XWall for Microsoft Exchange

        
       
XWall is a firewall to protect your Exchange Server from virus, spam mail and dangerous attachments
 

Works with:

 
  • Every version of Exchange Server including Small Business Server
  • Dial-Up, Dial-Up routers, ADSL and leased lines connections to the Internet

Benefits:

 
  • Scan inbound and outbound messages for virus 
  • Block messages by specific subjects so that it prevents from viruses like ILOVEYOU
  • Block attachments so that your users do not fill the Exchange Server with unnecessary or dangerous files
  • Block spam mail by checking incoming messages against MAPS ( Mail Abuse Protection System ) 
  • Runs as a service on NT or Windows 2000
  • Compresses messages when sending to reduce bandwidth ( 25% for zip files, 50% on average, 80% for WinWord and Excel )

Optionally:
  • Scheduled ETRN, even when not using a Dial-Up connection
  • Keep a copy of every incoming and outgoing messages so that you can track each message
  • Writes a statistic file to give you an overview of traffic 

Contents

  

System Requirements

  
  • Windows NT, Windows 2000 or Windows 95/98 with TCP/IP installed
  • Microsoft Exchange Server, Lotus Notes or any other SMTP server

How does it work

  

For incoming messages XWall needs to get the message before your Exchange Server will get it so that it can perform it checks before passing the message over to Exchange. Depending if you run XWall on the same machine or on a different machine it needs to hook up port 25 or acts as a relay host. 

For outgoing messages Exchange Server passes the messages to XWall, which performs the checks and the sends the message out in the Internet.
From Exchange Servers viewpoint XWall is a normal relay host.

So the message flow would for incoming messages would be Internet -> XWall -> Exchange Server 
and for outgoing is would be Exchange Server -> XWall -> Internet
 

Installation

  
  • Run Setup.exe or create a directory on your machine and copy all the files into this directory.
    Start MBAdmin.exe to configure XWall.
  • On your first start you will prompted for the following information:
  • Postmaster's Address

The address of the person who is responsible for maintaining XWall. XWall will send all error messages and undeliverable messages to this address.

  • Name or IP Address of the Exchange Server

The name or IP address of the Exchange Server.
If XWall is running on the same machine as the Exchange Server than you can use localhost as the name

 

  • Running XWall on the same machine as Exchange Server
  • Incoming Messages

If you run XWall on the same machine as the Exchange, then you need to tell Exchange that it should listen on a different port that 25, because only one application can listen on a specific port and XWall needs to be the first application that gets SMTP messages.

To do this open the file services , usually located in C:\WINNT\system32\drivers\etc\SERVICES with Notepad or any other text editor. Locate the line smtp 25/tcp mail and change 25 to a port of your choice ( use 24 if you are not sure which one you should use ) and save the file.

Restart the IMC ( Internet Mail Connector ) of the Exchange Server to bring the new settings into affect.

Start MBAdmin, select View->Options->IP Address->Exchange SMTP Port and type in the same port that you have used in services 

Note on Exchange 2000:

In Exchange 2000 the port setting is in Exchange Admin
Servers->Your Server->Protocol->SMTP->Default SMTP Virtual Server->Properties
In this dialog select the tab labeled General and then Advanced

Also make sure Anonymous access is allowed or else XWall is not able to connect to Exchange.
In Exchange Admin select Servers->Your Server->Protocol->SMTP->Default SMTP Virtual Server->Properties
In this dialog select the tab labeled Access and then Authentication and enable Anonymous access

  • Outgoing Messages

Start your Exchange Administrator, select the IMC and switch to the tab labeled Connections.
Enable Forward all messages to host and type in localhost and close the dialog and restart the IMC.
From then on the Exchange Server will forward all messages to localhost, which basically means it sends it to XWall.

 

  • Running XWall on a different machine as Exchange Server
  • Incoming Messages

Start MBAdmin, select View->Options->Exchange->Name or IP Address of the Exchange Server and type in the name or IP address of the Exchange Server.

Depending on your DNS configuration you need to change the MX record so that it points to the machine where XWall is running on or else XWall will not get the messages before Exchange. 

  • Outgoing Messages

Start your Exchange Administrator, select the IMC and switch to the tab labeled Connections.
Enable Forward all messages to host and type in the name or IP address of the machine where XWall is running on and close the dialog and restart the IMC. From then on the Exchange Server will forward all messages to XWall.

 

One you have doe this you can start MBServer and check if all messages are properly routed.
 

XWall as a Microsoft NT Service

  
Keep in mind that XWall needs to reside on a local disk or the Service Controller will not be able to start it.
For the samples below, we assume XWall is in C:\XWall

Be sure that XWall is running well in Console Mode ( i.e. starting from an icon ) and there is no error, because once you run it as a Service, you can't see a screen and a problem will only be visible in the log file.

In general, installing XWall as a service should be your last task and not your first.

  • Installing XWall as a NT Service

Start MBServer.exe one time with an argument of install, by typing

MBServer install

at the Command Prompt and XWall will create the service.

By default its an AUTOSTART Service and any time your computer is started, XWall will start.
You can start and stop XWall at any time via Control Panel

You can start and stop XWall at any time via Control Panel

Note: After you started XWall as a Service, verify that XWall has no errors. 
You need to take a look into the log file to do this.

  • Removing XWall as a NT Service

Start MBServer.exe one time with an argument of remove, by typing

MBServer remove

at the Command Prompt and XWall will delete the service.

How to stop XWall

  
  • XWall runs as a console application:
  • Press ESCAPE
  • Select Close from the system menu ( works only on NT )
  • Press Alt-F4 ( works only on NT )
  • XWall runs as a service on NT:
  • Open Control Panel, select Services, locate XWall and press the button labeled Stop
  • type net stop XWall at the Command Prompt

Upgrade to the latest Version

  
You will find the latest version of XWall at http://www.dataenter.co.at/download.htm

To upgrade your current version of XWall

  • stop MBServer.exe and close MBAdmin.exe
  • make a backup of your current MBServer.exe and MBAdmin.exe
  • extract MBServer.exe and MBAdmin.exe from the zip file and copy it into your XWall directory
  • restart MBServer.exe

Helper Programs

  
  • LogView

LogView let's you view the log file in real time from any machine on your network.
This is especially useful if MBServer runs as a service.
LogView.zip can be downloaded from http://www.dataenter.co.at/download.htm

Common Problems

  
  • XWall sends the message to the Exchange Server without any error,
    but the message seams to "disappear" and never reaches the mailbox of the recipient

Take a look in the Event Log if Exchange has reported an error. If you don't find an error, enable logging at the IMS.

The most common problems are:

  • Recipient has a message size limit
  • Recipient has a mailbox size limit
  • Sender is using a charset which your Exchange can not handle;
    charset="x-user-defined" is common when sending from the Spanish version of Outlook Express
  • Sender is using charset for Eastern Europe and RTF/TNEF is attached ( fixed in Exchange v5.5 SP1 )
  • You have an Exchange 2000 and when sending the message to Exchange
    the error 505 5.7.1 Client was not authenticated is shown

By default an Exchange 2000 does not allow Anonymous access and so XWall is not able to connect to Exchange.

In Exchange Admin select Servers->Your Server->Protocol->SMTP->Default SMTP Virtual Server->Properties
In this dialog select the tab labeled Access and then Authentication and enable Anonymous access

  • You have Windows 2000 and when running XWall as a console application the last line is not visible

By default Windows 2000 the screen buffer size height for a console application is set to 300 lines.
Select the Properties of the console and select the tab labeled Layout and change the Screen Buffer Size Height to 25

Licensing Agreement

  
XWall © is copyrighted 1993-2000 by DataEnter, Michael Kocum

This product and its documentation may not, in whole or in part, be copied, reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any other natural or computer language, in any form or by any means whatsoever, be it electronic, mechanical, magnetic, optical, manual or otherwise, without the prior written consent of DataEnter. DataEnter makes no warranty or representation, either expressed or implied, with respect to the product XWall and its documentation, their quality, performance, merchantability, or fitness for a particular purpose. DataEnter reserves the right to revise the user's guide and make changes to the content without obligation to notify any person or organization of such change. In no event will DataEnter be liable for any direct, indirect, special, incidental or consequential damages, real or imagined, resulting from the use or purchase of this software. Under no circumstances shall DataEnter's liability for damages exceed the price paid for the software license. Should any remedy hereunder be determined to have failed, all limitations of liability and exclusion of damages set forth above shall remain in full force and effect. The extent of the DataEnter's warranty for the software and its documentation is limited to physical defects of the distribution media containing the software. Contact DataEnter to obtain return authorization for the replacement diskette within 30 days of the original date of purchase. Any further statement made by agents, employees, distributors or dealers of DataEnter do not constitute warranties and are not binding. No employee of DataEnter has the authority to modify any portion of this warranty. All brand and product names we refer to in the documentation are used solely for identification purposes and may be trademarks of other companies.

DataEnter, (the licensor) grants the buyer (the licensee) the right to use this copy of XWall (the program) on a single computer at a single location servicing a single Exchange Server as long as the licensee complies with the terms of this license. The licensor reserves the right to terminate this license if the licensee violates any part of the agreement. The licensee agrees to make copies of the program only for backup purposes. The licensee agrees not to copy the documentation and to take all necessary precautions to ensure that the backup copies of the software are not distributed to or acquired by other parties.

Microsoft Exchange, Windows 95, Windows NT and Windows 98 are a trademarks of Microsoft Corp.
 

History

  
v3.01 98-08-06
  • Released
v3.02 99-09-27
  • Fixed quoting in csv file
  • Added optional removing of "Return-Receipt-To:" for inbound and outbound messages
  • Added dialup, SOCKS, ETRN and relaying
  • Added address translation to translate EMail domains, mailboxes or a complete domain to one single address
v3.03 99-12-02
  • Removed Norton Anti Virus from the supported scanner options, because it does not return a proper error level in the newest versions
  • Added support to limit concurrent connections
  • Added user defined message size limit
  • Added message compression when sending to another XWall ( 30 - 80% depending of the attachments in the message )
v3.04 00-01-08
  • Fixed forwarding of an email with a virus to an address of postmaster@xxxxxx.xxx
v3.05 00-02-25
  • Added support for forwarding to a group of addresses and for recursive forwards
  • Fixed console screen when running as a interactive service
  • Added workaround for Win2000 which claims an error when shutting down the service
v3.06 00-04-27
  • Fixed name server auto detect in Win2000
v3.07 00-05-08
  • Added blocking of a message by subject to block viruses like ILOVEYOU
  • Added blocking of a outbound message by attachment name
  • Added From address to DNS messages
v3.08 00-07-18
  • Added the option to send a NDR when blocking an inbound attachment or subject
  • Added the option to check for a blocked subject case sensitive and case insensitive
  • Added support for CHUNKING ( RFC 1830 ) for better sending to an Exchange 2000
  • Added authentication for secure sending to an Exchange 2000
  • Added complete support for RFC 1891 ( Delivers Status Notification )
  • Added signal to send the current log file to postmaster
  • Added option to purge old log files
  • Updated option to remove return-receipt for the new Exchange 2000 read receipt

Changed: 2000-07-18 09:47
Privacy Statement

Copyright © 1996-2000
DataEnter, Michael Kocum

Wagramerstrasse 93/5/10
A-1220 Vienna, Austria

Fax: +43 1 2031320 or +1 (209) 231-5293
EMail: support@dataenter.co.at