1
Quick question about stand alone possibility
Question asked by Richard Laliberte - 5/14/2025 at 6:08 PM
Unanswered
Alright, this one might be tricky, but it's something i was wondering about while talking among staff.

Part 1
Is it possible to install a stand alone copy of Smartermail on something like a NAS (to allow for greater storage capacity) but user our main Smartermail server to handle both incoming and outgoing emails (to protect the clients IP address) i now outgoing is possible, just wasn't sure about incoming, or about installing on a NAS. We figure NAS as they are a little cheaper overall than servers/firewalls and so forth.

Part 2 
Assuming part one is possible, Would the cloud server be able to handle all the spam / virus checks, or would that need to also be installed on the NAS?

Part 3
Also assuming Part 1 is possible, what would remote backups for a NAS look like. If a client has say 500GB of emails on a NAS, is Smartermail, or recommended backup software, capable of only backing up changes? or would the entire 500GB need to be transferred to the remote backup drive daily?

The reason we ask is, currently we have a provider that handles our Smartermail server, so we aren't by any means experts at this. But, most providers charge through the nose monthly for large storage capacities. We've recently been losing larger clients to MS On Premise due to that fact that they can have virtually unlimited local storage. If we can come to the table with a Smartermail version that still keeps relative control and security with our main server, we might be able to finally compete.

Just wondering about the possibility.

Thanks!

6 Replies

Reply to Thread
0
We can do that so you can be competetive. No problem.

But yeah, you can use shares on a NAS as main storage. We run ours on C: and the mail directory on E:
0
Part 1: in my opinion it's possible, but with some limitations:

  1. If you want to install SmarterMail completely inside a NAS (including the application part and not only the Mail folder store), the NAS itself must act as a virtualization server and SmarterMail must be installed in a VM (the operating system for SmarterMail must be a Windows server or a supported Linux distribution).
    This implies that the NAS must have the power needed to handle the virtualization environment (for example, some high-end QNAP NAS or TrueNAS servers are fine, or check other brands...), so in my opinion they will not be so cheap, they could cost as much (and in some cases even more...) than a "normal server"...

  2. In any case, you still need a firewall. NAS does not exempt you from securing your system...
Gabriele Maoret - Head of SysAdmins and CISO at SERSIS Currently manages 6 SmarterMail installations (1 in the cloud for SERSIS which provides services to a few hundred third-party email domains + 5 on-premise for customers who prefer to have their mail server in-house)
0
Douglas Foster Replied
About part 2:  SMTP assumes multi-hop relay.   I believe inbound filtering should always be performed on an inbound gateway and outbound delivery (possibly to include outbound filtering) should be performed by  an outbound gateway.   You may still need filtering.softeare on the mail store server to handle insider threats and account compromise.  But the defense techniques are different between unaurhenticated messages from the Internet and authenticated messages from logged in users.  Your choice of mail store hardware is irrelevant to your security design.
0
Richard Laliberte Replied
I think our biggest issue right away is trying to find if this is something that's possible before we get into the fine tuned security items. Our current hosting provider will increase our SSD space, but charge us through the nose, per month, for any increases.

I thought about having the mail folder moved but was worried about latency issues and such, plus i wasn't sure if it could be done on a per-domain basis? or if it has to be the entire server.


1
Sabatino Replied
qnap should support docker
Sabatino Traini Chief Information Officer Genial s.r.l. Martinsicuro - Italy
1
HI Richard !
Here are some considerations. The short answer is, YES, you can do what you want.
Since SmarterMail can run as a VM, we use ProxMox as a VM hosting environment, with 3 physical servers set up for high availability. (ProxMox is a FREE Environment.) SmarterMail Is running on one of our VM's.  With this we can give it as many CPU's as we need or allocate ram as needed. And if for any reason a physical server shots down or dies, it automatically respawns and moves to another server.

We also use TrueNAS as a NAS server. In fact we have 4 of them running at our office. TrueNAS is also a FREE Environment and you can build a custom setup as large as you need.  One of our servers has 96TB of storage (10 data drives with 2 as redundancy) TrueNAS can also use external drive enclosures and SAN storage as well. Also, one of the beauties of TrueNAS is that it can do time based snapshots & replication.  (Snapshots are data changes, not entire copies) So you can say 2x a day or every hour or whatever schedule you want, take a snapshot of the data storage and replicate it over to another server, and even off site too if you want.  you can ALSO do a once a day or once a week or whenever, a full copy / replication of the data to another server.  Any snapshot can be used to fully reconstruct ALL of the data

SO.... you can create a Data Pool on TrueNAS that has 100TB of space and then share it with your SmarterMail Server (on proxmox), and store all of the email directly on the NAS storage so it is always backed up..  If you ever run our of space you can simply add more drives to your server and expand the storage capacity.

Also, for the Firewall, we use pfSense (Free as well) and can use it to do IP blockling, country blocking and more. Depending on what your traffic bandwidth needs are, pfSense can run on a dual core CPU.  We ahve it running on an i5 with 8 gig of RAM and also have several VPN clinets running with it. I dont think the CPU usage ever goes above 25%

All of this is on 10Gig internal networking. 10Gig hardware is relatively inexpensive now.  The systems above can even handle LAGG where you can bind multiple 10G connections if necessary for data baclups and replication.

The only real limitation that we had (before) was our external internet connection. Before we only had a 35Meg outbound available.  NOW We are running everything now on a 600x600 symmetrical fiber connection. Once we got our fiber, we moved everything in house.

Happy to give you more details or even help you set up some testing stuff to play with and experiment. or make some diagrams ./ drawings to help explain it (i think pictures are a lot easier) AND.. there are piles of training videos on you tube about those 3 items (psFense, ProxMox and TrueNAS) and several I reference on a regular basis and happy to share with you.

www.HawaiianHope.org - Providing technology services to non profit organizations, low income families, homeless shelters, clean and sober houses and prisoner reentry programs. Since 2015, We have refurbished over 11,000 Computers !

Reply to Thread

Enter the verification text