GFI MailEssentials can be installed:
- On a perimeter server (for example, in a DMZDemilitarized Zone)
- As a mail relay server between the perimeter (gateway) SMTPSimple Mail Transport Protocol server and mail server.
This setup is commonly used to filter spam on a separate machine, commonly installed in the DMZ. In this environment a server (also known as a gateway/perimeter server) is set to relay emails to the mail server. GFI MailEssentials is installed on the gateway/perimeter server so that spam and email malware is filtered before reaching the mail server.
GFI MailEssentials uses the IISInternet Information Services SMTP service as its SMTP Server and therefore the IIS SMTP service must be configured to act as a mail relay server. To do this:
1. Launch Windows Server Manager.
2. Navigate to the Features node and select Add Features.
The SMTP Server feature might require the installation of additional role services and features. Click Add Required Role Services to proceed with installation.
4. In the following screens click Next to configure any required role services and features, and click Install to start the installation.
5. Click Close to finalize configuration.
1. Go to Start > Control Panel > Administrative Tools > Internet Information ServicesA set of Internet-based services created by Microsoft Corporation for internet servers. (IIS) Manager.
4. Expand Default SMTP Virtual Server node.
5. Right-click Domains and select New > Domain.
6. Select Remote and click Next.
7. Specify organization domain name (for example, test.mydomain.com) and click Finish.
1. Right click on the new domain and select Properties.
2. Select Allow the Incoming Mail to be Relayed to this Domain.
3. Select Forward all mail to smart host and specify the IP address of the server managing emails in this domain. IP address must be enclosed in square brackets, for example,
[126.96.36.199], to exclude them from all DNSDomain Name System lookup attempts.
4. Click OK to finalize your configuration.
If unsecured, your mail relay server can be exploited and used as an open relay for spam. To prevent this, it is recommended that you specify which mail servers can route emails through this mail relay server (for example, allow only specific servers to use this email relaying setup). To achieve this:
1. Go to Start > Control Panel > Administrative Tools > Internet Information Services (IIS) Manager.
2. In the left pane, expand the respective server node. Right-click on Default SMTP Virtual Server and select Properties.
3. From the Access tab, select Relay.
4. Select Only the list below and click Add.
5. Specify IP(s) of the internal mail server(s) that are allowed to route emails through your mail relay server. You can specify:
- Single computers - Authorize one specific machine to relay email through this server. Use the DNS Lookup button to lookup an IP address for a specific host.
- Group of computers - Authorize specific computer(s) to relay emails through this server.
- Domain - Allow all computers in a specific domain to relay emails through this server.
Configure your mail server to route all inbound and outbound email through GFI MailEssentials. In the configuration program of your mail server, use the option to relay all outbound email via another mail server (this option is usually called something similar to Forward all messages to host. Enter the computer name or IP of the machine running GFI MailEssentials. Save the new settings and restart your mail server.
For more information on how to setup Lotus Domino routing, refer to Installation Guide (Domino).
If the MX record is not updated, all emails will be routed directly to your email server - hence bypassing GFI MailEssentials.
Verify that MX record has been successfully updated
To verify whether MX record is updated:
1. From command prompt key in
nslookup and hit Enter.
2. Key in
set type=mx and hit Enter.
3. Specify your mail domain name and hit Enter.
The MX record should return the IP addresses of the mail relay servers.
Before proceeding to install GFI MailEssentials, verify that your new mail relay server is working correctly.
Test IIS SMTP inbound connection
2. Ensure that intended recipient received the test email in the respective email client.
Test IIS SMTP outbound connection
1. Send an email from an ‘internal’ email account to an external account (example, to a Gmail account).
2. Ensure that the intended recipient/external user received the test email.
You can also use Telnet to manually send the test email and obtain more troubleshooting information. For more information refer to: