(Haproxy + Anti-spam) + Exchange 2016 = Possible?


#1

Hello, everyone. Who have had experience in this bounds? Haproxy + anti-spam + anti-virus together on the same host (or maybe separately) + 2 Exchange 2016 mailbox role on another hosts?
What’s the start point of realization this project?

Thanks for help


#2

It’s sure been a while since I’ve worked on something like this but 10 years ago I was your man!

Anyway, from the top of my head you’d want HAProxy load balancing the usual ports to your CAS servers(Mostly just 443 these days), this is fairly standard so you will find plenty of info online.

For the Anti-spam/AV… I’d use one of the following:

https://www.mailscanner.info/ - Personal favorite, was certainly my number one choice years ago!
https://www.ijs.si/software/amavisd/ - Not used Amavisd-new but used Amavisd a very long time ago to great success

I’d suggest putting these in front of a port 25 HAProxy config to the HT servers, this way the mail cleaning setup gets the real source IP address so can use things like RBL’s or ACL’s to lock it down by source address.