Antivirus Integration

Requirements

To integrate i-Mail with an antivirus server, you must first purchase any required software and/or hardware. i-Mail does not provide direct antivirus support as this is done far better by organisations focused on this area of expertise. If your network is connected permanently to the internet or you use ETRN for inbound e-mail, no additional configuration is required within i-Mail. Your antivirus gateway should be the primary inbound point for SMTP mail.

i-Mail will only integrate with SMTP based virus solutions. File based virus scanners cannot be used because e-mail messages store virus susceptible files as converted attachments that are not directly readable.

Our recommendation is that you also have workstation based virus scanning to prevent encrypted and non-standard e-mail messages which are unpacked at the workstation causing a virus attack.

Here are a couple of links to SMTP based virus scanning solutions:

Symantec, Nortons Anti-Virus for E-mail Gateways:	www.symantec.com
Trend Micro, Interscan VirusWall:	www.trendmicro.net
Network Associates, WebShield SMTP	www.networkassociates.com

Configuring i-Mail

Virus scanning with i-Mail is performed by two components. The first is the ability for i-Mail to redirect downloaded mail to a virus scanning server. The second is accepting these messages back from the virus scanner and processing the message as if it had just been downloaded from the internet.

Before configuring i-Mail, you should know some details about your antivirus server. You need to know its IP address or DNS name (and port if different than standard). You will also need to set your anti-virus server to send mail destined for your domain to the i-Mail server. For outbound mail there are two options. Either set your clients to send mail directly to the virus scan server and the virus scan server to send external mail to i-Mail, or have clients send mail into i-Mail and set the i-Mail remote server to the antivirus server. The configuration you use will vary depending on what antivirus server product you are using and how your current setup is configured.

Step 1: Setting up i-Mail to redirect mail to the virus scan server

Each POP collector within i-Mail can be configured separately for this feature. Repeat this initial process for each mailbox.

Set the POP collector to 'Redirect' and then press the 'Settings' button. You will be presented with the redirect options dialog.

In this box, enter the IP address of your antivirus server. If it requires a modified port number, enter the address followed by :port where 'port' is the number of the IP port. For instance 192.168.0.253:12000.

The 'Mail from' field should be the local administrator. This is the return address that will be used should there be a problem in the antivirus server.

The Rcpt to field needs to be the address of a special user that will be interpreted by i-Mail when the antivirus server returns the mail after scanning. A recommended name is 'AntiVirus@yourdomain.com'.

Finally you will need to provide i-Mail with your preferred failure option for when the antivirus server is unavailable - due to crashing, disconnection or any other reason. If you are relaxed about mail going through the system without being scanned or users cannot be without mail then set this option to put the messages in the spooler. If you absolutely require mail to be scanned before entering your system then set the leave messages option on.

Step 2: Configuring i-Mail to receive messages back from an antivirus server

Because the message that i-Mail forwards to the antivirus server may contain multiple recipients it must be processed through the message spooler. Files normally ony enter the spooler at download time. Because the antivirus server will be sending the messages directly into i-Mail a special option must be employed to redirect mail from the antivirus server into the message spooler.

To access the required option, click the 'More' button on the advanced tab.

In this window you can enter names of users that are assumed to be for the message spooler. Enter the name of the local user that will be interpreted as being from the antivirus server. This should be the name portion of the address specified in the 'Rcpt to' field of step 1 above.

Step 3: All done? Check that the antivirus server is working

To ensure your mail is being checked by the antivirus server, open a mail message and view the header of the message (not available on all e-mail packages). You should see a line near the top which contains the text: Received for AntiVirus@ourdomain.com. This is the tag that i-Mail puts in the message indicating where the message came from. In this case your system is working.