System requirements
General requirements
Hardware
- Dedicated email server (cloud-based or on-premises)
- 4GB RAM Main memory
- 2 CPU cores (virtualized or physical)
- Sufficient storage space. The size required depends on the number of emails received and on the modules used. Contact our support team for assistance with planning.
Communication
- Communication via the SMTP protocol for inbound and outbound emails. NoSpamProxy Encryption also supports the receipt of messages via the POP3 protocol.
- Port redirection or relay system. NoSpamProxy accepts the emails on port 25 instead of your previous email server. If the email server and NoSpamProxy are installed on the same system, the previous email server port must be redirected.
NOTE: NoSpamProxy cannot be operated in the combination Domain Controller + Exchange + NoSpamProxy on a single system, because the operation of Exchange on a domain controller is prohibited.
NOTE: NoSpamProxy can be installed on a system in parallel with Exchange. However, this combination is not recommended, since problems are often encountered during operation due to double port assignments:
- Port 6060/6061 TCP (internal communication between the NoSpamProxy roles)
- Port 25 (SMTP, also used by Exchange)
- Port 443 (SSL, is required for the Web Portal, but can be changed)
Port 465 TCP (POP3, no support for NoSpamProxy Server Protection)
Troubleshooting
TIP: We recommend using Telnet Client or PuTTY on all servers (to test network connectivity).
NoSpamProxy
NOTE: For the gateway role and the intranet role, you need a Microsoft SQL Server. You can use either Microsoft SQL Express or Microsoft Server Standard/Enterprise.
NOTE: If you use Microsoft SQL Server Express and update to version 14 or higher of NoSpamProxy Server, the utilisation of the database used must not exceed 70 percent (7 GB).
NOTE: If you have installed NoSpamProxy and Microsoft Exchange on the same server, before installing or upgrading the Microsoft .NET framework, make sure that the appropriate version of the framework is supported by Exchange. For an overview of supported versions, see the Exchange Server Supportability Matrix.
If the NoSpamProxy Command Center is used on a Windows Server 2012 R2, it can happen that the latest messages are not displayed on the start page. This is because the operating system cannot open a secure connection to the source of the messages.
For this, the following two TLS ciphers must be activated in the operating system:
- TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
Then restart the operating system.
For more information, see the Microsoft documentation.
- Windows Server 2012 R2 or later (Windows Server 2012 R2 is discontinued as of December 31, 2023)
- Microsoft SQL Server Standard/Enterprise 2012 Service Pack 4 or later (discontinued as of December 31, 2023) or Microsoft SQL Express 2019 (on Windows Server 2016 or newer) or Microsoft SQL Express 2017 (on Windows Server up to and including 2012 R2)
- Microsoft .NET Framework 4.8
- Microsoft Visual Studio 2010 Tools for Office Runtime
Gateway Role
- Working DNS resolution. This is used by NoSpamProxy Protection for the resolution of real-time blocklists and spam URL blocklists. NoSpamProxy Encryption requires DNS resolution for checking certificates (access to 'Certificate Revocation Lists' and 'OCSP').
- HTTP and HTTPS and LDAP access to the Internet. NoSpamProxy Protection requires access for one of the real-time blocklists, the Core Antispam Engine and the Integrated Malware Scanner. NoSpamProxy Encryption uses HTTP and HTTPS as well as LDAP to check certificates (access to 'Certificate Revocation Lists' and 'OCSP').
- If you are using a firewall, the ports provided for NoSpamProxy must be released (usually port 25).
- TCP connection via port 6060 and HTTPS connection via port 6061 from the interface to the Gateway Role. These ports are required for the initial connection between Gateway Roles and the Intranet Role. After all Gateway Roles are connected, communication to them is carried out solely via the Intranet Role.
- Optional: Any file-based on-access virus scanner
-
Access the URL nimbus.bitdefender.net.
NOTE: When you share ports, share them on both Windows Firewall and your perimeter firewall.
Intranet Role
- TCP connection via port 6060 and HTTPS connection via port 6061 from the interface to the Gateway Role.
- TCP connection via port 6060 and HTTPS connection via port 6061 from the Intranet Role to the Gateway Role.
- Optional: TCP connection to the domain controller via LDAP or Global Catalog
- Optional: TCP connection to the Web Portal via HTTPS.
NoSpamProxy Command Center
- TCP connection via port 6060 and HTTPS connection via port 6061 from the interface to the Gateway Role.
Outlook Add-in
- Outlook 2010 with Service Pack 2 or later
- Microsoft Visual Studio 2010 Tools for Office Runtime
- Microsoft .NET Framework 4.8
- Access to the URL nimbus.bitdefender.net.
NOTE: Make sure that all third-party applications you use that connect to NoSpamProxy are covered by the respective manufacturer support. If this is not the case, the NoSpamProxy support team cannot provide support services.
NOTE: If you have installed NoSpamProxy and Microsoft Exchange on the same server, before installing or upgrading the Microsoft .NET framework, make sure that the appropriate version of the framework is supported by Exchange. For an overview of supported versions, see the Exchange Server Supportability Matrix.
TIP: For further information, see Outlook Add-In – Installation and Group Policies.
Web Portal
- Windows Server 2012 R2 or later (Windows Server 2012 R2 is discontinued as of 31.12.2023)
- Microsoft .NET Framework 4.8
- Microsoft SQL Server Standard/Enterprise 2012 Service Pack 4 or later (discontinued as of December 31, 2023) or Microsoft SQL Express 2019 (on Windows Server 2016 or newer) or Microsoft SQL Express 2017 (on Windows Server up to and including 2012 R2)
NOTE: If you have installed NoSpamProxy and Microsoft Exchange on the same server, before installing or upgrading the Microsoft .NET framework, make sure that the appropriate version of the framework is supported by Exchange. For an overview of supported versions, see the Exchange Server Supportability Matrix.
Preparations
Depending on the planned installation environment, different preparations are necessary.
- Open ports for the firewall If you use a firewall, the port intended for the NoSpamProxy Web Portal must be open. Usually this is port 443.
- IIS on a Gateway Role If the IIS are installed on the same system as one of the Gateway Roles, disable SSL loopback checking. The procedure is described in the Microsoft Knowledge Base.
- Use method 1 to set up an exception for the connection to this address.
- Method 2 is not recommended as it would disable an essential security feature of your server.
- Web Portal in the DMZ/on computers outside the domain If the Web Portal is installed on a computer in the DMZ or on a computer outside the domain, please disable the UAC remote restrictions. The procedure is described in the Microsoft Knowledge Base.