]>
Commit | Line | Data |
---|---|---|
5c735ebd DM |
1 | Planning for Deployment |
2 | ======================= | |
3 | ||
4 | Easy integration into existing e-mail server architecture | |
5 | --------------------------------------------------------- | |
6 | ||
7 | In this sample configuration, your e-mail traffic (SMTP) arrives on | |
8 | the firewall and will be directly forwarded to your e-mail server. | |
9 | ||
10 | image::images/infrasturcture_without_proxmox_big.jpg[] | |
11 | ||
12 | By using the {pmg}, all your e-mail traffic is forwarded to the | |
13 | Proxmox Mail Gateway, which filters the whole e-mail traffic and | |
14 | removes unwanted e-mails. You can manage incoming and outgoing mail | |
15 | traffic. | |
16 | ||
17 | image::images/infrasturcture_with_proxmox_big.jpg[] | |
18 | ||
19 | ||
20 | Filtering outgoing e-mails | |
21 | -------------------------- | |
22 | ||
23 | Many e-mail filter solutions do not scan outgoing mails. Opposed to | |
24 | that {pmg} is designed to scan both incoming and outgoing | |
25 | e-mails. This has two major advantages: | |
26 | ||
27 | . {pmg} is able to detect viruses sent from an internal host. In many | |
28 | countries you are liable for not sending viruses to other | |
29 | people. {pmg} outgoing e-mail scanning feature is an additional | |
30 | protection to avoid that. | |
31 | ||
32 | . {pmg} can gather statistics about outgoing e-mails too. Statistics | |
33 | about incoming e-mails looks nice, but they are quite | |
34 | useless. Consider two users, user-1 receives 10 e-mails from news | |
35 | portals and wrote 1 e-mail to a person you never heard from. While | |
36 | user-2 receives 5 e-mails from a customer and sent 5 e-mails | |
37 | back. Which user do you consider more active? I am sure its user-2, | |
38 | because he communicates with your customers. {pmg} advanced address | |
39 | statistics can show you this important information. Solution which | |
40 | does not scan outgoing e-mail cannot do that. | |
41 | ||
42 | To enable outgoing e-mail filtering you just need to send all outgoing | |
43 | e-mails through your {png} (usually by specifying Proxmox as | |
44 | "smarthost" on your e-mail server - see | |
45 | xref:mail_server_config[Example mail server configuration]. | |
46 | ||
90facef4 | 47 | [[firewall_settings]] |
5c735ebd DM |
48 | Firewall settings |
49 | ----------------- | |
50 | ||
51 | In order to pass e-mail traffic to the {pmg} you need to allow traffic | |
52 | on the SMTP the port. Our servers use the Network Time Protocol (NTP) | |
53 | for time synchronization, RAZOR, DNS, SSH, HTTP and port 8006 for the web | |
54 | based management interface. | |
55 | ||
56 | [options="header"] | |
57 | |====== | |
58 | |Service |Port |Protocol |From |To | |
59 | |SMTP |25 |TCP |Proxmox |Internet | |
60 | |SMTP |25 |TCP |Internet |Proxmox | |
61 | |SMTP |26 |TCP |Mailserver |Proxmox | |
62 | |NTP |123 |TCP/UDP |Proxmox |Internet | |
63 | |RAZOR |2703 |TCP |Proxmox |Internet | |
64 | |DNS |53 |TCP/UDP |Proxmox |DNS Server | |
65 | |HTTP |80 |TCP |Proxmox |Internet | |
66 | |GUI/API |8006 |TCP |Intranet |Proxmox | |
67 | |====== | |
68 | ||
69 | CAUTION: It is advisable to restrict access to the GUI/API port as far | |
70 | as possible. | |
71 | ||
72 | The outgoing HTTP connection is mainly used by virus pattern updates, | |
73 | and can be configured to use a proxy instead of a direct internet | |
74 | connection. | |
75 | ||
76 | You can use the 'nmap' utility to test your firewall settings (see | |
77 | section xref:nmap[port scans]). | |
78 | ||
79 | ||
80 | [[system_requirements]] | |
81 | System Requirements | |
82 | ------------------- | |
83 | ||
84 | {pmg} needs dedicated server hardware but can also run inside a | |
85 | virtual machine on any of the following plattforms: | |
86 | ||
87 | * Proxmox VE (KVM) | |
88 | ||
89 | * VMWare vSphere™ (open-vm tools are integrated in the ISO) | |
90 | ||
91 | * Hyper-V™ (Hyper-V Linux integration tools are integrated in the ISO) | |
92 | ||
93 | * KVM (virtio drivers are integrated, great performance) | |
94 | ||
95 | * Virtual box™ | |
96 | ||
97 | * Citrix XenServer™ | |
98 | ||
99 | Please see http://www.proxmox.com for details. | |
100 | ||
101 | In order to get a benchmark from your hardware, just run 'pmgperf' | |
102 | after installation. | |
103 | ||
104 | ||
105 | Minimum System Requirements | |
106 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~ | |
107 | ||
108 | * CPU: 64bit (Intel EMT64 or AMD64) | |
109 | ||
110 | * 1 GB RAM | |
111 | ||
112 | * bootable CD-ROM-drive or USB boot support | |
113 | ||
114 | * 1024x768 capable VGA/Monitor for Installer | |
115 | ||
116 | * Hard disk 8 GB - ATA/SATA/SCSI/NVME | |
117 | ||
118 | * Ethernet Network interface card | |
119 | ||
120 | ||
121 | Recommended System Requirements | |
122 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | |
123 | ||
124 | * Multicore CPU: 64bit (Intel EMT64 or AMD64) | |
125 | ||
126 | * 4 GB RAM | |
127 | ||
128 | * bootable CD-ROM-drive or USB boot support | |
129 | ||
130 | * 1024x768 capable VGA/Monitor for Installer | |
131 | ||
132 | * 1 GBps Ethernet Network interface card | |
133 | ||
134 | * Hardware RAID1 or RAID10, Raid Controllers need write cache with | |
135 | batteries backup module for best performance | |
136 | ||
137 | * Enterprise class SSD with power loss protection (e.g. Intel SSD DC | |
138 | 35xx/36xx/37xx) |