Email Spam Filter Server Installation

ubuntu mail filter install

Mailborder Server Installation

 

Summary of Steps:

  • Install a supported operating system
  • Setup DNS Requirements
  • Run the repository installation script
  • Install via the system package manager
  • Create a Mailborder account on this website
  • Obtain a Mailborder license code via the store

Overview

It is highly recommended that you review the entire installation guide before starting. We try to make our guides as concise as possible, so if it is on this page, it is important.

 

Microsoft Office 365, Zoho, AWS Workmail

If you use Microsoft Office 365 or a similar service for your email hosting, we have compiled a few guides to ensure that email processed by Mailborder get delivered.


Recommended Hardware

Hardware requirements are going to vary depending on email volume, quarantine retention, and archive retention. You may use physical or virtual servers. The more database inserts on the Master server and the heavier the use of the User Portal will determine your CPU requirements for a smooth experience. Child servers not only provide high availability, but they also relieve the Master server of the heavy load of processing email. Below are some recommendations:

Master and Child Servers
CPU Cores RAM HDD
Minimum 2 4GB 60GB
Recommended 4 8GB 120GB
Heavy Use 8 16-64GB 240-400GB

Supported Operating Systems

The following operating systems are supported by Mailborder. Any variant of these operating systems will also work. For example, Elementary OS Juno is based on Ubuntu LTS. Therefore, it may be used with Mailborder.

Operating System Version/Release
Ubuntu 20.04 LTS (preferred) Focal 64 Bit
Ubuntu 18.04 LTS Bionic 64 bit

There are currently no plans for support with RedHat or CentOS. 

 

Pro Tip: RBL Check

Before you install Mailborder on a new server …

If you are installing a VM at a provider like Digital Ocean, Amazon Web Services, Linode, or a similar type of provider, make sure to check that the IP address you are issued is not on any RBL. (You can ignore UCEPROTECTL3 if it is listed there.) If your new IP address is on an RBL, you can delete the VM and create it again getting a new IP address and perform the check again. Alternatively, if possible, you can request a new IP address from your provider. Either method is easier than trying to get an IP delisted from blacklists. Just make sure you perform this check before going through the steps to install your Mailborder software!

You can check your IP against most blacklists using this tool: https://mxtoolbox.com/blacklists.aspx


Service Accounts

The Ubuntu user account mailborder is reserved as a service account. Do not use this account name when setting up your Ubuntu server. Mailborder regularly performs a login shell check and sets it to /usr/sbin/nologin to prevent any login with this account name.


Critical: DNS Requirements

Do not skip this section. If you attempt to do this installation without reading the linked document below, your installation will fail.

Mailborder v5 uses FQDNs to access the Master server interface and for communication between Master and Child servers. It is critical DNS is setup before installing the software. The Master interface is not accessible via IP address.

Read: DNS Requirements


Critical: Firewall Requirements

Do not skip this section. If you attempt to do this installation without reading the linked document below, your installation will fail.

Mailborder requires a variety of outbound ports to be open for the installation. Also, Mailborder does not provide inbound firewall protection. If you wish to have your Mailborder installation protected by a firewall (recommended) you will need to set this up either on a separate resource or via the operating system.

Read: Firewall Requirements


Recommended Antivirus Enhancements

Mailborder comes preinstalled with ClamAV Antivirus with additional zero-day signatures from the Mailborder AV distribution server. This is a very effective AV package. However, we do highly recommend a second virus scanner. When a new virus is introduced into the wild, it takes time for antivirus vendors to get the signatures pushed out. If you install a second or even third virus scanner, Mailborder will use all of them scanning the same email multiple times with different virus scanners. Below is a list of recommended add-ons. We don’t sell licenses for them, but we provide links to the websites where you can purchase them.

Dr. Web
This is a good virus scanner, and it is very fast. It is the most cost effective and fastest add-on antivirus we support. More Info

Eset for Linux File Servers
This is a very effective virus scanner, but it is not as fast as Dr. Web or ClamAV. It does not have a trial period, but is a low-cost addition with effective detection and prompt signature updates. More Info

Sophos
This is a free virus scanner, but is slow in scanning speed. You would not want to use this on a server that processes large volumes of email due to the slow scanning speed. Also, the signature update frequency is not as good as Eset or Dr. Web. If you have the budget to purchase one of the above add-on virus scanners, we recommend that you do so. If you do not, then Sophos is a valid free alternative if your Mailborder server is not very busy. More Info


Licensing

To help you find the model you need, see our complete Master Server Capability Matrix and the license calculation guide. Then select your server license from the Mailborder store. Trial licenses are available.


Adding the Mailborder Repository

Mailborder is installed via your server’s package manager apt (Debian/Ubuntu). Our repository must first be added to your server’s configuration. As the root user or via sudo, use the setup script to add the Mailborder repository:

cd /tmp
wget https://s3.amazonaws.com/mbv5/core/install_deb_repo.sh
chmod +x install_deb_repo.sh
sudo ./install_deb_repo.sh

Master Installation

Run this command to install the Master software:

sudo apt-get install mailborder-master

Follow the remaining directions within the setup program. Ensure that the server is rebooted once the installation is complete.

Installation Notes

* When asked about the configuration type for Postfix, select “Internet Site” and enter any hostname. This will be replaced later.
* If asked about opendmarc database configuration, select <No>

* Ad Blockers – you will need to whitelist the Mailborder GUI in any ad blocker.
* Firefox users read this! – Firefox does not work with the Mailborder GUI as it tries to reuse session authentication. You must use a different browser.

Install SSL Certificates

Mailborder will create self-signed SSL/TLs certificates during the installation. However, many web browsers will refuse to even load a page with self-signed certificates. Therefore, it is highly recommended that you install Let’s Encrypt certificates free of charge or install your own SSL/TLS certificates.

* Google Chrome  – As of this writing, Chrome will allow you to continue by typing the phrase thisisunsafe on the warning page. There is no prompt. Just type the phrase.
* Brave  – As of this writing, Brave will allow you to continue after you examine the certificate, set it to “always trust”, and then type the phrase thisisunsafe on the warning page.


Migrating a v4 to v5 Master Server

You can migrate some of your configuration data from v4 to v5. This includes domains, networks, email forwards, white lists, and black lists. For more information see How to Migrate v4 data to v5.


Child Installation

The installation steps for the Child server are the same as the Master server. However, you will need to add the Child server to the Master server’s cluster first.

Master Menu > Cluster > Member Servers > Add

Again, the DNS Requirements must be met prior to installing the software. Run this command to install the Child software:

sudo apt-get install mailborder-child

Follow the remaining directions within the setup program.

* When asked about the configuration type for Postfix, select “Internet Site” and enter any hostname. This will be replaced later.
* If asked about opendmarc database configuration, select <No>
* During setup please read carefully. When asked for the API hostname and GUID, make sure you supply the correct ones.

Install SSL Certificates

Mailborder will create self-signed SSL/TLs certificates during the installation. However, many web browsers will refuse to even load a page with self-signed certificates. Therefore, it is highly recommended that you install Let’s Encrypt certificates free of charge or install your own SSL/TLS certificates.