Kerio offers a 30 day full featured demo you can download from
http://www.kerio.com/kms_download.html. You can install that on Windows, Linux or Mac OS X.

Once you have done the initial setup (domain name and Admin password),
you'll do the rest of the configuration using the GUI administration console.
You can install that on any machine - Windows, Linux or Mac OS X again. It's
a free download, so install it where ever you like. For example,
you might want to be able to administer this server from home. As long
as your router lets port 44337 through to your Kerio Mailserver, you
could do that.

I'm not going to go through the entire configuration here (though
I'm happy to do that by phone or even on-site if you are near me), but
there are a few areas I want to make sure you are aware of.

IP Address Groups

You want to go here first. As you can see, Kerio has defaulted to
using the common private IP address groups for your local lan. You'll
need to edit these to reflect your lan setup and remove any subnets
that don't apply. If you have VPN's, you probably want to add
those subnets here too.

Services

In Services, you define the services and port numbers for Kerio. Shut
off services you aren't using and set their Startup Type to Manual.
Here you can also limit services to the local lan if appropriate and
set the maximum number of concurrent connections allowed. Choosing
a suitable number can keep your server from being loaded down in
the event of DOS (Denial of Service) attacks. For example, if you
only have forty people in your entire organization, there's no reason
to allow 1,000 concurrent HTTPS connections to the server.

In the picture below, I changed the default port for HTTP to 8080
because this server runs a webserver on port 80. Kerio uses HTTP for
a limited Web based administration tool (users who have access to that
can add and maintain users and change passwords but can't access other
Admin functions).

Deleted Items in Domains

You probably want to enable this option. It makes your life easier
when users accidentally delete things they should not have. If this is active, you can just visit the Domain Settings -> Users section and click
one button to recover Deleted Items.

SMTP Limits

There are several limit settings in the SMTP Server section that can
help prevent DOS attacks and cut back on spam.

Content Filter

The spam and anti-virus sections are easy enough, but you'll need to
spend some time in the Attachment Filter section. You need to decide
exactly what your policies will be for attachments; which to allow, which
to block.

Archiving and Backup

Be sure you understand that Archiving is done before the mail is delivered
to the user or sent out, so all messages will be captured (you have options
for only capturing inbound, etc.). Backup is a snapshot in time and also
includes the very important configuration files.

Advanced Options

Do peek in here. There are more security options that you probably want
to set. For example, there's no reason to tell connecting clients your
software version, and there is no reason to let anyone know your lan
ip scheme. Check those to hide those things.

Logs

It's very important to set your log rotation and retention policies.
If you don't. your logs will just grow and grow, By right-clicking in
the log area, you can get a menu that includes "Log Settings". Choose
this to set how many logs to keep and how often you will rotate them.

Other things

Of course there is much more to look at and possibly configure. Much
of it will be very obvious if you have worked with other mailservers. Kerio
does have extensive manuals on-line at http://www.kerio.com/supp_kms_manual.html and of course you can
also call me.

| << Home | 1:20 PM | Technorati | Ping