Prerequisites
Minimum hardware
When Email Gateway Security is deployed in the scalable mode, then the minimum hardware requirements apply to each of the primary instance and all secondary instances.
For details about the shared database see Scalable deployment, Scalable deployment related registry configuration and Scalable deployment operation.
| CPU | RAM | SSD | NIC |
|---|---|---|---|
| 4 Cores | 4 GB DDR4 | 16 GB | 1 GbE |
Please note that this hard disk space is only enough for installing MetaDefender Email Gateway Security and for very limited operation.
Quarantine and permanently failing emails (especially with large attachments) may consume huge disk volumes.
For performance reasons it is not recommended to use HDD instead of SSD.
Networking
Ports
The following ports must be accessible for the product to work properly:
| Direction | Service | Default Port |
|---|---|---|
| Inbound | SMTP service | 10025 |
| Inbound | Web Management Console and REST interface | 8058 |
| Outbound | MetaDefender Core (in case of being integrated to MetaDefender Core; for details see Server profiles) | 8008 |
| Outbound | MetaDefender Managed File Transfer (optional; in case of being integrated to MetaDefender MFT; for details see Server profiles) | 8010 |
| Outbound | SMTP destinations | 25 or 487 |
| Inbound / Outbound | Shared database for Scalable Deployment | 8060 |
When Email Gateway Security is deployed in the scalable mode, then the shared database port must be available inbound on the primary instance, and outbound on all the secondary instances.
For details about the shared database see Scalable deployment, Scalable deployment related registry configuration and Scalable deployment operation.
For details how to change port values see Configuration/Registry configuration and Configuration/Settings.
External services
The following services and URLs must be accessible to the product for it to work properly
| Service | Client | Notes |
|---|---|---|
| https://update.dl.opswat.com/ | Email Gateway Security | Upgrade service for processing engine (anti-malware, CDR, etc.) updates. |
| https://metadefender.opswat.com | Email end client (e.g. Outlook, Thunderbird, etc.) | For the proactive anti-phishing time-of-click analysis feature. |
| https://metadefender.opswat.com | Email Gateway Security | Multiscanning, Deep CDR and Proactive DLP services in case of being integrated to MetaDefender Cloud. For details see Server profiles. |
| https://nimbus.bitdefender.net | Email Gateway Security | Only in case if anti-spam feature is licensed. |
Proxy settings
The anti-spam and anti-phishing filters use a cloud based service to look up patterns. To set up proxy for the anti-spam and anti-phishing cloud service use the antispam_proxy_ip and antispam_proxy_port Registry tunables. For details see Registry configuration.
Software
Operating system
| Distribution | Version | Bitness |
|---|---|---|
| Microsoft Windows | 10 / 11 | 64 bit |
| Microsoft Windows Server | 2019 / 2022 | 64 bit |
Supported browsers
One of the following desktop browsers is required to use the Web Management Console:
- Latest Chrome version
- Latest Firefox version
- Latest Microsoft Edge version
3rd party frameworks or components
| Name | Version | Notes |
|---|---|---|
| Microsoft .NET Framework | 4.5 or newer | Required |
Local anti-virus
OPSWAT recommends to disable the real-time protection of anti-malware products on the servers that host Email Gateway Security.
If the corporate policy does not allow to disable the real-time anti-virus product, exception rules need to be added.
To implement the exception rule, the OPSWAT installation folder (C:\Program Files\OPSWAT by default) must be excluded from the relevant anti-malware product’s real-time protection.
Directories
This section contains references to directories used by Email Gateway Security.
In further sections of this user guide the directory reference is used instead of the actual directory to refer to locations on the system disk.
Everything, except logs, is placed under the installation folder.
| Directory reference | Directory path |
|---|---|
| Installation folder | C:\Program Files\OPSWAT\Metadefender Email Security |
| Event log files | C:\Windows\System32\WinEvt\Logs |
Recommended MetaDefender Core and engine versions
| Component | Recommended version | |
|---|---|---|
| MetaDefender Core | Latest | |
| FileType | engine | Latest |
| FileType | database | Latest |
| Archive | engine | Latest |
| Archive | database | Latest |
| Yara | engine | Latest |
| Yara | database | Latest |
| Deep CDR | engine | Latest |
| Deep CDR | database | Latest |
| Proactive DLP | engine | Latest |
| Proactive DLP | database | Latest |
| Threat Intelligence | database | Latest |
| Threat Intelligence | database | Latest |
| File-Based Vulnerability Assessment | engine | Latest |
| File-Based Vulnerability Assessment | database | Latest |
| Sandbox | engine | Latest |
| Sandbox | database | Latest |