Phone Lines icon GFI Support Home

Articles in this section

See more

Suggested upgrade path to GFI MailEssentials multi server network for existing installs

Author: Luis Fernandes

Answer

If you have multiple email servers with GFI MailEssentials 2014 R2 or previous, then you can benefit from the new multi-server feature introduced in GFI MailEssentials 2015.
This article will explain to you the best ways to upgrade and the suggested upgrade procedure.
 
GFI MailEssentials multi-server network functions by having one master server and other servers as slaves. The master server is the server which coordinates synchronization between each server. Each server scans on its own, and does not rely on any other server, even if the master/quarantine/reporting is unreachable. This ensures that your email scanning remains active even when there is downtime on your master server. When the master server is inaccessible the synchronized data is queued till the connection is established again. Quarantined items and reporting data will be stored temporarily in the local quarantine and local reporting respectively, when the master is accessible the data will be transferred.

When upgrading your network you need to take two important decisions, mainly:
  1. Who will be the master server
  2. Who will host the quarantine and reporting
It does not necessarily mean that the master will host the quarantine and reporting. In most cases it is suggested to have a master server with quarantine and reporting however instances may arise where a different server is chosen.

Important: The reporting database in a multi-server network should use Microsoft SQL Server or Microsoft SQL Express databases. This is due to the fact that a larger amount of reporting data will be stored in the database. If Express is used please take note of the 10GB database limit and introduce auto-purging as necessary. (MailEssentials Configuration > Reporting > Settings > Auto Purge Tab)

Upgrade Process
  1. Once you have defined which will be the master and quarantine/reporting server, you can start the upgrade procedure. The upgrade procedure needs to be done on each server and is a typical GFI MailEssentials upgrade, using the GFI MailEssentials installation wizard.
  2. After the upgrade has completed on all installations of MailEssentials 2015 or later, please open the Configuration on the Master Server and under the Multi Server section promote a server as the Master.
  3. Enter in the required information under the Master Server drop section
  4. Check the "Synchronize Quarantine and reporting data with the Multi-Install network" if you want the master to maintain the reporting and quarantine.
  5. Open the MailEssentials configuration on the Servers that will be the slaves
  6. Under the Multi Server section set the Servers to Slaves and fill in the Master Server URL and Administrative credentials
  7. Hit Test to try the connection between the slave and master when successful hit apply to save
  8. Then switch to the Configuration Sync in order to set the quarantine and reporting to a central server.
  9. When all settings have been configured on the Master server navigate back to the  Multi-Server setup > Configuration Sync > Select the items that you would like to Sync between servers. 
 
What are the benefits of servers joined together with no shared quarantine/reporting and no shared configuration?

GFI MailEssentials servers which are on the same multi-server network understand each other and know about the existence of each other. This means that emails approved by a server are not scanned by another server.
By default perimeter servers, and local domains are shared across the multi-server network. For SMTP mode installation users are transferred between all member servers.
 
What are the benefits of a slave server joined in the multi-server network with only shared quarantine and reporting?

When a slave is joined to a multi-server network each slave server can have its own independent configuration. In this mode you get the benefits that you can view the quarantine and reporting data on a central location.
 
Joining slave servers with existing preconfigured rules
If master and slave servers have preconfigured rules some conflicts can arise when the data is synchronized across servers for the first time. Rules with the same names are merged.

Important: If one opts to have synchronized configuration it is suggested that rules and lists for slaves’ servers are cleaned up prior the enrollment into the multi-server setup. This ensures that the slave server on enrollment downloads an identical copy of the master server’s rules and avoid any inconsistencies in the rules.
 
Synchronized Configuration
Lists and configuration data can be synchronized between different the multi-server network. The following is the full set of configuration data that can be synchronized across servers
  • Global Whitelist
  • Global Blocklist
  • Personal Whitelist and Blocklist
  • Auto Whitelist
  • Attachment Filtering Rules
  • Advanced Content Filtering Rules
  • Keyword Filtering Rules
  • Decompression Engine settings
Each of the above can be selectively synchronized.
 
Active Directory and SMTP mixed mode installation
It is possible to have a mixed mode with SMTP and Active Directory (AD) servers, however the Master server needs to be a server on the AD domain.
Attachment Filtering Rules, Advanced Content Filtering Rules and Keyword Filtering rules, are not synchronized between servers that are installed in Active Directory and SMTP mode.
 
Note:
The multi-server feature replaces the old synchronization agent and this is no longer available in GFI MailEssentials 2015 and above. The new multi-server feature provides real time updates, increased security in the data transfer as well as it provides additional synchronization and centralization of the quarantine and reporting.
 

 

Related articles