Video Screencast Help

MTAs Supported by Symantec DLP 10.0

Created: 09 Jan 2010 • Updated: 12 Jul 2010 | 3 comments

Hi All,

Can anyone provide me the list of MTAs supported by Symantec DLP 10.0 ? 

In addition, if I have a MTA, which is not supported by Symantec, then is there anyway that we can use some customizations or third party tools to achieve the MTA Integration?

Hope I am clear.

- Naren

Discussion Filed Under:

Comments 3 CommentsJump to latest comment

Naor Penso's picture

There is a document that suggets how to use the network prevent for mail,
but still any MTA that can transfer the mail to do another hop would be fine.
You can either use forwarding mode (putting the DLP server between 2 MTA's),
or use the reflecting mode (MTA sends the mail to the DLP server which analyze the mail and returns the mail to the same MTA).
If you bought the priduct you could consult with the document: "Symantec DLP 10.0 Email Prevent MTA Integration Guide"

What MTA do you use?

P.S
Symantec DLP Web Prevent does have some specifications that the organization must meet (the web proxy must support ICAP).
the new version (10.0) supports: Bluecoat,ISA,Squid and more.

Kind Regards,
Naor Penso

For Forum threads, please click "Mark as Solution" if answered.
For all content, please give a thumbs up if you agree with or support the post.
Thanks :)

Naren1863's picture

Thanks for the response

The MTA product that we are using is Mxtreme from Borderware.

Please let me know if you have any insight on integrating this product (or any) with Symantec DLP Network Prevent (Mail).

- Naren

Naor Penso's picture

I don't know this production specifically but you should consider the following things:
1) There are 2 ways to integrate the network prevent for mail:
     * Exchange forwards a mail to the MTA -> the MTA transfers the mail to the Prevent for mail which analyze the
        mail and then returns the mail to MTA which forwards the mail to the destination
     * Exchange forwards a mail to the MTA -> the MTA transfers the mail to the Prevent for mail which analyze the
        mail and then forwards the mail to another MTA which forwards the mail to the destination
For most clients the first option is the better one, because not many clients (that i know of) can afford 2 MTA's.

2) Do not enforce prevent policies on day one - this is correct regarding any module that you are about to use. first test the policies and make sure that the amount of false-positive's are as little as possible, and make sure you are preventing what you intended, just then start enforcing prevent policies on your corporate network.

If you have any more specific question you are more then welcome to ask.
Kind Regards,
Naor Penso

For Forum threads, please click "Mark as Solution" if answered.
For all content, please give a thumbs up if you agree with or support the post.
Thanks :)