firewall >> DoS Defense Setup (Firewall >> Configure DoS Protection).
3. Check the necessary items.
If you want to receive information from the URL Access Log, please activate the Enable URL Access Log function before setting up Mail Alerts.
1. Log into the WUI Vigor 2920.
2. Open CSM >> URL Content Filter Profile (CSM >> URL Content Profile Filter).
3. Click Index 1 and open the next page.
4. Open System Maintenance >> Syslog / Mail Alert (System Support >> Syslog / Mail Alerts) and set up Mail Alerts as shown below.
SMTP Server Enter the IP address of the SMTP server you use to send email alerts.
Submit Enter the email address that will receive mail error notifications.
Return path Specify the email address of another mailbox to receive all returned messages in case of serious problems with the recipient's mailbox.
The email address typed in this area also acts as the Sender address while the Vigor router sends an alternate email.
Authentication If the SMTP server you have configured needs user authentication, please enable it and enter the appropriate username and password in the following paragraphs.
Username Please enter SMTP server username authentication.
Password Please enter the SMTP server password authentication.
Note: Only the SMTP server IP address can be entered in the SMTP server field. You cannot enter the domain name of the SMTP server directly. To get the IP address of the SMTP server, use the nslookup command to get the IP address.
Note: There are several free SMTP servers without Internet authentication. If you enter them as an SMTP server, then you do not need to activate the Authentication element and configure the User Name and Password (User Name and Password).
After completing the above settings, you will periodically receive e-mail notifications (including DoS attacks and URL Access Log). If you leave the Return-Path option empty, you will receive the following email notification. Sender will be displayed with “MAILER-DAEMON”.
Note: If you select Both in the Priority field on the CSM >> URL Content Filter Profile (CSM >> URL Content Filter Profile) field and some internal users try to visit websites, you will find relevant entries, for example , "CF Keyword Block 172.17.1.21,38096 -> www.google-analytics.com , 80 PR tcp len 20 861 -PA -1618639177 -479936808".
If you configure the Return-Path function, you will receive the following email notification. The "Sender" item from the mail alert will display the mailboxes that you set up in the "Item Return Path".
Source: https://habr.com/ru/post/395269/
All Articles