Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

SmartDefense Deployment Tip: Improving performance for mail server protections

When there is a need to deeply inspect mail-related network traffic, limiting mail protections only for traffic to or from designated mail servers is useful (because inspecting all traffic may cause undesired performance degradation). The below approach allows for deep inspection of mail-related traffic without impacting other corporate traffic. SmartDefense protections such as POP3/IMAP Security and SMTP Mail Security Server are designed to use this capability.

This approach can be used to protect against the recent Microsoft Security bulletin MS09-003 (CVE-2009-0099).  The Microsoft bulletin describes a vulnerability in the Microsoft Exchange Server that can be exploited by sending a specially crafted mail notification. By defining your corporate Exchange Server as a mail server, you can apply the MS09-003 protection to the Exchange Server and ensure that the protection will inspect mail notifications targeted only to your Exchange Server, rather than inspecting all traffic for malformed mail notifications.

To define a mail server:

  1. From the Network Objects tree in the SmartDashboad, right-click the Nodes icon.
  2. From the Nodes menu, select New Node > Host.
  3. Give the host name and IP address; Click Configure Severs and click the Mail Server option; Click OK.

  4. The host will now be displayed under the Nodes branch:

  5. In the SmartDefense tab, open Application Intelligence > Mail > Mail Servers View; The new mail server object should now appear in the view:

     
  6. Alternatively, if the host is already configured as mail server:
    1. Click Add to add another host to the list of Mail servers.
    2. Select the host that you want to add to the Mail server list.
    3. Click OK to add the host to the list of Mail servers.