I am setting up a McAfee Email Gateway virtual appliacne, ver 7.0.1. The system has two network interfaces- one is for Internal/LAN connections, one is for Internet net connection. We have an internal corrporate mail server (mail1.mydomain.com) that wil use the McAfee gateway for as a gateway for both inbound and outbound mail routing. The system is configured in proxy mode , not transparent bridge or transparent router. Virtual mail hosts are not defined.
Inbound mail routing is as follows
Internet -> nic2_MEG_nic1 -> mail1.mydomain.com
In MEG email configuration, for sending e-mail, I have an SMTP relay entry for " *.mydomain.com -> .mail1.mydomain.com" This works AOK.
For outbound routing I want to have
CorporateMail -> nic1_MEG_nic2 -> Internet
The corporate mail server uses MEG as its default SMTP. Mail from the corporate mail server does get to the internet. However the MEG dashboard does not show any mail going Outbound, only going Inbound.
In MEG email configuration, receiving e-mail -> Antirelay options, I have added "*.mydomain.com" as a local domain. I added the IP for mail1.mydomain.com as a permitted domain. I then tried adding it as a local domain. My understanding from the documentation that if a I add an host, network or domain as a local domain, then the MEG will treat mail from that domain as oubtound. But this is not the case.
This makes it harder to apply policy rules that only apply to inbound vs oubound (al tho I can still add policies that only apply to traffic from the mail server.) it aslo means that any "inbound" SMTP Masquerading/aliases is applied to mail that shoudl be out bound only.
I ran into the same issue.
I believe it stems from the fact that all mail going through the box starts at the same point, and "inbound" vs. "outbound" is really only to provide different policies. Inbound and outbound routing is all to do with the domain routes.
What I did was go to Mail Policies and added a new policy.
I chose Outbound mail flow, and under rules, set the source IP address to the internal mail server. This basically tells the server to consider any mail it receives from my Exchange server as "Outbound". Anything else is "Inbound".
I had done this. Initially I had set the new policy as "outbound" and did not specify and IP address match. I thought that the policy would apply to "oubound" mail. What I found was that all mali was being processed by the this policy. So I added the IP addres match rule so that only mai lfrom internal filters would be processed by this policy. All other mail fell through to the default (inbound) policy. So for most things, like spam filtering. encryption rules etc- this works great.
However, there does not seem to be an option in the policy for specifying the SMTP masquerading options.
I could have my masquerading set up as
alias1 -> username1
to make sure that they only apply to true incoming mail.
But then what is the purpose of defining oubound smtp masquerading if I can't use them?
Openned a ticket with McAfee support. it looks like I would need to be in transparent bridge mode for the system to distinguish between incoming and outgoing mail.