SpamExperts Incoming Email Security Firewall is an ISP level malware filtering solution used to protect provide a clean pipe for end Customers. SpamExperts Incoming Email Security Firewall comes as an integration module which redirects all incoming mail traffic to an external server. This chapter will guide you through the process of packaging SpamExperts Incoming Email Security Firewall.
- Type of environment. SpamExperts Incoming Email Security Firewall is not managed by the Controller and is provisioned by the configuration script. Therefore, SpamExperts Incoming Email Security Firewall belongs to the External Environment provisioning type.
- Service provisioning. SpamExperts Incoming Email Security Firewall operates under multiple tenants, and therefore it is a multi-tenant application.
- Services hierarchy. All functions of SpamExperts integration module are represented as a single service:
<service id="main" class="service">
- Used technologies. SpamExperts Incoming Email Security Firewall redirects all incoming mail traffic to an intermediate mail service for examination and then returns it back to the source domain. To make it possible, a DNS substitute has to be specified for the current DNS record. The latter one will obtain the value of the global setting thus making it possible for the hosting provider to define host of the external mail service.
<global-settings>
<group>
<name>Virtual MX record</name>
<setting id="mx1" class="title" type="string">
<name>Primary MX</name>
</setting>
</group>
</global-settings>
<requirements xmlns:php="http://apstandard.com/ns/1/php" xmlns:dns="http://apstandard.com/ns/1/dns">
<php:version min="5.2" />
<php:extension>openssl</php:extension>
<php:extension>curl</php:extension>
<dns:record>
<dns:id>MX1</dns:id>
<dns:mx>
<dns:src>
<dns:external value-of-setting="domains"/>
</dns:src>
<dns:priority>10</dns:priority>
<dns:dst>
<dns:external value-of-setting="mx1"/>
</dns:dst>
<dns:substitute/>
</dns:mx>
</dns:record>
</requirements>
- Presentation details and settings. Among common presentation settings SpamExperts Incoming Email Security Firewall should prompt for domains where mail traffic will be filtered by the application. To make this possible, you will have to define a setting with a domain-name class and a list type. The following is an example of a setting which holds multiple domain names:
<setting id="domains" class="domain-name" type="list" element-type="string" track-old-value="true">
<name>List of domains</name>
</setting>
- Content Delivery Method. SpamExperts Incoming Email Security Firewall belongs to 'Inside Package' type and requires no processing prior to application provisioning. To provision an external service, the Controller requires an installation host, a DNS name (or IP address) and login credentials. These settings are used across all instances of the application and should be defined prior to any service provisioning. The following shows how to define such global settings.
<global-settings>
<group>
<name>API Settings</name>
<setting id="apihost" class="title" type="string">
<name>API hostname</name>
<description>
This is DNS name or IP address of SpamExperts product installation, used for API access.
</description>
</setting>
<setting id="apiuser" class="title" type="string" default-value="admin">
<name>API username</name>
<error-message>
Please make sure the text you entered starts with a letter and continues with either numbers, letters, underscores or hyphens.
</error-message>
</setting>
<setting id="apipass" class="title" type="password">
<name>API password</name>
</setting>
</group>
</global-settings>
- Draft of metadata file. Now, it is time to make a draft of the application metadata file. Describe application general information in the Specification terms. For details, refer to the 5.1 Common Application Properties section of the Specification. Add information written down on previous steps and replenish it with details.
- Preparing scripts. To pass the values to the SpamExperts Incoming Email Security Firewall, a configuration script is used which, among other things, must start and stop the service and ensure that all filtered mail traffic is returned back to the initial mail service. The hostname of the initial mail service may be taken from DNS_<id>_SUBSTITUTE environment variable, where <id> is the id of the original DNS record.
- Archiving application. Form application package according to the requirements stated in the 4. Basic Package Format section of the Specification and archive it.
