KAV with internal mail server?

Forum for support for the Kaspersky AntiVirus for WinGate plugin

Moderator: Qbik Staff

KAV with internal mail server?

Postby Bill.Bowen » Dec 31 03 8:50 am

Recently, our company purchased a 25-user KAV plugin for our Wingate 5 Enterprise server. We host our own Exchange Server and use a SMTP Mapping service to redirect internet SMTP traffic to the internal server. The Exchange Server uses NAT to send mail. Our clients connect via WGIC. Is there someway we can capitalize on this cool plugin? Removing WGIC is not an option...
Bill.Bowen
 
Posts: 51
Joined: Dec 30 03 3:31 am
Location: Altus AFB, OK

Postby labull » Dec 31 03 10:07 am

Bill,

This is the perfect job for the WinGate SMTP Server.

In a nutshell - external mail is delivered to WinGate, scanned for viruses and then passed to Exchange SMTP. All outbound mail is delivered directly to WinGate from Exchange and WinGate worries about delivering it to it's destination.

Takes the scanning, DNS look up and delivery processing load off the Exchange server and moves it to WinGate.

There are a couple of good examples of how to set this up at support.qbik.com.

Let us know if you need an help.

Larry
WinGate Lurker
labull
WinGate Guru
 
Posts: 710
Joined: Sep 06 03 1:03 am
Location: Washington, DC - USA

Postby Bill.Bowen » Jan 01 04 6:30 am

I'm somewhat confused, I guess. The SMTP Mail Server? I can only get my system to recieve mail correctly by creating a "TCP Mapping service" on port 25 directed to the internal Exchange Server. If I use the "SMTP Mail Server" or "SMTP Mapping", my external users cannot authenticate to send mail or mail received is not forwarded to the Exchange Server. I have surfed the Qbik website for examples. The "Understanding WinGate Mail Security" white paper and "WinGate Email Server Setup Guide" article haven't been of much help. At one, if I recall correctly, there seemed to be much more reference data in the knowledgebase. KB's a bit bare now...

One small victory. I have got http traffic now going through the KAV (& PureSight) plugins by binding my webserver to port 80 of the external adapter and creating a WWW Proxy bound to port 80 of the internal adapter.
Bill.Bowen
 
Posts: 51
Joined: Dec 30 03 3:31 am
Location: Altus AFB, OK

Postby labull » Jan 01 04 6:53 am

Bill,

How do your external clients Authenticate now?

Larry
WinGate Lurker
labull
WinGate Guru
 
Posts: 710
Joined: Sep 06 03 1:03 am
Location: Washington, DC - USA

Postby Bill.Bowen » Jan 01 04 7:03 am

Clear text.
Bill.Bowen
 
Posts: 51
Joined: Dec 30 03 3:31 am
Location: Altus AFB, OK

Postby labull » Jan 01 04 7:20 am

Ah, so they're using POP mail. That does change things.

To get the best of both worlds this may get messy.

You could set up a mapping service on a different port and have the external users use that port for POP to the Exchange server.

Getting inbound mail from WinGate SMTP to the Exchange server is easy too. On the Delivery tab of Mail Server you check - Another Server on my network is handling local mail - and enter the IP address of the Exchange server.

Larry
WinGate Lurker
labull
WinGate Guru
 
Posts: 710
Joined: Sep 06 03 1:03 am
Location: Washington, DC - USA

Postby Bill.Bowen » Jan 01 04 9:54 am

No. They're using IMAP to recieve, SMTP to send. Without a TCP Mapped link, external users cannot authenticate with the Exchange Server for some reason. Still experimenting...
Bill.Bowen
 
Posts: 51
Joined: Dec 30 03 3:31 am
Location: Altus AFB, OK

SMTP Server finally working

Postby Bill.Bowen » Jun 15 04 6:43 pm

Finally got the SMTP Server working correctly now by specifying "KC135ATS.NET" as local & changing the old default domain name of "INETSERVER" to "KC135ATS.NET". After restarting, everthing worked correctly with all Wingate sending & recieving all of our internal Exchange Server's traffic. I've gotten that KAV plug-in working, too. I'm truly amazed at the number of viruses KAV detects on our SMTP feed! Sometimes as many as 40 a day. We've had far less virus incidents since activating it. And, combatting SPAM is much easier via the SMTP Server's policies. Very cool...

How does an external user authenticate and relay mail through the Wingate server. Say I'm at home connected to my mail server via IMAP/SMTP & want to send mail to a recipient (eds@asua.net) outside of my domain (@kc135ats.net). I get a "relaying not allowed" message (which is good since Wingate doesn't know who I am). How does one securely or unsecurely authenticate? I've read the KB articles but still remain confused. To add to that confusion, I have a Win98 box that CAN send mail from Outlook 2000 but my Windows 2000 boxes can't. Why's that?

Thanks,

Billbo

I have an Enterprise Wingate 5.x with unlimited users. Is it possible to provide external users web mail with the mail server
Bill.Bowen
 
Posts: 51
Joined: Dec 30 03 3:31 am
Location: Altus AFB, OK


Return to Kaspersky AntiVirus for WinGate

Who is online

Users browsing this forum: No registered users and 20 guests

cron