pmg-intro.adoc

   1 Introduction
   2 ============
   3
   4 What is {pmg}?
   5 --------------
   6
   7 E-mail security begins at the gateway by controlling all incoming and
   8 outgoing e-mail messages. {pmg} addresses the full spectrum of
   9 unwanted e-mail traffic, focusing spam and virus detection. {pmg}
  10 provides a powerful and affordable server solution to eliminate spam,
  11 viruses and blocking undesirable content from your e-mail system. All
  12 products are self-installing and can be used without deep knowledge of
  13 Linux.
  14
  15 image::images/Proxmox_Mail_Gateway_Mailprocessing_final_1024.png[]
  16
  17 Features
  18 --------
  19
  20 Spam detection
  21 ~~~~~~~~~~~~~~
  22
  23 {pmg} uses a wide variety of local and network tests to identify spam
  24 mail. Here is a short list of used filtering methods:
  25
  26 Receiver Verification::
  27
  28 Many of the junk messages reaching your network are emails to
  29 non-existent users. {pmg} detects these emails on SMTP
  30 level, which means before they are transferred to your networks. This
  31 reduces the traffic to be analyzed for spam and viruses up to 90% and
  32 reduces the working load on your mail servers and scanners.
  33
  34 Sender policy framework (SPF)::
  35
  36 Sender Policy Framework (SPF) is an open standard for validating
  37 emails and to prevent sender IP address forgery. SPF allows the
  38 administrator of an Internet domain to specify which computers are
  39 authorized to send emails with a given domain by creating a specific
  40 SPF record in the Domain Name System (DNS).
  41
  42 DNS-based Blackhole List::
  43
  44 A DNS-based Blackhole List (DNSBL) is a means by which an Internet
  45 site may publish a list of IP addresses, in a format which can be
  46 easily queried by computer programs on the internet. The technology is
  47 built on top of the Domain Name System. DNSBLs are used to publish
  48 lists of addresses linked to spamming.
  49
  50 SMTP Whitelist::
  51
  52 Exclude senders from SMTP blocking. To prevent all SMTP checks
  53 (Greylisting, Receiver Verification, SPF and RBL) and accept all
  54 e-mails for the analysis in the filter rule system, you can add the
  55 following to this list: Domains (Sender/Receiver), Mail address
  56 (Sender/Receiver), Regular Expression (Sender/Receiver), IP address
  57 (Sender), IP network (Sender)
  58
  59 Bayesian Filter - Automatically trained statistical filters::
  60
  61 Some particular words have a higher probability of occurring in spam
  62 emails rather than in legitimate emails. By being trained to
  63 recognize those words, the Bayesian checks every email and adjusts the
  64 probabilities of it being a spam word or not in its database. This is
  65 done automatically.
  66
  67 Black- and Whitelists::
  68
  69 Black- and Whitelists are an access control mechanism to accept,
  70 block, or quarantine emails to recipients. This allows you to tune the
  71 rule-system by applying different objects like domains, email address,
  72 regular expression, IP Network, LDAP Group, and others.
  73
  74 Autolearning algorithm::
  75
  76 {pmg} gathers statistical information about spam
  77 emails. This information is used by an autolearning algorithm, so the
  78 system becomes smarter over time.
  79
  80 Spam Uri Realtime BlockList (SURBL)::
  81
  82 SURBLs are used to detect spam based on message body URIs (usually web
  83 sites). This makes them different from most other Real-time
  84 Blocklists, because SURBLs are not used to block spam senders. SURBLs
  85 allow you to block messages that have spam hosts which are mentioned
  86 in message bodies.
  87
  88 Greylisting::
  89
  90 Greylisting an email means that unknown senders are intentionally temporarily
  91 rejected. Since temporary failures are part of the specifications for mail
  92 delivery, a legitimate server will try to resend the email later on. Spammers
  93 on the other hand, do not queue and reattempt mail delivery. A greylisted email
  94 never reaches your mail server and thus your mail server will not send useless
  95 "Non Delivery Reports" to spammers. Additionally greylisted mail is not
  96 analyzed by the antivirus and spam-detector engines, which saves resources.
  97
  98 +
  99 A mail is greylisted if it is the first mail from a sender to a receiver
 100 coming from a particular IP network. You can configure which IP addresses
 101 belong to the same network, by setting an appropriate netmask for greylisting.
 102
 103 SMTP Protocol Tests::
 104
 105 {postfix} is able to do some sophisticated SMTP protocol tests (see
 106 `man postscreen`). Most spam is sent out by zombies (malware on
 107 compromised end-user computers), and those zombies often try to
 108 maximize the amount of mails delivered. In order to do that, many of
 109 them violate the SMTP protocol specification and thus can get detected
 110 by these tests.
 111
 112 Before and After Queue Filtering::
 113
 114 {pmg} can be configured to either accept the mail, by sending a response
 115 of '250 OK', and scan it afterwards, or alternatively inspect the mail
 116 directly after it has the content and respond with a reject '554' if the
 117 mail is blocked by the rule system. These options are known as After Queue
 118 and Before Queue filtering respectively (see
 119 xref:pmgconfig_mailproxy_before_after_queue[Before and After Queue Scanning]).
 120
 121 Configurable NDR policy::
 122
 123 In certain environments it can be unacceptable to discard an email, without
 124 informing the sender about that decision. You can decide whether you want
 125 to inform the senders of blocked emails or not.
 126
 127 Virus detection
 128 ~~~~~~~~~~~~~~~
 129
 130 {pmg} integrates {clamav}, which is an open-source (GPL) antivirus
 131 engine designed for detecting Trojans, viruses, malware and other
 132 malicious threats.
 133
 134 It provides a high performance mutli-threaded scanning daemon, command
 135 line utilities for on demand file scanning, and an intelligent tool
 136 for automatic signature updates.
 137
 138
 139 Object-Oriented Rule System
 140 ~~~~~~~~~~~~~~~~~~~~~~~~~~~
 141
 142 The object-oriented rule system enables custom rules for your
 143 domains. It’s an easy but very powerful way to define filter rules by
 144 user, domains, time frame, content type and resulting action. {pmg}
 145 offers a lot of powerful objects to configure your own custom system.
 146
 147 WHO - objects::
 148
 149 Who is the sender or receiver of the e-mail?
 150
 151 WHAT - objects::
 152
 153 What is in the e-mail?
 154
 155 WHEN - objects::
 156
 157 When is the e-mail received by {pmg}?
 158
 159 ACTIONS - objects::
 160
 161 Defines the final actions.
 162
 163 Every rule has five categories FROM, TO, WHEN, WHAT and ACTION. Every
 164 of these categories can contain several objects and a direction (in,
 165 out or both).
 166
 167 Options range from simple spam and virus filter setups to
 168 sophisticated, highly customized configurations blocking certain types
 169 of e-mails and generating notifications.
 170
 171
 172 Spam Quarantine
 173 ~~~~~~~~~~~~~~~
 174
 175 Identified Spam mails can be stored to the user-accessible Spam
 176 quarantine. Thus, users can view and manage their Spam mails by
 177 themselves.
 178
 179
 180 Tracking and Logging
 181 ~~~~~~~~~~~~~~~~~~~~
 182
 183 The innovative Proxmox Message Tracking Center tracks and summarizes
 184 all available logs. With the web-based and user-friendly management
 185 interface, IT admins can easily overview and control all
 186 functions from a single screen.
 187
 188 The Message Tracking Center is very fast and powerful, tested on {pmg}
 189 sites processing over a million emails per day. All different log
 190 files from the last 7 days can be queried and the results are
 191 summarized by an intelligent algorithm.
 192
 193 The logged information includes:
 194
 195 - Arrival of the email
 196 - Proxmox filtering processing with results
 197 - Internal queue to your email server
 198 - Status of final delivery
 199
 200
 201 DKIM Signing
 202 ~~~~~~~~~~~~
 203
 204 {pmg} offers the possibility to optionally sign outgoing emails with
 205 xref:pmgconfig_mailproxy_dkim[DKIM].
 206
 207
 208 High Availability with Proxmox HA Cluster
 209 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 210
 211 To provide a 100% secure email system for your business, we developed
 212 Proxmox High Availability (HA) Cluster. The Proxmox HA Cluster uses a
 213 unique application level clustering scheme, which provides extremely
 214 good performance. Fast set-up within minutes and a simple, intuitive
 215 management keep resource needs low. After temporary failures, nodes
 216 automatically reintegrate without any operator interaction.
 217
 218 LDAP integration
 219 ~~~~~~~~~~~~~~~~
 220
 221 It is possible to query user and group data from LDAP servers. This
 222 may be used to build special filter rules, or just to provide
 223 authentication services for the Spam quarantine GUI.
 224
 225
 226 Fetchmail integration
 227 ~~~~~~~~~~~~~~~~~~~~~
 228
 229 {pmg} allows you to fetch mail from other IMAP or POP3 servers.
 230
 231
 232 Flexible User Management
 233 ~~~~~~~~~~~~~~~~~~~~~~~~
 234
 235 The administration interface uses a role-based access control scheme,
 236 using the following roles:
 237
 238 Superuser::
 239
 240 This role is allowed to do everything (reserved for user 'root').
 241
 242 Administrator::
 243
 244 Full access to mail filter setup, but not allowed to change network setup.
 245
 246 Quarantine Manager::
 247
 248 Is able to view and manage the Spam Quarantine.
 249
 250 Auditor::
 251
 252 Has read-only access to the whole configuration, can access logs and
 253 view statistics.
 254
 255
 256 Your benefit with {pmg}
 257 -----------------------
 258
 259 * Open source software
 260 * No vendor lock-in
 261 * Linux kernel
 262 * Fast installation and easy-to-use
 263 * Web-based management interface
 264 * REST API
 265 * Huge active community
 266 * Low administration costs and simple deployment
 267
 268
 269 include::getting-help.adoc[]