F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

THE_BLUE's avatar
THE_BLUE
Icon for Cirrostratus rankCirrostratus
Jun 28, 2021
Solved

F5 and anti-spam

is there any policy in F5 that help me to filter mails and works as anti spam ? if yes then how can i configure it ? or it is require license ?
application delivery
ASM Advanced WAF
iRules
security
THE_BLUE's avatar
THE_BLUE
Icon for Cirrostratus rankCirrostratus
Jun 28, 2021

Dear Nikoolayy1,

the ip intelligence is already activated and I'm looking for extra layer. thanks a lot.

Nikoolayy1's avatar
Nikoolayy1
Icon for MVP rankMVP
Jun 29, 2021

About the irule I don't think there is exactly what you are looking for but probably it could be written but it will take a lot of time to capture the traffic with TCP::collect and to match on the "From: user@domain.com" value in the emails but I admit don't have a use case to try do it. This is why I gave you the example with the iRule with smtp-filter-and-proxy.

 

 

For PTR if your device is not the DNS/GTM you may extract the needed value from the email payloadd and with the "RESOLV::lookup" to check it as I don't know if ''NAME::lookup'' supports PTR resolution:

 

 

https://clouddocs.f5.com/api/irules/resolv__lookup.html

 

https://clouddocs.f5.com/api/irules/NAME__lookup.html

 

 

 

A good note is you can use free feed lists as alternative to the F5 URLDB service for the SWG module like Minemelt if you have AFM you can add custom feed lists and if not you may check the tabul CVS importer iRule that I also use for some things.

 

 

https://www.paloaltonetworks.com/products/secure-the-network/subscriptions/minemeld

 

 

https://devcentral.f5.com/s/articles/csv-tabular-data-sideband-importer

 

 

https://devcentral.f5.com/s/articles/populating-tables-with-csv-data-via-sideband-connections