Using NetMail/NIMS as a Virus Scanner and/or Spam Filter for other Email Systems

Novell Cool Solutions: Tip
By Mitch Mitchell

Digg This - Slashdot This

Posted: 14 Oct 2002

It is possible to use NetMail/NIMS as a virus scanner and/or a spam filter for other mail systems. Hey, why buy duplicate software if you don't have to? Leverage what you've already got and the boss just might give you a huge Christmas bonus!

There are two basic scenarios for doing this. One is where your other e-mail system uses the same domain as your NIMS system. This configuration is pretty well documented in the manual/FAQs/TIDs so I won't go over it here.

The second scenario is where NIMS and your other mail system use different domain names. This is what is covered in these instructions. First and foremost, you need to have a working NIMS system that is configured to use a virus scanner and/or a spam (RBL) filter. Once you've got that in place, read on.

There are 2 different methods for incorporating NIMS' virus scanning and spam filtering technologies into other mail systems. We'll call them the Simple Method and the Complex Method. Both work equally well with the same results. However, based on your environment, you may prefer or require one method over the other.

Regardless of which method you choose, you need to do this first. In NWADMIN add the domain of your non-NIMS e-mail system to the SMTP Agent object, UBE Relaying Options, Relayed Domains (ETRN) field [see illustration]. NOTE: Do not put your non-NIMS domain in the FUD (forward undeliverable) section of NIMS. Do not put your non-NIMS domain in the SMTP globalor hosted domains of NIMS. After making these changes, wait 30 minutes to an hour for NDS and DNS to settle down before preceding.

Simple Method

As its name implies, this solution is the simplest to implement and maintain. This method simply uses 2 different DNS servers to route the mail from NIMS to your other mail server. Here's how to do it. Publish the following DNS record to the outside world:

non-nimsdomain.com MX preference = 5, mail exchanger = mail.nimsserver.com

Then, have your NIMS server point to a separate DNS server that contains the following DNS information:

non-nimsdomain.com MX preference = 5, mail exchanger = mail.non-nimsserver.com

Foreign mail systems will resolve your non-nimsdomain.com e-mail to your NIMS box. NIMS will scan the mail for viruses and spam, then relay the mail to your non-nimsserver.com mail system.

Complex Method

You guessed it, this method is a bit more complex than the last method, but it may be what you need in your environment. This method relies heavily on RFC 2821 (I won't get into the RFC details here, you can lookup and read the RFC if you have a couple of days to kill!). Here's what to do:

  1. The published mail exchanger record has to match the hostname of your server (this is how it identifies itself). Basically, this means that mail.nimsserver.com and the correct IP address need to be in the sys:etc\hosts file of your NIMS server.

  2. Publish the following DNS records to the outside world:

    non-nimsdomain.com MX preference = 20 (lower priority), mail exchanger = mail.nimsserver.com

    non-nimsdomain.com MX preference = 5 (higher priority), mail exchanger = mail.non-nimsserver.com

  3. Here is the key to make this work. The SMTP port your mail.non-nimsserver.com can only be accessible from your NIMS server, or in other words, put a firewall in front of your non-nims mail server so it is not visible to the outside world. The only catch here is that your firewall should rturn an error message, otherwise the remote SMTP server will have to wait for a timeout.

Since inbound mail to your non-nimsdomain.com can't communicate with the higher priority mail exchanger, it falls back to th lower priority mail exchanger. The lower priority mail exchanger is your NIMS box. NIMS will scan the mail for viruses and spam, then relay the mail to your non-nimsserver.com mail system.

For Both the Simple and the Complex Methods

It would probably be a good idea to have your other mail system route its outbound mail back through NIMS for remote delivery. As a bonus, doing so will also scan your outbound mail for viruses. If by some chance your mail client does get a virus, this will prevent you from sending that virus out to other people outside your domain. Refer to the documentation of your other mail system for its outbound relay options.

This tip was made possible by the hard work and contributions of the NIMS support team, which is nothing short of extraordinary.

Mitch Mitchell

Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

© Micro Focus