I have come up with a spam free, secure setup that works very well with mail enable. So perhaps this may help others .. i wrote this up real quick...
I just installed mailable and converted from exchange, and below here is how the mail flows and my server design.. I have one client which has been running mail enable now for 3 years; no issues at all, never even reboot the server that much. maybe twice a year for patches and to clean memory.
#1 $5 per month! spam protection, removes all spam issues -
https://www.spamhero.com/ - works perfect with mail enable and removes and local need to deal with spam. They are amazing; no issues with them and no spam. you could send email from spamhero to mailenable and be done with spam .
#2 Enable a gateway to process inbound mail then send to mailenable:
You can add a vm appliance as a front end gateway for even more protection. https://efa-project.org/ ,(free) you don't use port 25, rather any other port you want, removes "port 25" from being open. infact all your ports should be high and random. This blocks spam too, now you have 2 spam blockers, although we never get any.
flow is -> Spamhero -> Efa.
EFA has logging real time everything.
#3 Another firewall
Then you add "smoothwall" http://www.smoothwall.org/ (free) firewall, for even more protection.. You forward your router ports to this instead of the mailenable server for inbound clients (like phones). And of course no port 25 or common ports. At spam hero, you send to esva for inbound internet mail. You need to again forward ports in smoothwall.
flow is -> Spamhero -> Efa -> to smoothwall firewall. -(internet mail) | for clients, its client ->router - smoothwall - mailenable
for lan client -> client ->smoothwall -> mailenable (lan clients run ssl too!)
#4 Low cost servers for mailenable
mailenable can run on virtual system--I use vmware for one site, vbox on another.
mail enable will runs as a vm, on a "local host" only lan, with smooth wall and the mailenable server nics togther. The smooth wall will be on the dmz. Your router sends the ports you need to that smooth wall interface.
outside nic on dmz
inside nic on vmware local lan only
inside nic - mailenable server on local lan only
#5 - You also have with windows 2012 server with its firewall, and setup the ports on that, so mail enable works ok.
flow is -> Spamhero -> Efa -> to smoothwall firewall -> windows firewall -> MAILENABLE SERVER
#6 - This costs some, but worth it, mailenable works perfect with www.authsmtp.com. The best part is your email will never get rejected! this paid service relay has not failed me in 6 years.
Flow is -mailenable -> authsmtp - > client ( outbound can be ssl too if you want)
SSL's - its easy to set it up!
You can find SSL's for $7 per year, so setting up SSL for mail enable is cheap!
(you will have to copy ssl from personal container to server container, bug is ssl import it seems)
Thats it, ZERO spam, no security issues, the mailenable server never gets hit from the outside for inbound, thus it only processes client requests and inbound from efa. I have zero utilization on the mail enable server. Not even running virus checks as that spamhero takes care of inbound, authsmtp takes care of outbound.
For super speed , all these vms are on one box- Dont laugh, but i put mail enable in vmware workstation 11 on a gaming computer converted to a sudo-server. its a I7 4790k 32gb ddr3 2200mhz MSI "Gaming 6" motherboard, raided Kingston SSD savage drives,. have some red WD drives(backups) and one super fast PCIE SSD drive( its fast, windows 2012 boots in 5 sec!), 1000meg read per sec! The host operating system is Windows 8.1 pro.. The "server 2012 r2" costs $699 from Amazon and you can run 2 instances in vmware using that license..
its easy to back up, and your mail enable server can be run ON any PC for your DA needs and requirements. I
3rd day of 50 person exchange conversion and no calls!
1 post • Page 1 of 1
Who is online
Users browsing this forum: No registered users and 3 guests