How do I set up MailMarshal in my network?


This article applies to:

  • Trustwave MailMarshal (SEG)

Question:

  • How do I set up MailMarshal in my network?
  • What email routing changes does MailMarshal SMTP require?
  • How does MailMarshal SMTP integrate with other internal email servers?

Procedure:

MailMarshal SMTP is a server-based SMTP email content scanner. It can be easily installed into a new or existing network in conjunction with other gateway applications. It complements and is compatible with traditional Internet firewalls, anti-virus and security applications. MailMarshal is installed on a Microsoft Windows server or array of servers. 

Note:  For details of prerequsites, see Knowledge Base article Q11358.

MailMarshal email processing is usually set up to run on a secure server located between the firewall of the organization and an existing email server. The existing email server can be any SMTP server on any platform. If the existing email server is being run on a compatible Microsoft Windows platform, MailMarshal can reside on the same server subject to adequate resources.

MailMarshal receives mail from the outside world, processes it, and passes it to the internal email server. Similarly, for outbound internet email, the existing internal email server is simply configured to forward all external SMTP mail to the MailMarshal Server. MailMarshal processes it and either delivers it to the destination SMTP server or to another downstream SMTP server, as required.

MailMarshal can be implemented in different ways to fit in with your existing network. The typical scenarios are:

  • Install MailMarshal on the same machine as the existing mail server.
    MailMarshal can be configured to run on the same server as, for example, Microsoft Exchange or Lotus Domino. Typically this type of setup occurs in smaller sites that handle less than 100,000 messages per month and have the capacity to handle the extra load on the same server.

    This type of installation is relatively simple as the organization's MX records, firewall and/or proxy server usually does not have to be reconfigured. Email is still delivered to the same machine on the same TCP port (the default for SMTP is port 25). However, the existing mail server does need to be configured to receive SMTP mail on another port. The mail server also needs to be configured to forward all internet mail to the local loop back IP address (i.e. 127.0.0.1).
  • Install MailMarshal on a separate machine.
    MailMarshal can be installed on a separate server (or servers) from the existing mail server. In this installation, the MailMarshal server typically resides between the organization's firewall and the existing email servers. MailMarshal is configured to forward all inbound mail to the internal mail server and the mail server is configured to forward all external Internet mail to the MailMarshal server.

    It is recommended that MailMarshal be installed on a separate server if there are over 500 internet email users. However, this depends on the email usage of the organization.

    Installing MailMarshal on separate machine can be an advantage because MailMarshal can be configured to provide online, real-time backup of incoming email for the organization in the event of a system failure on the existing mail server. Conversely, if the MailMarshal server fails, a change of routing directly to the mail server will still allow mail to be sent and received.

    Where MailMarshal is on a separate machine, you must configure MX records, firewalls or SMTP proxies to make MailMarshal the email gateway and allow the MailMarshal server to send and receive SMTP traffic.
  • Install MailMarshal as a POP3 mail server.
    In very small organizations, MailMarshal can also function as a POP3 server. In this type of installation, all email sent from within the organization is sent to the MailMarshal server on port 25. Email for internal addresses will be delivered to MailMarshal POP3 mail boxes for collection by email clients.

Notes:

As a SMTP application, MailMarshal can co-exist with any other compliant email solution when installed on a separate server.

For more information about configuring MailMarshal SMTP in your network, see the MailMarshal User Guide and other resources on the MailMarshal SMTP Documentation page: 

For detailed information about setup with specific email servers, see the related articles below.

This article was previously published as:
NETIQKB28965
Marshal KB25

 

 

 


Last Modified 3/1/2020.
https://support.trustwave.com/kb/KnowledgebaseArticle10469.aspx