Skip to Main Content
Forums

Application Development Software

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Some scanning problems with Trend (iMSS) and iMS

807574Oct 10 2005 — edited Feb 11 2020
Hi everyone!!!

I have been reading and learning a little, but at the moment I have a problem with Trend InterScan Messaging Security Suite and Mesaging Server.

I have follow the recommendations of example 2 in
http://docs.sun.com/source/819-0105/channel.html#wp100754

but I have some scaning problems.

My files are like................

[SERVICE=SMTP_SCANNING]
!INTERFACE_ADDRESS=127.0.0.1
PORT=10025
IMAGE=IMTA_BIN:tcp_smtp_server
LOGFILE=IMTA_LOG:tcp_smtp_server.log
STACKSIZE=2048000
PARAMETER=CHANNEL=tcp_scanner



! ims-ms
ims-ms defragment subdirs 20 notices 1 7 14 21 28 backoff "pt5m" "pt10m" "pt30m" "pt1h" "pt2h" "pt4h" maxjobs 2 pool IMS_
POOL fileinto $U+$S@$D aliasdetourhost tcp_scanner-daemon
ims-ms-daemon

! tcp_local
tcp_local smtp mx single_sys remotehost inner switchchannel identnonenumeric subdirs 20 maxjobs 7 pool SMTP_POOL maytlsse
rver maysaslserver saslswitchchannel tcp_auth missingrecipientpolicy 0 aliasdetourhost tcp_scanner-daemon
tcp-daemon

!
! tcp_intranet
tcp_intranet smtp mx single_sys subdirs 20 dequeue_removeroute maxjobs 7 pool SMTP_POOL maytlsserver allowswitchchannel s
aslswitchchannel tcp_auth missingrecipientpolicy 4 aliasdetourhost tcp_scanner-daemon
tcp_intranet-daemon

!
! tcp_auth
tcp_auth smtp mx single_sys mustsaslserver missingrecipientpolicy 4 aliasdetourhost tcp_scanner-daemon
tcp_auth-daemon

!
! tcp_scanner
tcp_scanner smtp nomx single_sys identnonenumeric subdirs 20 maxjobs 7 pool SCAN_POOL daemon 172.17.24.34 port 10024 enqu
eue_removeroute
tcp_scanner-daemon

bash-2.05# more mappings
! MTA mappings file
! for access control and other table lookups

PORT_ACCESS

*|*|*|*|* $C$|INTERNAL_IP;$3|$Y$E
* $YEXTERNAL


INTERNAL_IP

$(172.17.24.34/24) $Y
127.0.0.1 $Y
! 172.17.17.41 $Y
! 172.17.16.51 $Y
* $N


ORIG_SEND_ACCESS

tcp_local|*|tcp_local|* $N$D30|Relaying$ not$ allowed
tcp_*|*|native|* $N
tcp_*|*|hold|* $N
tcp_*|*|pipe|* $N
tcp_*|*|ims-ms|* $N
!
! Block "external" submissions of explicitly source-routed "internal" addresses
!
tcp_local|*|tcp_intranet|@*:*.* $N$D30|Explicit$ routing$ not$ allowed
tcp_local|*|tcp_intranet|*$%*@* $N$D30|Explicit$ routing$ not$ allowed
tcp_local|*|tcp_intranet|*.*!*@* $N$D30|Explicit$ routing$ not$ allowed
tcp_local|*|tcp_intranet|"*@*"@* $N$D30|Explicit$ routing$ not$ allowed


SEND_ACCESS

tcp_*|*|*|*@[127.*] $X5.1.2|$NBad$ destination$ system
tcp_*|*|*|*@localhost.* $X5.1.2|$NBad$ destination$ system
tcp_*|*|*|*@example.com $X5.1.2|$NBad$ destination$ system
tcp_*|*|*|*@example.net $X5.1.2|$NBad$ destination$ system
tcp_*|*|*|*@example.org $X5.1.2|$NBad$ destination$ system
tcp_*|*|*|*@*.test $X5.1.2|$NBad$ destination$ system
tcp_*|*|*|*@*.example $X5.1.2|$NBad$ destination$ system
tcp_*|*|*|*@*.invalid $X5.1.2|$NBad$ destination$ system
tcp_*|*|*|*@*.localhost $X5.1.2|$NBad$ destination$ system



CONVERSIONS

in-chan=tcp_scanner;out-chan=*;CONVERT No
in-chan=tcp_*;out-chan=tcp_local;CONVERT Yes,Channel=tcp_scanner

!IN-CHAN=tcp_scan;OUT-CHAN=*;CONVERT No
!IN-CHAN=tcp_*;OUT-CHAN=*;CONVERT Yes,Channel=tcp_scan


<IMTA_TABLE:mappings.locale


With this configuration, my iMSS only scan mails from internal to internal domain.
Mails sent via outlook:
10-Oct-2005 17:11:34.13 tcp_auth tcp_scanner EA 3 user1@in.com rfc822;user1@in.com user1@banco.es
10-Oct-2005 17:11:34.15 tcp_auth tcp_local EA 3 user1@in.com rfc822;my@out.es my@out.com
10-Oct-2005 17:11:34.24 tcp_local D 3 user1@in.com rfc822;my@out.com my@out.com dns;mail.out.com (mail.out.com xxxxxxxxxxxxx Mon, 10 Oct 2005 17:09:34 +0200 ) smtp;250 2.1.5 my@out.com
10-Oct-2005 17:11:34.53 tcp_scanner ims-ms E 4 user1@in.com rfc822;user1@in.com user1@ims-ms-daemon
10-Oct-2005 17:11:34.59 tcp_scanner D 3 user1@in.com rfc822;user1@in.com user1@in.com dns;172.17.24.34 (TrendMicro IMSS SMTP proxy) smtp;250 2.1.5 user1@in.com OK.

Mails that do not pass throw tcp_scanner channel are not scan by iMSS, but I don`t know why this outgoings mail don�t pass throw tcp_scanner ���???



And mails sent via webmail :
10-Oct-2005 17:28:42.05 tcp_intranet tcp_scanner E 2 user1@in.com rfc822;user1@ in.com user1@ in.com
10-Oct-2005 17:28:42.08 tcp_intranet tcp_local E 2 user1@ in.com rfc822;my@out.com my@out.com
10-Oct-2005 17:28:42.75 tcp_scanner ims-ms E 2 user1@ in.com rfc822;user1@ in.com user1@ims-ms-daemon
10-Oct-2005 17:28:42.80 tcp_scanner D 2 user1@ in.com rfc822;user1@ in.com user1@ in.com dns;172.17.24.34 (TrendMicro IMSS SMTP proxy) smtp;250 2.1.5 user1@in.com OK.
10-Oct-2005 17:28:42.87 tcp_local D 2 user1@ in.com rfc822;my@out.com my@out.com dns;mail.out.com (mail.out.com xxxxxxxxxxxxx Mon, 10 Oct 2005 17:26:42 +0200 ) smtp;250 2.1.5 my@out.com
10-Oct-2005 17:28:42.96 ims-ms D 2 user1@in.com rfc822;user1@in.com user1@ims-ms-daemon

Thanks in advance.
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Feb 11 2006
Added on Oct 10 2005
#e-mail-calendar-collaboration, #webcenter
15 comments
489 views