P. 1
MailGatewayDeploymentGuide-V1.8

MailGatewayDeploymentGuide-V1.8

|Views: 3,185|Likes:
Published by Mohsin Yasin

More info:

Published by: Mohsin Yasin on Jun 12, 2011
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

01/02/2013

pdf

text

original

Sections

  • 1 Introduction
  • 2 Proxmox Mail Gateway Integration
  • 2.1 E-mail system without Proxmox
  • Figure 2-1 System without Proxmox Mail Gateway
  • 2.2 E-mail system with Proxmox
  • Figure 2-3 Outgoing with Proxmox Mail Gateway
  • 2.3 Proxmox in the Intranet
  • 2.3.1 Default port settings
  • Figure 2-4 Incoming default port settings (port 25)
  • Figure 2-5 Outgoing default port settings (port 26)
  • 2.3.2 Alternative port settings (e.g. for MS Exchange)
  • Figure 2-6 Incoming alternative port settings (port 26)
  • 2.4 Proxmox in DMZ (demilitarized zone)
  • 2.5 Proxmox with multiple e-mail server and mail domains
  • Figure 2-9 Multiple e-mail servers
  • 3 Performance Tuning
  • 3.1 Hardware benchmarks
  • 3.2 Backup MX
  • 3.3 Local DNS cache
  • 3.4 Blocking Emails on SMTP level
  • Figure 3-2 Mail proxy whitelist
  • 3.4.1 Greylisting
  • 3.4.2 Sender Policy Framework – SPF
  • 3.4.3 Real time Blacklists (RBL)
  • 3.4.4 Local DNS RBL cache – Spamhaus Datafeed Service
  • 3.4.4.1 Configuring local DNS blacklist caches
  • Figure 3-4 Enable local RLB cache – Spamhaus.org and Dsbl.org
  • 3.4.5 Receiver Verification
  • 3.4.5.1 Proxmox Solutions
  • 3.4.5.2 Enabling Verify Receivers
  • 3.4.5.2.1 Settings for Exchange 2003 SP2
  • Figure 3-8 Exchange 2003: Filter recipients 3
  • 3.4.5.2.2 Settings for Exchange 2007 SP1
  • Figure 3-10 Exchange 2007 SP1: Install Anti-Spam agent
  • Figure 3-12 Exchange 2007 SP1: Filter recipients 2
  • 4 Rule System
  • 4.1 Default Rules
  • 4.1.1 Block Viruses
  • Figure 4-1 Rule: Block Viruses
  • 4.1.2 Virus Alert
  • 4.1.3 Block Dangerous Files
  • Figure 4-3 Rule: Block Dangerous Files
  • 4.1.4 Mark Spam
  • 4.2 Custom Rules
  • 4.2.1 Enable Spam and Virus quarantine
  • Figure 4-5 Add “Quarantine” action to rule “Mark Spam”
  • 4.2.2 Enable Spam quarantine for just a selection of users
  • Figure 4-6 Enable Spam quarantine for just a selection of users
  • 4.2.3 Enable Spam quarantine for existing LDAP users
  • 4.2.4 Block Spam e-mails with a score higher 10
  • Figure 4-10 Add Spam Filter to a What Object
  • Figure 4-14 Add Action Object to a Rule
  • Figure 4-16 Activate Rule
  • 4.2.5 BCC object – An simple archive solution
  • 4.2.6 Block Video and Audio Attachments
  • 4.2.7 Add Admin Notification to Rules
  • 4.2.8 Preventing directory harvesting attacks with LDAP object
  • Figure 4-17 Unknown LDAP address rule
  • 4.2.9 Block Video and Audio Attachments for LDAP Groups
  • 5 Proxmox HA Cluster – High availability
  • 5.1 Load Balancing with MX Records
  • 5.2 Multiple Address Records
  • Figure 5-3 Load balancing Multiple Address Records
  • 5.3 Using third party Firewall features
  • 6 Hardware selection and Virtualization
  • 6.1 Physical Hardware
  • 6.1.1 Certified Hardware
  • 6.2 Proxmox VE (http://pve.proxmox.com)
  • 6.3 VMware™
  • 6.3.1 Settings for VMware™ ESX, ESXi and vSphere
  • 6.3.1.1 Settings for the Proxmox Mail Gateway Virtual Machine
  • 6.3.1.1.1 RAM settings
  • 6.3.1.1.2 VMware Tools
  • 6.3.1.1.3 Enable VMI Paravirtualization
  • 6.3.1.1.4 Enable time synchronization
  • Figure 6-2 Enable time synchronization on ESX/ESXi
  • 6.3.2 Settings for a VMware™ Server 2
  • 6.3.2.1 Host memory settings
  • Figure 6-3 Memory settings for VMware Server 2 Host
  • 6.3.2.2 Settings for Proxmox Mail Gateway Virtual Machine
  • 6.3.2.2.3 Enable VMI Paravirtualization
  • Figure 6-4 Enable VMI Paravirtualization for Proxmox Mail Gateway
  • 6.3.2.2.4 Enable time synchronization
  • Figure 6-5 Enable time synchronization on VMware Server 2 Host
  • 6.4 OpenVZ
  • 7 Troubleshooting and technical support
  • 8 Table of figures
  • 9 Appendix

Proxmox Mail Gateway

Deployment Guide

5/21/2010 MailGatewayDeploymentGuide-V1.8.docx

Proxmox Server Solutions GmbH
Kohlgasse 51/10

A-1050 Vienna  office@proxmox.com

www.proxmox.com

Proxmox Server Solutions GmbH reserves the right to make changes to this document and to the products described herein without notice. Before installing and using the software, please review the latest version of this document, which is available from http://www.proxmox.com. NOTE: A license to the Proxmox Software usually includes the right to product updates for one (1) year from the date of purchase. Maintenance can be renewed on an annual basis. All other product or company names different from Proxmox may be trademarks or registered trademarks of their owners. Copyright © 2010 Proxmox Server Solutions GmbH. All rights reserved. No part of this publication may be reproduced, photocopied, stored in a retrieval system, or transmitted without the express prior written consent of Proxmox.

© 21.05.2010 Proxmox Server Solutions GmbH

2

49

Proxmox Server Solutions GmbH
Kohlgasse 51/10

A-1050 Vienna  office@proxmox.com

www.proxmox.com

Table of Contents
1 2 Introduction .................................................................................................... 5 Proxmox Mail Gateway Integration ..................................................................... 6 2.1 E-mail system without Proxmox ................................................................... 6 2.2 E-mail system with Proxmox ........................................................................ 6 2.3 Proxmox in the Intranet .............................................................................. 8 2.3.1 Default port settings ............................................................................ 8 2.3.2 Alternative port settings (e.g. for MS Exchange) ..................................... 8 2.4 Proxmox in DMZ (demilitarized zone) ...........................................................10 2.5 Proxmox with multiple e-mail server and mail domains ..................................11 Performance Tuning ........................................................................................12 3.1 Hardware benchmarks ...............................................................................12 3.2 Backup MX ...............................................................................................12 3.3 Local DNS cache........................................................................................12 3.4 Blocking Emails on SMTP level ....................................................................13 3.4.1 Greylisting.........................................................................................13 3.4.2 Sender Policy Framework – SPF ...........................................................14 3.4.3 Real time Blacklists (RBL)....................................................................14 3.4.4 Local DNS RBL cache – Spamhaus Datafeed Service ...............................15 3.4.4.1 Configuring local DNS blacklist caches ............................................15 3.4.5 Receiver Verification ...........................................................................16 3.4.5.1 Proxmox Solutions .......................................................................16 3.4.5.2 Enabling Verify Receivers ..............................................................17 3.4.5.2.1 Settings for Exchange 2003 SP2 ..................................................18 3.4.5.2.2 Settings for Exchange 2007 SP1 ..................................................21 Rule System ...................................................................................................22 4.1 Default Rules ............................................................................................24 4.1.1 Block Viruses .....................................................................................24 4.1.2 Virus Alert .........................................................................................24 4.1.3 Block Dangerous Files .........................................................................25 4.1.4 Mark Spam ........................................................................................25 4.2 Custom Rules............................................................................................26 4.2.1 Enable Spam and Virus quarantine .......................................................26 4.2.2 Enable Spam quarantine for just a selection of users ..............................26 4.2.3 Enable Spam quarantine for existing LDAP users ....................................27 4.2.4 Block Spam e-mails with a score higher 10 ............................................29 4.2.5 BCC object – An simple archive solution ................................................33 4.2.6 Block Video and Audio Attachments ......................................................33 4.2.7 Add Admin Notification to Rules ...........................................................34 4.2.8 Preventing directory harvesting attacks with LDAP object ........................34 4.2.9 Block Video and Audio Attachments for LDAP Groups ..............................35 Proxmox HA Cluster – High availability ..............................................................37 5.1 Load Balancing with MX Records..................................................................38 5.2 Multiple Address Records ............................................................................39 5.3 Using third party Firewall features ...............................................................39 Hardware selection and Virtualization ................................................................40 6.1 Physical Hardware .....................................................................................40 6.1.1 Certified Hardware .............................................................................40 6.2 Proxmox VE (http://pve.proxmox.com) ........................................................40 6.3 VMware™ .................................................................................................40 6.3.1 Settings for VMware™ ESX, ESXi and vSphere .......................................41 6.3.1.1 Settings for the Proxmox Mail Gateway Virtual Machine ....................41 6.3.1.1.1 RAM settings .............................................................................41 6.3.1.1.2 VMware Tools............................................................................41 6.3.1.1.3 Enable VMI Paravirtualization ......................................................41 6.3.1.1.4 Enable time synchronization .......................................................42
3

3

4

5

6

© 21.05.2010 Proxmox Server Solutions GmbH

49

Proxmox Server Solutions GmbH
Kohlgasse 51/10

A-1050 Vienna  office@proxmox.com

www.proxmox.com

6.3.2 Settings for a VMware™ Server 2 .........................................................42 6.3.2.1 Host memory settings...................................................................42 6.3.2.2 Settings for Proxmox Mail Gateway Virtual Machine ..........................43 6.3.2.2.1 RAM settings .............................................................................43 6.3.2.2.2 VMware Tools............................................................................43 6.3.2.2.3 Enable VMI Paravirtualization ......................................................43 6.3.2.2.4 Enable time synchronization .......................................................44 6.4 OpenVZ....................................................................................................45 7 Troubleshooting and technical support ...............................................................47 8 Table of figures ...............................................................................................48 9 Appendix .......................................................................................................49

© 21.05.2010 Proxmox Server Solutions GmbH

4

49

Proxmox Server Solutions GmbH Kohlgasse 51/10  A-1050 Vienna  office@proxmox.05. E-mail is an essential service for any organization.com 1 Introduction The huge amount of e-mail traffic is a challenge for every e-mail environment. regulation under public law and e-mail threads like viruses or Phishing attacks. Note: See also the Proxmox Mail Gateway Administration Guide for a detailed product description. this includes: performance. © 21. If the email server is not working. A missed e-mail could mean a lost opportunity. or it could cause a public-relations problem that no organization would want.com  www. How does Proxmox work? When an e-mail arrives at the Proxmox Mail Gateway. it is analyzed and forwarded to your e-mail server which is responsible for sending the e-mail to the receiver.proxmox. The process works similar for outgoing e-mails. reliability. Proxmox Mail Gateway temporarily stores the message in the e-mail queue for later transfer. This document covers samples and deployment information how to integrate and customize Proxmox in your e-mail environment.2010 Proxmox Server Solutions GmbH 5  49 . The daily e-mail routine brings along some major problems. and professionally managed e-mail improves organizational workflow and customer satisfaction.

1 E-mail system without Proxmox In a sample configuration. one port for outgoing e-mails.05.2 E-mail system with Proxmox A single Proxmox Mail Gateway Server can handle unlimited mail domains with multiple internal mail servers and millions of e-mails per day.proxmox.2010 Proxmox Server Solutions GmbH 6  49 . One port is assigned to incoming.Proxmox Server Solutions GmbH Kohlgasse 51/10  A-1050 Vienna  office@proxmox. Figure 2-1 System without Proxmox Mail Gateway 2. For high availability and maximum performance it is recommended to use a Proxmox HA Cluster.com  www. Proxmox Mail Gateway can process incoming AND outgoing SMTP traffic by using different ports. With the integrated Proxmox system all your e-mail traffic is forwarded to the Proxmox Mail Gateway which filters the whole e-mail traffic and removes unwanted e-mails.com 2 Proxmox Mail Gateway Integration 2. You can manage incoming and outgoing e-mail traffic. see chapter 5 Proxmox HA Cluster – High availability. Figure 2-2 Incoming e-mail with Proxmox Mail Gateway © 21. your e-mail traffic (SMTP) arrives on the firewall and will be forwarded directly to your e-mail server.

05. Statistics about incoming e-mails looks nice.com  www. This has two major advantages: Figure 2-3 Outgoing with Proxmox Mail Gateway 1. Consider two users. because he communicates with your customers. Proxmox can gather statistics about outgoing e-mails too. Opposed to that Proxmox Mail Gateway is designed to scan both incoming and outgoing mails.2010 Proxmox Server Solutions GmbH 7  49 . Which user do you consider more active? I am sure its user-2. While user-2 receiver 5 mails from a customer and sent 5 mails back. Solution which does not scan outgoing mail can’t do that. I many countries you are liable for not sending viruses to other people. Proxmox outgoing e-mail scanning feature is an additional protection to avoid that. 2. Proxmox advanced address statistics can show you this important information. but they are quite useless.com Many mail filter solutions do not scan outgoing mails.Proxmox Server Solutions GmbH Kohlgasse 51/10  A-1050 Vienna  office@proxmox. Proxmox is able to detect viruses sent from an internal host. © 21. user1 receives 10 mails from news portals and wrote 1 mail to a person you never heard from.proxmox.

com 2.2 Alternative port settings (e.3.2010 Proxmox Server Solutions GmbH 8  49 .05. Figure 2-4 Incoming default port settings (port 25) Outgoing Mails: Configure your mail server to send all e-mails to the Proxmox Mail Gateway. so Proxmox knows its internal trusted e-mail. After processing.g.com  www. for MS Exchange) Sometimes it is not possible to change the outgoing port due to third party software limitations or existing network configurations (e. Figure 2-5 Outgoing default port settings (port 26) 2.Proxmox Server Solutions GmbH Kohlgasse 51/10  A-1050 Vienna  office@proxmox. So that you’re external IP and port 25 shows to the Proxmox Mail Gateway IP and port 26.1 Default port settings The default configuration of the Proxmox Mail Gateway uses port 25 for incoming and port 26 for outgoing e-mails.3. port 26.proxmox. using standard port 25. Note: Proxmox receives the outgoing e-mails on port 26. changing MS Exchange to another sending port will have impact on Exchange internals and it’s not recommend) To receive e-mails you have to do port forwarding at your Firewall.3 Proxmox in the Intranet 2. © 21.g. Proxmox sends the e-mails to Internet.

05.proxmox.com  www.2010 Proxmox Server Solutions GmbH 9  49 . Figure 2-7 Outgoing alternative port settings (port 25) © 21. In the end you have to use port 25 for outgoing and port 26 for incoming mails.Proxmox Server Solutions GmbH Kohlgasse 51/10  A-1050 Vienna  office@proxmox.com Figure 2-6 Incoming alternative port settings (port 26) With MS Exchange you should not use port 26 for outgoing so you have to switch these two values (25 and 26).

0.2 192.0 255.1 Net mask 255. for example: Interface eth0 eth1 eth2 Zone Local Internet DMZ IP Address 192.16.1 10.168.255.255. The intranet (Local) and DMZ needs to have different IP Networks.proxmox.255.255.0.com 2.2010 Proxmox Server Solutions GmbH 10  49 .168.0 Figure 2-8 Proxmox in DMZ © 21.0 255.4 Proxmox in DMZ (demilitarized zone) To run a DMZ Zone you have to adjust your Firewall settings.05.Proxmox Server Solutions GmbH Kohlgasse 51/10  A-1050 Vienna  office@proxmox.255.255.com  www.1.

5 Proxmox with multiple e-mail server and mail domains You can use Proxmox Mail Gateway sending e-mails to different internal e-mail servers.com to a second one. In the e-mail proxy transport section add the IP addresses or hostname.proxmox. and e-mails addressed to subdomain.com  www.05.com 2. SMTP ports and mail domains of your additional e-mail servers. otherwise it will not work! © 21.com to your first e-mail server.Proxmox Server Solutions GmbH Kohlgasse 51/10  A-1050 Vienna  office@proxmox. Figure 2-9 Multiple e-mail servers Note: you need for each domain an appropriate license.2010 Proxmox Server Solutions GmbH 11  49 .domain. For example you can send e-mails addressed to domain.

3 Local DNS cache Proxmox includes a local DNS cache.26 ms DNS INT: 1.05 ms (domain. because many ISPs do not use advanced spam prevention techniques.spamhaus. Note: Never run “proxperf” if the system is under load.47 ms (zen.2 Backup MX Using your ISPs mail server is not a good idea.com 3 Performance Tuning 3.09 ms FSYNCS/SECOND: 1084.1 Hardware benchmarks Please use the command line tool “proxperf” to get an overview about your hardware and DNS performance. it is recommended to run a second Proxmox server in HA Cluster mode to avoid lower spam detection rates 3.51 DNS EXT: 46. or if you want to reduce the load on those servers. 3.org) proxmox:~# Please compare your results against this reference.Proxmox Server Solutions GmbH Kohlgasse 51/10  A-1050 Vienna  office@proxmox. And spammers know this and they use your ISP backup MX to work around your Proxmox spam filtering. It is recommended to enable it if you do not have access to fast (internal) DNS servers. Here is a sample output of “proxperf”: proxmox:~# proxperf CPU BOGOMIPS: 8489.proxmox. If you get lower results please analyze your hardware and DNS setup – for comments email your results to support@proxmox.64 REGEX/SECOND: 410814 HD SIZE: 6. Figure 3-1 Use local DNS Cache © 21. If you need redundancy.2010 Proxmox Server Solutions GmbH 12  49 .05.com) DNSBL: 35. you can never benefit of blocking spam messages on SMTP level.com  www. Additionally.89 GB (/dev/sda2) BUFFERED READS: 116.38 MB/sec AVERAGE SEEK TIME: 8.com.

com  www.4 Blocking Emails on SMTP level Blocking emails before they reach your network saves your internet bandwidth and reduces processing power. By doing the following. it is greylisted for a period of time (how much time is dependent on the server configuration). The e-mail is rejected with a temporary error. a server that utilizes Greylisting will record the following three pieces of information (referred to as triplet) for all incoming e-mail. If you want to exclude some senders or receivers from getting blocked on the SMTP level. Then.Proxmox Server Solutions GmbH Kohlgasse 51/10  A-1050 Vienna  office@proxmox.05. a legitimate server will attempt to connect again later on to deliver the e-mail. filling up the queue. Figure 3-2 Mail proxy whitelist 3.    The IP address of the connecting host The envelope sender address The envelope recipient address The client is checked against the mail server's internal whitelists (if any) first. The assumption is that since temporary failures are built into the RFC specifications for e-mail delivery. Greylisting is effective because many mass e-mail tools utilized by spammers are not set up to handle temporary failures (or any failures for that matter) so the Spam is never received. depends on your environment. just enter in the Mail proxy whitelist.com 3.1 Greylisting Typically. you can reduce your email traffic by more than 90 %.4. Greylisted e-mails never reach your mail server and your mail server will stop sending useless "Non Delivery Reports" to spammers. If a sender has a valid SPF record.2010 Proxmox Server Solutions GmbH 13  49 . if the triplet has never been seen before. This feature can reduce e-mail traffic up to 50%. he will never be greylisted.proxmox. © 21.

When receiving a message from a domain. e-mail. SPF works by domains publishing "reverse MX" records to tell the world what machines send email for the domain. etc. that you deploy a valid SPF record for your mail domain. Note: see http://www.org Figure 3-3 Enable RBL checks © 21.org • dsbl.4.2010 Proxmox Server Solutions GmbH 14  49 .Proxmox Server Solutions GmbH Kohlgasse 51/10  A-1050 Vienna  office@proxmox. the recipient can check those records to make sure e-mail is coming from where it should be coming from.com  www. All domains already publish e-mail (MX) records to tell the world what machines receive e-mail for the domain.4. 3. Therefore Proxmox has to query the RBL server for every SMTP connection.openspf.proxmox.com 3. Proxmox use the following RBL providers by default: • Spamhaus.) to the machines that perform those services. Please make sure.3 Real time Blacklists (RBL) Proxmox can use RBL checks on SMTP level to reject e-mails.2 Sender Policy Framework – SPF Domains use public records (DNS) to direct requests for different services (web.org for setting up a SPF for your mail domain.05.

Proxmox can use local DNS blacklist caches of spamhaus. configure the RBLDNS daemon configuration file: nano /etc/default/rbldnsd RBLDNSD=".proxmox.spamhaus. If these servers are under heavy it cannot be guaranteed that you will get an answer – also if you are running a high traffic site it is recommended to locally cache both RBL´s.com 3.org:ip4set:sbl \ pbl.spamhaus.spamhaus.org:ip4tset:xbl \ list. You can locally mirror blacklist data making queries to remote DNS servers unnecessary.org:ip4trie:pbl \ xbl. usually started via cron.dsbl. Note: Spamhaus data feed is a commercial service – additional license/account required.org --dsbl rsync.0. You can use your Proxmox Server to download the blacklists.2 \ sbl. please replace these values with the one in your spamhaus datafeed license.org:ip4set:sbl \ zen. Just set the IP address of your local mirror. Please log in to the console and configure the following: crontab –e 11.org -mailto root Note: “11.org and dsbl.proxmox.1' to disable it (default). but you can also use any other server within your network.spamhaus.41” stands for the minutes of each hour.4.org:ip4tset:xbl \ zen.-r/var/lib/rbldns -f -b127.org:ip4set:dsbl" © 21.spamhaus.0.41 * * * * proxblsync --spamhaus rsync1.org:ip4trie:pbl \ zen.com  www. Next. Proxmox can synchronize these blacklists locally to provide quality of service and speed up the query time.4.4.spamhaus.spamhaus.Proxmox Server Solutions GmbH Kohlgasse 51/10  A-1050 Vienna  office@proxmox.0.4 Local DNS RBL cache – Spamhaus Datafeed Service Each e-mail leads to a DNS query to the RBL server of spamhaus and dsbl.0.dsbl. 3.2010 Proxmox Server Solutions GmbH 15  49 . or '127.1 Configuring local DNS blacklist caches Some DNS blacklist providers offers data feed services.05.org.com HowTo: Synchronize DNS blacklist to the Proxmox server Local sync is done via proxblsync. For details visit http://www.

4.5. In short. this means for your systems:     reduced traffic.4.com Start the RBLDNS service: /etc/init. redirect query to local mirror: Figure 3-4 Enable local RLB cache – Spamhaus.com  www. In short.d/rbldnsd start Finally. which means BEFORE the e-mails are transferred to your networks.proxmox.org and Dsbl. 90 % less e-mails to analyze for spam and viruses Good performance and costs © 21.2010 Proxmox Server Solutions GmbH 16  49 .org 3.1 Proxmox Solutions Proxmox can detect these e-mails to non-existing users on SMTP level. up to 90 % Your internal e-mail server is now working for you again Reduced load on your scanners. this means for your systems:     Increased traffic on your internet connection Your e-mail server is handling junk e-mails instead of working for you High load on your scanners Slow overall performance and high costs 3.5 Receiver Verification Nowadays. e-mail domains are receiving a lot of e-mails to non-existing users. This could be up to 95 % of junk messages.Proxmox Server Solutions GmbH Kohlgasse 51/10  A-1050 Vienna  office@proxmox.05.

For settings on Exchange 2003 SP2.proxmox.com  www. that in the case of a short downtime of your internal mail server no messages are lost.com 3.1 Settings for Exchange 2003 SP2 Figure 3-5 Enable Verify Receivers © 21. see chapter 3. Note: Your internal e-mail server has to be reconfigured to reject unknown user.4.Proxmox Server Solutions GmbH Kohlgasse 51/10  A-1050 Vienna  office@proxmox.4.05.5.5. 450 means.2010 Proxmox Server Solutions GmbH 17  49 .2. Proxmox is doing a short query to the internal e-mail server to check if the user is valid.2 Enabling Verify Receivers You can enable this option on the admin interface (Configuration/Mail Proxy/Options) We recommend selecting yes (450).

05.com 3.Proxmox Server Solutions GmbH Kohlgasse 51/10  A-1050 Vienna  office@proxmox.2.5. please use the Exchange System Manager.com  www.proxmox.2010 Proxmox Server Solutions GmbH 18  49 .1 Settings for Exchange 2003 SP2 You have to enable Recipient Filtering. Figure 3-6 Exchange 2003: Filter recipients 1 © 21.4.

com Figure 3-7 Exchange 2003: Filter recipients 2 © 21.com  www.2010 Proxmox Server Solutions GmbH 19  49 .Proxmox Server Solutions GmbH Kohlgasse 51/10  A-1050 Vienna  office@proxmox.05.proxmox.

com Figure 3-8 Exchange 2003: Filter recipients 3 Figure 3-9 Exchange 2003: Filter recipients 4 © 21.Proxmox Server Solutions GmbH Kohlgasse 51/10  A-1050 Vienna  office@proxmox.05.proxmox.com  www.2010 Proxmox Server Solutions GmbH 20  49 .

2 Settings for Exchange 2007 SP1 First. 2. please use the Exchange Management Console.2. If you installed a typical one server installation.5. Open the Exchange Management Shell cd “c:\program files\Microsoft\Exchange Server\Scripts” .4. 3.com  www.\install-AntispamAgents Restart the Microsoft Exchange Transport service Figure 3-10 Exchange 2007 SP1: Install Anti-Spam agent Now you can enable Recipient Filtering on the Anti-Spam agent. Figure 3-11 Exchange 2007 SP1: Filter recipients 1 © 21. 4. Microsoft provides an install script to manually install the Anti-Spam agent: 1. this is NOT installed by default. make sure that you have the Exchange 2007 Anti-Spam agent.2010 Proxmox Server Solutions GmbH 21  49 .05.com 3.Proxmox Server Solutions GmbH Kohlgasse 51/10  A-1050 Vienna  office@proxmox.proxmox.

WHAT. recipients not visible in the "To" field) to Mailbox or to a Public Folder      FROM: Anybody TO: Anybody WHEN: Always WHAT: Mail ACTION: BCC to Publicfolder In most of the countries worldwide a company has to forward all e-mails to there employees this includes spam e-mails as well.05. © 21.object Example: Does the e-mail contain spam? Action . It’s an easy but very powerful way to define filter rules by user.Proxmox Server Solutions GmbH Kohlgasse 51/10  A-1050 Vienna  office@proxmox. time frame. ACTION) which can contain several objects. Every rule has got 5 categories (FROM.object For TO and/or FROM Category Example: Mail object .object Example: When is the e-mail received by Proxmox Mail Gateway? What .2010 Proxmox Server Solutions GmbH 22  49 . content type and resulting action. domains. For example enable Archive Solutions with BCC Object (Blind carbon copy.object Example: Mark e-mail with "SPAM:" in the subject. TO.com  www.com Figure 3-12 Exchange 2007 SP1: Filter recipients 2 4 Rule System The object-oriented rule system enables custom rules for your domains.Who is the sender or receiver of the e-mail? When . WHEN.     Who .proxmox.

© 21. Based on the design as software appliance one of the strengths of Proxmox Mail Gateway is its flexibility. which reduces the usefulness of e-mail as a practical tool. The combination of spam and worm programs results in users receiving a constant drizzle of junk e-mail. It’s compatible to every type of mail server or MTA (e. To increase the efficiency of e-mail communications the use of anti-spam. Lotus Domino.2010 Proxmox Server Solutions GmbH 23  49 .g.proxmox. Postfix …). Microsoft Exchange. Quarantine can be enabled just for existing LDAP groups or via BCC to Public Folders or Mailboxes. pishing and e-mail worms. With the deployment of Proxmox Mail Gateway you get the job done. Because of the very low cost of sending email.com For example to send Spam mails in quarantine      FROM: Anybody TO: Anybody WHEN: Always WHAT: Spam ACTION: Quarantine With this kind of setup the receiver gets detailed Information about the Spam e-mails. spammers can send hundreds of millions of e-mail messages each day over an inexpensive internet connection. E-mail worms use e-mail as a way of replicating themselves into vulnerable computers. Hundreds of active spammers sending this volume of mail results in information overload for many computer users who receive tens or even hundreds of junk messages each day. Spamming is unsolicited commercial e-mail. At present the usefulness of e-mail is being threatened by three phenomena: spamming. anti-pishing and antivirus software is essential.05.Proxmox Server Solutions GmbH Kohlgasse 51/10  A-1050 Vienna  office@proxmox. It can be easy integrated in existing E-mail architecture. For example a virus protection looks like this:      FROM: Anybody TO: Anybody WHEN: Always WHAT: Virus ACTION: Block Options range from simple spam and virus filter setups to sophisticated. highly customized configurations blocking certain types of e-mails and generating notifications.com  www.

proxmox. Figure 4-1 Rule: Block Viruses 4.2010 Proxmox Server Solutions GmbH 24  49 .1.1 Default Rules 4.1. Figure 4-2 Rule: Virus Alert © 21.1 Block Viruses This rule blocks all incoming virus e-mail and informs the admin via e-mail notification.com 4.2 Virus Alert This rule blocks all outgoing virus e-mail and informs the admin and sender via e-mail notification.Proxmox Server Solutions GmbH Kohlgasse 51/10  A-1050 Vienna  office@proxmox.com  www.05.

com.com 4.1.1.3 Block Dangerous Files This rule removes dangerous attachments from incoming e-mails (. Figure 4-4 Rule: Mark Spam © 21.4 Mark Spam This rule identifies spam and modifies the spam level and the e-mail subject..2010 Proxmox Server Solutions GmbH 25  49 .com  www.05.proxmox.Proxmox Server Solutions GmbH Kohlgasse 51/10  A-1050 Vienna  office@proxmox.vbs.. …) Figure 4-3 Rule: Block Dangerous Files 4.bat.

Figure 4-5 Add “Quarantine” action to rule “Mark Spam” 4. 81) 3.2 Custom Rules Proxmox provides samples for custom rules to show the functionality. Use the existing (inactive) rule “Spam Quarantine” and set higher priority than the “Mark Spam” rule (e.2 Enable Spam quarantine for just a selection of users If you want to use the spam quarantine for specific users or a specific domain (and for the rest just “Mark Spam”).proxmox. 4. Create a new WHO object. create a new WHO object containing these users or domains. For support or help configuring rules see the Proxmox support forum at: http://www. 1.com  www. give a name like “Quarantine Users” and add the users or domains to this object 2.05.2.com 4.2.g.proxmox.Proxmox Server Solutions GmbH Kohlgasse 51/10  A-1050 Vienna  office@proxmox. Add the WHO object “Quarantine Users” 4.1 Enable Spam and Virus quarantine Activate or change the Spam and/or Virus rule with the existing action object “Quarantine”.com/forum/ or contact a Proxmox partner.2010 Proxmox Server Solutions GmbH 26  49 . Activate the rule © 21.

3 Enable Spam quarantine for existing LDAP users If you want to use the spam quarantine only for existing internal e-mail addresses.com Figure 4-6 Enable Spam quarantine for just a selection of users 4.g.Proxmox Server Solutions GmbH Kohlgasse 51/10  A-1050 Vienna  office@proxmox. 1. Use the existing (inactive) rule “Spam Quarantine” and set higher priority than the “Mark Spam” rule (e.proxmox. Add the WHO object “Existing LDAP address” 4.05. you can use the LDAP query “Existing LDAP”. Create a new WHO object.2. Activate the rule Figure 4-7 Create WHO object “Existing LDAP address” © 21. 81) 3. give a name like “Existing LDAP address” and add the LDAP group “Existing LDAP address” 2.com  www.2010 Proxmox Server Solutions GmbH 27  49 .

05.2010 Proxmox Server Solutions GmbH 28  49 .proxmox.com  www.Proxmox Server Solutions GmbH Kohlgasse 51/10  A-1050 Vienna  office@proxmox.com Figure 4-8 Enable Spam quarantine for existing LDAP addresses © 21.

05.com 4. Set Priority to 81 (higher than the “Mark Spam” rule!.Proxmox Server Solutions GmbH Kohlgasse 51/10  A-1050 Vienna  office@proxmox. With this additional rule. Create a new “What Object”.2010 Proxmox Server Solutions GmbH 29  49 . 3. “Delete Spamlevel 10”. give a name.4 Block Spam e-mails with a score higher 10 The default setting marks Spam with a score higher 5 and delivers the e-mail to the user. e. 6. 2. give a name. 4.proxmox.com  www. “Spam Level 10” Figure 4-9 Add “Spam Filter” to the Object Figure 4-10 Set the Set Spam Filter to Level 10 Figure 4-11 Add new Rule.2.g. 8. set Direction to “In” Figure 4-12 Add What Object “Spam Level 10” to the rule Figure 4-13 Add Action Object “Block” to the rule Figure 4-14 Final review (still inactive) Figure 4-15 Activate rule Figure 4-16 Figure 4-9 Add new What Object © 21. 5. 7. you can block Spam with a score higher 10 to reduce the delivery of spam e-mails to the user.g. 1. e.

com  www.05.com Figure 4-10 Add Spam Filter to a What Object Figure 4-11 Set Spam Filter to Level 10 © 21.proxmox.Proxmox Server Solutions GmbH Kohlgasse 51/10  A-1050 Vienna  office@proxmox.2010 Proxmox Server Solutions GmbH 30  49 .

proxmox.com Figure 4-12 Add new Rule Figure 4-13 Add What Object to a Rule © 21.05.com  www.2010 Proxmox Server Solutions GmbH 31  49 .Proxmox Server Solutions GmbH Kohlgasse 51/10  A-1050 Vienna  office@proxmox.

com Figure 4-14 Add Action Object to a Rule Figure 4-15 Final Review of Rule (still inactive) © 21.2010 Proxmox Server Solutions GmbH 32  49 .05.Proxmox Server Solutions GmbH Kohlgasse 51/10  A-1050 Vienna  office@proxmox.com  www.proxmox.

Click on an already existing rule or create a new one 4.5 BCC object – An simple archive solution If you need to archive e-mails it’s useful to send a copy to a special mailbox. Right click the folder an check the e-mail address (or change it. Under “Receiver”.com Figure 4-16 Activate Rule 4.6 Block Video and Audio Attachments 1.2. Optional: Set age limit: select “Limits” and set the age limit to 90 days (all messages older than 90 days will be automatically deleted) 4.proxmox. type the e-mail address of the public folder/Mailbox 3.Proxmox Server Solutions GmbH Kohlgasse 51/10  A-1050 Vienna  office@proxmox. Exchange creates the e-mail address 4. If you have Microsoft Exchange. e. "Mail enable" the public folder via Exchange system manager – right click an select “Mail Enable” 3. Create a new rule. define direction and set priority 2.05.g. Set appropriate client permission (note: anonymous must have the right to create items) 6. if you want).com  www. Create a public folder in Exchange (Exchange System Manager or via Outlook) 2. “Block Multimedia Files”. remember e-mail address 5. 1.2010 Proxmox Server Solutions GmbH 33  49 . Wait a few minutes. Add Action Object “BCC to Archive Public folder or Mailbox” to the rule How to create a Mail Enable Public Folder under Exchange 2000/2003? 1. Add What Object “Multimedia” to the rule © 21. you can also send a copy to a mail enabled public folder. name it “BCC to Archive Public folder or Mailbox” 2.2. Create an Action Object: “Add BCC Object”.

then click save. Final review (still inactive) 5.7 Add Admin Notification to Rules If you block mails it’s useful to inform the Proxmox Admin. 1. Add the WHAT “Spam” to the rule 7. it should be member of the Unknown LDAP group. “Unknown LDAP”. © 21. 1. If you type a valid e-mail address.2.2. Add Action Object “Block” to the rule 4. If you type an unknown e-mail address.com 3. Click on the desired rule 2. e. e. set direction to “in” 5. give a name.2010 Proxmox Server Solutions GmbH 34  49 . Add the WHO object “Unknown LDAP” from above to the rule (as “to”) 6. Add the “notify Admin” action to the rule 4. give a name. just add a notify to see results – be careful with block action) 8.8 Preventing directory harvesting attacks with LDAP object The LDAP group object “Unknown LDAP address” can be used to prevent directory harvesting attacks. “Unknown LDAP” 2. set priority to 85 (higher than the “Mark Spam” rule. Add an “LDAP Group” to the Object. Activate the rule Note: Add always the “Spam” object – because most directory attacks are also spam. Final review (still inactive) 9.proxmox. Add new rule. Create a new “WHO Object”.05. Now you can test your object against e-mail addresses. So you just block attacks from spammers and you still are able to send NDR to people just mistyping an e-mail address.Proxmox Server Solutions GmbH Kohlgasse 51/10  A-1050 Vienna  office@proxmox. select “Any profile” and “Unknown LDAP Address”. The Mail Gateway can check incoming e-mail addresses against valid e-mail addresses in your organization. 3.g.com  www.g. it should not be member. Activate the rule 4. 4. Add the ACTION object “block” (for testing.

e.g. set priority to 70. you do not want to block these funny things for everybody.com  www. give a name. click save  Add the WHO object “Staff” from above to the rule (as “to”)  Add the WHAT “Multimedia” to the rule  Add the ACTION object “Remove Attachments”  Final review (still inactive)  Activate the rule Note: Removed attachments from e-mails are replaced with a text file.Proxmox Server Solutions GmbH Kohlgasse 51/10  A-1050 Vienna  office@proxmox.proxmox.2010 Proxmox Server Solutions GmbH 35  49 . We assume you have a LDAP group called “Staff”. click save. Most people like sending joke videos and audio files via e-mail – this grows up your users mailboxes. “Block Multimedia for Staff”.2. © 21. select “your LDAP Profile” and select “Staff” from the dropdown menu.  Now you can test your object against e-mail addresses  Add new rule.com Figure 4-17 Unknown LDAP address rule 4. set direction to “in”. give a name.05.  Create a new “WHO Object”. On the other side. e.9 Block Video and Audio Attachments for LDAP Groups The LDAP groups can be used to apply special settings to groups. “Staff”  Add “LDAP Group” to the Object.g.

2010 Proxmox Server Solutions GmbH 36  49 .com Figure 4-18 Block video and Audio attachment for LDAP group “Staff” © 21.com  www.05.Proxmox Server Solutions GmbH Kohlgasse 51/10  A-1050 Vienna  office@proxmox.proxmox.

Special considerations where taken to make management as easy as possible. Configuration and data is synchronized to all cluster nodes over a VPN tunnel.05. Complete Cluster setup is done within minutes. Figure 5-1 Proxmox HA Cluster with load balanced MX records © 21. Configuration is done on the master. This provides the following advantages:     centralized configuration management fully redundant data storage high availability high performance Proxmox uses a unique application level clustering scheme. and nodes automatically reintegrate after temporary failures without any operator interaction. which provides extremely good performance.failures in email systems are just not acceptable.com 5 Proxmox HA Cluster – High availability We are living in a world where e-mail becomes more and more important .com  www.Proxmox Server Solutions GmbH Kohlgasse 51/10  A-1050 Vienna  office@proxmox.proxmox.2010 Proxmox Server Solutions GmbH 37  49 . The Proxmox HA Cluster consists of a master and several nodes (minimum one node). To meet these requirements we developed the Proxmox HA (High Availability) Cluster.

com  www.proxmox.example.2010 Proxmox Server Solutions GmbH 38  49 .com 5. each having its own IP address (the rest of the setting should be more or less equal. Many e-mail systems nowadays reject mails from hosts without valid PTR records. This is all you need. We recommend adding reverse lookup entries (PTR records) for those hosts.com and mail2. you can use backup/restore to copy the rules).05. You need to have 2 working Proxmox Mail Gateways (mail1.example. If one host fails the other is used.com). You have to define two MX records with the same priority. You will receive mails on both hosts. Figure 5-2 Load balancing via MX Records © 21.e. more or less load-balanced (round-robin scheduling).Proxmox Server Solutions GmbH Kohlgasse 51/10  A-1050 Vienna  office@proxmox. i.1 Load Balancing with MX Records It’s quite simple to set up a high performance load balanced mail cluster using MX records.

© 21. but multiple address records: Figure 5-3 Load balancing Multiple Address Records 5. It is also possible to use one MX record per domain.2010 Proxmox Server Solutions GmbH 39  49 .Proxmox Server Solutions GmbH Kohlgasse 51/10  A-1050 Vienna  office@proxmox.com 5.2 Multiple Address Records Using several DNS MX record is sometime clumsy if you have many domains.proxmox. See your firewall manual for more details.3 Using third party Firewall features Many firewalls can do some kind of RR-Scheduling (round-robin) when using DNAT.com  www.05.

2010 Proxmox Server Solutions GmbH 40  49 .3 and later supports VMware™ para-virtualization (Kernel 2.1 Physical Hardware See http://www. Hardware Raid with battery backup and cache enabled Two Quad Core Xeon (5xxx) 4 GB ECC 6.2 Proxmox VE (http://pve.3 VMware™ Proxmox runs perfectly under VMware™.com) The Mail Gateway is available as a certified Virtual Appliance for Proxmox VE. OpenVZ and Proxmox VE.1 Certified Hardware The latest certified hardware list is published on http://www.com) VMware™ OpenVZ Also known to work (Intel VT or AMD-V needed):       Virtualbox XEN (Full virtualized) Citrix XenServer (Full virtualized) Parallels Server Virtualbox Hyper-V For best performance please use physical hardware or OS virtualization like Proxmox VE (OpenVZ). Alternative. Proxmox can be run under VMware™.proxmox.Proxmox Server Solutions GmbH Kohlgasse 51/10  A-1050 Vienna  office@proxmox.27) and we deliver a prebuilt VMware Tools package for installation (already included in the Appliance). 6. optimized for the VMware™ Host.com 6 Hardware selection and Virtualization Proxmox always needs a dedicated PC or server hardware.1.proxmox.com  www.000rpm).proxmox. Installation from the ISO-Image is also fully supported and gives the possibility for custom settings. For all details see http://pve.com. 6.05.proxmox. Proxmox delivers prebuilt Virtual Appliances for:    Proxmox VE (http://pve. Proxmox 2.com for certified hardware. For quick deployment Proxmox delivers a ready to run. preconfigured and certified Virtual Appliance.proxmox.6. © 21.com/wiki/Proxmox_Mail_Gateway 6. For maximum performance we recommend: Hard disks CPU RAM SAS Disk (15.proxmox.

1. While memory overcommit is possible.com  www. A VMware™ host can swap memory between guests and if configured.proxmox.1.3 Enable VMI Paravirtualization Figure 6-1 Enable VMI Paravirtualization for Proxmox Mail Gateway on ESX © 21.1.2 VMware Tools Proxmox precompiles the VMware Tools components for easy installation. 6. This leads to very poor performance.1. Please visit the support forum for detailed instructions and downloads.1.3.1 Settings for VMware™ ESX. the host can show more physical memory to the guest as available by swapping to disks. 6.1.3.2010 Proxmox Server Solutions GmbH 41  49 . For more details see VMware documentation on http://www. ESXi and vSphere Proxmox dynamically adapts the number of processes referring to the given memory to maximize performance.3.com/forum/.1 RAM settings The minimum memory for running Proxmox Mail Gateway is 512 MB RAM.1.proxmox. http://www.3.3.vmware.com 6. This means. for optimal operation you should never assign more memory to virtual machines than is available on the host. if Proxmox runs on a machine with 1 GB memory it uses 1 GB of memory.com.05. 6.1 Settings for the Proxmox Mail Gateway Virtual Machine 6.Proxmox Server Solutions GmbH Kohlgasse 51/10  A-1050 Vienna  office@proxmox.

3. © 21. 6.com  www. they have the best possible performance.2010 Proxmox Server Solutions GmbH 42  49 .1.com 6. For more details see VMware documentation on http://www.2 Settings for a VMware™ Server 2 Proxmox dynamically adapts the number of processes referring to the given memory to maximize performance.05. Because the virtual machines are running entirely in RAM.1 Host memory settings Always choose this option: “Fit all virtual machine memory into reserved host RAM” Strictly apply the reserved memory limit set in the top of the panel.2. A VMware™ host can swap memory between guests and if configured. for optimal operation you should never assign more memory to virtual machines than is available on the host.proxmox.vmware.3. While memory overcommit is possible.com.4 Enable time synchronization Figure 6-2 Enable time synchronization on ESX/ESXi 6.1. the host can show more physical memory to the guest as available by swapping to disks. This leads to very poor performance. This means. This setting imposes the tightest restrictions on the number and memory size of virtual machines that can run at a given time.3. if Proxmox runs on a machine with 1 GB memory it uses 1 GB of memory.Proxmox Server Solutions GmbH Kohlgasse 51/10  A-1050 Vienna  office@proxmox.

2.2. 6.2010 Proxmox Server Solutions GmbH 43  49 . Please visit the support forum for detailed instructions and downloads.com  www.3. 6.3.3.com Figure 6-3 Memory settings for VMware Server 2 Host 6.proxmox.3 Enable VMI Paravirtualization © 21.1 RAM settings The minimum memory for running Proxmox Mail Gateway is 512 MB RAM.com/forum/.2.2 Settings for Proxmox Mail Gateway Virtual Machine 6.05.2.2. http://www.2.2 VMware Tools Proxmox precompiles the VMware Tools components for easy installation.3.Proxmox Server Solutions GmbH Kohlgasse 51/10  A-1050 Vienna  office@proxmox.2.proxmox.

4 Enable time synchronization © 21.com  www.Proxmox Server Solutions GmbH Kohlgasse 51/10  A-1050 Vienna  office@proxmox.com Figure 6-4 Enable VMI Paravirtualization for Proxmox Mail Gateway 6.05.2.2.proxmox.3.2010 Proxmox Server Solutions GmbH 44  49 .

4 OpenVZ OpenVZ is an Open Source Operating System-level server virtualization solution. For running Proxmox on OpenVZ. Proxmox runs on OpenVZ quite as fast as on physical hardware with all advantages from virtualization. Main advantage from Operating System-level server virtualization is minimum overhead which leads to maximum performance.com Figure 6-5 Enable time synchronization on VMware Server 2 Host 6.com  www.proxmox.proxmox.Proxmox Server Solutions GmbH Kohlgasse 51/10  A-1050 Vienna  office@proxmox. built on Linux. we launched a wiki page on: © 21.com).org/.05. OpenVZ is also used in Proxmox VE (http://pve. please visit http://openvz.2010 Proxmox Server Solutions GmbH 45  49 . For details about OpenVZ. OpenVZ supports online migration from a running Proxmox from one hardware node to another without downtime.

com http://wiki.openvz.openvz.Proxmox Server Solutions GmbH Kohlgasse 51/10  A-1050 Vienna  office@proxmox.proxmox.org/Proxmox_Mail_Gateway_in_VE For online backups of a running OpenVZ.2010 Proxmox Server Solutions GmbH 46  49 . we developed vzdump: http://wiki.com  www.05.org/Backup_of_a_running_VE_with_vzdump © 21.

com © 21.2010 Proxmox Server Solutions GmbH 47  49 .com 7 Troubleshooting and technical support Use the moderated Proxmox support forum or contact a Proxmox partner for their support offerings.05.proxmox. All information: http://www.proxmox.com Email support: support@proxmox.com  www.Proxmox Server Solutions GmbH Kohlgasse 51/10  A-1050 Vienna  office@proxmox.

.......................31 4-14 Add Action Object to a Rule .........................................................42 6-3 Memory settings for VMware Server 2 Host .............18 3-7 Exchange 2003: Filter recipients 2 ....44 6-5 Enable time synchronization on VMware Server 2 Host ................................................................................................com 8 Table of figures Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure Figure 2-1 System without Proxmox Mail Gateway ..............................10 2-9 Multiple e-mail servers ...............................................................................................................................12 3-2 Mail proxy whitelist ....................................................................... 8 2-6 Incoming alternative port settings (port 26) ......................37 5-2 Load balancing via MX Records...........................................................................................................20 3-9 Exchange 2003: Filter recipients 4 ........................................20 3-10 Exchange 2007 SP1: Install Anti-Spam agent ........................................................................................................................................................................................ 9 2-8 Proxmox in DMZ ................................2010 Proxmox Server Solutions GmbH 48  49 ....45 © 21.11 3-1 Use local DNS Cache ...19 3-8 Exchange 2003: Filter recipients 3 ..................................30 4-11 Set Spam Filter to Level 10 ....25 4-5 Add “Quarantine” action to rule “Mark Spam” ................................................................................proxmox...........13 3-3 Enable RBL checks .........24 4-2 Rule: Virus Alert ...............16 3-5 Enable Verify Receivers ..........43 6-4 Enable VMI Paravirtualization for Proxmox Mail Gateway .............. 6 2-3 Outgoing with Proxmox Mail Gateway ......................................29 4-10 Add Spam Filter to a What Object ...27 4-7 Create WHO object “Existing LDAP address” ...........................41 6-2 Enable time synchronization on ESX/ESXi ..................org .................................................................................................................32 4-16 Activate Rule .............................35 4-18 Block video and Audio attachment for LDAP group “Staff” ....................32 4-15 Final Review of Rule (still inactive) ...............................05...........................................................................................................................................................................................................................................................21 3-11 Exchange 2007 SP1: Filter recipients 1....................26 4-6 Enable Spam quarantine for just a selection of users ..31 4-13 Add What Object to a Rule ...................................38 5-3 Load balancing Multiple Address Records ................................ 8 2-5 Outgoing default port settings (port 26) ......................Proxmox Server Solutions GmbH Kohlgasse 51/10  A-1050 Vienna  office@proxmox..............................................................................................org and Dsbl..............................................14 3-4 Enable local RLB cache – Spamhaus..................... 9 2-7 Outgoing alternative port settings (port 25) ...........36 5-1 Proxmox HA Cluster with load balanced MX records .................................................................25 4-4 Rule: Mark Spam .............................17 3-6 Exchange 2003: Filter recipients 1 ..............33 4-17 Unknown LDAP address rule........................................22 4-1 Rule: Block Viruses ............................................... 7 2-4 Incoming default port settings (port 25) .................................com  www..........................................................................24 4-3 Rule: Block Dangerous Files .... 6 2-2 Incoming e-mail with Proxmox Mail Gateway......27 4-8 Enable Spam quarantine for existing LDAP addresses ..........28 4-9 Add new What Object ...30 4-12 Add new Rule ............................................................................................39 6-1 Enable VMI Paravirtualization for Proxmox Mail Gateway on ESX .................21 3-12 Exchange 2007 SP1: Filter recipients 2................................

com .proxmox.com  www.Proxmox Server Solutions GmbH Kohlgasse 51/10  A-1050 Vienna  office@proxmox.com 9 Appendix Reference document: Mail Gateway AdminGuide You can download the latest version from www.proxmox.05.2010 Proxmox Server Solutions GmbH 49  49 .End of document - © 21.

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->