Messaging Gateway

Greetings,
I currently in the process of replacing our vintage postfix MTA (ver 4 vontu) with SMG. I've updated the VM edition to the most current version (9.5.3-3) and have been going over the docs and the Prevention MTA Integration Guide for Network Prevent.

The general goal is to replace the old MTA and have quarantining capabilities with SMG, which I've heard is possible from several people. However I don't seen any explicit instructions.

I'm theorizing that SMG needs to be in inline/forwading mode and all outbound emails first stop is the Prevent server then next hop would be the SMG which would act on header matching  which then quarantines the message before being delivered to the Internet (or the next hop, etc)? Is this the way to go about this?

Our current setup is in reflecting mode, with Prevent accepting on port 10025 and sending back on 10026, but I read in the 9.5 SMG it only accepts port 25 traffic.

I guess I'm looking for confirmation/guidance on any of the above or wondering if there is a simple doc or diagram that shows the components and ports, etc. that would be very helpful, if it exists.

Thanks,
Don

What you are describing sounds like the Quarantine Incident folder. You would create a compliance policy on the Messaging Gateway to look for a condition, then set the action to create a quarantine incident. This is covered extensively in the Implementation Guide. I am very confused as to why you would think we can only accept mail on port 25. You can set up the Messaging Gateway for inbound and outbound mail acceptance and choose whichever port you want for both.

Mr. Davis,

Thanks for your reply and info. I read about the Quarantine Incident folder and sounds exactly what I would like to do, however, we have over 80+ fairly complex policies on the DLP prevent server, so recreating them is less than desirable, unless that is the only way.

My thought is to modify the policies to modify the header and when it passes through SMG it could be stopped. Is that a plausible scenario?

Can you point me to the Implementation Guide, the only one I have is Email Submission Client 1.0 Implementation Guide, or is that one you're referring to?

 

I read about the requirement for the port 25 in the Gateway help ( {server}/brightmail/help/en_us/en_us_help_admin/wwhelp/wwhimpl/js/html/wwhelp.htm?context=help_admin&topic=content_filtering_vontu_dlp_connect)

Specifically it says: 

 Ensure that you configure the Symantec Network Prevent server to return mail to Symantec Messaging Gateway at port 25 instead of the default port 10026. This setting is called the Remote SMTP Listener Port on Symantec Network Prevent server.

Is this documentation incorrect?

So I've spent some time with the DLP/SMG integration and I believe I have everything configured, however email never flows to the the SMTP prevent server once I put the SMG in place. Mail will flow through and right out to the Internet without being processed by the DLP server.

I have prevent server configured in reflect mode, accepting email on 10025 and updated the RequestProcessor.MTAResubmitPort to 25 per the Symantec Messaging Gateway 9.5 Administration Guide, chapter 19 states, several times.

I have the SMG DLP setting configured to accept email from and send to the prevent server and at the host level to forward email to my edge box for external delivery.

Do I have to turn something "on" to make it send emails to the DLP prevent server? Even with the  Enable bypass when all DLP servers are unreachable is not checked, it just delivers away. How do I make it route there first?

Maybe I'm missing something from the host setup? I don't have an Internal Mail Host listed and I didn't make any virtual ethernet network connections, since I'm just using this to route email out for DLP scanning.

See attachments for more info.

Thanks!