Document information

Document ID:4584
Subject:How to filter outbound messages for spam when used as a firewall for MS Exchange or any other SMTP server
Creation date:12/14/15 4:35 PM
Last modified on:12/14/15 4:35 PM


How to filter out-bound emails for junk/spam


Outbound messages are filtered when you use Xeams as your out-bound SMTP server. If Xeams is the only server on your network filtering out-bound messages is easy. However, if you have other servers, such as Microsoft Exchange, the network configuration may become tricky.

The following section lists different network designs that are typically used in companies.

Using Xeams as a firewall for a primary email server running on the same machine

Assumptions

  • Xeams is running on the same machine that is used by your primary email server, which could be any server that supports SMTP, for example MS Exchange.
  • Your primary server has a feature to forward all out-bound message to a one machine. The feature is called Smart Host in MS Exchange.
  • You are using SMTP Proxy Server in Xeams to process incoming emails. The actual email server is configured to listen on port 2500 for SMTP traffic. In coming emails come in to SMTP proxy server on port 25, which is then proxied to port 2500 of your actual server.
  • The IP address of your machine is 192.168.1.5

End goal

Xeams comes with two SMTP servers:
  • SMTP proxy server
  • Normal SMTP server
In this example, SMTP proxy server is already configured to receive in-bound emails. The goal is to enable the normal SMTP server to listen for out-bound emails.

Steps

  • Create a new IP address for your machine - Since the SMTP proxy server is listening on port 25, you need to create a new IP address for the machine. This is required because two servers cannot listen on TCP/IP port 25 on the same IP address. Assume the second IP address is 192.168.1.6. Click here to learn how to create additional IP addresses. You do NOT need another network adapter.
  • Configure Xeams SMTP server to listen on port 25 on the second IP. Log in to the Admin Console and click Configuration link for the SMTP server.
  • Check the Enable box, set the port to 25, and select 192.168.1.6 from the Bind To pick list.

  • Add the IP address of your primary server (Exchange) to the Open Relay list, under the Relaying tab. Since out-bound messages are sent to domains other than your local domains, relaying is required.


The following images show the network diagram before and after the change.

BEFORE

AFTER

Benefits of letting Xeams handle out-bound messages

Xeams will learn from what is being sent out. This is done by the Auto-Learn sender under Adaptive Filters.

Important

You must add the IP address of your Exchange server among the trusted IP addresses for out-bound emails. The Auto-Learn sender filter will only learn about out-bound messages if an email comes from a trusted IP address. This is done by clicking the Manage Trusted IP Addresses button in the Auto-Learn sender page.

How to skip filtering for out-bound emails

Most likely you will not want to filter out-bound emails. The easiest way to accomplish this is to add the IP address of your Exchange server in the IP White List, which will assign a negative score to every message that goes out.

It is not recommended to completely avoid filtering for out-bound messages for the following reasons:
  • Filtering out-bound emails will prevent a virus from spreading, which could happen if an computer inside your network gets infected
  • You will know through alerts if one particular user is sending too many out-bound emails, which could happen if a password is compromised.
  • Out-bound messages will get archived in Xeams and they can be searched at a later time

Common configuration error

Often administrators set Exchange's smart host to point to the same IP address where the Proxy server listens on (192.168.1.5 in this example), which is incorrect. Remember the SMTP Proxy server is configured to send every message to the actual SMTP server (Exchange in this case). Therefore, using the proxy server's IP address in smart host creates an infinite loop and you email will never go out.







User comments

Posted by Eric on 6/8/16 11:04 PM

If I have outbound emails going through Xeams, can I turn off OUTBOUND spam filtering? It's causing me issues!


Add a comment to this document

Do you have a helpful tip related to this document that you'd like to share with other users? Please add it below. Your name and tip will appear at the end of the document text.
Your name:
Your email:
Hide my email address
Verification code:
Enter the verification code you see above more submitting your tip
Tip:Please limit tips to 1000 characters