Messaging Gateway

 View Only

  • 1.  SBG 9 - Centralized Quarantine

    Posted Aug 02, 2010 10:24 AM
    Due to our configuration, we have SBG at three locations and therefor three Control Centers.  I'm thinking about implementing per-user Suspect Spam quarantine but don't want users to get a digest from each of the SBG Control Centers.  I'm thinking about.

    1. Setting up a VM Control Center (or choose one of the existing CCs which are not in the DMZ) as the primary Spam Quarantine.
    2. Change the Suspect spam policy to - add a header (SuspectSpam=Y) and then Route the message to the primary Spam Quarantine.
    3. The primary Spam Quarantine server, create a Content Policy (if Header SuspectSpam = Y, hold message in Quarantine.

    Has anyone tried this?  I'm leaning towards using a VM since there would be little chance of other policies messing with the setup, and I can optimize for the quarantine function.



  • 2.  RE: SBG 9 - Centralized Quarantine

    Posted Aug 03, 2010 07:11 AM
    Hi,

    Yep, you can have your scanners route the messages directly to a specific BCC instance for quarantining by using the quarantine listener on that BCC - so you wouldn't have to worry about the headers unless this is important to you somewhere down the line.
    This is off the top of my head here as it's been a while since I did this, so you should verify this yourself obviously :) but you should be able to just change the spam or suspect spam policies on the scanner to use the action "Route the Message" and then specify the destination IP address and the quarantine listener port (41025 by default).

    HTH

    //ian


  • 3.  RE: SBG 9 - Centralized Quarantine

    Posted Aug 03, 2010 10:28 AM

    I hadn't thought of routing to the spam quarantine port # on the BCC.  I was just going to route to port 25 and add a policy on the box.
    I'll check out what happens to the headers in the two scenarios.



  • 4.  RE: SBG 9 - Centralized Quarantine

    Posted Aug 09, 2010 01:30 AM
    Routing to the quarantine port on a BCC works fine. It just accepts the mail and stores it.

    I have 3 seperate clusters of scanners all sending quarantine email to a single BCC and then have that looking up distinct AD servers for user auth.

    You can do the same for any type of quarantine.
    Eg. In really large environments I would create seperate spam, virus and content quarantines.



  • 5.  RE: SBG 9 - Centralized Quarantine

    Posted Aug 09, 2010 09:48 AM

    Thanks.  Are you saying that for Content Quarantine I use the same CC route as the Spam, or a separate CC?


  • 6.  RE: SBG 9 - Centralized Quarantine
    Best Answer

    Posted Aug 09, 2010 08:13 PM

    You can have as many quarantines as you like.
    The CC doesn't really care, it just takes the mail and stores it based in the primary email address it is sent to.