Document information

Document ID: 4584
Subject: How to filter outbound messages for spam when used as a firewall for MS Exchange or any other SMTP server
Creation date: 12/14/15 4:35 PM
Last modified on: 1/12/22 1:52 PM


How to filter outbound emails for junk/spam


Outbound messages are filtered when you use Xeams as your outbound SMTP server. If Xeams is the only server on your network filtering outbound messages is easy. However, if you have other servers, such as Microsoft Exchange, the network configuration may become tricky.

The following section lists different network designs that are typically used in companies.

Using Xeams as a firewall for a primary email server running on the same machine

Assumptions

  • Xeams is running on the same machine that is used by your primary email server, which could be any server that supports SMTP, for example MS Exchange.
  • Your primary server has a feature to forward all outbound message to a one machine. The feature is called Smart Host in MS Exchange.
  • You are using SMTP Proxy Server in Xeams to process incoming emails. The actual email server is configured to listen on port 2500 for SMTP traffic. Incoming emails come in to SMTP proxy server on port 25, which are then proxied to port 2500 of your actual server.
  • The IP address of your machine is 192.168.1.5

End goal

Xeams comes with two SMTP servers:
  • SMTP proxy server
  • Normal SMTP server
In this example, SMTP proxy server is already configured to receive inbound emails. The goal is to enable the normal SMTP server to listen for outbound emails.

Steps

  • Create a new IP address for your machine - Since the SMTP proxy server is listening on port 25, you need to create a new IP address for the machine. This is required because two servers cannot listen on TCP/IP port 25 on the same IP address. Assume the second IP address is 192.168.1.6. Click here to learn how to create additional IP addresses. You do NOT need another network adapter.
  • Configure Xeams SMTP server to listen on port 25 on the second IP. Log in to the Admin Console and click Configuration link for the SMTP server.
  • Check the Enable box, set the port to 25, and select 192.168.1.6 from the Bind To pick list.

  • Add the IP address of your primary server (Exchange) to the Open Relay list, under the Relaying tab. Since outbound messages are sent to domains other than your local domains, relaying is required.


The following images show the network diagram before and after the change.

BEFORE

AFTER

OutboundBeforeAfter1.jpg OutboundBeforeAfter2.jpg

Benefits of letting Xeams handle out-bound messages

Xeams will learn from what is being sent out. This is done by the Auto-Learn sender under Adaptive Filters.

Important

You must add the IP address of your Exchange server among the trusted IP addresses for out-bound emails. The Auto-Learn sender filter will only learn about outbound messages if an email comes from a trusted IP address. This is done by clicking the Manage Trusted IP Addresses button in the Auto-Learn sender page.

How to skip filtering for outbound emails

Most likely you will not want to filter outbound emails. The easiest way to accomplish this is to add the IP address of your Exchange server in the IP White List, which will assign a negative score to every message that goes out.

It is not recommended to completely avoid filtering for outbound messages for the following reasons:
  • Filtering outbound emails will prevent a virus from spreading, which could happen if a computer inside your network gets infected
  • You will know through alerts if one particular user is sending too many out-bound emails, which could happen if a password is compromised.
  • Outbound messages will get archived in Xeams and they can be searched at a later time

Common configuration error

Often administrators set Exchange's smart host to point to the same IP address where the Proxy server listens on (192.168.1.5 in this example), which is incorrect. Remember the SMTP Proxy server is configured to send every message to the actual SMTP server (Exchange in this case). Therefore, using the proxy server's IP address in smart host creates an infinite loop and you email will never go out.







User comments

Posted by Eric on 6/8/16 11:04 PM

If I have outbound emails going through Xeams, can I turn off OUTBOUND spam filtering? It's causing me issues!


Add a comment to this document

Do you have a helpful tip related to this document that you'd like to share with other users?

Important: This area is reserved for useful tips. Therefore, do not post questions here. Instead, use our public forums to post questions.