background image

18 Planning your deployment

General deployment considerations

Positioning with other filtering products

In order for Symantec Mail Security for SMTP’s spam and Content Compliance 
filters to function properly, you should avoid placing the product behind other 
filtering products (such as content filters) or MTAs that alter or remove pre-
existing message headers or modify the message body.

Filtering internal deliveries

You can force internal mail through Symantec Mail Security for SMTP to avoid 
propagation of viruses and spam generated by email mass-mailing worms that 
may have been picked up by individuals via Web browsing or downloading.

LDAP compatibility 

Symantec Mail Security for SMTP supports LDAP for Spam Quarantine 
authentication and synchronization. 

The system’s LDAP SyncService feature synchronizes user, alias, and group data 
from your company’s LDAP accessible directories with its own database. 
SyncService lets Symantec Mail Security for SMTP re-normalize and index the 
data to fit the needs of Scanner, Control Center, and Spam Quarantine while 
minimizing impact on your directory infrastructure. 

LDAP SyncService supports the following LDAP servers:

Windows 2000 Active Directory

Windows 2003 Active Directory

Sun Directory Server 5.2, Patch 4 (formerly known as the iPlanet 
Directory Server) on Solaris 8 and 9, and Red Hat Linux

SunOne LDAP Server 5.2 , Patch 4 

Lotus Domino LDAP Server 6.5

Exchange 5.5 

other (used for authentication only)

Note: 

Only one LDAP source may be used for authentication. While the same 

source may also be used for synchronization purposes, no other LDAP 
directories may be used for authentication. This is especially important with 
regard to Spam Quarantine. If email is being sent to Spam Quarantine where end 
users will then process their quarantined messages, then all end users must 
exist in the LDAP source used for authentication. 

Содержание 10765539 - Mail Security For SMTP

Страница 1: ...Symantec Mail Security for SMTP Planning Guide...

Страница 2: ...by any means without prior written authorization of Symantec Corporation and its licensors if any THE DOCUMENTATION IS PROVIDED AS IS AND ALL EXPRESS OR IMPLIED CONDITIONS REPRESENTATIONS AND WARRANT...

Страница 3: ...rade insurance that delivers automatic software upgrade protection Content Updates for spam and virus definitions and security signatures that ensure the highest level of protection Global support fro...

Страница 4: ...leshooting performed prior to contacting Symantec Recent software configuration changes and or network changes Customer Service To contact Enterprise Customer Service online go to http www symantec co...

Страница 5: ...Chapter 2 Planning your deployment General deployment considerations 17 MTA usage 17 Configuring Scanners 17 Positioning with other filtering products 18 Filtering internal deliveries 18 LDAP compatib...

Страница 6: ...e requirements 27 Minimum hardware requirements 27 Minimum software requirements 28 Reserved ports 31 Factors that affect performance 32 Hardware components that affect performance 32 Environmental fa...

Страница 7: ...rehensive gateway based email security solution through the following Antispam technology Symantec s state of the art spam filters assess and classify email as it enters your site Antivirus technology...

Страница 8: ...r system system logs and extensive customizable reporting Use it to configure both system wide and host specific details The Control Center provides the Setup Wizard for initial configuration of all S...

Страница 9: ...Architecture Architecture Your Symantec Mail Security for SMTP installation processes a email message as follows For the sake of discussion our sample message passes through the Filtering Engine to th...

Страница 10: ...cked against end user defined Language settings The Transformation Engine performs actions per recipient based on filtering results and configurable Group Policies New features for all users Table 1 1...

Страница 11: ...supported LDAP servers Expanded variety of actions and combinations More than two dozen actions that can be taken on messages with many combinations of multiple actions available Expanded mail contro...

Страница 12: ...ross all servers with one interface Group Policies Create separate inbound and outbound policies for an unlimited number of groups of users You can specify groups of users based on email addresses dom...

Страница 13: ...cklists Configurable administrator timeout for the management interface Changes for Symantec Brightmail Antispam users Although the product name has changed if you were a Symantec Brightmail Antispam...

Страница 14: ...policies for each user group Flexible mail management More flexible Group Policies Use LDAP groups to populate groups for Group Policies Multiple actions Specify more than one action to take on specif...

Страница 15: ...for more information about your product The following online resources are available Provides access to the technical support Knowledge Base newsgroups contact information downloads and mailing list s...

Страница 16: ...16 Introducing Symantec Mail Security for SMTP Where to get more information...

Страница 17: ...filtering activities Note Symantec Mail Security for SMTP provides neither mailbox access for end users nor message storage it is not suitable for use as the only MTA in your email infrastructure Con...

Страница 18: ...data from your company s LDAP accessible directories with its own database SyncService lets Symantec Mail Security for SMTP re normalize and index the data to fit the needs of Scanner Control Center a...

Страница 19: ...ord This allows them to send spam directly to the old server bypassing your spam filtering To prevent spammers from circumventing the new spam filtering servers you should do one of the following Remo...

Страница 20: ...ng Secure Email Services and relaying mail to other relay layers or to the user facing mail server layer On all configured server computers port 443 must be configured to permit outbound connections t...

Страница 21: ...cannot be installed on the server running Exchange Multi tier gateway deployment Note This model may be implemented with one or more Scanner hosts The following figure shows Symantec Mail Security for...

Страница 22: ...s to take individual Scanners offline for maintenance without incurring downtime This scenario enables load balancing of filtered mail across multiple downstream MTAs Considerations This approach requ...

Страница 23: ...TAs downstream Figure 2 3 Post Gateway deployment Advantages If you have a customized MTA or specific business needs then running this configuration may outweigh the extra overhead and loss of functio...

Страница 24: ...24 Planning your deployment Deployment models...

Страница 25: ...roup of actions to perform given a particular verdict Each category of unwanted email includes one or more verdicts conclusions reached on a message by the filtering process Symantec Mail Security for...

Страница 26: ...mantec Mail Security for SMTP Administration Guide for more information Deployment considerations The following table lists deployment considerations for select actions Table 3 1 Deployment considerat...

Страница 27: ...tion gives detailed requirements for each supported platform Minimum hardware requirements Hardware requirements vary depending on the number of email users and the amount of email traffic The minimum...

Страница 28: ...cessor or compatible 1 GB RAM minimum 2 GB or more recommended 512 MB disk space minimum 2 GB or more recommended Solaris UltraSPARC processor 1 GB RAM minimum 2 GB or more recommended 512 MB disk spa...

Страница 29: ...Security for SMTP component on that computer After installation The subfolder where Symantec Mail Security for SMTP is installed and its subdirectories are created with the default permissions relativ...

Страница 30: ...ity for SMTP Installation Guide for more information Alias Create a mail alias for the mailwall account so that all mail sent to mailwall is read by an administrator Domain name A fully qualified doma...

Страница 31: ...y bound ports Port Component or function 22 Control Center to internal server connection 3306 MySQL database connection 11000 11004 LDAP sync 11011 11013 LDAP sync 41025 Spam Quarantine 41000 BMI clie...

Страница 32: ...age but powerful CPUs and memory especially if virus scanning is enabled Disk space The Control Center likely needs much more disk space depending on the volume of logging reporting and quarantined me...

Страница 33: ...documentation for more information External MTA performance If appropriate determine the performance of the MTA sending incoming email to your MTA and the performance of your gateway MTAs and message...

Страница 34: ...ons refer to the Symantec Mail Security for STMP Administration Guide Control Center performance considerations The Control Center is used to start and stop servers view logs and reports set configura...

Страница 35: ...per day into Spam Quarantine The more messages placed in the Spam Quarantine the larger the database and the more processing required Reduce the maximum size of the Spam Quarantine database by deletin...

Страница 36: ...36 Understanding system requirements Factors that affect performance...

Страница 37: ...Symantec Mail Security for SMTP new or changed features 11 filtering intra enterprise 18 performance considerations 33 Filtering Engine 10 Filtering Hub 10 filters email categories for 25 verdicts 25...

Страница 38: ...arantine 35 ports reserved 31 positioning with other filtering products 18 post gateway deployment 23 advantages 23 considerations 23 R requirements 27 28 reserved ports 31 S Scanners 8 configuring 17...

Отзывы: