3.3 Technical Limitations13
The most common case is the situation when the mail server runs on the computer that
is also the internet gateway. Kerio Network Monitor then “sees” only the local communi-
cation of the clients with the mail server. In the default configuration of Kerio Network
Monitor are created rules, which consider this communication to be the Internet com-
munication (so that the volume of the data is measured. It is necessary to keep in mind
that the volume of the date is measured also when the users are sending mail locally to
each other.
If the mail server runs on another (“inner”) computer, Kerio Network Monitor records E-
mail communication outside of the local network twice: when the client communicates
with the mail server in the Internet. Then it is useful to change predefined rules for the
SMTP, POP3 and IMAP services so that the rules are valid only for IP address of the mail
server — e.g.:
<192.168.1.10> <255.255.255.255> TCP25 on Internet
and add the rules for ignoring any other mail communication — e.g.:
<all addresses> <all addresses> TCP25 discard packet
These rules must be in the list of the rules lower than the rules for particular mail server.
Detail description can be found in chapter 6.1
Proxy Server
Similarly as in the case of the mail server located on the computer, which is the internet
gateway, raises the problem with monitoring the communication of the clients with the
proxy server, when the data is taken from its case — also this data will be evaluated as
downloaded from the Internet.
This problem can be avoided only by switching of the cache, which can be unpleasant
under some conditions.
Encrypted Connection
Data encrypted by any protocol cannot be analyzed by Kerio Network Monitor. Only size
of transferred data can be monitored in such cases.