Overview
This article provides information for clients who are considering setting up a multi-server environment for GFI MailEssentials.
In a Multi-Server environment, all GFI MailEssentials installations are joined together. Settings are synchronized between servers and reporting/quarantine databases are centralized.
The Configuration and management of GFI MailEssentials are done on one server for all GFI MailEssentials installations.
Note: All GFI MailEssentials machines in a multi-server environment must have their IP address listed in the Perimeter SMTP Server Settings. This ensures that emails processed by a GFI MailEssentials server are not reprocessed by another server.
Environment
GFI MailEssentials multi-server installation where a master-slave relationship is established.
Information
Configuration Synchronization
All configuration settings that are set to be synchronized are retrieved from each server and merged together into a single list.
If a whitelist on one machine has 10 whitelist entries, while another machine has 20 whitelist entries with 5 of these entries being common to both machines, the end result is a single merged whitelist with 25 email addresses on both machines. (5 unique from the first machine, 15 unique from the second machine and 5 commons from both machines).
This applies to the following features:
- General Settings
- Local Domains
- Access Contro
- Perimeter SMTP Servers
- AV Configuration
- Advanced EmailSecurity Configuration
- Templates/li>
- Global Whitelist
- Global Blocklist
- Personal Whitelist and Blocklist
- Auto Whitelist
Note: You may come across a query that IPBlock list is not working in the multi-server environment, you can recommend the customer to do it manually as IPBlocklist can not auto sync in a multi-server environment. Refer to the article Manually Syncing IPBlocklist for guidance.
Content Filtering Synchronization
In the case of content filtering, there is a difference between how whitelists and blocklists are merged.
The rules and settings of Content Filtering engines from every server are gathered and merged into a single list. This applies to the following rules and engines:
- Keyword Filtering Rules
- Attachment Filtering Rules
- Advanced Content Filtering Rules
- Decompression Engine
Note: Each rule and filter has an internal "last modified time" which is then used to determine whose rule\setting is the latest. If there are 2 rules with the same name on 2 different servers, only the latest one is merged.
Quarantine\Reporting Synchronization
Every update done on one server is immediately applied to all the other servers. This effectively means that changes are immediately available on all servers.
All slave machines upload all the local reporting/quarantine database data to the machine hosting Quarantine and Reporting. This server requires ample disk space since it needs to store the quarantine of spam & malware engines, together with reporting data.
If there is no connection to the server (for example, due to a network outage), slave servers save records locally until the connection is re-established. When a machine is set to send all reporting/quarantine data, all current data in the local databases are transferred. This may take some time, given that a large volume of data may be required to be transferred.