Mail Security

Proxmox Mail Gateway: Leading Open-Source Email Security Solution

Proxmox Mail Gateway is a powerful, open-source email security platform designed to protect your mail server from emerging email threats. Its flexible architecture, combined with a user-friendly web-based interface, enables IT professionals and businesses to effortlessly manage incoming and outgoing emails while safeguarding users from spam, viruses, phishing, and trojans.

A Comprehensive Email Security Platform

Proxmox Mail Gateway is ideal for organizations of any size, offering quick deployment and integration within minutes. Acting as a full-featured mail proxy between the firewall and your internal mail server, it provides centralized control of all email traffic. This solution ensures secure and professional email communication, supports business continuity, enhances your organization’s reputation, and boosts customer satisfaction.

Ready to elevate your email security?

Get in touch

Features

Proxmox Mail Gateway is a robust open-source email security platform designed to protect your mail server from threats while ensuring data integrity. With its enterprise-class features, it delivers powerful protection against spam, phishing, viruses, and other email-based attacks.
Published under the GNU AGPLv3 license, Proxmox Mail Gateway’s source code is freely available via its code repository (git), allowing you to download, use, and share it openly—empowering transparency and collaboration.

Anto Spam/Virus

Spam & Virus Detection

Proxmox Mail Gateway serves as a robust mail proxy, designed to protect your mail server from email-based threats, including spam, viruses, Trojans, and phishing emails. Positioned between your firewall and internal mail server, it analyzes all incoming and outgoing email traffic and applies advanced filtering services, utilizing tools such as:

Postfix Mail Transport Agent (MTA)
ClamAV® antivirus engine
SpamAssassin™ project

Advanced Virus Scanning

Proxmox Mail Gateway integrates ClamAV, an open-source antivirus engine optimized for detecting Trojans, viruses, malware, and other malicious threats. It features a high-performance, multi-threaded scanning daemon, command-line tools for on-demand scans, and automated signature updates to ensure ongoing protection.

Comprehensive Spam Detection

The platform uses an extensive range of local and network-based tests to identify spam signatures, making it challenging for spammers to bypass the system. Each email is thoroughly analyzed and assigned a spam score, with intelligent rules designed to minimize false positives and negatives. This ensures optimal email security while maintaining smooth communication.

Easy Deployment

In a typical email server setup, SMTP traffic is routed through the firewall directly to the mail server. However, with Proxmox Mail Gateway integrated into your architecture, email traffic takes a more secure route.

The Proxmox Mail Gateway is positioned between your firewall and mail server, ensuring that all incoming SMTP traffic is processed first. Unwanted emails—including spam, phishing attempts, and malicious content—are filtered and either removed or rejected through before-queue filtering. Only clean and legitimate emails are then forwarded to your mail server, enhancing security and reducing the load on your mail infrastructure.

Filtering Methods

Comprehensive Email Threat Mitigation

Proxmox Mail Gateway offers a suite of features to optimize email filtering and significantly reduce the load on your mail servers by detecting and rejecting unwanted emails at the SMTP level. These features help to ensure a secure and efficient email environment.

Receiver Verification

Proxmox detects emails sent to non-existent users at the SMTP level, rejecting them before they enter your network. This reduces email traffic by up to 90%, easing the burden on your mail servers and spam/virus scanners.

Sender Policy Framework (SPF)

SPF is an open standard that validates sender IP addresses to prevent forgery. By creating SPF records in DNS, administrators can specify which IP addresses are authorized to send emails from a domain, adding an essential layer of email security.

DNS Blocklist (DNSBL)

This system uses DNS-based Blackhole Lists to identify and block IP addresses associated with spamming. DNSBLs are a widely used technology to prevent spam at its source.

SMTP Whitelist

Proxmox allows you to exempt specific senders from SMTP checks such as Greylisting, Receiver Verification, SPF, and DNS Blocklists. This whitelist can include:

Domains (Sender/Receiver)
Email addresses (Sender/Receiver)
Regular expressions (Sender/Receiver)
IP addresses or networks

Block- and Welcomelists

Proxmox uses Block- and Welcomelists for fine-tuned access control, allowing you to accept, block, or quarantine emails based on specific parameters like:

Domains
Email addresses
Regular expressions
IP networks
LDAP groups

Greylisting

Proxmox temporarily rejects emails from unknown senders. Legitimate mail servers retry delivery, but spammers typically do not. Greylisting reduces email traffic by up to 50% and prevents your mail server from sending “Non-Delivery Reports” to spammers.

Spam URI Realtime BlockList (SURBL)

SURBLs detect spam by analyzing URIs (usually websites) mentioned in the message body. Unlike other blocklists, SURBLs focus on identifying spam hosts referenced within emails, effectively blocking spam messages at their source.

With these advanced features, Proxmox Mail Gateway ensures comprehensive protection for your mail infrastructure, delivering a secure, efficient, and low-maintenance email filtering solution.

Tracking & Logs

Find Emails Effortlessly

The Proxmox Message Tracking Center is an innovative tool designed to provide IT administrators with a clear and comprehensive view of email flow. This powerful feature consolidates and summarizes all available logs, accessible through a user-friendly, web-based interface. From a single screen, administrators can efficiently monitor and control email traffic.

Fast and Scalable

The Message Tracking Center is optimized for high-performance environments, capable of handling over a million emails per day. Using an intelligent algorithm, it queries and summarizes logs from the past four weeks, providing actionable insights in seconds.

Comprehensive Log Summaries

The tool displays all corresponding log entries for each email, including:

Email Arrival: When the email reaches the Proxmox Mail Gateway.
Filtering Results: Proxmox’s processing and filtering actions.
Internal Queue: The transition to your internal mail server.
Final Delivery Status: Confirmation of the email’s delivery or rejection.

Real-Time Monitoring

The real-time syslog feature displays the last 100 log lines, which can be filtered by selecting specific services or entering custom search strings. This ensures instant visibility into ongoing processes, aiding quick troubleshooting and monitoring.

With its powerful capabilities and intuitive design, the Proxmox Message Tracking Center makes email management and troubleshooting seamless, saving time and ensuring optimal performance in even the busiest email environments.

100% Secure and Highly Available Email System

To ensure your business operates with a secure and reliable email infrastructure, Proxmox developed the High Availability (HA) Cluster. This unique application-level clustering solution delivers exceptional performance, simplified management, and automatic recovery after temporary failures, all with minimal maintenance.

Centralized Management and Automatic Recovery

All configurations are managed centrally on the master node and synchronized to all cluster nodes through a secure VPN tunnel.
Nodes automatically reintegrate into the cluster after temporary failures without requiring operator intervention.

Fast and Easy Setup

Cluster setup is completed in just minutes with an intuitive interface, keeping maintenance needs low.

Key Benefits:

Centralized configuration management
Fully redundant data storage for added reliability
High availability and performance
Unique application-level clustering for optimized efficiency
Automatic recovery and reintegration of nodes
Simple, intuitive cluster management

Load-Balanced Mail Cluster with MX Records

Setting up a load-balanced mail cluster is easy with MX records. Simply define two MX records with the same priority to distribute email traffic between two Proxmox Mail Gateway hosts.

Each gateway uses its own IP address.
Emails are received by both hosts using Round-Robin (RR) scheduling, alternating traffic between systems for efficient load balancing.
If one host fails, the other seamlessly takes over, ensuring uninterrupted email flow.

Pro Tip: Add PTR (reverse lookup) records for all hosts. Modern email systems often reject emails from hosts without valid PTR records.

Efficient Management for Multiple Domains

For businesses with multiple domains, Proxmox simplifies DNS management:

Use one MX record per domain pointing to multiple IP addresses.
This eliminates the need to add separate records for each domain, saving time and reducing complexity.

With the Proxmox HA Cluster and advanced load-balancing options, your business gains a secure, scalable, and reliable email system designed to handle modern demands effortlessly.

Rule System

Customize Your Email Filtering with the Object-Oriented Rule System

The Proxmox Mail Gateway features a powerful object-oriented rule system that allows you to create customized email filtering rules tailored to your environment. With its intuitive design, you can easily define rules based on user, domain, time frame, content type, and action, giving you granular control over email processing.

Rule Categories

Each rule consists of five categories that work together to define filtering criteria:

From: Specifies the sender.
To: Specifies the recipient.
When: Determines the time frame.
What: Defines the email content or properties (e.g., attachments, keywords).
Action: Indicates the resulting action (e.g., block, quarantine, deliver).

Rule Components

A rule can include four types of objects to shape how emails are handled:

Actions: Decide what happens to the email (e.g., block, quarantine, notify).
Who: Define the sender or receiver criteria.
What: Specify the content or type of email to filter.
When: Set the time frame during which the rule applies.

This flexible system can accommodate both simple configurations (e.g., spam and virus filtering) and complex setups, such as blocking specific email types or triggering custom notifications.

Why Use the Object-Oriented Rule System?

Easily create and manage rules with multiple criteria.
Adapt email filtering to match your organization’s unique needs.
Build sophisticated filters for maximum control over email flow.

Explore the reference documentation to learn more about creating custom rule configurations. Proxmox Mail Gateway’s rule system ensures you can achieve both simplicity and complexity in email security with ease.

DKIM/DMARC handling

DMARC and DKIM Handling

Proxmox Mail Gateway supports DMARC (Domain-based Message Authentication, Reporting, and Conformance) and DKIM (DomainKeys Identified Mail) to enhance email authentication and protect your organization from phishing, spoofing, and other email-based threats.

DomainKeys Identified Mail (DKIM)

DKIM is a method for validating that an email message has not been altered during transit. Proxmox Mail Gateway supports the use of DKIM for signing and verifying messages.

Outgoing DKIM Signing:
Proxmox Mail Gateway can sign outgoing emails with a DKIM signature, ensuring recipients can verify that the message was sent from an authorized server.
Incoming DKIM Verification:
For incoming emails, the gateway validates DKIM signatures to detect forged or tampered messages.

To enable DKIM handling:

Generate DKIM keys and add the public key as a DNS TXT record for your domain.
Configure Proxmox Mail Gateway to use the private key for signing and verification.
Enable DKIM verification for incoming emails through the filtering rules.

Domain-based Message Authentication, Reporting, and Conformance (DMARC)

DMARC builds on SPF and DKIM to provide visibility into email traffic and enforce email authentication policies.

DMARC Alignment Verification:
Proxmox Mail Gateway ensures alignment between the “From” address domain and the domains validated by SPF and DKIM.
Policy Enforcement:
Incoming emails are processed based on the DMARC policy specified in the domain’s DNS record. Policies include:
None: Monitor email without taking action.
Quarantine: Mark messages as suspicious.
Reject: Block unauthorized messages outright.
Reporting:
DMARC reports can be generated to analyze and improve email security.

Benefits of DMARC and DKIM in Proxmox Mail Gateway

Ensures email authenticity, reducing the risk of spoofing and phishing attacks.
Strengthens your domain’s reputation by aligning with industry standards.
Enables granular control over email authentication and filtering policies.
Enhances deliverability by ensuring messages pass authentication checks.

For detailed configuration steps, consult the Proxmox Mail Gateway documentation or your DNS provider’s guidelines for publishing DKIM and DMARC records.For more details on the Proxmox VE Storage Model, read here.

Subscriptions

Choose the Best Plan for Your Business

Premium

All you’ll ever need
€1750/year

Standard

Basic

For growing businesses
€490/year

Community

Starting out
€ 175/year

Access to Enterprise repository
Complete feature-set
Support via Customer Portal
Unlimited support tickets
Response time: 2 hours*
within a business day
Remote support (via SSH and HTTPS)
Offline subscription key activation

Access to Enterprise repository
Complete feature-set
Support via Customer Portal
15 support tickets/year
Response time: 4 hours*
within a business day
Remote support (via SSH & HTTPS)
Offline subscription key activation

Access to Enterprise repository
Complete feature-set
Support via Customer Portal
5 support tickets/year
Response time: 1 business day

Access to Enterprise repository
Complete feature-set
Community support

Order now

We look forward to helping you unlock the full potential of Proxmox.

Our Services

We offer a range of specialized services to enhance and secure your email infrastructure. These services are designed to help your organization effectively implement and manage Proxmox Mail Gateway, ensuring a secure and efficient email communication system.

Planning, Deployment and Integration

We Assist with the installation and seamless integration of Proxmox Mail Gateway into your existing IT environment, ensuring compatibility and optimal performance.

Configuration and Optimization

We tailor the system settings to meet your organization’s specific needs, optimizing for performance, security, and reliability.

Spam and Virus Filtering Enhancements

We implement advanced filtering techniques to effectively reduce spam and protect against malware, phishing, and other email-borne threats.

HA and Clustering

Setting up high availability clusters to ensure continuous email service and minimize downtime

Monitoring and Maintenance

Ongoing monitoring, updates, and maintenance to keep the system running smoothly and securely.

Support beyond the normal

Support to address any issues or questions that may arise.

Subscribe Now

Stay up to date with the latest news and updates from Seventh Signal CY Limited.

Please enable JavaScript in your browser to submit the form.kadence-form-6407_6f48b1-b4 .kadence-blocks-form-field.kb-submit-field { display: none; }