Product » A free email server for Windows and Linux » Installation scenarios
Installing Xeams as firewall on a different machine
Usage Scenario
- You are already using an email server, such as MS Exchange
- Users are currently connecting to this email server to send and receive their emails
- Want to use Xeams to filter junk messages
Assumptions
- You only have 1 public IP address. The address is 199.199.199.50. The MX record for your domain refers to this address.
- The internal IP address of your primary server 192.168.1.5
- Your firewall forwards in-coming traffic for port 25 to 192.168.1.5
Message flow before installation
- Inbound messages are sent to 199.199.199.50 on port 25, which hits your firewall and are eventually accepted by your primary email server running on 192.168.1.5
- Users connect to your primary server and fetch their email using either POP3, IMAP or HTTP protocols
- Users send their out-bound messages using SMTP to your primary server, which then sends the message out on the Internet.
Recommended Installation Procedure
The terms downstream and primary email server is referring to your Exchange server in the instructions below.
- Install Xeams on a clean machine. No other process must be listening on TCP port 25. Refer to
the system requirements to see the type of machine you need.
- Assume the IP address of this machine is 192.168.1.10
- Run the installer for your appropriate operating system.
- Configure Xeams to run in Firewall mode
- Configure SMTP Server in Xeams. Add every domain that is local and specify
the IP address of your downstream server in the Forward To field.
- Configure your firewall to
forward all traffic for port 25 to 192.168.1.10 rather than 192.168.1.5
Preparing for Outbound
- Configure your downstream server to route its outbound emails through Xeams. This is typically called
configuring smart host. If you're using Exchange as the downstream server, configure the Send Connector
- Configure Xeams to accept relaying from Exchange. This is done by going into
Server Configuration → SMTP Configuration, select the Relaying tab and add the IP
address.
- Whitelist Exchange's IP. Click Filter Management →
IP Filters → Whitelisted IP Addresses
- Add Exchange's IP as trusted. Click Filter Management →
Adaptive Filters → Autolearn Sender Filter and
click Manage Trusted IP Addresses
Message flow after installation
Following diagram shows the message flow after installation
Following table describes what happens at each step.
Step | Description |
Step 1 | In-coming messages are forwarded to Xeams listening on port 25 of 192.168.1.10. Xeams filtering engine analyze these messages and assigns a score to every message. Spam messages get quarantined on Xeams and never hits your downstream server.
|
Step 2 | Good messages are forwarded to your primary server, which stores the message in its repository.
|
Step 3 | End-users connect to your downstream email server exactly the way they have been using it in the past. There will be no change on how they send and receive emails.
|
Step 4 | User composes a new out-bound message, which goes to your primary email server, such as Exchange.
|
Step 5 | Primary email server is configured to forward all out-bound messages to 192.168.1.10. Since the IP address of your downstream server is whitelisted as well as trusted, Xeams learns from what is going out.
|
Step 6 | Finally, the message is delivered to the recipient's SMTP server on the Internet.
|