Email Gateways Using MDaemon 6.0



Similar documents
Gateways Using MDaemon 6.0 With Dynaworx

Configuring MDaemon for Centralized Spam Blocking and Filtering

Installing GFI MailEssentials

INSTALLATION AND CONFIGURATION GUIDE (THIS DOCUMENT RELATES TO MDAEMON v9.5.0 ONWARDS)

Reliable & Secure . Professional, Dependable, Complete Easy to Learn, Use and Grow

Implementing MDaemon as an Security Gateway to Exchange Server

Installing GFI MailEssentials

Content Filtering With MDaemon 6.0

Configuring Security for SMTP Traffic

Hosted CanIt. Roaring Penguin Software Inc. 26 April 2011

Serial Deployment Quick Start Guide

10 Step 2 System Service Setup. 11 Step 3 RelayFax Server Setup. 11 Step 4 Company Name and CSID String. 12 Step 5 Fax and Voice Number

Guardian Digital Secure Mail Suite Quick Start Guide

Articles Fighting SPAM in Lotus Domino

MDaemon configuration recommendations for dealing with spam related issues

EFFECTIVE SPAM FILTERING WITH MDAEMON

INSTALLATION AND CONFIGURATION GUIDE (THIS DOCUMENT RELATES TO MDAEMON v ONWARDS)

POP3 Connector for Exchange - Configuration

Install and Configure RelayFax

MDaemon Vs. Microsoft Exchange Server 2013 Standard

Installing Policy Patrol with Lotus Domino

Lesson Plans Configuring Exchange Server 2007

ITA Mail Archive Setup Guide

Installing Policy Patrol on a separate machine

Issue 2EN. Nokia and Nokia Connecting People are registered trademarks of Nokia Corporation

Installing GFI MailSecurity

Web Hosting Getting Started Guide

Using WinGate 6 . Concepts, Features, and Configurations.

Core Protection Suite

Small Business Server Part 2

GFI Product Manual. Administration and Configuration Manual

VPOP3 Your post office Getting Started Guide

Releasing blocked in Data Security

Installing GFI MailSecurity

Copyright 2012 Trend Micro Incorporated. All rights reserved.

Installing GFI FAXmaker

PineApp Archive-Secure Quick Installation Guide:

on the RaQ 3. General. server. Services

and Active Directory Adding, Changing and Deleting Accounts, Compiling Addresses for Mail Lists

Experiment # 6 Remote Access Services

Installing the Microsoft Network Driver Interface

GFI MailEssentials 11. Manual. By GFI Software Ltd.

GFI FAXmaker 14.3 for Exchange/Lotus/SMTP. Manual. By GFI Software Ltd

User Guide Online Backup

Features by Version. MDaemon Messaging Server Feature Guide. Alt-N Technologies

Installation Guide For Choic Enterprise Edition

NETWRIX ACCOUNT LOCKOUT EXAMINER

Quick Start Policy Patrol Mail Security 10

Sage HRMS 2014 Sage Employee Self Service Tech Installation Guide for Windows 2003, 2008, and October 2013

NetWrix Account Lockout Examiner Version 4.0 Administrator Guide

Installing GFI MailEssentials

Getting Started Guide. Review system requirements and follow the easy steps in this guide to successfully deploy and test GFI FaxMaker.

Policy Patrol 7 Upgrade Guide

Deployment Guide. For the latest version of this document please go to:

Setting up Microsoft Office 365

Avira Managed Security AMES FAQ.

Solutions IT Ltd Virus and Antispam filtering solutions

Configuration Information

Setting up Microsoft Office 365

MailEnable Scalability White Paper Version 1.2

Firewall, Mail and File server solution

Configuring Your Client: Eudora 5.x

Service Launch Guide (US Customer) SEG Filtering

Configuration Task 3: (Optional) As part of configuration, you can deploy rules. For more information, see "Deploy Inbox Rules" below.

IceWarp Unified Communications. AntiVirus Reference. Version 10.4

Emergic. A Complete Messaging & Security Suite A COMPLETE MESSAGING AND SECURITY SUITE

Configuring Your Client: Outlook Express

Websense Security Transition Guide

F-Secure Messaging Security Gateway. Deployment Guide

Using MailStore to Archive MDaemon

Using ODBC with MDaemon 6.5

Astaro Mail Archiving Getting Started Guide

Aloaha Mail and Archive

Quick Reference Guide: Business Mail

Spam DNA Filtering System

Kerio Connect. Step-by-Step. Kerio Technologies

How To Install Caarcserve Backup Patch Manager (Carcserver) On A Pc Or Mac Or Mac (Or Mac)

Comprehensive Anti-Spam Service

PC Security and Maintenance

Configuring Your Gateman Server

GlobalSCAPE DMZ Gateway, v1. User Guide

Service Overview & Installation Guide

Frequently Asked Questions

Mail Server Scenarios and Configurations

escan SBS 2008 Installation Guide

Introduction. POP and IMAP Servers. MAC1028 June 2007

e- storage Mail Archive

Overview... 1 Requirements Installing Roles and Features Creating SQL Server Database... 9 Setting Security Logins...

Deploying ModusGate with Exchange Server. (Version 4.0+)

NovaNet-WEB Client User s Guide. Version 5.1

MailEnable Quick Start Guide

Sophos for Microsoft SharePoint startup guide

1 Introduction About How GFI FaxMaker works - Sending faxes How GFI FaxMaker works - Receiving faxes 12

Collax Mail Server. Howto. This howto describes the setup of a Collax server as mail server.

Transcription:

Email Gateways Using MDaemon 6.0 Alt-N Technologies, Ltd 1179 Corporate Drive West, #103 Arlington, TX 76006 Tel: (817) 652-0204 2002 Alt-N Technologies. All rights reserved. Product and company names mentioned in this document may be trademarks.

Contents Abstract... 3 Gateways... 4 Real Life Gateways... 4 Digital Gateways... 4 Email Gateways... 5 MDaemon Gateways... 7 MDaemon Gateway Applications... 7 Service to Multiple Domains... 7 Security Front End... 7 Virus and Spam Front End... 7 Low Cost Dial Up Interface... 7 Live Backup... 7 Manual Configuration... 8 Automatic Configuration... 8 Gateway Configuration... 8 Manual Gateway Configuration... 8 Domain Settings... 9 Mail Forwarding... 10 ATRN/ERTN/DomainPOP... 11 Quotas... 14 Automatic Gateway Configuration... 15 Email Gateways 2 Alt-N Technologies

Abstract An email gateway collects, stores and forwards messages to a primary domain server. A gateway typically has no individual accounts. Email gateways can help both large and small enterprises solve some of the problems inherit to Internet email services. For a small organization, a gateway can make a private email domain affordable. This is because a service provider supplies the gateway at a reasonable cost by sharing the hardware and software with other smaller ventures. The primary domains in such cases can have either permanent or dialup connections to the Internet. Larger establishments can employ securityhardened gateways to provide protection and content filtering for their more vulnerable enterprise email systems. Gateways can also be configured to supply automatic realtime mail storage backup when a primary domain goes offline for any reason. One copy of MDaemon can simultaneously operate gateways for dozens of email domains, even while running a primary domain server of its own. Email Gateways 3 Alt-N Technologies

Gateways Real Life Gateways In real life a gateway regulates the flow of people and things. It might be a revolving door, a traffic light, a turnstile or, well, a gate. Gateways serve many purposes. On the street the traffic light increases safety and usually smooths the movement of traffic. The gate at the concert hall slows the inflow of the crowd for the ticket taker. The amusement park gateway limits the number of people who can get on a ride. In theory, gateways may sound like restrictive devices, but in practice, they improve the quality of life. In or out, a gateway regulates clutter. Digital Gateways A gateway in a digital communications network is a machine connected to the Internet or some other large system. The gateway shares its connection with other computers on a local network. It can serve as a buffer between the larger network and the local computers. It can route and limit network traffic in both directions. It might provide security. A gateway can also operate with an optional firewall. The illustration shows a network gateway and firewall at work. Email Gateways 4 Alt-N Technologies

Email Gateways An email gateway is similar to one serving a network. It regulates and routes email for one or more domain servers. For company use, it typically sits on the Internet side of a network and collects messages for internal servers. For a service provider, an email gateway collects messages for multiple customer domains. Except for special uses, the email server does not contain any accounts of its own. For both companies and service providers, the email gateway simply stores incoming messages then forwards them to the specified domain servers using schedules or when polled. Gateways can work with both online and dialup domain servers. Email gateways can also block unsolicited mail or mail violating company policy before it reaches the domain servers. Optionally, a gateway can join forces with a firewall to provide additional security for the email servers on the protected side. Gateways can also serve as realtime backup devices should the primary server fail. The first illustration shows a company email gateway serving multiple domain servers located behind a firewall. The illustration on the next page shows a service provider gateway. The arrow between the email gateway and the Internet represents public messages from any source. The arrows between the gateway and customer servers shows two online and one dialup domain server for customers. Email Gateways 5 Alt-N Technologies

Email Gateways 6 Alt-N Technologies

MDaemon Gateways MDaemon Gateway Applications MDaemon comes with a set of options for configuring, maintaining and operating email gateways. MDaemon gateways can serve multiple applications for corporate and service provider email systems. Service to Multiple Domains One copy of MDaemon can simultaneously serve as a gateway for dozens of email domains. The messages for each domain can be sent to or accessed by only authorized domain servers so the mail is secure. Mail from the gateway can be forwarded to a host or to a single email address. In the first case, forwarding would be similar to conventional relaying between a mail sender and a mail receiver. Forwarding to an email address is typically used for DomainPOP, ETRN and ATRN applications where the email domain server connects to the gateway through a dial up line. Security Front End MDaemon is a secure email server. When deployed as a gateway, it can function as a safe front end for email servers more vulnerable to break in. In a typical application, an MDaemon gateway would sit outside the firewall and collect messages. The messages would pass to the protected domain servers through a single port in the firewall. In this way the more assailable domain servers are protected by the more security-hardened gateway. Virus and Spam Front End MDaemon contains tools for server-side scanning for viruses, spam and policy violations. These tools provide fast performance. By deploying these checks at the gateway level, an enterprise or service provider can reduce or eliminate these problems for the primary email servers. Low Cost Dial Up Interface Sometimes adding dial up functionality to a large corporate email server costs hundreds or thousands to purchase and deploy the hardware and software. Dial up capability comes standard with MDaemon. If the server hardware hosting MDaemon provides access to a modem, the standard gateway can receive calls from or initiate calls to domain servers. This eliminates the need for add-ons. Live Backup An MDaemon gateway can provide dynamic backup for a primary domain server. This backup uses Mail Exchanger (MX) records. It configures the gateway as a lower priority email destination. If the primary domain server fails, the gateway collects and stores all messages until the server goes back online. Email Gateways 7 Alt-N Technologies

Manual Configuration Manual configuration is for setting up the gateway as a relay to one or multiple email domain servers. Each destination can contain customer configuration options. Enterprises and service providers might manually configure a gateway for each of their customers including tailored options. The Gateway Configuration section of this paper provides an overview of the options. Automatic Configuration If gateways are intended to backup multiple domain servers, automatic configuration can save time and work. The primary use of this function is to automatically back up mail delivery for a failed server without having to manually set up the gateway options. Gateway Configuration Gateway configuration is for manually setting up gateways plus defining templates (patterns) for automatic gateway creation. All of the commands are available through the Gateways menu. This menu provides commands for creating, editing and deleting gateways. MDaemon can handle hundreds of gateways. Performance depends on the hardware configuration and the amount of traffic on the network connection. Manual Gateway Configuration Manual configuration requires some knowledge of email processing, but not formal study of information technology. This is consistent with MDaemon s ease of use for amateur administrators as well as for experts. Creating a gateway uses the Gateway Editor dialog. Gateway editing also uses the same dialog. This dialog contains all of the options for configuring a gateway. The options are available in tabs for: Domain settings Mail forwarding ATRN options ETRN options POP or IMAP account setup Quotas for controlling the number of messages or total size of all messages to store. Email Gateways 8 Alt-N Technologies

The domain settings and mail forwarding tabs are most commonly used for setting up gateways for constantly online primary servers. The POP/IMAP, ATRN and ETRN tabs are for dial up primary domain servers. Domain Settings The domain settings apply to every gateway. Items on this tab include controls for : Entering the domain name Setting the mail directory for the domain Extracting and storing attachments Setting the delivery schedule Every gateway should be named for its domain. For example, the gateway for altn.com would be named altn.com. While this may seem to be an obvious policy, it helps keep track of settings, especially for machines hosting multiple gateways. The gateway name also becomes the name of the folder storing the emails, but the administrator can manually change this, for whatever reason. At the domain level, the gateway can strip out all attachments. This is basically used for compatibility with domain server software that disallows attachments. While this option could be used for stopping the spread of viruses by eliminating all attachments, that is not the purpose of extracting attachments. Virus, spam and content filtering should be accomplished using the MDaemon tools designed for these purposes. Email Gateways 9 Alt-N Technologies

Often a gateway waits to send its messages until contacted by the primary domain server. This is especially true when the primary domain server uses a dialup connection. However, the gateway for domain can be set to send out messages at the time all mail is processed. Mail Forwarding Mail forwarding is what gateways do. This tab tells the gateway where to forward the mail. The gateway can forward mail to a primary domain email server or an account. The controls are for: Entering the name of the primary domain server. Entering the name of the forward to account Entering an SMTP from address Setting a port number for sending the messages Determining whether to keep a copy of all forwarded messages The domain server name can be a DNS name such as mail.altn.com or an IP address such as 192.168.1.104. The account name to receiving all mail sent to one email account on the primary domain server; it is mutually exclusive with the domain server name. The SMTP from address is just for an envelope used for forwarding; it does not change the from address the final recipient sees. Email Gateways 10 Alt-N Technologies

The port number is the software port used for sending the messages. By default this is port 25, the industry standard, but can be set to another port. Setting this to another port can provide additional security against snoopers. The receiving primary domain server must be configured to look for mail on the port set here. Most domain servers look for mail on port 25 by default. ATRN/ERTN/DomainPOP The ATRN, ETRN and DomainPOP tabs are for configuring connections with dialup domain servers. All three enable a dialup server to receive its mail from a gateway and send the messages to the correct recipients. A gateway can only use of these methods. Of the three, ATRN is the most recent technology and ETRN is the most widespread. Both ATRN and ETRN are Internet mail standards. DomainPOP is an invention of Alt-N. ATRN and ETRN must be enabled on the primary domain server for these capabilities to work. ATRN/AUTH allows messages to be transferred between MDaemon and a primary domain server on demand. If the primary domain server supports ATRN this is the preferred system to use. It can replace the DomainPOP system. It also overcomes some potential security holes in ETRN. ATRN does not require elaborate configuration or message parsing, as does DomainPOP. It is 100 percent reliable. The ATRN/AUTH tab shows that ATRN is very simple to configure. Email Gateways 11 Alt-N Technologies

It contains controls for: Enabling ATRN Setting the shared secret (password) required for both the gateway and primary domain server Determining if authentication is required for dequeuing Determining if the IP address must be valid to accept authentication ETRN allows two SMTP hosts, a client and a server, to exchange messages on request. This is usually done through a dialup connection. In practice, the client email server contacts a host email server and requests the sending of messages for email accounts on the client. ETRN has some potential security holes, but these can be overcome through IP access management. The ETRN tab contains options for: Enabling ETRN for the gateway Setting an email server to receive the messages Choosing to always send mail to the IP address of the machine requesting the mail Setting a communications port Enabling and disabling connections by IP address Email Gateways 12 Alt-N Technologies

The most secure ETRN connections occur when: The address of the primary domain server is specified. Mail is not spooled to the machine making the request, but always to a specified address. ETRN commands are accepted from only a specified list or range of IP addresses. DomainPOP allows MDaemon to download mail from a remote POP mailbox for redistribution to users. This allows a primary domain server with limited traffic to periodically connect to a service provider to collect mail. It requires the set up and periodic maintenance of email parsing rules. The POP/IMAP dialog allows for setting up an email account with access to the mail in the gateway. This is the account DomainPOP uses when requesting messages from the gateway. Email Gateways 13 Alt-N Technologies

Quotas Quotas set limits on the number of messages or amount of space a gateway can use on a gateway server. If the gateway exceeds the limits, MDaemon accepts no more messages until something is deleted or the quota is increased. This is useful if a mail server has limited disk space or if a service provider charges for disk space usage. The Quotas tab has text boxes for entering the: Maximum number of messages Maximum amount of disk space Email address to notify when quotas are reached From email address for the notification There are also controls for enabling quotas and notification. Email Gateways 14 Alt-N Technologies

Automatic Gateway Configuration Automatic Gateway Configuration is designed for creating a dynamic backup for one or multiple primary domain servers. MDaemon can do this economically with one gateway for each server. A backup gateway is active only if the primary domain server goes offline for any reason. If MDaemon is providing backup for multiple primary servers, setting up the gateways can be time consuming and therefore expensive. To help solve this problem, MDaemon can automatically create backup gateways as they are needed. For secure operation, automatic gateway creation relies partly on Mail Exchanger (MX) records. MX records contain publicly available information for determining the email server address for each domain. Every domain, such as altn.com has an MX record. To allow for dynamic backup of email, MX records can define more than one email server as a delivery destination. The servers are given priorities, which say, in effect, If you cannot deliver the messages here, try there instead. Here is a sample of a partial MX record. The circled numbers mark the delivery priority. The lower the number, the higher the priority. The gateway has a lower priority. When an MDaemon gateway is listed as a lower priority destination, it receives email messages if the primary server becomes unavailable. The gateway collects and keeps all of its incoming email until it can deliver the messages to a primary domain server. The gateway determines the address of the primary server by checking the MX records for the domain. Automatic configuration starts up when the gateway receives an email from an unknown domain. The gateway checks the MX record for the domain. If the record includes the gateway address as one of its email servers, MDaemon automatically creates a gateway for the domain using a template. Because spammers can exploit this feature on a publicly accessible gateway (by adding the gateway address to their MX record) automatic configuration includes an optional manual confirmation. Email Gateways 15 Alt-N Technologies

The Automatic Gateway Creation dialog contains controls for: Enabling automatic gateway creation Limiting gateway creation to remote domains Requiring confirmation before activating a gateway Sending confirmation messages and setting the maximum time to confirm Configuring the gateway to send mail to the mail server with the next highest priority Selecting a template to use for automatic gateway creation Email Gateways 16 Alt-N Technologies

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information