I recently put together a basic overview of the steps required to move an existing business’ email to GFI MailEssentials Online (or any cloud based filtering service).
What follows are the steps for configuring MailEssentials Online for a customer (I have emphasized Online because MailEssentials is a completely different product to MailEssentials online and is installed directly on the recipients Exchange server).
Determine Mailbox Requirements
As MailEssentials Online is charged per mailbox, customers should remove any unused or obsolete mailboxes and combine (using aliases) any duplicate delivery paths. For example, a member of staff that is responsible for checking the ‘[email protected]’ mailbox could just have [email protected] made an alias of their own mailbox, reducing the number of mailboxes by 1. At this stage, it’s also worth gathering a list first and last names of staff members (in a spreadsheet or similar) for the next step.
Setup Mailboxes
Log in to the GFI MailEssentials Online portal and setup all the mailboxes and any aliases as required, noting all the passwords configured in the staff spreadsheet.
Configure FQDN for Destination Mail Server
If there isn’t one already configured, setup a FQDN that points to the IP address of the destination mail server. For example, if the business owns the domain name acme.com, a DNS host record (‘A’ record) could be added called ‘mailserver’ with the IP address of the Exchange server – the resulting FQDN would be mailserver.acme.com
Confirm Firewall Settings
A port needs to be opened for inbound email traffic – if the destination mail server was already setup to receive email directly then this is likely already done but if it was using pop3 connectors, most likely not: any firewalls/routers between the internet and the customers mail server need to be configured to allow traffic on port 25 to be delivered straight to the mail server.
At this stage for extra security, it’s possible to configure an non-standard port for inbound traffic (e.g. 2025) to reduce the likelihood of spammers still trying to deliver directly to the server. This setup should be tested by telnetting to the customers server from outside there office using the FQDN and the appropriate port, for example:
telnet mailserver.acme.com 25
Configure Email Delivery from GFI to Customer Mail Server
In the GFI MailEssentials Online portal, configure the Destination Mail Server. This will need to be the FQDN identified earlier with the appropriate port (standard port is 25 but as above this could be changed).
Bring GFI MailEssentials Online
Finally, in order to bring GFI MailEssentials online for the customer, the domain name’s MX record needs to be changed to point to the MX records given in the GFI MailEssentials Online portal.
GFI do not present this very well – it will look something like this:
acme.com. IN MX 10 acme.com.pri-mx.na0109.smtproutes.com.
acme.com. IN MX 90 acme.com.bak-mx.na0109.smtpbak.com.
Which means that the following MX records need to be added to the domain names DNS:
acme.com.pri-mx.na0109.smtproutes.com. (with a priority of 10)
acme.com. bak-mx.na0109.smtproutes.com. (with a priority of 90)
Finally remove the customers existing MX record from the domain.
Test, Test and Test!
Send a test message to a mailbox on the destination server a few hours later and confirm – via the portal – that it routed through GFI MailEssentials Online and was received at the customers destination mailserver.
