What is Email Scanning Gateway application, how does it work, and how to configure it?

Crystal Eye’s Email Scanning Gateway application plays a vital role in detecting threats in the emails before they reach the end users. The advanced scanning capabilities of this application ensure that the incoming and outgoing emails are scanned for suspicious content including attachments and URLs. Once the malicious attachment is detected, the email is cleaned up and then sent across to the recipient.

Alongside scanning emails for incoming threats, the app scans outgoing emails. The EMS application in combination with Crystal Eye’s Data Loss application can be used to scan outgoing emails for specific content type and then block or alert as required.

Use Case 1 – Relay Host

We can setup Crystal Eye’s Mail Transfer Agent (MTA) as relay host. When the MTA is configured as relay host, the EMS app would only scan outgoing emails.

As a recommended setting, we suggest using Google’s SMTP server because it will reduce the possibility of the email being blocked by the ISP or flagged as spam etc.

The following diagram shows that the emails sent by senders are routed to the Crystal Eye Appliance where the Email Scanning Gateway application scans the emails and directs it to the SMTP server.

Perform the following steps to configure Crystal Eye’s MTA as relay host to scan only outgoing emails:

Step 1: Go to Network Control > Email Scanning Gateway Step 2: You will now be directed to the Email Scanning Gateway application. Click the Edit button. Step 3: You will see the editable version of MTA & SMTP settings page. The IP Address textbox and Host Name textbox will be auto-filled by default. Select Relay Host from the Use Relay as dropdown. Step 4: Enter the Host Name as smtp.gmail.com if you intend to use Google’s SMTP server and then enter 587 in the Port textbox. Step 5: Now, use your google account to generate user credentials of the SMTP service. This can be done in the security section https://myaccount.google.com > Security and then retrieve SMTP user credentials from the passwords section. Step 6: Now enter the smtp credentials in the Username and Password textbox and click the Update button.

Use Case 2 – Relay Domain

Crystal Eye’s Mail Transfer Agent (MTA) can be transferred as relay domain. When the MTA is configured as relay domain, the EMS app would only scan outgoing & incoming emails.

The following diagram shows that the emails sent by senders outside the CE network to users in the CE networks are routed to the Crystal Eye Appliance where the Email Scanning Gateway application scans the emails and directs it to the Relay SMTP server.

Perform the following steps to configure Crystal Eye’s MTA as relay domain to scan outgoing & incoming emails:

Step 1: Go to Network Control > Email Scanning Gateway Step 2: You will now be directed to the Email Scanning Gateway application. Click the Edit button. Step 3: You will see the editable version of MTA & SMTP settings page. The IP Address textbox and Host Name textbox will be auto-filled by default. Select Relay Domain from the Use Relay as dropdown. Step 4: Enter the MTA domain name in the Domain Name textbox under the MTA Settings section, the SMTP domain name in the SMTP section, the port number, and the Relay SMTP Server IP in the textbox. Click the Update button after updating these fields. Step 5: Add ‘MX’ Record pointing the relay domain name (abc.com) to the external IP address of the Crystal Eye appliance (148.251.158.200). You may contact your DNS service provider to perform this task.