Video Screencast Help

Using reflecting or forwarding mode for Network Prevent (Email)?

Created: 21 May 2012 • Updated: 29 May 2012 | 2 comments
Yin Fai's picture
This issue has been solved. See solution.

Hi all,

Let say my setup is Exchange -> MTA. If I wanted to implement Network Prevent (Email), which mode is preferable, reflecting or forwarding?

As I know the advantage of reflecting mode is the MTA will bypass the Network Prevent (Email) in case the Network Prevent (Email) is down. But not all MTA are supporting reflecting mode.

If I use forwarding mode, the email will fail to send if the Network Prevent (Email) is down. But most of the MTA are supporting forwarding mode.

Please correct me if I'm wrong.


Comments 2 CommentsJump to latest comment

xlloyd's picture

Most customers I work with only have 1 MTA so they don't have much of a choice. I think forwarding mode is better from a raw performance standpoint since each MTA needs only one open connection at a time. If the customer is implementing DLP and don't yet have an MTA though, I wouldn't use DLP as a reason to sell them 2 MTAs for the purpose of going in forwarding mode.

You should be able to use some MX lookup magic to get around the failure of the Email Prevent server if you do decide to use forwarding mode though. You'd need to specify a backup mx record pointing to the upstream MTA on the downstream MTA in case DLP goes down.

If this post has helped you, please vote up or mark as solution
Denis Kattithara's picture

I would ideally configure two SMTP Virtual servers in Exchange, similar to the below. This would ensure that all email is routed to DLP by default, and to the MTA when DLP is not available.

SMTP Virtual Server 1

Exchange - DLP - MTA

Cost = 1

SMTP Virtual Server 2

Exchange - MTA

Cost = 2

Denis John Kattithara

Partner Assist Services

Symantec Corporation