Product » Xeams » Installation scenarios

Installing Xeams as firewall on a different machine

Usage Scenario

  • You are already using an email server, such as MS Exchange
  • Users are currently connecting to this email server to send and receive their emails
  • Want to use Xeams to filter junk messages


  • You only have 1 public IP address. The address is The MX record for your domain refers to this address.
  • The internal IP address of your primary server
  • Your firewall forwards in-coming traffic for port 25 to

Message flow before installation

  1. Inbound messages are sent to on port 25, which hits your firewall and are eventually accepted by your primary email server running on
  2. Users connect to your primary server and fetch their email using either POP3, IMAP or HTTP protocols
  3. Users send their out-bound messages using SMTP to your primary server, which then sends the message out on the Internet.

Recommended Installation Procedure

  • Install Xeams on a clean machine. There should not be running any other email server that listens on port 25, 110, 143, 993 and 995. Refer to the system requirements to see the type of machine you need.
  • Create two IP addresses for this machine: and
  • Configure Xeams to run in either Firewall or Hybrid mode
  • Configure SMTP Proxy Server in Xeams to bind to, accept messages on port 25 and forward them to on port 25. This connection will be used for incoming messages.
  • Configure SMTP Server in Xeams to bind to, accept messages on port 25. This will be used for out-bound messages. Add the IP address of your primary server ( to allow relay. This way any message that comes from your primary server should be delivered to other SMTP servers on the Internet.
  • IMPORTANT: Configure your firewall to forward all traffic for port 25 to rather than

Message flow after installation

Following diagram shows the message flow after installation

Following table describes what happens at each step.

Step 1In-coming messages are forwarded to the SMTP Proxy Server listening on port 25 of Xeams filtering engine analyzes this message and assigns a score. If the message is junk, it gets quarantined. If the message is good, it gets forwarded to your primary email server. 
Step 2
Good messages are forwarded to your primary server, which stores the message in its repository.
Step 3
End-users connect to your primary email server using either POP3 or IMAP protocols to fetch their emails. They can also use a web interface if your primary email server provides this feature.
Step 4
User composes a new out-bound message. The SMTP server in user's email client is set to, which is your primary email server. The primary email server accepts this message.
Step 5
Primary email server is configured to forward all out-bound messages to Xeams SMTP server is listening on port 25 on this IP address, which accepts the message, analyzes and assigns a score.
Step 6
Finally, the message is delivered to another SMTP server on the Internet.