Q

How is internal mail channeled through an enterprise firewall?

WIth public mail servers located in a DMZ, what keeps a firewall from stopping an organization's internal mail? Network security expert Mike Chapple explains how an SMTP relay server coordinates email transmissions.

If public mail servers are located in a DMZ, what is the procedure for channeling internal mail through the firewall?
To channel internal mail through the firewall, many organizations use a Simple Mail Transfer Protocol ( SMTP) relay server in the DMZ. The enterprise email server (e.g. Microsoft Exchange) sits on an internal network and interacts with users. External parties wishing to send email via SMTP can connect to the SMTP relay system in the DMZ, which is listed as the mail exchanger in DNS. The SMTP relay then accepts -- or denies, according to policy -- inbound messages and relays them to the internal mail server.

Similarly, when the internal mail server receives a message destined for an external network, it accepts the message from the client and then passes it to a DMZ's SMTP relay. The relay then forwards the message to the destination server. This architecture prevents direct connections from the Internet to the internal mail server, providing a layer of isolation.

As an added bonus, you can use a spam-filtering device as your SMTP relay. Devices like SendMail's Sentrion appliances and the Barracuda spam firewall are popular tools that can reduce the spam-filtering burden on clients.

More information:

  • Learn more about how to configure a DMZ.
  • When it comes to a DMZ setup, learn where enterprise users belong.
  • This was first published in August 2007

    Dig deeper on DMZ Setup and Configuration

    Pro+

    Features

    Enjoy the benefits of Pro+ membership, learn more and join.

    Have a question for an expert?

    Please add a title for your question

    Get answers from a TechTarget expert on whatever's puzzling you.

    You will be able to add details on the next page.

    0 comments

    Oldest 

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to:

    -ADS BY GOOGLE

    SearchCloudSecurity

    SearchNetworking

    SearchCIO

    SearchConsumerization

    SearchEnterpriseDesktop

    SearchCloudComputing

    ComputerWeekly

    Close