modusGate™ VM Installation

How to install your Anti Spam Virtual Appliance with modusGate™

Installing modusGate™ on a Virtual Machine

The purpose of this document is to establish the procedure to create and setup an Anti Spam Virtual Appliance. The procedure described below is VM host neutral and works with virtual environments such as VMware®.

Prerequisites

modusGate™ is a Windows®-based software package that can be installed on any Windows Server 2003 SP2 or Windows Server 2008 32-bit platform. This document outlines the installation process for a virtual machine.

OS Requirements

Windows Server 2003 SP2 or Windows Server 2008 with the following packages installed:

IIS 6.0 or later
ASP.NET
.NET framework 3.5

Resource allocation for Guest OS

This will depend on your estimated levels of traffic:

Mailboxes served	CPU Cores	RAM	Disk Storage
0-500	Single (mid-range)	1-2 GB	80 GB
500-2000	Dual (mid-range)	2-4 GB	120 GB
2000-5000	Dual (high-end)	4 GB	250 GB
5000+	Quad (mid or high)	4 GB	250+ GB

These figures are based on a simple estimate of approximately 100 messages (ham/spam) per day, per mailbox
Storage size can vary, depending on the time required to preserve quarantined items
The recommended quarantine storage time is between 5 to 14 days

Where does modusGate™ anti spam virtual appliance fit in?

modusGate™ is a mail filtering SMTP gateway, designed to be physically placed between the Internet and your primary mail server (MTA). When the system is ready to be deployed live, inbound email traffic addressed to your domains is directed to modusGate™. From there, clean messages are routed to your primary MTA.

Installation

Download your modusGate package and license key from here:
http://www.vircom.com/en/FreeTrial/
Place the executable file on the desktop of your antispam virtual machine (guest OS login)
Verify that the following Windows network settings are configured:
1. A DNS Suffix
  - Go to: System Properties / Computer Name / Change / More
  - Enter your Primary DNS Suffix
2. The network card (NIC) is configured with the following
  - a static IP address (do not use DHCP)
    - Go to: Network Connections / Local Area Connection / Properties / Internet Protocol (TCP/IP) / Properties
    - Enter the IP address, Subnet Mask and Default Gateway IPs
  - a defined DNS server address
    - Go to: Network Connections / Local Area Connection / Properties / Internet Protocol (TCP/IP) / Properties / DNS Server settings
    - Enter your primary DNS server IP, and preferably a secondary
3. Disable Microsoft’s Simple Mail Transfer agent in the Services panel
  - Go to: Start / Administrative Tools / Services
  - Disable Simple Mail Transfer Protocol
Configure your firewall settings: the following ports must be opened
1. Egress: from modusGate to the outside world
  - Port 25 (SMTP): necessary for bounce/outgoing mail traffic
  - Port 80 (HTTP): necessary for VIRUS/SPAM updates
  - Port 443 (HTTPS): necessary for VIRUS/SPAM updates
2. Ingress: from the outside world to modusGate
  - Port 25 (SMTP): for inbound mail traffic
  - Port 80 or 443 (HTTP/HTTPS): for quarantine access (optional)
3. Internal: for modusGate and the internal infrastructure (if there are multiple firewall layers)
  - Port 25 (SMTP): for communication between modusGate and your MTA
  - Port 389 (AD/LDAP): for communication between modusGate and your Domain Controller (Exchange)
  - Port 3258 (AD Global Catalog): for communication between modusGate and your Domain Controller (Exchange)
Install the application
1. Launch the installer and follow the instructions
2. At the end of the process, the installer will prompt you to configure the Connections. You are being asked to define the mail route(s) connecting modusGate to your primary MTA. The following KB articles provide specific configuration details:
  - Microsoft Exchange: http://kb.vircom.com/Kbase/default.asp?id=1378&SID=&Lang=1
  - Lotus Domino: http://kb.vircom.com/Kbase/default.asp?id=1380&SID=&Lang=1
  - Other MTAs: http://kb.vircom.com/Kbase/default.asp?id=1556&SID=&Lang=1
3. The modusGate Administration Guide can be found here (requires PDF reader):
  - C:\Program Files\Vircom\modusGate\Documentation
4. Test the connections:
  - http://kb.vircom.com/Kbase/default.asp?id=1142&SID=&Lang=1
5. Once you have tested sending an email through the modusGate localhost to a mailbox on your MTA, you should configure modusGate according to these recommended best practices:
  - http://kb.vircom.com/Kbase/default.asp?id=1553&Lang=1&SID
Transfer mail flow to modusGate Anti Spam Virtual Appliance

Change the DNS Server’s MX record to point to the modusGate server: this will route inbound mail from the Internet to the modusGate server.
- This configuration is mandatory
Configure your MTA to use modusGate as a SMTP relay if you want to filter outbound email.
- This configuration is optional

Related Resources

Installing modusGate™ on a Virtual Machine (PDF, 439 kB)

Copyright © 2010 by Vircom Inc. All Rights Reserved. Vircom, SysAdmin on the line, Netadmin on the line, modus, modusMail, modusGate and Email Security Matters are trademarks of Vircom, Inc. Windows and Exchange are registered trademarks of Microsoft Corporation. IBM is a registered trademark of International Business Machines Corporation. VMware is a registered trademark or trademark of VMware, Inc. All other trademarks are the property of their respective owners. You are currently viewing Anti Spam Virtual Appliance.