Follow

Mail Proxy - Basic Setup

  Version 2.5 Versions 3.0 & 5.0

Applies to Platform: UTM 2.4, UTM 2.5
Last update: 04 June 2014

Applies to Platform: UTM 3.0 and 5.0
Last update: 04 June 2014

This lesson will illustrate the necessary steps to configure the email proxy for both inbound and outbound spam and virus filtering on a typical Endian appliance.

Configuration Example (Inbound)

?name=Network_Diagram_-_SMTP_Proxy__Inbound_.png  

In order to filter email prior to arriving at our internal mail server, we'll configure the Endian to receive all Internet email and filter it appropriately prior to handing it off the mail server. You can also use the Endian appliance to add a second level of filtering should you already have internal mail filtering to provide multiple layers of filtering and email security.

Configuration Example (Outbound)

?name=Network_Diagram_-_SMTP_Proxy__Outbound_.png

We'll also configure the Endian to transparently scan and filter all outbound SMTP email. This will ensure that all email from our mail server as well as any internal computer that may be sending email directly to the Internet are filtered appropriately before sending to the Internet.

Enable the SMTP Proxy

?name=media_1302711548053.png smtp1.png

The first step is to enable the SMTP proxy by clicking the gray button (should turn green). Once this is done, we can configure the (1) outbound email filtering mode for each of our internal networks (GREEN, ORANGE, BLUE) to "Transparent" as this will ensure all outbound SMTP traffic is scanned automatically with no client side changes required. Last, we can (2) enable inbound email filtering by selecting "Active" mode under the RED interface.

Configure Spam Settings

?name=media_1302711912273.png smtp2.png

Next we'll turn on (1) Spam filtering by checking the box and configure the default action to take for messages marked spam (we'll use the default quarantine). Next you can provide a Spam subject line to be added to any marked spam emails. It's usually not recommended to alter the default Spam identification levels (tag, mark, quarantine). Last we'll enable greylisting to provide an extra layer of spam protection.

Note

Greylisting is a method used to reduce spam by automatically rejecting all unknown emails. If the email was legitimately, then the originating mail server will retry to send the email at which point it would be accepted. The theory is that any mass spam bot will not try to resend rejected email so only valid emails should get through.

Configure Virus Settings

?name=media_1302712341467.png smtp3.png

Now we'll enable virus scanning and configure the default action to take for messages marked as containing a virus (we'll use the default quarantine). You can also provide an admin email to be copied for all virus notificaitons.

Configure File Extensions

?name=media_1302719213618.png smtp4.png

Optionally, you may also configure the blocking of certain file extensions if you have a need or requirement to do so.

Once all of the configuration is complete, click Save and continue.

Configure Real-Time Blacklists (RBL)

?name=media_1302719308586.png smtp5.png

Next, we need to enable the real-time blacklists for Endian to use in checking for known blacklisted email servers. Endian supports both IP and DNS-based RBLs.

Once this is complete, click Save and continue.

(Optional) Configure Greylisting

?name=media_1302719928335.png smtp6.png

If you're using spam greylisting, you may optionally choose to configure the greylisting whitelist for all known recipients, domains, and mail servers. This can help to reduce the inherent mail delivery delay associated with greylisting for known good mail sources.

Configure Incoming Mail Server

?name=media_1302720107366.png smtp7.png

Next, we'll setup all internal mail server domains that need to be filtered for incoming email by adding the domain and mail server IP address for that domain.

Once this is complete, click Save and continue.

Configure Mail Proxy Advanced Settings

?name=media_1302720594442.png smtp8.png

The last step is to configure any advanced mail proxy settings which are recommended and enabled by default. These include things to check and verify for SMTP syntax and sender/recipient validation mechanisms (valid A or MX record, valid recipient address, etc.). You can also set maximum email size and SMTP HELO name.

Once this is complete, click Save and you're done.

Warning

When using the SMTP proxy, do NOT add a DNAT (Port Forwarding) rule for SMTP to your mail server. This will force a bypass of the SMTP proxy and leave your internal mailserver vulnerable to the Internet.
Have more questions? Submit a request

Comments

  • Avatar
    Permanently deleted user

    Still valid for 2.5

  • Avatar
    Riaan

    Are you planning on writing an advanced setup how to relay to external mail server like for example google which uses SSL/TLS?

  • Avatar
    Minh Dong Quang

    Dear Endian team,

    I have installed EFW Community version and enable SMTP proxy. But I do not find the recipient verification in LDAP, AD,.. server option. Does EFW support it?

     

    Thanks,

     

  • Avatar
    Minh Dong Quang

    Also, I did not found out the SPF feature on the SMTP proxy setting. Pls advise

     

    Thanks,

  • Avatar
    Endian Support Team

    Hi,

    As stated on our website, this help ticketing system is reserved for our Enterprise customers only. However, there are several online forum on the Community edition where you can ask for help.

    Cheers,

    Endian Support Team

    www.endian.com

  • Avatar
    Esanchez

    Muy bueno el soporte que da Endian...estoy muy agradecido.