Cisco ESA to filter internal Emails

M.Jallad · ‎11-02-2015

Hi,

Quick question regarding ESA deployment ; Does ESA provide the capability to protect internal customer email traffic (meaning traffic from user1@customer.com to user2@customer.com) that is of course in addition to internet inbound/outbound traffic, knowing that both users mailbox are communicating with microsoft exchange 2007 Hub transport server.

Appreciate to share your experience and knowledge on this.

Thanks,

Muayad Jallad,

Nasir Abbas · ‎11-02-2015

Hi Muayad,

The exchange will simply move the message to user2 mailbox. Which also default behaviour of all mail server regardless of platform.

Also all outbound messages treated as trusted messages by ESA.

You may need to look at exchange’s configuration/option to bring all message to ESA. Once ESA received the message it can send back Exchange without any issue because SMPTRoute already defined for internal domains.

Hope that information above helps.

Thanks,

Nasir

M.Jallad · ‎11-03-2015

Hi Naser,

You are right ; now my question is about how microsoft exchange handles mail flow : if smtp traffic is to be sent between the two users on the same domain , should traffic actually pass through the hub transport in all cases even if the mail is sent internally between users on the same domain.

If , in all cases smtp packets have to pass thorugh the hub transport ; how can we force emails to flow through the ESA from the hub transport side point of view.

Thanks,

Muayad,

Nasir Abbas · ‎11-03-2015

Hi Muayad,

Sorry, I am short on exchange expertise :). However, have done some research and found following on MS tech site:

https://technet.microsoft.com/en-us/library/aa996349(v=exchg.150).aspx#TransportPipeline

That might be helpful to figure out what changes required on exchange side.

Thanks

Nasir