This document describes the term listener, as used in the Email Security Appliance (ESA).
What is a listener?
Note: This information is provided as a courtesy. It is recommended that you review the User Guide associated with the AsyncOS version that your ESA currently runs for full details on listeners. Refer to the "Configuring the Gateway to Receive Email" chapter.
The appliance functions as the email gateway for your organization as it services email connections, accepts messages, and relays them to the appropriate systems. The appliance can service email connections from the Internet to recipient hosts inside your network, and from systems inside your network to the Internet. Typically, email connection requests use Simple Mail Transfer Protocol (SMTP). The appliance services SMTP connections by default and acts as the SMTP gateway, also known as a mail exchanger or "MX" for the network.
The appliance uses listeners in order to service incoming SMTP connection requests, A listener describes an email processing service that is configured on a particular IP interface. Listeners apply to email that enters the appliance, from either the Internet or from systems within your network that try to reach the Internet. Use listeners to specify criteria that messages and connections must meet in order to be accepted and for messages to be relayed to recipient hosts. You can think of a listener as an "SMTP daemon" that runs on a specific port for each IP address specified. Also, listeners define how the appliance communicates with systems that try to send email to the appliance.
You can create these types of listeners:
Public - Listens for and accepts email messages that come in from the Internet. Public listeners receive connections from many hosts and direct messages to a limited number of recipients.
Private - Listens for and accepts email messages that come from systems within the network, typically from internal groupware and email servers (POP/IMAP), intended for recipients outside the network in the Internet. Private listeners receive connections from a limited (known) number of hosts and direct messages to many recipients.
You can configure listeners from the appliance GUI (Network > Listeners) or from the appliance CLI (listenerconfig).
Consider these rules and guidelines when you work with and configure listeners on the appliance:
You can define multiple listeners per configured IP interface, but each listener must use a different port.
By default, listeners use SMTP as the mail protocol to service email connections. However, you can also configure the appliance to service email connections with Quick Mail Queuing Protocol (QMQP). In order to configure this, enter the listenerconfig CLI command.
Listeners support both Internet Protocol version 4 (IPv4) and version 6 (IPv6) addresses. You can use either protocol version or both on a single listener. The listener uses the same protocol version for mail delivery as the connecting host. For example, if the listener is configured for both IPv4 and IPv6 and connects to a host that uses IPv6, the listener uses IPv6. However, if the listener is configured to only use IPv6 addresses, it cannot connect to a host that is only using IPv4 addresses.
At least one listener (with default values) is configured on the appliance after you run the System Setup Wizard. However, when you create a listener manually, AsyncOS does not use these default SenderBase Reputation Service (SBRS) values.
C170 appliances - By default, the System Setup Wizard walks you through the configuration of one public listener to both receive mail from the Internet and to relay email from your internal network. That is, one listener can perform both functions.
In order to help test and troubleshoot the appliance, you can create a "blackhole" type listener instead of a public or private listener. When you create a blackhole listener, you choose whether messages are written to disk or not before they are deleted. If you chooose to write messages to the disk before you delete them, it can help you measure the rate to receive messages and the speed of the queue. A listener that does not write messages to disk can help you measure the pure rate to receive messages from your message generation systems. This listener type is only available through the listenerconfig command in the CLI.
Note: Again, refer to the User Guide associated with the AsyncOS version your ESA currently runs for full details on listeners.