Figure: Symantec Messaging Gateway Architecture shows how Symantec Messaging Gateway processes an email message. This diagram assumes that the message passes through the Brightmail Filtering Module to the Mail Transformation Engine without being rejected.
The path an email message takes is as follows:
At the gateway, global reputation determines if the sending IP is a Good Sender or a Bad Sender. It accepts or rejects the connection based on the distinction.
Connection Classification classifies the sending IP into one of 10 classes based on local reputation. It either accepts or defers the connection based on class membership.
Before the MTA accepts the message, it checks the domain address and email address. The MTA determines if it belongs to the Local Good Sender Domains or Local Bad Sender Domains group. If it does, it applies the configured action to the message. If appropriate, the MTA moves the message to its inbound queue.
The Brightmail Filtering Module consults the directory data service to expand the message's distribution list and determines policy group membership.
The Brightmail Filtering Module determines each recipient's filtering policies.
Antivirus filters determine whether the message is infected.
Spam filters determine whether the message is spam or suspected spam.
Unwanted mail filters (including marketing newsletters, redirect URLs, and customer-specific spam) determine whether the message is unwanted.
Content filtering policy filters scan the message and attachments for restricted content.
The Mail Transformation Engine performs actions according to filtering results and configurable policies and applies them to each recipient's message based on policy group membership.
Messages may be held in quarantine for review based on policy configuration. Messages in content incident folders can be remediate through the console or through the Enforce Server.
Messages are then inserted into the delivery queue for delivery by the MTA.
Symantec Messaging Gateway does not filter any messages that do not flow through the SMTP gateway. For example, it does not filter the messages that are sent between mailboxes on the same Microsoft Exchange Server or within an Exchange organization.