1 Reply Latest reply on Nov 14, 2014 12:27 AM by kwidhalm

    Firewall rules and OWA (only accepting mail from McAfee servers)

    here2help

      It has been a couple of weeks since implementing SaaS Email Protection.  As the service is doing a good job of blocking spam but it is time to lock down our Exchange server so that we are only receiving mail that is filtered by the email protection service.  We had our Fortigate 60C configured to only accept mail from the McAfee mx records but that disabled remote users access to Outlook Web Access.  I am assuming there are some ports that need forwarded to ensure the users can access OWA?  Does anyone else have experience with a similar situations?

       

      As the SaaS guide states "To ensure that no mail is presented to your mail server without being processed by McAfee, you will need to restrict all IP access to your mail server with the exception of the following McAfee subnets."  But if i block all inbound IP's other than McAfee's how will my users outside of the office access OWA?

        • 1. Re: Firewall rules and OWA (only accepting mail from McAfee servers)
          kwidhalm

          Hello here2help!

           

          We recommend that you lock down to accept inbound SMTP traffic from our IP ranges on port 25 (or whatever port you are using for your inbound mail traffic).  This should have no affect on users accessing OWA they would be http/https which routes through a different port.

           

          I hope this information helps!

           

          Karen Widhalm

          System Support Specialist

          SaaS Email and Web Security

          McAfee. Part of Intel Security.