VisNetic MailServer as a Gateway

Article Details
URL: https://support.deerfield.net/support/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=554
Article ID: 554
Created On: Oct 27, 2006 11:02 AM

Answer

VisNetic MailServer Gateway Server with the primary server behind. 

This solution is easy and cost effective. This provides an entry point for your mail that is handled by one server and its main function is to accept or deny traffic. This means that the gateway server will be the front-end to your mail solution. This server should have antivirus on it so it can filter for viruses along with black listed connections and other connections you wish to deny. 

The gateway server will make an attempt to deliver the mail to the primary mail server once it is accepted. If the primary is inaccessible then the gateway server will hold the mail in a retry queue until the primary server is available. Once the primary server is up then the gateway server will deliver all mail to the primary host. 

Your DNS will need to have one MX (mail exchange) record for the front-end server. MX records tell all mail servers on the Internet where to find your domain’s mail solution. Your primary server should have no MX number so that no mail is delivered there. Your gateway server will receive all mail and then attempt deliver on it’s own schedule. The retry time on the gateway server should be set to a higher time limit to retain any mail should the primary be down for a prolonged period. 

This can be achieved by opening the VisNetic MailServer Administration console and clicking the [system] icon then click the [service settings] button. The settings are shown bellow: 

The default setting for VisNetic MailServer is 4 days. It is best to at least double this setting to ensure the backup server holds the mail long enough in case there are major problems with the primary server. 

Next you need to configure the gateway server to send all mail to the primary. You will need to tell the server where the primary server is and tell it what domains can be received here and where the mail needs to go. 

In the VMS Admin console go to the [accounts] icon and add a new domain. Input the domain info and select the domain type drop-down. Select “Backup Domain” and then put the IP address of the primary server in the ‘To’ field. Save the domain. 

The gateway server will now send all mail that is received for the allocated domains to the primary mail server. Next you need to set the primary server to only talk to the gateway server to ensure that all mail comes from the filtering server. On the primary server go to the VMS console and click the [security] icon and then go to the Firewall Settings 

Activate the firewall and then add the IP address of the gateway server into the SMTP field and click Grant. Example: 209.89.258.36

This setting tells VMS to ONLY talk to 209.89.258.36 with the SMTP protocol. It will not allow any other server to talk to it nor will it try to talk to another server via SMTP. The Grant option specifies whom to talk to. If you do not check the grant option then you are telling the server to block connections from any server listed. You can use [;] semicolons without spaces to add multiple IP addresses. 

Next you will need to set the primary server to send all mail through the gateway server. You will do this by going to the [system] icon and then set the IP address (ex. 209.89.258.36) of the gateway server in the Relay Server option.  Now the primary server will send all mail out through the gateway server and rely on the gateway server to find the appropriate delivery point for every message. 

This solution provides fewer burdens on the primary server. This is best for systems with high amounts of users. If you are using webmail, IM, Groupware, POP3, etc, then your users may be putting enough load on the server that offloading the SMTP functions to the gateway server will provide the relief the primary server needs to perform at it’s optimal speed for the users. This function also allows for all sent mail to be handled by the gateway server. The primary does not have to perform DNS lookups, delivery attempts, and retries. The gateway server will handle this for you. 

The primary server should have the Mail Server, web mail, antivirus, Antispam, IM, etc. The gateway server is not responsible for these solutions. The gateway server just needs to accept mail and scan for viruses. The primary server can deliver, manage, and track the mail.