]>
Commit | Line | Data |
---|---|---|
b2d388d4 | 1 | [[chapter_deployment]] |
5c735ebd DM |
2 | Planning for Deployment |
3 | ======================= | |
4 | ||
5 | Easy integration into existing e-mail server architecture | |
6 | --------------------------------------------------------- | |
7 | ||
8 | In this sample configuration, your e-mail traffic (SMTP) arrives on | |
9 | the firewall and will be directly forwarded to your e-mail server. | |
10 | ||
11 | image::images/infrasturcture_without_proxmox_big.jpg[] | |
12 | ||
13 | By using the {pmg}, all your e-mail traffic is forwarded to the | |
14 | Proxmox Mail Gateway, which filters the whole e-mail traffic and | |
15 | removes unwanted e-mails. You can manage incoming and outgoing mail | |
16 | traffic. | |
17 | ||
18 | image::images/infrasturcture_with_proxmox_big.jpg[] | |
19 | ||
20 | ||
21 | Filtering outgoing e-mails | |
22 | -------------------------- | |
23 | ||
24 | Many e-mail filter solutions do not scan outgoing mails. Opposed to | |
25 | that {pmg} is designed to scan both incoming and outgoing | |
26 | e-mails. This has two major advantages: | |
27 | ||
28 | . {pmg} is able to detect viruses sent from an internal host. In many | |
29 | countries you are liable for not sending viruses to other | |
30 | people. {pmg} outgoing e-mail scanning feature is an additional | |
31 | protection to avoid that. | |
32 | ||
33 | . {pmg} can gather statistics about outgoing e-mails too. Statistics | |
34 | about incoming e-mails looks nice, but they are quite | |
35 | useless. Consider two users, user-1 receives 10 e-mails from news | |
36 | portals and wrote 1 e-mail to a person you never heard from. While | |
37 | user-2 receives 5 e-mails from a customer and sent 5 e-mails | |
38 | back. Which user do you consider more active? I am sure its user-2, | |
39 | because he communicates with your customers. {pmg} advanced address | |
40 | statistics can show you this important information. Solution which | |
41 | does not scan outgoing e-mail cannot do that. | |
42 | ||
43 | To enable outgoing e-mail filtering you just need to send all outgoing | |
44 | e-mails through your {png} (usually by specifying Proxmox as | |
45 | "smarthost" on your e-mail server - see | |
46 | xref:mail_server_config[Example mail server configuration]. | |
47 | ||
90facef4 | 48 | [[firewall_settings]] |
5c735ebd DM |
49 | Firewall settings |
50 | ----------------- | |
51 | ||
52 | In order to pass e-mail traffic to the {pmg} you need to allow traffic | |
53 | on the SMTP the port. Our servers use the Network Time Protocol (NTP) | |
54 | for time synchronization, RAZOR, DNS, SSH, HTTP and port 8006 for the web | |
55 | based management interface. | |
56 | ||
57 | [options="header"] | |
58 | |====== | |
59 | |Service |Port |Protocol |From |To | |
60 | |SMTP |25 |TCP |Proxmox |Internet | |
61 | |SMTP |25 |TCP |Internet |Proxmox | |
62 | |SMTP |26 |TCP |Mailserver |Proxmox | |
63 | |NTP |123 |TCP/UDP |Proxmox |Internet | |
64 | |RAZOR |2703 |TCP |Proxmox |Internet | |
65 | |DNS |53 |TCP/UDP |Proxmox |DNS Server | |
66 | |HTTP |80 |TCP |Proxmox |Internet | |
67 | |GUI/API |8006 |TCP |Intranet |Proxmox | |
68 | |====== | |
69 | ||
70 | CAUTION: It is advisable to restrict access to the GUI/API port as far | |
71 | as possible. | |
72 | ||
73 | The outgoing HTTP connection is mainly used by virus pattern updates, | |
74 | and can be configured to use a proxy instead of a direct internet | |
75 | connection. | |
76 | ||
77 | You can use the 'nmap' utility to test your firewall settings (see | |
78 | section xref:nmap[port scans]). | |
79 | ||
80 | ||
81 | [[system_requirements]] | |
82 | System Requirements | |
83 | ------------------- | |
84 | ||
85 | {pmg} needs dedicated server hardware but can also run inside a | |
86 | virtual machine on any of the following plattforms: | |
87 | ||
88 | * Proxmox VE (KVM) | |
89 | ||
90 | * VMWare vSphere™ (open-vm tools are integrated in the ISO) | |
91 | ||
92 | * Hyper-V™ (Hyper-V Linux integration tools are integrated in the ISO) | |
93 | ||
94 | * KVM (virtio drivers are integrated, great performance) | |
95 | ||
96 | * Virtual box™ | |
97 | ||
98 | * Citrix XenServer™ | |
99 | ||
100 | Please see http://www.proxmox.com for details. | |
101 | ||
102 | In order to get a benchmark from your hardware, just run 'pmgperf' | |
103 | after installation. | |
104 | ||
105 | ||
106 | Minimum System Requirements | |
107 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~ | |
108 | ||
109 | * CPU: 64bit (Intel EMT64 or AMD64) | |
110 | ||
0527a7a5 | 111 | * 2 GB RAM |
5c735ebd DM |
112 | |
113 | * bootable CD-ROM-drive or USB boot support | |
114 | ||
115 | * 1024x768 capable VGA/Monitor for Installer | |
116 | ||
117 | * Hard disk 8 GB - ATA/SATA/SCSI/NVME | |
118 | ||
119 | * Ethernet Network interface card | |
120 | ||
121 | ||
122 | Recommended System Requirements | |
123 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | |
124 | ||
125 | * Multicore CPU: 64bit (Intel EMT64 or AMD64) | |
126 | ||
127 | * 4 GB RAM | |
128 | ||
129 | * bootable CD-ROM-drive or USB boot support | |
130 | ||
131 | * 1024x768 capable VGA/Monitor for Installer | |
132 | ||
133 | * 1 GBps Ethernet Network interface card | |
134 | ||
135 | * Hardware RAID1 or RAID10, Raid Controllers need write cache with | |
136 | batteries backup module for best performance | |
137 | ||
138 | * Enterprise class SSD with power loss protection (e.g. Intel SSD DC | |
139 | 35xx/36xx/37xx) |