Contact Us

Install and Configure Email Filter Appliance (E.F.A): step by step Guide

What is Email Filter Appliance?

Email Filter Appliance (E.F.A) is one of the most popular Opensource applications for filtering Email Spam & viruses. It is a community-driven project. It combines renowned open-source software to build a powerful Spam Filtering Platform.

EFA includes well-known anti-spam programs like MailScanner, SpamAssassin, ClamAV, MailWatch, Razor, Pyzor, DCC, SQL Grey, and Image Cerberus for its various spam detection techniques, you can find detailed information here.

Table Of Contents
  1. What is Email Filter Appliance?
  2. Deployment Scenario
  3. Email Filter Appliance Installation:
  4. Step #1: System Requirements
  5. Step #2: System Preparation
  6. Step #3: E.F.A Installation Methods

Deployment Scenario

E.F.A is an Opensource Email Security Appliance Or Email Security Gateway Application. We can deploy E.F.A on the edge of the Mail Servers. All Mail Servers will receive mail after it has been scanned by the appliance.

The scenario is the same during Inbound email and outbound email scans. E.F.A deployment depends on several factors like current infrastructure, resource availability, investment, and so on.

In my other blog post, I have described some common scenarios for spam filter deployment. EFA fits in all those environments. EFA can be installed on physical hardware Or a virtual private server (VPS) and can be used on-premise and in the cloud also.

In summary, I depicted the placement of EFA in the image below.

email filter appliance setup
Email Filter Appliance Deployment Scenarios

In every scenario above, E.F.A will receive mail from the internet and after scanning, it will deliver the clean mail to the primary mailbox server. If our email load is high, we can configure multiple E.F.A appliances to distribute the load. To learn about incoming mail load balancing you can read my other blog post here

Email Filter Appliance Installation:


We can install EFA on CentOS 7 minimal install. Either we can use the CentOS ISO Or we can Download the ISO Provided by E.F.A. 

Before installation, we have to meet some requirements, to run the System in a Production mood. Systems hardware must be capable of handling the Scanning operation smoothly.

So allocating proper hardware resources is important, and the system hostname/domain name, SELinux needs to be configured properly.

Step #1: System Requirements

On the Official Page, they mentioned minimum Installation requirements, like this.

  • A dedicated system for eFa4
  • CentOS 7 (minimal install preferred)
  • 2 CPU’s
  • 100GB of hard-drive space (SSD highly preferred)
  • 8GB memory (dedicated)

But, we may need to allocate more resources to the system, because Spam Filtering and virus scanning both are CPU and I/O Intensive workloads, more RAM and I/O will be necessary if the scanner handles a large amount of mail per hour.

Step #2: System Preparation

Before Installation we need some system preparation, to run the installation smoothly and After Installation to Run the System In a production mode.

1. Hostname & FQDN

we are assigning our EFA systems hostname as “efa” and domain name is “mailserverguru.com” So, the FQDN will be  “efa.mailserverguru.com”.

1. Assign System Hostname

hostnamectl set-hostname efa

2. Check System Hostname

hostname

3. Assign the FQDN (Fully Qualified Domain Name)

vi /etc/hosts

127.0.0.1        localhost.localdomain    localhost
192.168.99.204   efa.mailserverguru.com   efa

:x  //saving the file

4. Now Check the Domain Name and FQDN with the following commands

dnsdomainname
hostname -f

2. Disable Iptables

During Installation EFA will connect to several mirrors and download a lot of packages, For Smooth Installation,  We need to disable IpTables for now.

systemctl stop firewalld

3. SELinux Configuration

We need to set the SeLinux in Permissive mode, if we disable SeLinux, EFA installation script will complain and Stop proceeding.

1. Change SELinux to Permissive Mode Permanently

vi /etc/selinux/config
 
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=permissive
# SELINUXTYPE= can take one of three two values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected.
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted
 
:x  //saving the file

2. Now, Reboot the System

shutdown -r now

3. Now, Check the SELinux Status

sestatus
SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   permissive
Mode from config file:          permissive
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Max kernel policy version:      31

Step #3: E.F.A Installation Methods

E.F.A provides 2 methods for installation.

1. One-Step Install

EFA can be installed with a single command, just run the following command as root:

curl -sSL https://install.efa-project.org | bash

2. Detail Install Method

you can download the installation script then observe the script for anything you like to change and finally, run the script to Install EFA.

wget -O build.bash https://install.efa-project.org bash build.bash

Tags
Rahman Munna
Rahman Munna

Rahman Munna is an accomplished IT professional with over 15 years of experience specializing in System Administration across Linux, Windows, and Virtualization Technologies. With a strong focus on Email and Web Server Administration, Rahman has a proven track record of managing and optimizing complex IT infrastructures for multinational organizations.

One comment

Leave a Reply

Your email address will not be published. Required fields are marked *