Applies to Platform: UTM 2.4, UTM 2.5
Last update: 04 June 2014
Applies to Platform: UTM 3.0 and 5.0
Last update: 04 June 2014
This lesson will illustrate the necessary steps to configure the email proxy for both inbound and outbound spam and virus filtering on a typical Endian appliance.
Configuration Example (Inbound)
In order to filter email prior to arriving at our internal mail server, we'll configure the Endian to receive all Internet email and filter it appropriately prior to handing it off the mail server. You can also use the Endian appliance to add a second level of filtering should you already have internal mail filtering to provide multiple layers of filtering and email security.
Configuration Example (Outbound)
We'll also configure the Endian to transparently scan and filter all outbound SMTP email. This will ensure that all email from our mail server as well as any internal computer that may be sending email directly to the Internet are filtered appropriately before sending to the Internet.
Enable the SMTP Proxy
The first step is to enable the SMTP proxy by clicking the gray button (should turn green). Once this is done, we can configure the (1) outbound email filtering mode for each of our internal networks (GREEN, ORANGE, BLUE) to "Transparent" as this will ensure all outbound SMTP traffic is scanned automatically with no client side changes required. Last, we can (2) enable inbound email filtering by selecting "Active" mode under the RED interface.
Configure Spam Settings
Next we'll turn on (1) Spam filtering by checking the box and configure the default action to take for messages marked spam (we'll use the default quarantine). Next you can provide a Spam subject line to be added to any marked spam emails. It's usually not recommended to alter the default Spam identification levels (tag, mark, quarantine). Last we'll enable greylisting to provide an extra layer of spam protection.
Note
Configure Virus Settings
Now we'll enable virus scanning and configure the default action to take for messages marked as containing a virus (we'll use the default quarantine). You can also provide an admin email to be copied for all virus notificaitons.
Configure File Extensions
Optionally, you may also configure the blocking of certain file extensions if you have a need or requirement to do so.
Once all of the configuration is complete, click Save and continue.
Configure Real-Time Blacklists (RBL)
Next, we need to enable the real-time blacklists for Endian to use in checking for known blacklisted email servers. Endian supports both IP and DNS-based RBLs.
Once this is complete, click Save and continue.
(Optional) Configure Greylisting
If you're using spam greylisting, you may optionally choose to configure the greylisting whitelist for all known recipients, domains, and mail servers. This can help to reduce the inherent mail delivery delay associated with greylisting for known good mail sources.
Configure Incoming Mail Server
Next, we'll setup all internal mail server domains that need to be filtered for incoming email by adding the domain and mail server IP address for that domain.
Once this is complete, click Save and continue.
Configure Mail Proxy Advanced Settings
The last step is to configure any advanced mail proxy settings which are recommended and enabled by default. These include things to check and verify for SMTP syntax and sender/recipient validation mechanisms (valid A or MX record, valid recipient address, etc.). You can also set maximum email size and SMTP HELO name.
Once this is complete, click Save and you're done.
Still valid for 2.5
Are you planning on writing an advanced setup how to relay to external mail server like for example google which uses SSL/TLS?
Dear Endian team,
I have installed EFW Community version and enable SMTP proxy. But I do not find the recipient verification in LDAP, AD,.. server option. Does EFW support it?
Thanks,
Also, I did not found out the SPF feature on the SMTP proxy setting. Pls advise
Thanks,
Hi,
As stated on our website, this help ticketing system is reserved for our Enterprise customers only. However, there are several online forum on the Community edition where you can ask for help.
Cheers,
Endian Support Team
www.endian.com
Muy bueno el soporte que da Endian...estoy muy agradecido.