The introduction of Praetor into your messaging environment is a simple one, with several alternatives on where to install it.
Install Praetor on a standalone Windows machine, or
Install Praetor on the same machine as the Microsoft Exchange 200x
Install Praetor on the same machine as the Windows 2000-based Lotus Domino server.
Choosing between these alternatives requires some consideration as it involves a few factors. One obvious factor is the normal load on the Exchange or Domino server even before Praetor is introduced. If that server is normally operating at 30% CPU utilization or higher and your site receives heavy Internet email traffic, then it would be advisable you don't add Praetor to operate on it. Since allowing Praetor to receive incoming mail directly from the sending host is needed for enabling the SMTP protocol level filters, another factor is how vulnerable you might feel to expose your Domino or Exchange server to the outside world.
Note:
|
Some firewalls allow you to place Praetor on the protected side and still have direct reception from the sending mail host. This is done by designating a tunnel for port 25 on the firewall's exposed IP address to be dedicated to the internal Praetor machine. If your firewall has its own mail receiver which will receive the inbound message and then simply relays to Praetor on the interior, then many of Praetor's SMTP protocol level filters will be de-activated as these tests use the connecting host's IP address. Obviously in such a situation, the connecting host is your firewall. An example of such a protocol level filter is the DNS blacklist which Praetor accesses to determine if the sending mail host is known for spamming activities. |
Another factor is whether or not you are willing to place the Praetor machine on the unprotected side of your firewall so that it is capable of receiving inbound messages directly from the transmitting mail host. For the most part, that would be fine for a standalone Windows machine with only Praetor on it so that very little is at risk, but you may not feel as comfortable exposing your Exchange server with Praetor in this manner.
Yet another factor is if you ever want to have inbound message reception even when you take your local Exchange or Domino server off-line for maintenance, upgrades, etc.
These are a few of the considerations you need to review.
The CMS recommendation is to install Praetor on its own Windows machine which provides several advantages over installing it on the directly on your mail server:
Praetor can be used for older mail systems that are using Windows NT such as Exchange 5.5 and earlier, Domino R4. It can also be used for mail servers that are not based on a Windows platform such GroupWise.
Praetor can process significantly more messages without any impact on your Exchange or Domino server.
You can place Praetor outside your firewall with the comfort of knowing there are no critical resources at risk other than the normal mail server (reception) function. Praetor only needs access to your internal network to send the filtered SMTP messages to your mail server, and LDAP if you are using the PLGV web application to allow your users to review their personal quarantined messages.
De-couples Praetor from your mail server which allows it to continue receiving inbound messages even while the mail server is taken off-line for any preventative maintenance, back-up, software/hardware upgrades, testing, etc.
Allows for easy relocation of your inbound mail server by simply changing the destination IP address for your internal mail server to which Praetor sends filtered inbound messages.