Scanning multiple MTAs
I am slowly figuring out the know-how. I have a somewhat working MTA scanner. (ClamAV is not working for some reason, but one step at a time.) The next step is to set up MTA scanning for 25 MTA's in the same GroupWise system. Do I have to create a "3rd Party Applications" interface for each MTA? Do I have to use a different "Application key" for each Interface? Or is it allowed to use clone? Creating a unique Application key for each MTA makes it a little difficult to mass modify the MTA startup files via scripts, but if necessary I can deal with it.
Thanks in advance,
if you want to have only "one policy" for multiple MTAs you can use a single application-key and quickly Clone.
From the SMG site every mail will simply come from the same interface.
However if you have different settings and IP ranges of Mail Transfer Agents connecting to SMG the preferred method would be the creation of unique Application-Keys/UUIDs. That way you can have different strong or weak scan policys working independent for each MTA.
Thank you for the reply. Makes sense.
Could it be true, that MTA scans only incoming messages? Regardless of the "Scan by message direction" in the policy settings, I cannot make the MTA scan outgoing emails. Only incoming messages are scanned.
there are two things to check when MTA is not "working as suspected".
If Inbound-Messages are getting scanned and blocked it is a good sign that the connection between the MTA and SMG is working.
If the Policy Settings are not set up correctly, or no policy is "active" for outbound mails this can be the reason that scanning is not done on outbound mail.
Did you already check the Policy Management and its settings?!
I think the policy settings are correct. Mine looks exactly like in your screenshot. I've checked the MTA logs, and when the MTA sends out a message to an other MTA, then it does not even tries to send the mail to the SMG. On incoming messages I see the scan request like this:
08:35:36 56BD VSC: Sending 00190056.KL4 on 0
.... 08:35:38 56B5 VSC: Receiving clean: 0 08:35:38 56B5 VSC: Routing 00190056.KL4: 00000000
But I don't see the VSC thread to do anything on outgoing messages. This is why I thought that this could be working as designed. And it makes sense. Scanning messages twice is unnecessary. The first scan occurs when the message leaves the MTA and the second when the message hits the target MTA. But I could be wrong.
These are the mta startup switches: