Product » Xeams » Installation scenarios

Installing Xeams firewall on a same machine where your primary email server is running

Usage Scenario

  • You are already using an email server, such as MS Exchange
  • Want to use Xeams to filter junk messages
  • Users are currently connecting to this email server to send and receive their emails


  • You only have 1 public IP address. The address is The MX record for your domain refers to this address.
  • The internal IP address of your primary server
  • Your firewall forwards incoming traffic for port 25 to

Message flow before installation

  1. Inbound messages are sent to on port 25, which hits your firewall and are eventually accepted by your primary email server running on
  2. Users connect to your primary server and fetch their email using either POP3, IMAP or HTTP protocols
  3. Users send their outbound messages using SMTP to your primary server, which then sends the message out on the Internet.

Modifications in your primary server

  • Modify the SMTP port of your existing server from 25 to a different value, such as 2525. Refer to the documentation of your primary server to see how to change the port.
  • Configure your primary email server to forward all outbound messages to This feature is sometimes referred to as Smart Host in an email server.

Recommended Installation Procedure

  • Install Xeams on the machine. 
  • Create another IP address for this machine. Let assume that number is Click here to see how to add a new IP address on Windows machine.
  • Configure Xeams to run in Firewall mode.
  • Configure SMTP Proxy Server in Xeams to bind to, accept messages on port 25 and forward them to on port 2525. This connection will be used for in-coming messages.
  • Configure SMTP Server in Xeams to bind to, accept messages on port 25. This will be used for out-bound messages. Add the IP address of your subnet (192.168.1.*) to allow relay. This way any message that comes from within your network should be delivered to other SMTP servers on the Internet.

Message flow after installation

Following diagram shows the message flow after installation

Following table describes what happens at each step.

Step 1In-coming messages are forwarded to the SMTP Proxy Server listening on port 25 of Xeams filtering engine analyzes this message and assigns a score. If the message is junk, it gets quarantined. If the message is good, it gets forwarded to your primary email server running on the same machine but listening on a different port. 
Step 2
Primary server accepts the message and stores it in its repository.
Step 3
End-users connect to your primary email server using either POP3 or IMAP protocols to fetch their emails. They can also use a web interface if your primary email server provides this feature.
Step 4
User composes a new out-bound message. The SMTP server in user's email client is set to, which is your primary email server. The primary email server accepts this message and forwards it to, where Xeams SMTP server is listening. Xeams analyzes the message, assigns a score and finally delivers to the target SMTP server on the Internet.