This chapter describes how to use the PMDF CONFIGURE FIREWALL utility to create an initial configuration for use on an e-mail firewall system. In many cases the configuration created by following these steps will suffice for a firewall system without further modification. Additional customization, for instance, implementing centralized naming on the e-mail firewall, the addition of some channels such as UUCP channels or PhoneNet channels not generated by the utility, implementation of address-specific e-mail access controls, implementation of mail storm or denial or service safeguards, or hooking in a virus scanner via the PMDF conversion channel, will require manual editing of the configuration files.
Manual editing of the configuration files may also be required as your
environment evolves. For example, as nodes or networks are added you
may need to add rewrite rules or channel blocks to your
pmdf.cnf file. In many cases you may find it easier to
rerun the configuration generator supplying new answers reflecting the
changes in your environment.
A history of the configuration run is saved in the file
firewall_configure.history in the PMDF table directory
when you run the PMDF CONFIGURE FIREWALL utility. When you run PMDF
CONFIGURE FIREWALL again, you will be prompted as to whether the
answers from the history file should be used as default answers. The
history file should not be deleted casually, as it could save you from
typing the same answers over again, and may prove useful to Innosoft
technical support should you encounter problems.