SmarterMail in Individual and Micro-business Deployments

Who Should Use This Document

This document is intended for use by individuals and micro-businesses as they develop an effective architecture for their SmarterMail system implementation. For best results, this document should be used in conjunction with the SmarterTools Knowledge Base.

Determining the Required Architecture

It is not unusual for a business to generate upwards of 50 legitimate mail messages, per employee, per day on average¹. Considering the relative volume of spam and other abusive messages that are currently prevalent, the total number of messages processed per user/mailbox could easily exceed 250 per day² . Companies in technology, finance, and other communication-intensive industries might have much higher average email volumes. A tendency toward the prolific use of attachments and email graphics can also influence performance in mail environments. SmarterTools encourages readers to determine which architecture is right for them based upon anticipated email volume as opposed to head-count because email load is a far better predictor of server requirements than the number of mailboxes on a system.

SmarterMail is built around a fully scalable model, so moving from one architecture recommendation to another requires relatively simple enhancements or modifications that can yield significant increases in performance and volume capacity.

That said, the authors have chosen to divide their recommendations into three categories: individual and micro-business architectures, small to medium-sized business architectures, and high-volume deployment architectures. For the purposes of these recommendations:

• Individuals and micro-businesses shall be defined as mail environments with average email volumes of up to 25,000 messages per day (12,500 in/12,500 out). This infers a maximum of 100 mailboxes. Information regarding these architectures is available in this SmarterTools document.
• Small to medium-sized businesses shall be defined as mail environments with average email volumes of up to 400,000 messages per day (200,000 in/200,000 out). This infers a maximum of 1,600 mailboxes. Information regarding these architectures can be found in SmarterMail in Small to Medium-sized Business Deployments, which is available for download on the SmarterTools website.
• High-volume deployments shall include ISPs, hosting companies, large businesses, and enterprise organizations with average email volumes numbering in the millions. This infers organizations with many thousands of mailboxes. Information regarding these architectures can be found in SmarterMail in High-Volume Deployments, which is available for download on the SmarterTools website.

¹Intel presentation, “IT Business Value”, 9-16-2005.

²Nearly 80% of email messages sent world-wide are spam….”; Deleting Spam Costs Business Billions, Information Management Journal, May/June 2005, Nikki Swartz

General Architecture

The general recommendation for SmarterMail architecture in an individual and micro-business environment (up to 25,000 messages per day) is as shown in Figure 1.

SmarterMail Primary Server

This server is the central data processor and repository of your client’s email. Users connect to this server using POP and IMAP to receive email, and use SMTP to send email out. Webmail is also hosted on this server to help those without email client software. In addition, the SmarterMail server performs all spam-blocking and virus protection operations.

Hardware recommended in this configuration for individuals and micro-businesses includes:

• Single-core processor
• 1 GB of RAM
• Windows Server 2008 R2 64-bit
• 7200 RPM SATA drive

Email Virtualization: SmarterMail in Virtual Server (VPS) Environments

A virtual server environment is when one physical hardware device is partitioned so as to operate as two or more separate servers. SmarterMail can be deployed in all types of virtual server environments and has been tested with most major virtualization software (such as Hyper-V, VMware, Virtual Box, Virtuozzo and Zen).

Note: If using Hyper-V, SmarterTools recommends attaching a physical network adapter from the Hyper-V host to the SmarterMail virtual machine instead of using the virtual network manager to create virtual LANs/bridges. This is because there is a risk of losing network access to all of the virtual machines if they are all tied to a single virtual network and a network-related issue occurs on one of the virtual machines. By allowing the SmarterMail virtual machine a dedicated physical connection, this risk can be eliminated.

Recommended Spam Protection Measures

SmarterMail uses a flexible, multi-layered spam prevention strategy to achieve 97% spam protection out-of-the-box. Initial spam settings are configured during installation, but system administrators can modify these settings to meet their unique needs at any time.

Since spam prevention strategy is an integral component of mail server deployment, a few of the most important spam-fighting measures available for SmarterMail are discussed below.

Cyren (formerly Commtouch) Premium Antispam

Available as an optional add-on for SmarterMail, Cyren Premium Antispam uses Recurrent Pattern Detection (RPD) technology to protect against spam outbreaks in real time. Rather than evaluating the content of messages, the Cyren Detection Center analyzes large volumes of Internet traffic in real time, recognizing and protecting against new spam outbreaks the moment they emerge. When combined with SmarterMail’s out-of-the box antispam measures, the Cyren Premium Antispam add-on can effectively block 99.5% of spam from users’ inboxes.

For more information about the Cyren Premium Antispam add-on, please visit the SmarterTools website.

SpamAssassin-based Pattern Matching Engine

SmarterMail incorporates the SpamAssassin-based Pattern Matching Engine as part of its multi-layered spam protection strategy. Based on SpamAssassin technology, this powerful pattern matching engine can process substantially higher volumes of email per day without the need for a distributed antispam server. For more information, please refer to the SmarterMail Online Help.

Greylisting

SmarterMail also includes greylisting, an effective method of blocking spam at the SMTP level. Using the greylisting feature in conjunction with SpamAssassin will prevent a large percentage of spam messages from being received by the SmarterMail server and drastically reduce the SpamAssassin work load. At the time of this writing the greylisting feature is effectively blocking up to 85% of spam at the SMTP level and greatly enhancing the effectiveness of SpamAssassin. The authors expect that the effectiveness of greylisting will diminish over time as spammers learn to adjust to this technique. Additional information about greylisting can be found in the SmarterMail Online Help or at http://greylisting.org.

Other Built-in Antispam Measures

SmarterMail’s multi-layered spam prevention strategy also includes SPF, DomainKeys/DKIM, Bayesian filtering, reverse DNS, RBL, blacklist/whitelist, SMTP blocking, custom headers, and per-user spam weighting. More information about these important features is available in the SmarterMail Online Help and/or the SmarterTools Knowledge Base.

Remote SpamAssassin

SmarterMail includes support for SpamAssassin, an open source spam filtering program. When implemented, SmarterMail will pass an incoming message to SpamAssassin. SpamAssassin returns the message with a spam score that can be used to filter mail alone or in conjunction with other spam filtering options in SmarterMail.

The Windows version is limited to processing a single message at a time—effectively handling approximately 25,000 spam messages per day. This version of SpamAssassin is usually more than adequate to meet the needs of individual and micro-business environments. Additional information about SpamAssassin, including download instructions, is available at http://spamassassin.apache.org.

Recommended Virus Protection Measures

SmarterMail includes several antivirus enhancements that prevent the mail server from being compromised, including support for incoming and outgoing SSL/TLS connections, administrator access restriction by IP, intrusion detection (IDS), active directory authentication, harvest attack detection, denial of service (DOS) attack prevention, malicious script authentication, and brute force detection for webmail.

Cyren (formerly Commtouch) Zero-hour Antivirus

Available as an optional add-on for SmarterMail, Cyren Zero-hour Antivirus can further extend SmarterMail’s built-in virus protection measures. Rather than depending on heuristics, Cyren Zero-hour Antivirus uses Recurrent Pattern Detection (RPD) technology to scan the Internet and identify virus and malware outbreaks as soon as they emerge.

For more information about the Cyren Zero-hour add-on, please visit the SmarterTools website.