projects / pmg-docs.git / blame
| Commit | Line | Data |
|---|---|---|
| b2d388d4 | 1 | [[chapter_deployment]] |
| 5c735ebd DM |
2 | Planning for Deployment |
| 3 | ======================= | |
| 4 | ||
| 5 | Easy integration into existing e-mail server architecture | |
| 6 | --------------------------------------------------------- | |
| 7 | ||
| 8 | In this sample configuration, your e-mail traffic (SMTP) arrives on | |
| 9 | the firewall and will be directly forwarded to your e-mail server. | |
| 10 | ||
| 11 | image::images/infrasturcture_without_proxmox_big.jpg[] | |
| 12 | ||
| 13 | By using the {pmg}, all your e-mail traffic is forwarded to the | |
| 14 | Proxmox Mail Gateway, which filters the whole e-mail traffic and | |
| 15 | removes unwanted e-mails. You can manage incoming and outgoing mail | |
| 16 | traffic. | |
| 17 | ||
| 18 | image::images/infrasturcture_with_proxmox_big.jpg[] | |
| 19 | ||
| 20 | ||
| 21 | Filtering outgoing e-mails | |
| 22 | -------------------------- | |
| 23 | ||
| 24 | Many e-mail filter solutions do not scan outgoing mails. Opposed to | |
| 25 | that {pmg} is designed to scan both incoming and outgoing | |
| 26 | e-mails. This has two major advantages: | |
| 27 | ||
| 28 | . {pmg} is able to detect viruses sent from an internal host. In many | |
| 29 | countries you are liable for not sending viruses to other | |
| 30 | people. {pmg} outgoing e-mail scanning feature is an additional | |
| 31 | protection to avoid that. | |
| 32 | ||
| 33 | . {pmg} can gather statistics about outgoing e-mails too. Statistics | |
| 34 | about incoming e-mails looks nice, but they are quite | |
| 35 | useless. Consider two users, user-1 receives 10 e-mails from news | |
| 36 | portals and wrote 1 e-mail to a person you never heard from. While | |
| 37 | user-2 receives 5 e-mails from a customer and sent 5 e-mails | |
| 38 | back. Which user do you consider more active? I am sure its user-2, | |
| 39 | because he communicates with your customers. {pmg} advanced address | |
| 40 | statistics can show you this important information. Solution which | |
| 41 | does not scan outgoing e-mail cannot do that. | |
| 42 | ||
| 43 | To enable outgoing e-mail filtering you just need to send all outgoing | |
| 44 | e-mails through your {png} (usually by specifying Proxmox as | |
| 45 | "smarthost" on your e-mail server - see | |
| 46 | xref:mail_server_config[Example mail server configuration]. | |
| 47 | ||
| 90facef4 | 48 | [[firewall_settings]] |
| 5c735ebd DM |
49 | Firewall settings |
| 50 | ----------------- | |
| 51 | ||
| 52 | In order to pass e-mail traffic to the {pmg} you need to allow traffic | |
| 53 | on the SMTP the port. Our servers use the Network Time Protocol (NTP) | |
| 54 | for time synchronization, RAZOR, DNS, SSH, HTTP and port 8006 for the web | |
| 55 | based management interface. | |
| 56 | ||
| 57 | [options="header"] | |
| 58 | |====== | |
| 59 | |Service |Port |Protocol |From |To | |
| 60 | |SMTP |25 |TCP |Proxmox |Internet | |
| 61 | |SMTP |25 |TCP |Internet |Proxmox | |
| 62 | |SMTP |26 |TCP |Mailserver |Proxmox | |
| 63 | |NTP |123 |TCP/UDP |Proxmox |Internet | |
| 64 | |RAZOR |2703 |TCP |Proxmox |Internet | |
| 65 | |DNS |53 |TCP/UDP |Proxmox |DNS Server | |
| 66 | |HTTP |80 |TCP |Proxmox |Internet | |
| 67 | |GUI/API |8006 |TCP |Intranet |Proxmox | |
| 68 | |====== | |
| 69 | ||
| 70 | CAUTION: It is advisable to restrict access to the GUI/API port as far | |
| 71 | as possible. | |
| 72 | ||
| 73 | The outgoing HTTP connection is mainly used by virus pattern updates, | |
| 74 | and can be configured to use a proxy instead of a direct internet | |
| 75 | connection. | |
| 76 | ||
| 77 | You can use the 'nmap' utility to test your firewall settings (see | |
| 78 | section xref:nmap[port scans]). | |
| 79 | ||
| 80 | ||
| 81 | [[system_requirements]] | |
| 82 | System Requirements | |
| 83 | ------------------- | |
| 84 | ||
| 85 | {pmg} needs dedicated server hardware but can also run inside a | |
| 86 | virtual machine on any of the following plattforms: | |
| 87 | ||
| 88 | * Proxmox VE (KVM) | |
| 89 | ||
| 90 | * VMWare vSphere™ (open-vm tools are integrated in the ISO) | |
| 91 | ||
| 92 | * Hyper-V™ (Hyper-V Linux integration tools are integrated in the ISO) | |
| 93 | ||
| 94 | * KVM (virtio drivers are integrated, great performance) | |
| 95 | ||
| 96 | * Virtual box™ | |
| 97 | ||
| 98 | * Citrix XenServer™ | |
| 99 | ||
| 100 | Please see http://www.proxmox.com for details. | |
| 101 | ||
| 102 | In order to get a benchmark from your hardware, just run 'pmgperf' | |
| 103 | after installation. | |
| 104 | ||
| 105 | ||
| 106 | Minimum System Requirements | |
| 107 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~ | |
| 108 | ||
| 109 | * CPU: 64bit (Intel EMT64 or AMD64) | |
| 110 | ||
| 0527a7a5 | 111 | * 2 GB RAM |
| 5c735ebd DM |
112 | |
| 113 | * bootable CD-ROM-drive or USB boot support | |
| 114 | ||
| 115 | * 1024x768 capable VGA/Monitor for Installer | |
| 116 | ||
| 117 | * Hard disk 8 GB - ATA/SATA/SCSI/NVME | |
| 118 | ||
| 119 | * Ethernet Network interface card | |
| 120 | ||
| 121 | ||
| 122 | Recommended System Requirements | |
| 123 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | |
| 124 | ||
| 125 | * Multicore CPU: 64bit (Intel EMT64 or AMD64) | |
| 126 | ||
| 127 | * 4 GB RAM | |
| 128 | ||
| 129 | * bootable CD-ROM-drive or USB boot support | |
| 130 | ||
| 131 | * 1024x768 capable VGA/Monitor for Installer | |
| 132 | ||
| 133 | * 1 GBps Ethernet Network interface card | |
| 134 | ||
| 135 | * Hardware RAID1 or RAID10, Raid Controllers need write cache with | |
| 136 | batteries backup module for best performance | |
| 137 | ||
| 138 | * Enterprise class SSD with power loss protection (e.g. Intel SSD DC | |
| 139 | 35xx/36xx/37xx) |