User Guide

Application deployment scenarios 15

2.3.1. Installing the application at the

network perimeter

The advantage of this option is that it improves the overall performance of your

mail system because it minimizes the number of transfer cycles for email

messages.

Besides, in this case the existing mail server of the company has no connection

to the Internet, which enhances your data's security. In addition, demilitarized

zones (DMZ) may be set up.

To install the application and the mail system on the same server, the following

algorithm is provided to ensure their joint operation:

1. Configure all interfaces of Kaspersky SMTP-Gateway to listen on

port 25 for incoming email traffic.

2. The application will scan and process email traffic and then pass

the processed objects the mail system of the company via a

different port (for example port 1025).

3. The mail system, configured to use a local interface, will deliver

messages to users.

When implementing this deployment scenario the following settings must be

configured:

The following steps are to be followed in order to install the application

and the mail system on the same server:

• Configure the application for receiving mail via port 25 on all network in-

terfaces of the server. In order to do this, specify the following value in

section [smtpgw.network] of the configuration file:

ListenOn=0.0.0.0:25

• Specify in the routing table transferring all scanned messages to the mail

system via port 1025. In order to do this, specify the following value in

section [smtpgw.network] of the configuration file:

ForwardRoute=company.com [host:1025]

The application, being a mail relay, does not include a local delivery

agent. Therefore, no matter which of the deployment scenarios is used,

a mail system (or mail systems) that delivers e-mail messages to the

local users within the protected domains is required!