ALG Handling of SMTP

SMTP is one of the easiest protocols to relay on the application layer as almost any mail server is capable of acting as a SMTP mail router, as well as the mailbox server. A mail-relaying SMTP server acts as an ALG to pass mail between security perimeters. It accepts all messages for the trusted perimeter, and forwards all messages from the trusted perimeter. The DNS concept of mail exchanger (MX) host greatly simplifies redirecting mail addressed to a domain to a specific mail gateway.

The SMTP relay server can be a standalone application, or a simple ALG contained within a firewall package. Depending on the implementation, a SMTP mail relay can impose impressive granularity of message filtering, such as filtering messages on:

Sender or recipients mail address, domain, or gateway

Any field in message headers (subjects, dates, message types)

■ Any part of the message's content (text, attachments using pattern matching, and virus scanning)

Mail gateways with rich filtering functionality are sometimes referred to as mailguards. Mailguards are used in environments where messaging is a core application, which needs to be filtered aggressively on network boundaries.

Was this article helpful?

0 0

Post a comment