How to integrate AXIGEN with Trend Micro (IMSS 7.0)

1. Prerequisites

  Prior to installing these products make sure to verify the supported OS platforms and deployment guidelines. We will consider as a reference that both these products will run on the same system with the IMSS scanner bound to: 127.0.0.1:10026.

  The AXIGEN Mail Server will handle all SMTP requests and forward all data received for scanning to the IMSS service on 127.0.0.1:10026. E-mails that are tagged as being clean will be injected by the IMSS service back into the AXIGEN queue via SMTP and continue the delivery process.

For our example, besides regular SMTP listeners for AXIGEN, we will define a specific address (127.0.0.1:10025) that will handle connections initiated by IMSS.

Note: With this method of integration, IP based checks withing IMSS will not be relevant as the source of the IP address will be the one of the AXIGEN Mail Server (int his case 127.0.0.1)

2. Scanner configuration

After installing the IMSS and ensuring to enable the IMSS Scanner Service as an active component, you can configure the scanner accordingly to our architecture by logging on the Web administration control:

https://<server IP address>:8445

  For notification purposes we will assign the postmaster account as designated recipient. example.com is used as an example for the domain hosted in the AXIGEN Mail Server. Please adjust this to your local requirements.

  From the Administration Context → IMSS Configuration → SMTP Routing you can configure accessing the:

• SMTP section: greetings details and queue path
• Connections section: SMTP interface address details and additional connection and transport details
• Message rule: various limits and checks. Ex: Maximum message size: 16 MB
• Delivery Methods: contains the rules defined via the initial Configuration Wizard
  

Example of SMTP Routing → Connections details:

  Testing that the IMSS service is up and running can be conducted via a basic telnet test:

telnet 127.0.0.1 10026

Note: If all configuration details were correctly set you will receive the IMSS SMTP prompt.

3. AXIGEN configuration details

Based on our initial setup details, we will define via the WebAdmin module a new listener that will bind on the 127.0.0.1:10025 address.

Note: The default listener will be saved by selecting to Quick Add and Save configuration. This will provide access for plain connections(non TLS/SSL)

As the AXIGEN Mail Server requires by default authentication for messages that need to be relayed, we will define special SMTP rules that will bypass these settings for the IMSS scanner. Via Security & Filtering → Acceptance & Routing → Advanced Acceptance / Routing Rules we will add a new policy in the format:

Note: By selecting to Save Configuration, our new policy will take effect.

To redirect incoming traffic to the IMSS scanner, a second SMTP rule should be defined using the following logic:

 Note: The Relay host action is created via Recipients → Recipient relay host → Add Action. By placing the IP address between brackets you will avoid this address from being resolved by the DNR module

By selecting to Save Configuration, our new policy will take effect.

At this point all SMTP traffic that passes via AXIGEN will be scanned by the IMSS scanner against malicious data.