]>
Commit | Line | Data |
---|---|---|
410dc2c9 DM |
1 | Introduction |
2 | ============ | |
3 | ||
6cb534d7 DM |
4 | What is {pmg}? |
5 | -------------- | |
6 | ||
7 | E-mail security begins at the gateway by controlling all incoming and | |
8 | outgoing e-mail messages. {pmg} addresses the full spectrum of | |
9 | unwanted e-mail traffic, focusing spam and virus detection. {pmg} | |
10 | provides a powerful and affordable server solution to eliminate spam, | |
11 | viruses and blocking undesirable content from your e-mail system. All | |
12 | products are self-installing and can be used without deep knowledge of | |
13 | Linux. | |
14 | ||
15 | image::images/Proxmox-Mailprocessing.png[] | |
b8c7b823 | 16 | |
fc9071c3 DM |
17 | Features |
18 | -------- | |
19 | ||
20 | Spam detection | |
21 | ~~~~~~~~~~~~~~ | |
22 | ||
23 | {pmg} uses a wide variety of local and network tests to identify spam | |
24 | mail. Here is a short list of used filtering methods: | |
25 | ||
26 | Receiver Verification:: | |
27 | ||
28 | Many of the junk messages reaching your network are emails to | |
29 | non-existent useres. Proxmox Mail Gateway detects these emails on SMTP | |
30 | level, which means before they are transferred to your networks. This | |
31 | reduces the traffic to be analyzed for spam and viruses up to 90% and | |
32 | reduces the working load on your mail servers and scanners. | |
33 | ||
34 | Sender policy framework (SPF):: | |
35 | ||
36 | Sender Policy Framework (SPF) is an open standard for validating | |
37 | emails and to prevent sender IP address forgery. SPF allows the | |
38 | administrator of an Internet domain to specify which computers are | |
39 | authorized to send emails with a given domain by creating a specific | |
40 | SPF record in the Domain Name System (DNS). | |
41 | ||
42 | DNS-based Blackhole List:: | |
43 | ||
44 | A DNS-based Blackhole List (DNSBL) is a means by which an Internet | |
45 | site may publish a list of IP addresses, in a format which can be | |
46 | easily queried by computer programs on the internet. The technology is | |
47 | built on top of the Domain Name System. DNSBLs are used to publish | |
48 | lists of addresses linked to spamming. | |
49 | ||
50 | SMTP Whitelist:: | |
51 | ||
52 | Exclude senders from SMTP blocking. To prevent all SMTP checks | |
53 | (Greylisting, Receiver Verification, SPF and RBL) and accept all | |
54 | e-mails for the analysis in the filter rule system, you can add the | |
55 | following to this list: Domains (Sender/Receiver), Mail address | |
56 | (Sender/Receiver), Regular Expression (Sender/Receiver), IP address | |
57 | (Sender), IP network (Sender) | |
58 | ||
59 | Bayesian Filter - Automatically trained statistical filters:: | |
60 | ||
61 | Some particular words have a higher probability of occurring in spam | |
62 | emails rather than in legitimate emails. By beeing trained to | |
63 | recognize those words, the Bayesian checks every email and adjusts the | |
64 | probabilities of it beeing a spam word or not in its database. This is | |
65 | done automatically. | |
66 | ||
67 | Black- and Whitelists:: | |
68 | ||
69 | Black- and Whitelists are an access control mechanism to accept, | |
70 | block, or quarantine emails to recipients. This allows you to tune the | |
71 | rule-system by applying different objects like domains, email address, | |
72 | regular expression, IP Network, LDAP Group, and others. | |
73 | ||
74 | Autolearning algorithm:: | |
75 | ||
76 | Proxmox Mail Gateway gathers statistical information about spam | |
77 | emails. This information is used by an autolearning algorithm, so the | |
78 | system becomes smarter over time. | |
79 | ||
80 | Spam Uri Realtime BlockList (SURBL):: | |
81 | ||
82 | SURBLs are used to detect spam based on message body URIs (usually web | |
83 | sites). This makes them different from most other Real-time | |
84 | Blocklists, because SURBLs are not used to block spam senders. SURBLs | |
85 | allow you to block messages that have spam hosts which are mentioned | |
86 | in message bodies. | |
87 | ||
88 | Greylisting:: | |
89 | ||
90 | Greylisting an email from a sender your system does not recognize, | |
91 | means, that it will be temporarily rejected. Since temporary failures | |
92 | are built into the RFC specifications for mail delivery, a legitimate | |
93 | server will try to resend the email later on. This is an effective | |
94 | method because spammers do not queue and reattempt mail delivery as is | |
95 | normal for a regular Mail Transport Agent. | |
96 | + | |
97 | Greylisting can reduce e-mail traffic up to 50%. A greylisted email | |
98 | never reaches your mail server and thus your mail server will not send | |
99 | useless "Non Delivery Reports" to spammers. | |
100 | ||
101 | ||
102 | Virus detection | |
103 | ~~~~~~~~~~~~~~~ | |
104 | ||
105 | {pmg} integrates {clamav}, which is an open-source (GPL) antivirus | |
106 | engine designed for detecting trojans, viruses, malware and other | |
107 | malicious threats. | |
108 | ||
109 | It provides a high performance mutli-threaded scanning daemon, command | |
110 | line utilities for on demand file scanning, and an intelligent tool | |
111 | for automatic signature updates. | |
112 | ||
113 | ||
86986abc DM |
114 | Object-Oriented Rule System |
115 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~ | |
116 | ||
117 | The object-oriented rule system enables custom rules for your | |
118 | domains. It’s an easy but very powerful way to define filter rules by | |
119 | user, domains, time frame, content type and resulting action. {pmg} | |
120 | offers a lot of powerful objects to configure your own custom system. | |
121 | ||
122 | ACTIONS - objects:: | |
123 | ||
124 | Defines the final actions. | |
125 | ||
126 | WHO - objects:: | |
127 | ||
128 | Who is the sender or receiver of the e-mail? | |
129 | ||
130 | WHAT - objects:: | |
131 | ||
132 | What is in the e-mail? | |
133 | ||
134 | WHEN - objects:: | |
135 | ||
136 | When is the e-mail received by Proxmox Mail Gateway? | |
137 | ||
138 | Every rule has five categories FROM, TO, WHEN, WHAT and ACTION. Every | |
139 | of these categories can contain several objects and a direction (in, | |
140 | out or both). | |
141 | ||
142 | Options range from simple spam and virus filter setups to | |
143 | sophisticated, highly customized configurations blocking certain types | |
144 | of e-mails and generating notifications. | |
145 | ||
146 | ||
fc9071c3 DM |
147 | Tracking and Logging |
148 | ~~~~~~~~~~~~~~~~~~~~ | |
149 | ||
150 | The innovative Proxmox Message Tracking Center tracks and summarizes | |
151 | all available logs. With the web-based and user friendly management | |
152 | interface, the IT admins can easily overview and controll all | |
153 | functions from a single screen. | |
154 | ||
155 | The Message Tracking Center is very fast and powerful, tested on {pmg} | |
156 | sites processing over a million emails per day. All different log | |
157 | files from the last 7 days can be queried and the results are | |
158 | summarized by an intelligent algorithm. | |
159 | ||
160 | - Arrival of the email | |
161 | - Proxmox filtering processing with results | |
162 | - Internal queue to your email server | |
163 | - Status of final delivery | |
164 | ||
165 | ||
2350185a DM |
166 | High Availability with Proxmox HA Cluster |
167 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | |
168 | ||
169 | To provide a 100% secure email system for your business, we developed | |
170 | Proxmox High Availability (HA) Cluster. The Proxmox HA Cluster uses a | |
171 | unique application level clustering scheme, which provides extremely | |
172 | good performance. Fast set-up within minutes and a simple, intuitive | |
173 | management keep resource needs low. After temporary failures, nodes | |
174 | automatically reintegrate without any operator interaction. | |
175 | ||
176 | ||
b8c7b823 DM |
177 | Your benefit with {pmg} |
178 | ----------------------- | |
179 | ||
180 | * Open source software | |
181 | * No vendor lock-in | |
182 | * Linux kernel | |
183 | * Fast installation and easy-to-use | |
184 | * Web-based management interface | |
185 | * REST API | |
186 | * Huge active community | |
187 | * Low administration costs and simple deployment | |
188 | ||
189 | ||
190 | include::getting-help.adoc[] |