This document shows you how to configure the environment of Network Prevent for Email with MS Exchange 2003. No external DNS, using forward mode.
Two domains and Exchange server:
A: gcrvontu.com, 10.200.48.121
B: vontu.local 10.200.53.93
1)Install AD and DNS for each machine, two domains are created
2) Install MS Exchange server 2003 for each machine
3) Configure the DNS and Exchange Server to make sure the email can be sent and received for two domains
a.Add the address record and MX record in each machine for DNS system
b.Open Exchange System Manager
c.Expand administrative group
d.Right click “Default SMTP Virtual Server” and select “Property”
e.Go to “Access” tab and Click “Relay”
f.Check “All except the list below” and “Allow all computers which successfully authenticate to relay” as following:
g.Save the changes
h.Restart your machine
4)Send mail between two domains, and make sure you can send and receive mail successfully
5)Configure MS Exchange server 2003 for Network Prevent Email
a.Expand the Administrative Groups container from Exchange System Manager
b.Click the administrative group that you want to work with, and then expand it
c.Expand the Routing Groups container
d.Click the routing group that you want to work with, and then expand it
e.Right-click the Connectors container, and then click “New”.
f.Click “SMTP Connector”
g.On the “General” tab, provide an appropriate identifying name for the connector
h.Choose “Forward all mail through”
i.Enter the IP address of Network Prevent for Email server, such as [10.200.55.26]
j.Add the "local bridgehead" server
k.On the tab "Address Space", add a wildcard address space for SMTP
l.Check “Allow messages to be”
m.Save the changes
6)Configure the Network Prevent Email using forward mode
a.Add a detection server of Network Prevent for Mail in Enforce
b.Enter valid Host information
d.Enter valid information of “Next MTA”, such as 10.200.53.93 and Save it
e.Click “Server Settings”
f.Set RequestProcesser.MTAResubmitPort =25 and RequestProcesser.ServerSocketPort =25 In “Advanced Server settings” page
7) Create a policy with response rule: Network Prevent:Block SMTP Message
Note: fill in the “bounce message” and “redirect message to this address”
8) Try to send mail containing confidential information to vontu.local from gcrvontu.com to violate the policy
9) Check if the incident is recorded, the sender receive the bounce message and the message is redirected to the correct address
Login to Subscribe
Please login to set up your subscription.
Get support for your product, with downloads, knowledge base articles, documentation, and more.
Maximize your product competency and validate technical knowledge to gain the most benefit from your IT investments.
Submit a suspected infected file to Symantec.
Report a suspected erroneous detection (false positive).
Set default language
Do you wish to save this as your future site?