How to configure MTA with Microsoft Exchange for Network Prevent Email

Article:TECH158422  |  Created: 2011-04-20  |  Updated: 2011-08-15  |  Article URL http://www.symantec.com/docs/TECH158422
Article Type
Technical Solution


Issue



This document shows you how to configure the environment of Network Prevent for Email with MS Exchange 2003. No external DNS, using forward mode.


Environment



 

 


Solution



Two domains and Exchange server:

A: gcrvontu.com, 10.200.48.121

B: vontu.local 10.200.53.93

1)Install AD and DNS for each machine, two domains are created

A: gcrvontu.com

B: zhy.local

2) Install MS Exchange server 2003 for each machine

3) Configure the DNS and Exchange Server to make sure the email can be sent and received for two domains

a.Add the address record and MX record in each machine for DNS system

b.Open Exchange System Manager

c.Expand administrative group

d.Right click “Default SMTP Virtual Server”  and select “Property”

e.Go to “Access” tab and Click “Relay”

f.Check  “All except the list below” and  “Allow all computers which successfully authenticate to relay” as following:

g.Save the changes

h.Restart your machine

4)Send mail between two domains, and make sure you can send and receive mail successfully

5)Configure MS Exchange server 2003 for Network Prevent Email

a.Expand the Administrative Groups container from Exchange System Manager

b.Click the administrative group that you want to work with, and then expand it

c.Expand the Routing Groups container

d.Click the routing group that you want to work with, and then expand it

e.Right-click the Connectors container, and then click “New”.

f.Click “SMTP Connector”

g.On the “General” tab, provide an appropriate identifying name for the connector

h.Choose “Forward all mail through”

i.Enter the IP address of Network Prevent for Email server, such as [10.200.55.26]

j.Add the "local bridgehead" server

k.On the tab "Address Space", add a wildcard address space for SMTP

l.Check  “Allow messages to be”

m.Save the changes

6)Configure the Network Prevent Email using forward mode

a.Add a detection server of Network Prevent for Mail in Enforce

b.Enter valid Host information

c.Check “Forward”

d.Enter valid information of “Next MTA”, such as 10.200.53.93 and Save it

e.Click “Server Settings”

f.Set RequestProcesser.MTAResubmitPort =25 and RequestProcesser.ServerSocketPort =25 In “Advanced Server settings” page

g.Save the changes

7)      Create a policy with response rule: Network Prevent:Block SMTP Message

Note: fill in the “bounce message” and “redirect message to this address”

8)      Try to send mail containing confidential information to vontu.local from gcrvontu.com to violate the policy

9)      Check if the incident is recorded, the sender receive the bounce message and the message is redirected to the correct address

 

 

 

 




Article URL http://www.symantec.com/docs/TECH158422


Terms of use for this information are found in Legal Notices