How to integrate BitDefender Security for Mail Servers with the AXIGEN Mail Server on Windows

Integrating "BitDefender Security for Mail Servers" with Axigen

This article presents the necessary steps for the integration of "BitDefender Security for Mail Servers" with the Axigen Mail Server on a Windows platform.

The initial installation and configuration of the Axigen Mail Server will not be included in this article. For the below integration procedure the Axigen Mail Server is considered to be installed, configured and running.



Integrating "BitDefender Security for Mail Servers" with Axigen:


Axigen configuration:

For the integration process it is required that you create an additional SMTP Receiving Listener, that will be designated for communication from the BitDefender SMTP Proxy service.

To add the required Listener follow these steps:

1) Login via the Webadmin interface using the Axigen "admin" account.

2) Go to Services -> SMTP Receiving -> Listeners -> click the "Add Listener" button.

3) In the Quick add listener pop-up window, under the "Listen on" section enter the IP: 127.0.0.1 and port: 2525. Check the "Enable this listener" box and click the "Quick Add" button.

After applying the above settings create the following Acceptance / Routing rule in Axigen:

1) Login via the Webadmin interface using the Axigen "admin" account.

2) Go to Security & Filtering -> Acceptance & Routing -> Advanced Settings -> click the "Add Acceptance / Routing Rule" button.

3) in the new rule window enter a suggestive "Rule name" and make sure that the "Enable this acceptance / routing rule" option is checked.

4) in the Conditions section select from the drop down box "Local address -> Port" and click the "Add Condition" button. From the drop down box related to the new condition choose "<" and enter in the related box the port you set for the SMTP Receiving Listener designated for the communication from BitDefender. In our example the port is 2525.

5) in the same Conditions section select from the drop down box
"Local address -> Port" and click the "Add Condition" button. From the drop down box related to the new condition choose ">" and enter in the related box the same port used at the above step 3.

NOTE: The above conditions will ensure that any smtp connections coming on different SMTP Receiving Listener, than the one configured for the communication from BitDefender, will be relayed to the BitDefender Proxy, and after the scan, the message will be relayed back to Axigen on the designated listener, thus the new connection from BitDefender will not match the above rule.

6) in the Actions section select from the drop down box "Recipients ->
Recipient relay host" and click the "Add Action" button. In the new
action's text box enter the IP:Port on which BitDefender will listen for incoming connections, configured in the BitDefender SMTP Proxy menu as detailed in the below "BitDefender Security for Mail Servers configuration" section. The IP must be entered between brackets (ex: [127.0.0.1]). After this add the corresponding port (ex: [127.0.0.1]:25000)

7) Save the new rule by clicking the "Save Configuration" button at the
bottom of the page.

Now you will have to create a second Acceptance & Routing rule, needed to allow unauthenticated relay for emails received via the BitDefender Proxy (received on 127.0.0.1:2525).

NOTE:  This is not a security issue as the emails where already subjected to the "allow only authenticated relay" (or the other relay policies you have implemented), before first relaying the email to BitDefender.

To create the necessary rule follow these instructions:

1) Login via the Webadmin interface using the Axigen "admin" account.

2) Go to Security & Filtering -> Acceptance & Routing -> Advanced Settings -> click the "Add Acceptance / Routing Rule" button.

3) in the new rule window enter a suggestive "Rule name" and make sure that the "Enable this acceptance / routing rule" option is checked.

4) in the Conditions section select from the drop down box "Local address -> Ip" and click the "Add Condition" button. From the drop down box related to the new condition choose "Is" and enter in the related fields the Ip: 127.0.0.1

5) in the Conditions section select from the drop down box "Local address -> Port" and click the "Add Condition" button. From the drop down box related to the new condition choose "=" and enter in the related box the port you set for the SMTP Receiving Listener designated for the communication from BitDefender. In our example the port is 2525.

6) in the Conditions section select, from the drop down box related to the "For incoming messages that match" option, the "ALL of the conditions below" entry.

7) in the Actions section select from the drop down box "Delivery -> Remote" and click the "Add Action" button. From the new action's drop down box select "Allow delivery for all users".

8) Save the new rule by clicking the "Save Configuration" button at the
bottom of the page.



BitDefender Security for Mail Servers configuration:

After downloading the "BitDefender Security for Mail Servers" package, the installation steps for integrating this product with Axigen are:

1) Run the downloaded setup file for the BitDefender Security for Windows Servers.

2) During the installation wizard, in the "Custom Setup" screen select from the drop down list next to "BitDefender Security for Windows Servers" -> "BitDefender Security for Mail Servers" ->  the "Entire feature will be installed on local hard drive" option.



3) Continue the installation wizard. When the "Ready to install" screen is reached, do not configure the SMTP Proxy settings for the BitDefender application. Instead check the box related to the "Skip this step, I whant to configure the proxy settings later" option and click "Next".



4) After completing the installation and the required restart of the machine the BitDefender services should be running. You can check this via Start -> Run -> type  in the command box: services.msc.

5) You must configure the BitDefender SMTP Proxy settings via Start -> All Programs -> "BitDefender Security for Windows Servers" -> "BitDefender Security for Mail Servers" management interface. Here go to "SMTP Proxy" menu, select  the "Default interface" from the Interfaces list and click the "Properties" button.



     In the new window go to "Proxy" tab and in the "Specify the local port where BitDefender catches mails" box enter port 25000 (this can be set to any other port depending on your setup this port should be set to the same port you are using in the above Axigen rule at step 6). Uncheck the "Bind all IPs to this port" option and manually set the bind IP to 127.0.0.1
     In the "Specify the Real SMTP Server where BitDefender routes mails" boxes enter the IP and Port you configured for the designated Axigen SMTP Receiving Listener for BitDefender communication. In our case IP: 127.0.0.1, Port: 2525.



6) Now go to the "Security" tab in the same Properties window and under the "Specify the network domains that are allowed to send mails from this server" section, click the "Add net domain" button and enter in the "Network address" parameter the 127.0.0.1 IP and in the "Network Mask"  field enter 255.255.255.255. Click the "OK" button.


7) To save the above Security and Proxy settings click the "Apply" button on the bottom of the current "Properties" window.


NOTE:    Also you can test the BitDefender filtering by sending a mail to an account hosted on your Axigen server, checking the mail source after it has been successfully delivered. The source should contain at least one header containing the "X-BitDefender" string.

Releases: Mail Server 6.1.X, Mail Server 6.2.X, Mail Server 7.0.X, Mail Server 7.1.X
OS: Windows
Distros: Windows