How do I know ePrism is setup properly to receive mail from the Internet?

Applies To: Models 1000, 2000, 3000

1. Determine which hosts are listed as MX records within DNS. Use Web Tool [1]. It is strongly recommended to have more then one MX record, where each host is a separate ePrism.

2. Connect to each host on port 25 that is listed as an MX record within DNS. Check the SMTP Banner response. Use Web Tool [2] to verify. Check the host with the lowest preference value to ensure the standard response for ePrism will display:

If you receive this response, this means that ePrism is properly positioned at the perimeter of your network.

Check the other hosts listed as MX records, if a different response, such as an SMTP banner from a Microsoft Exchange server displays, access to that server should be closed immediately as it may provide a backdoor for spammers to bypass ePrism. This type of set up is not recommended.

3. If the host with the lowest preference value responds with an SMTP banner slightly different, it is still possible to verify if the host is actually the ePrism.

An SMTP banner that responds with:

requires further verification.

On ePrism, ensure that Pattern Based Message Filtering is enabled and that Default Rule # 2 is present. Default Rule # 2 is:

 

Filter: #2
Message Part: To:
Match Option: Contains
Pattern: rusingle@mail.com
Priority: Medium
Action: Reject

Using Telnet, connect to port 25 of mail.domain.com and issue the following commands:

 

> telnet mail.domain.com 25 [input]
Trying 199.71.190.28... [output]
Connected to mail.domain.com. [output]
Escape character is '^]'. [output]
220 mail.domain.com ESMTP [output]
helo stbernard.com [input]
250 mail.domain.com [output]
250 PIPELINING [output]
250 SIZE 10240000 [output]
250 ETRN [output]
250 8BITMIME [output]
mail from:test@domain.com [input]
250 Ok [output]
rcpt to:test@mail.domain.com [input]
250 Ok [output]
data [input]
354 End data with <CR><LF>.<CR><LF> [output]
from:test@domain.com [input]
to:rusingle@mail.com [input]
subject:hello [input]
bye [input]
. [input]
552 Error: content rejected [output]

If you do not receive 552 Error: content rejected and have verified PBMF is enabled and Default Rule # 2 exists, this indicates ePrism is not the first SMTP host to receive email. It is always recommended ePrism is the first SMTP host to receive email.

An SMTP banner that responds with:

is not ePrism.

This SMTP banner displays the time. ePrism does not display the time when it announces its SMTP banner. Verification is not required. This indicates ePrism is not the first SMTP host to receive mail. This set up is not recommended. It is always recommended ePrism is the first SMTP host to receive mail.

Also note that if the banner indicates SMTP and not ESMTP, that indicates ePrism is not the first SMTP host to receive mail. ePrism is setup to respond to "BOTH" SMTP and ESMTP commands. This can be validated by issuing an EHLO command, if that command is unrecognized, that serves as proof that ePrism is not the first SMTP host. This set up is not recommended. It is always recommended ePrism is the first SMTP host to receive mail.

Web Tool [1]: http://us.mirror.menandmice.com/cgi-bin/DoDig
Web Tool [2]: http://www.checkdns.net [Signup for a free account is required]

***Results may vary when telnetting from an internal PC/host. It is strongly recommended to connect to the MX records from an external host. Use telnet or a web based tool.