miércoles, 27 de abril de 2011

ZIMBRA AND EXCHANGE COEXISTENCE on a unique domain.com

OBJETIVO: Tener ciertos usuarios en Exchange y ciertos usuarios en Zimbra para un solo dominio dela empresa llamado dominio.com, hasta migrar todos de exchange a Zimbra o viceversa

Exchange Settings
Configuracion de la organizacion - Transporte de Concentradores - dominios aceptados
Cambiar de autorizado (authoritative) a Retransmision de Internet



Configuracion de la organizacion - Transporte de Concentradores - Conectores de Envío


Agregar el dominio de la empresa, si existen otros conectores no hay que tocarlos



Reenviar al servidor Zimbra el mail del dominio.com de usuarios que no se encuentren en el exchange (IP)





SOURCE:
http://www.zimbra.com/forums/administrators/1609-domain-coexistence-print.html

Configuring Zimbra as the Slave
-------------------------------

The slave system needs to accept mail for accounts that live on the
slave, but must forward all other mail for accounts on this domain to
the master.

You can accomplish this piece of mail routing by saying:

$ zmprov md dominio.com zimbraMailCatchAllAddress @dominio.com
$ zmprov md dominio.com zimbraMailCatchAllForwardingAddress @dominio.com
$ zmprov md example.com zimbraMailTransport smtp:EXCHANGEIPADDRESS

The first two commands (in combination) tell Zimbra postfix to accept
all addresses in the @dominio.com domain as valid addresses.

The third command establishes default mail routing for the domain.

Make sure to configure XCHANGEIPADDRESS para aceptar correos relay de Zimbra Server y viceversa

All these commands require that after running the whole set of them,
you do:

$ postfix stop
$ postfix start
Publicado por en 5 comentarios:
Etiquetas: , ,

miércoles, 6 de abril de 2011

Testing mail flow and spam detection in Symantec Brightmail products and Symantec Mail Security appliances

Article ID: TECH83693 | Created: 2005-01-02 | Updated: 2011-03-29
Technical Solution for Mail Security for SMTP 5.0.0 5.0.1, Mail Security for SMTP 5.0.0, Brightmail Gateway 8.0, Brightmail Gateway 2007 7.5 7.7, Brightmail Gateway 2007 7.5 2007 7.6 2007 7.6.1, Brightmail Gateway 2007 7.5 2007 7.6, Brightmail Gateway 2007 7.5, Brightmail Message Filter 6.0.0 6.1.0, Brightmail Message Filter 6.0.0 6.0.5, Brightmail Message Filter 6.0.0 6.0.4, Brightmail Message Filter 6.0.0 6.0.3, Brightmail Message Filter 6.0.0 6.0.2, Brightmail Message Filter 6.0.0 6.0.1, Brightmail Message Filter 6.0.0

Problem


You installed a Symantec Brightmail product, a Symantec Mail Security for SMTP 5.0 product, or you set up a Symantec Brightmail Gateway appliance. You need to know how to test mail flow and spam detection. This KB does not apply to the SMS 8100 or Symantec Brightmail Traffic Shaper (SBTS).

To test some of the new non-spam dispositions on Symantec products check Testing newsletter, marketing mail and suspicious URLs dispositions





Solution


You can test mail flow and spam detection in a variety of ways. One way is to use Telnet to create an email and send it from an external source. In the email message, add at least one of the following:

Note: Disable SAV Email Auto-protect before testing. The test strings do not work for Symantec Mail Security for SMTP 5 in Basic AntiSpam mode. The test strings do work for Premium AntiSpam mode.



To send a test message using Telnet

  1. Open a command prompt.
  2. Type the following command to open a Telnet session:
    telnet

    where is the host name or IP address of the server and is the correct port number to use.
  3. Type the following command:
    helo example.com

    The correct returned response is as follows:
    250 OK

  4. Type the following command:
    mail from: test@example.com

    Do not use the domain you installed the Symantec Brightmail product to as part of mail from line. Use an alternate domain for the test. If the installed domain is , run Telnet from an alternate domain like . This change ensures that you do not accidentally bypass Symantec Brightmail AntiSpam.

    The correct returned response is as follows:
    250 OK - mail from

  5. Type the following command:
    rcpt to: your-address@your-domain.com

    Make sure that you use an email address that you can check for your-address@your-domain.com.

    The correct returned response is as follows:
    250 OK - Recipient

  6. Type the following command:
    data

    The correct returned response is as follows:
    354 Enter mail, end with "." on a line by itself.

  7. Type one of the following lines and any additional text that is needed (end with a CRLF.CRLF):
    Subject: Spam Delivery Test
    X-Advertisement: spam
    spam test
    .

    The correct returned response is as follows:
    250 OK
    221 Closing Port / Mail queued for delivery

  8. Type the following command:
    Quit

    This command stops your telnet session. This example should be sent and received by your downstream server. The URL in the message should be treated as spam. The default action is to prepend the text [SPAM] to the subject line.




Technical Information
Telnet is a terminal client. This client provides a remote interface to a computer and enables you to create a session to any text-based protocol. You can use a Telnet session to manually send a test email from a command interface. You can use this session to determine the errors that occur during that process.


Examples of text-based protocols are SMTP, HTTP, and POP. To use any email client, set the outgoing SMTP server to the IP address of the Symantec Brightmail server.



/apps/media/inquira/resources /resources





Fuente: URL http://www.symantec.com/docs/TECH83693

Publicado por en No hay comentarios:
Etiquetas: , ,

Spam is Not Detected When Symantec Mail Security for Microsoft Exchange (SMSMSE) Transport Agents are Low Priority

Article: TECH95584 | Created: 2009-01-17 | Updated: 2011-03-18
Source:
http://www.symantec.com/business/support/index?page=content&id=TECH95584

Problem


Symantec Message Security for Microsoft Exchange (SMSMSE) is not detecting spam despite detecting content filtering and virus violations.


Premium Anti Spam "spam scans" number on the SMSMSE homepage never changes.

Conditions

  • SMSMSE has been configured to scan messages even if marked with SCL value of minus one (-1). See the following article for details: Messages not Scanned for Spam When Marked by Microsoft Exchange with an AntiSpam X-Header. Transport Agent Debug Log Shows Message: "Whitelisted by other, bypass SPA".
  • Microsoft's AntiSpam agents are installed and have a higher priority then the SMSMSE agents.

    To verify this follow these steps:
      1. On the Exchange server open the Exchange Management Shell
      2. At the prompt type the command "Get-TransportAgent". The results should look like the following:
        Identity Enabled Priority
        -------- ------- --------
        Transport Rule Agent True 1
        Journaling Agent True 2
        AD RMS Prelicensing Agent False 3
        Connection Filtering Agent True 4
        Content Filter Agent True 5
        Sender Id Agent True 6
        Sender Filter Agent True 7
        Recipient Filter Agent True 8
        SMSMSERoutingAgent True 9
        SMSMSESMTPAgent True 10
        Protocol Analysis Agent True 11
      3. If the SMSMSE agents have a lower priority (being lower on the list and having a higher priority number), this conditions is met.

Environment


  • Exchange 2007/2010

Cause


If the Microsoft's AntiSpam agents have a higher priority than SMSMSE AntiSpam agents, the message may not be passed to the Premium AntiSpam scanner for verification. If Premium AntiSpam is partially working, but not detecting all spam emails, please review the following document: Title: 'Premium AntiSpam for Symantec Mail Security for Microsoft Exchange fails to detect spam' Document ID: 2007020615531854 > Web URL: http://service1.symantec.com/SUPPORT/ent-gate.nsf/docid/2007020615531854?Open&seg=ent

Solution


Configure the Agents to grant the SMSMSE agent a higher priority.

  • Set the SMSMSE Agents to higher priority than the Exchange AntiSpam agents:
    At the Exchange management shell, run the following 2 commands:
    1. Set-transportagent –identity “SMSMSESMTPAgent” –priority 4
    2. Set-transportagent –identity “SMSMSERoutingAgent” –priority 5
  • Restart the Microsoft Exchange Transport service

OR

  • Disable the built in Exchange agents by running the following 5 commands:
    At the Exchange management shell, run the following 2 commands:
    1. disable-transportagent -identity "Connection Filtering Agent"
    2. disable-transportagent -identity "Sender Id Agent"
    3. disable-transportagent -identity "Sender Filter Agent"
    4. disable-transportagent -identity "Recipient Filter Agent"
    5. disable-transportagent -identity "Protocol Analysis Agent"
  • Restart the Microsoft Exchange Transport service

You might encounter an error when executing the commands about not being able to edit the config file. This can be resolved by opening the Exchange Management Console as administrator and executing the commands again.
Publicado por en No hay comentarios:
Etiquetas: , ,
Suscribirse a: Entradas (Atom)