GFI MailEssentials Multi-Server

GFI MailEssentials is a powerful and complete solution that provides anti-spam, anti-malware, and email security for on-premises mail servers. With its new multi-server feature, it became easier than ever to use and manage in large organizations. Let’s have a look at what this feature is and what it provides.

Multi-Server Feature

Larger environments typically have multiple email and GFI MailEssentials servers to process mail flow efficiently and to ensure high availability. All these servers can be located in the same site, or dispersed across the globe.

Up until recently, every instance of GFI MailEssentials had its own set of settings, its reporting database, and its quarantine store. Configuration of these servers, administration of quarantined items, and generation of reports was all done separately on each and every individual server. Far from ideal when multiple servers are involved…

Multi-server is an important new feature in GFI MailEssentials that enables communication between different GFI MailEssentials servers so that configuration data can be shared across the servers. This is great for organizations with multiple email gateways and email servers, where managing individual servers can be a tedious task without a unified console, not to mention prone to errors and misconfiguration. Once multi-server is configured, this problem is resolved, and day-to-day MailEssentials configuration tasks can be done using a single console.

Configuring the multi-server feature is straightforward. Administrators promote one of the servers as the master server, which coordinates the operations across the network. The other servers that are joined to the master server are the slave servers, and the master ensures that changes applied on any server within the network are automatically implemented on all other servers.

Administrators can then define what they want to be synchronized between these servers. When certain features are configured on one GFI MailEssentials instance, these settings are automatically implemented on the other servers, enabling administrators to apply settings only once. From this moment on, administrators can configure and manage their entire GFI MailEssentials deployment from one single server.

Multi-server can also provide centralized quarantine and reporting. With this enabled, all reporting and quarantine data is transferred to one server within the network, the Reporting & Quarantine Host. From this host, administrators can manage all quarantined items and generate reports.

When everything is set up, each server will scan emails flowing through it, but their configuration, such as anti-spam policies for example, are synchronized from the master server. If the master goes down, the slave server(s) will continue to work normally. For reporting and quarantine data, all this data is queued on the slave server(s) until the master is back online.

What gets synchronized by Multi-Server?

When multi-server is used, setup settings are synchronized between servers and reporting/quarantine databases are centralized. Configuration and management of GFI MailEssentials are both done on one server for all GFI MailEssentials installations. But what exactly gets synchronized between servers?

Configuration synchronization

All configuration settings that are set to be synchronized are retrieved from each server and merged into a single list.

For example, if a whitelist on one server has 10 whitelist entries, while another server has 20 whitelist entries with 5 of these entries being common to both, the end result is a single merged whitelist list with 25 email addresses on both servers. This applies to the following features:

• General Settings

• Local Domains

• Access Control

• Perimeter SMTP Servers

• AV Configuration

• Advanced EmailSecurity Configuration

• Templates

• Global Whitelist

• Global Blocklist

• Personal Whitelist and Blocklist

• Auto Whitelist

Content filtering synchronization

Content filtering rules and filters are applied differently. Each rule and filter has an internal “last modified time” property which is used to determine which rule/setting is newer. If there are two rules with the same name on two different servers, only the latest one is merged. Every update done on one server is immediately applied to all other servers, effectively making that change immediately available on all servers. This applies to the following rules and engines:

• Attachment Filtering Rules
• Advanced Content Filtering Rules
• Keyword Filtering Rules

• Decompression Engine

Quarantine and Reporting synchronization

Slave machines upload all their local reporting/quarantine database data to the machine hosting Quarantine and Reporting. This server requires ample disk space, since it needs to store the quarantine of spam and malware engines, together with reporting data.

If there is no connection to the server, such in the case of a network outage for example, slave servers save records locally until the connection is re-established.

Conclusion

GFI MailEssentials has long been a great product for organizations looking for a powerful and complete solution that provides anti-spam, anti-malware, and email security for on-premises mail servers. However, configuring and managing it in large environments was not straightforward and typically required the manual configuration of each server individually. GFI listened to its customers’ feedback and introduced the multi-server feature, one that has been highly requested. Now, MailEssentials is perfectly suitable for large organizations and it is easier than ever to use and manage.