Troubleshooting guide
Chapter 7 Troubleshooting Security Servers and Content Security
The SMTP Security Server Process
Advanced Technical Reference Guide 4.1 • June 2000 72
The SMTP Security Server Process
Figure 3. SMTP Security Server - flow of events
When using the VPN-1/FireWall-1 SMTP Security Server, a certain flow of events takes place from the time
the user sends the message, to the time the message arrives to the actual mail server:
1. The user composes the message, and sends it through the SMTP Client to the original server (the user is not
aware of the fact that a VPN-1/FireWall-1 SMTP Security Server is in place).
2. The VPN/FireWall inspection module intercepts the SMTP connection, and decides that the request should
be sent to the Security Server. The connection is folded into the Security Server.
3. The VPN-1/FireWall-1 SMTP Security Server receives the folded connection and checks, in the
appropriate rule’s resource how to handle the connection and performs the necessary actions (rewriting,
mime stripping…).
4. After all the necessary actions performed the message is transferred to the spool directory waiting for the
mail dequeuer.
5. The mail dequeuer examines the spool directory for messages.
Three types of messages can be put in the spool directory. The initial letters of the files distinguish them: T,
R, E.
• T stands for Temporary file, which is a file not yet fully received.