+ Post New Thread
Page 2 of 3 FirstFirst 123 LastLast
Results 16 to 30 of 35
Internet Related/Filtering/Firewall Thread, EMail Content Filtering in Technical; If Smoothwall does filtering via SMTP then there's a way to get your exchange box to send internal email out ...
  1. #16

    Join Date
    Dec 2008
    Location
    Nottingham
    Posts
    572
    Thank Post
    38
    Thanked 114 Times in 104 Posts
    Rep Power
    46
    If Smoothwall does filtering via SMTP then there's a way to get your exchange box to send internal email out to the SMTP (routing agent to rewrite address) - and if the Smoothwall is then able to rewrite addresses it can be delivered back in...

    That's the way we currently handle internal to internal mail with the County's mail filtering platform

  2. #17

    Join Date
    Dec 2009
    Posts
    914
    Thank Post
    98
    Thanked 184 Times in 159 Posts
    Rep Power
    54
    I thought SmoothZap was the Smoothie offering for e-mail scanning and filtering?

    Could be wrong but i thought it was

  3. #18

    Join Date
    Dec 2008
    Location
    Essex
    Posts
    2,137
    Thank Post
    1
    Thanked 326 Times in 316 Posts
    Rep Power
    77
    @Willott - This may work, extra routing just to get internal email screened, and extra overhead on all servers and devices along the route. I'd recommend using a product with your Exchange org rather than route out the Smoothwall and rewrite addresses.

    Sukh

  4. #19

    Join Date
    Dec 2008
    Location
    Nottingham
    Posts
    572
    Thank Post
    38
    Thanked 114 Times in 104 Posts
    Rep Power
    46
    Quote Originally Posted by sukh View Post
    @Willott - This may work, extra routing just to get internal email screened, and extra overhead on all servers and devices along the route. I'd recommend using a product with your Exchange org rather than route out the Smoothwall and rewrite addresses.

    Sukh
    Depends on how big your Exchange org is, volume of emails, cost of filtering products, how your servers are spec'd etc etc

    We do it this way as email filtering is part of the service provided to us by County. So we don't have to pay for further filtering and don't have to worry about the extra load on the Exchange server (the load or rewriting an address compared with the load of scanning an email is negligible) that would be seen with an on server scanning solution.

    With this way round, there can be servers optimized for spam/virus scanning and servers optimized for Exchange. For everything else we look to split roles to provide best performance, reliability, resilience and configurability, so why change that for email hosting and scanning?

    It also seems to be the way that one of the "providers" for education have their Exchange Org setup, as this is the way both our County and previous RBC are setup.
    Last edited by Willott; 12th April 2011 at 01:26 PM.

  5. #20

    Edu-IT's Avatar
    Join Date
    Nov 2007
    Posts
    7,112
    Thank Post
    403
    Thanked 619 Times in 566 Posts
    Rep Power
    180
    Quote Originally Posted by RTFM View Post
    I thought SmoothZap was the Smoothie offering for e-mail scanning and filtering?

    Could be wrong but i thought it was
    Nope.

    Content Analysis
    (Mailshell 3.0 SpamContent)

    Reputation Checking (using Mailshell Spam Detection Network & Bayesian analysis)

    Bulk Mail Detection (Mailshell SpamBulk)

    Phishing Protection (Mailshell SpamTricks)

    VIPRE Anti-Virus Engine

    Do you have any information on that Willot? I suspect you use Webroot SaaS too.

  6. Thanks to Edu-IT from:

    RTFM (12th April 2011)

  7. #21

    Join Date
    Dec 2008
    Location
    Essex
    Posts
    2,137
    Thank Post
    1
    Thanked 326 Times in 316 Posts
    Rep Power
    77
    @Willott - It does depend on a number of factors. If inbound emails are screen by your county, then you have one layer of defense. To route emails from your Exchange Org to Smoothwall and then do address-rewrite, can cause issues. I know you say you have this running, but I haven't seen this type of set-up before, except for relays within your AD which may be relaying from a SMTP server with no AV/AS.

    Having AV/AS on the Exchange Server can also provide additional checks/scans on the mailstores themselves. What if an email in your mailbox is effected with a virus, or in your store? What if you use PF databases are infected?

    When one specs servers for Exchange, I would expect one to spec the server with AV in mind. And AV on Exchange servers isn't as intensive as one may thing, it depends on a number of configurations, engines used.

    I suppose one can save money with your config but the cost for say FPE 2010 under the EES is not much. Also, in my opinion, this is not best practise for internal email scanning.

    But your solution can work.

    Sukh

  8. #22

    Join Date
    Dec 2008
    Location
    Nottingham
    Posts
    572
    Thank Post
    38
    Thanked 114 Times in 104 Posts
    Rep Power
    46
    Quote Originally Posted by Edu-IT View Post
    Do you have any information on that Willot? I suspect you use Webroot SaaS too.
    No info on that I'm afraid - used to be on Webroot but now it's Mailmarshal... seems to be roughly the same setup between the two. It looks like Smoothwall's new offering is still off Exchange box, so should work in the same way should you want to use for internal-internal filtering.

    Cheers

    Will

  9. #23

    Join Date
    Dec 2009
    Posts
    914
    Thank Post
    98
    Thanked 184 Times in 159 Posts
    Rep Power
    54
    Quote Originally Posted by Edu-IT View Post
    Nope.

    Content Analysis
    (Mailshell 3.0 SpamContent)

    Reputation Checking (using Mailshell Spam Detection Network & Bayesian analysis)

    Bulk Mail Detection (Mailshell SpamBulk)

    Phishing Protection (Mailshell SpamTricks)

    VIPRE Anti-Virus Engine

    Do you have any information on that Willot? I suspect you use Webroot SaaS too.
    Fair nuff I stand corrected!

  10. #24

    Sylv3r's Avatar
    Join Date
    Jul 2005
    Location
    Co. Durham
    Posts
    3,203
    Thank Post
    372
    Thanked 376 Times in 334 Posts
    Rep Power
    147
    We use the Smoothzap Smoothwall module.

  11. #25

    john's Avatar
    Join Date
    Sep 2005
    Location
    London
    Posts
    10,501
    Thank Post
    1,492
    Thanked 1,050 Times in 919 Posts
    Rep Power
    302
    Currently use the LAs scanning on the incoming and outgoing, but that will cease fairly soon (hozzah!) and we will move onto Smoothzap for the mail filtering Looking forward to testing that out as its about the only bit of it I've never used!

    For keeping an eye on internal stuff, we have some transport rules setup to monitor kids emails, any word on the custom lists I have set get sent for approval to a language monitoring mailbox, this is accessible by Heads of House and SLT, they can then choose to approve the email if its blocked by accident or delete the email and then deal with the issue at that time. Works rather well so far but only as good as my custom lists which soon get out of date

  12. #26

    GrumbleDook's Avatar
    Join Date
    Jul 2005
    Location
    Gosport, Hampshire
    Posts
    9,929
    Thank Post
    1,337
    Thanked 1,779 Times in 1,104 Posts
    Blog Entries
    19
    Rep Power
    594
    Quote Originally Posted by sukh View Post
    @Willott - It does depend on a number of factors. If inbound emails are screen by your county, then you have one layer of defense. To route emails from your Exchange Org to Smoothwall and then do address-rewrite, can cause issues. I know you say you have this running, but I haven't seen this type of set-up before, except for relays within your AD which may be relaying from a SMTP server with no AV/AS.
    This is how email filtering is delivered across a whole hosted email platform for one RBC, and with no problems. It is quite an effective method to be honest and we are still trying to explore what the load would be if it was opened up to more schools the same way @willot used to do it. For one, it would save schools with in house mailservers from having to buy another filtering solution to deal with user to user emails.

  13. #27
    eddyc's Avatar
    Join Date
    Aug 2008
    Location
    Bristol
    Posts
    432
    Thank Post
    98
    Thanked 47 Times in 43 Posts
    Rep Power
    21
    We use FPE 2010 for Exchange 2010. It's included in the volume licensing agreement, does keyword as well as virus scanning - can forward bad mail to a specified address and seems to do a very good job of it!

  14. #28

    Join Date
    Dec 2008
    Location
    Essex
    Posts
    2,137
    Thank Post
    1
    Thanked 326 Times in 316 Posts
    Rep Power
    77
    Quote Originally Posted by GrumbleDook View Post
    This is how email filtering is delivered across a whole hosted email platform for one RBC, and with no problems. It is quite an effective method to be honest and we are still trying to explore what the load would be if it was opened up to more schools the same way @willot used to do it. For one, it would save schools with in house mailservers from having to buy another filtering solution to deal with user to user emails.
    Like I say it can work but what about

    Having AV/AS on the Exchange Server can also provide additional checks/scans on the mailstores themselves. What if an email in your mailbox is effected with a virus, or in your store? What if you use PF databases are infected?


    RBC?

    Sukh

  15. #29

    Edu-IT's Avatar
    Join Date
    Nov 2007
    Posts
    7,112
    Thank Post
    403
    Thanked 619 Times in 566 Posts
    Rep Power
    180
    RBC? - Royal Broadband Consortium.

  16. #30

    Join Date
    Dec 2008
    Location
    Nottingham
    Posts
    572
    Thank Post
    38
    Thanked 114 Times in 104 Posts
    Rep Power
    46
    Regional Broadband Consortium.

    @sukh - if a single email is infected with a virus, this can only be transferred/do damage if it is opened on a client machine (which should have centrally managed AV) or if it's sent in an email (which would go via external filtering/scanning which would detect virus and remove). The other thing to consider is how a virus would get there - intentionally attached to an email within a mailbox from an unprotected machine? Even if it somehow ended up trying to run on the Exchange server, this should be when a standard AV would pick it up (obviously standard AV with execptions for the Exchange databases) - but how would it end up running on the Exchange server?

SHARE:
+ Post New Thread
Page 2 of 3 FirstFirst 123 LastLast

Similar Threads

  1. Pure message email content filtering : a list and a process
    By cjohnsonuk in forum Internet Related/Filtering/Firewall
    Replies: 2
    Last Post: 9th June 2010, 12:22 PM
  2. Best content filtering?
    By Quackers in forum Wireless Networks
    Replies: 10
    Last Post: 12th March 2008, 07:59 AM
  3. Web Content Filtering
    By richard.thomas in forum Network and Classroom Management
    Replies: 5
    Last Post: 14th November 2007, 09:50 AM
  4. Content filtering
    By mitcheln in forum School ICT Policies
    Replies: 11
    Last Post: 20th December 2006, 08:38 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •