EmailGatewaysKevinChege
WhatisaMailGateway?
• Asoftware/service/appliancethatisabletoreceiveandfilteremailsbeforetheyreachtheemailboxes• Typically,amailgatewaywillnotcontainmailboxaccountsandwillonlyreceiveemails,filterthembasedonconfiguredparameters,andthenforwardthemtothemailserverthatcontainsthemailboxes• Thepurposeistoremovedangerousorharmfulcontent(likespamandviruses)onemailbeforetheyreachuserboxes• Amailfiltercanprocessincomingemailsandoroutgoingemails
Howitflows
SomeMTAEmailfromtheInternet
MailGatewayreceivesEmailandfiltersoutbasedoncriteria.Forwardstheclean
emailtothemailserver
MailServerwithmailboxesdelivers
theemailstothemailboxes.
Advantages
• Removeharmfulemailbeforeitreachesmailboxes• Phishingemails,malware,virusesetc
• Removetheworkoffilteringemailfromtheserverthatishandlingemailboxes• Highlyconfigurableandcanblockemailsbasedonanumberofcriteriaincludingcontentthatisinthebodyoftheemail• Ifhostedoutsidethenetwork,canreduceloadonthenetworkconnection/link(alsoknownasfarsidescrubbing)
Disadvantages
• Mistakesinconfigurationmaymeanmailisnotdelivered.Theyarehighlycustomisablewithhundredsofoptionsandparameterswhichyoumustbecarefulwith• Increasethenumberofemailserverstobemanaged
CommontoolsusedinMailGateways• Spamassassin – No.1OpenSourceanti-spamplatformgivingsystemadministratorsafiltertoclassifyemailandblockspam(unsolicitedbulkemail)• ClamAV – Virusscanningsoftware.Canbeusedforemailscanning andwebscanning• Amavisd – interfacebetweentheMTAandtheabovetools.AcommonmailfilteringinstallationwithAmavis consistsofanMTA,ClamAV andSpamassassin• MailScanner - opensourceemailsecuritysystemdesignforLinux-basedemailgateways
MailGatewayAppliancesThesearesolutionsthatcanbeinstalledonserversandprovideMailGatewayservices• Software:
• AntiSpamSMTPProxy- http://en.wikipedia.org/wiki/Anti-Spam_SMTP_Proxy• MailBorder- http://www.mailborder.com/• ScrolloutF1- http://www.scrolloutf1.com/• Xeams - http://www.xeams.com/
• Hardware(Blackbox):• Barracuda-https://www.barracuda.com/products/emailsecuritygateway
MailScanner• MailScanner isahighlyrespectedopensourceemailsecuritysystemdesignforLinux-basedemailgateways.• Itisusedatover30,000sitesaroundtheworld• HasfastbecomethestandardemailsolutionatmanyISPsitesforvirusprotectionandspamfiltering.
• MailScanner scansemailforviruses,spam,phishing,malware,andotherattacksagainstsecurityvulnerabilitiesandplaysamajorpartinthesecurityofanetwork.• MailScanner supportsawiderangeofMTAsandvirusscannerstoincludethepopularopensourceClamAV.SpamdetectionisaccomplishedviaSpamassassin,whichisbyfarthemostpopularandstandardizedspamdetectionengine.• WrittenandFoundedby:JulianField
Abitsimpler…
MailScanner asanAppliance
• MailScannercanbecombinedwithafrontendtobecomeaMailGatewayappliance• Twofrontendsareavailable:
• Baruwa – http://baruwa.org• Mailwatch - http://mailwatch.org/
• WhenproperlymanagedandconfiguredwithPostfixorEximastheMTA,onecanbuildapowerfulmailgateway
MailScanner hashundredsofKnobs
• https://www.mailscanner.info/MailScanner.conf.index.html• Thedefaultsmostlyworkbutforaproductionenvironment,pleasereadthemanual!• Wewillinstallwithbasicfeaturesof
• ProcessemailandcheckforSPAMandviruses• LogallemailstoMySQL(SPAMandNotSPAM)• Storeallemailsinthequarantine
MailScanner Reports
LetusbuildourMailGateway
• Wewillnowsetupamailgateway• Configuringamailfilterisnoteasy.Youmustbeawareofwhatyouareenablingordisabling.Preconfiguredfileswillbeprovidedduetotimelimitation• SettingthecorrectDNSentriesiskey• Youwillfilteremailforyourneighborandhewillfilteryouremail• Attheend,youshouldhaveafairlystrongandworkingmailfilter
References
• https://www.mailscanner.info• https://en.wikipedia.org/wiki/DomainKeys_Identified_Mail• http://postfix.org• https://www.safaribooksonline.com/library/view/postfix-the-definitive/0596002122/ch04s05.html