This chapter describes how to use the PMDF CONFIGURE FIREWALL utility to create an initial configuration for use on an e-mail firewall system. In many cases the configuration created by following these steps will suffice for a firewall system without further modification. Additional customization, for instance, implementing centralized naming on the e-mail firewall, the addition of some channels such as UUCP channels or PhoneNet channels not generated by the utility, implementation of address-specific e-mail access controls, implementation of mail storm or denial or service safeguards, or hooking in a virus scanner via the PMDF conversion channel, will require manual editing of the configuration files.

Manual editing of the configuration files can also be required as your environment evolves. For example, as nodes or networks are added you might need to add rewrite rules or channel blocks to your pmdf.cnf file. In many cases you might find it easier to rerun the configuration generator supplying new answers reflecting the changes in your environment.

A history of the configuration run is saved in the file firewall_configure.history in the PMDF table directory when you run the PMDF CONFIGURE FIREWALL utility. When you run PMDF CONFIGURE FIREWALL again, you will be prompted as to whether the answers from the history file should be used as default answers. The history file should not be deleted casually, as it could save you from typing the same answers over again, and might prove useful to technical support should you encounter problems.