Firewall Wizards mailing list archives
Re: SMTP A/V Design
From: Randy Grimshaw <rgrimsha () mailbox syr edu>
Date: Thu, 18 Feb 1999 10:10:50 -0500 (EST)
Matt: Postfix is a newly released mailer / MTA which has much of your architecture for scanning messages available as a side effect of its modular design, and programs such as yours have been discussed in depth on it's lists. Start at www.postfix.org for more information. <><Randall Grimshaw, Network Programmer, Syracuse University, 315-443-5779 On Tue, 16 Feb 1999, Matt McClung wrote:
I am lokking at designing a new email anti-virus scanning architecture for incoming mail. However, I don't see a clean way to scan email, review it for destination (bouncing etc) and then final delivery. Allow me to be more clear. 1. Internet email for x company is first identified at the firewall. 2. The firewall knows to pass SMTP traffic to a A/V scanning server, which it does 3. The A/V Servers finds nothing and sends back the message information to the firewall 4. The firewall then allows the email to the mail relay server on it service network (MX) 5. The Mail relay server (running sendmail) scans the envelope and other information to determine if the email is for a domain it is accepting mail for... 6. The mail relay host delivers mail to an internal SMTP server for final deliver to the email system. Questions: This almost seems like its too complicated with the seperate A/V Server and mail relay host. The delivery time is not the main concern, but rather the complexity and the steps the messages takes to finally get delivered. Anyone created such a beast? Because of the software (A/V) you have only a small choice of platforms, as well as the relay host. Therefore, you almost have to have something like this. Of course, this assumes that your company policy is to scan the email before it is allowed into the internal network (good idea). Otherwise you could do desktop scanning, or mail server scanning. INFO: The FW is FW-1 using CVP. The A/V server is NT running an A/V application to check SMTP and the mail relay host is a Sun Ultra running sendmail 8.9.x Your thoughts on this are requested... Matt McClung Net.Works Security Engineer mmcclung () ndwcorp com
Current thread:
- SMTP A/V Design Matt McClung (Feb 17)
- Re: SMTP A/V Design Jay Tribick (Feb 18)
- Re: SMTP A/V Design Randy Grimshaw (Feb 18)
- Re: SMTP A/V Design Christoph Schneeberger (Feb 18)
- Re: SMTP A/V Design Rodney van den Oever (Feb 22)
- <Possible follow-ups>
- Re: SMTP A/V Design Matt McClung (Feb 25)