It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Email Gateway Defense
formerly Email Security

IP Analysis - Inbound

  • Last updated on

Important
When entering an IP range in Email Gateway Defense, it is critical that the starting IP address is valid. For example, the following table shows an invalid and the corrected IP range:

Invalid (IP – Netmask)Correct (IP – Netmask)
  • 209.222.86.3-255.255.255.0 (256 address range)
  • 209.222.82.0-255.255.248.0 (2048 address range)
  • 209.222.80.0-255.255.255.0
  • 209.222.80.0-255.255.248.0

Additional Resource

To find the correct starting and ending IP addresses in a range,

  1. Go to the MXToolbox Subnet Calculator.
  2. Enter an IP address in your range and the netmask, and click View Subnet to view your starting IP address.

If you make setting changes, allow a few minutes for the changes to take effect.

Create Custom IP Policies

Once the true sender of an email message is identified, the reputation and intent of that sender should be determined before accepting the message as valid, or "not spam". The best way to address both issues is to know the IP addresses of trusted email senders and forwarders and define those as exempt from scanning by adding them to a list of known good senders.

Add exempt/trusted sender IP addresses and block those you know are not trusted on the Inbound Settings > IP Address Policies page.

Barracuda Networks does not recommend exempting domains because spammers may spoof domain names. When possible, it is recommended that you exempt by IP address only.

You can create a list of Trusted Forwarders by specifying one or more IP addresses of machines that you have set up to forward email to Email Gateway Defense from outside sources. Email Gateway Defense exempts any IP address in this list from Rate Control, Sender Policy Framework (SPF) checks, and IP Reputation. In the Received headers, Email Gateway Defense continues looking beyond a Trusted Forwarder IP address until it encounters the first non-trusted IP address. At this point, Rate Control, SPF checks, and IP Reputation checks are applied. Configure on the Inbound Settings > IP Address Policies page.