How to migrate NoSpamProxy version 12.x

To move version 12.x to another computer, proceed as follows:

1. If necessary, export existing DKIM keys on the source server.
2. Copy the files Intranet Role.config and license.xml from the directory C:\ProgramData\Net at Work Mail Gateway\Configuration to the new computer.
3. Create the directory “C:\ProgramData\Net at Work Mail Gateway\Configuration” on the target server and copy Intranet Role.config and license.xml into it.
4. Customize the Intranet Role.config.
5. Install the SQL server.
6. Stop the Intranet Role service.
7. a) Back up the database files and restore them to the target SQL server.
   OR
   b) Move the database files to the new directory and mount them in the SQL server.
8. Execute the NoSpamProxy Setup on the target server.
9. Connect the Intranet role to the Gateway role.
10. Then check all previously set passwords and certificates and reassign the connectors.
11. Import the DKIM keys exported in step 1) to the target server.

The steps in detail

1. If necessary, export existing DKIM keys on the source server.
2. Copy the Intranet Role.config and license.xml to the new computer.
   First stop all NoSpamProxy services on the source computer and then stop the SQL database instance. This is usually found under the Windows services under the name “SQL Server (NOSPAMPROXY)”.
   Now copy the Intranet Role.config and license.xml from the directory “C:\ProgramData\Net at Work Mail Gateway\Configuration” to the target computer.
   Please copy ONLY the mentioned files from the directories, otherwise problems could occur during installation.
3. Create the directory “C:\ProgramData\Net at Work Mail Gateway\Configuration” on the target server and copy Intranet Role.config and license.xml into it.
4. Customize the Intranet Role.config
   Open the file with an editor, such as Notepad, and search for the following entry:<connectionStrings configProtectionProvider="DataProtectionConfigurationProvider">
<EncryptedData>
<CipherData>
<CipherValue>AQAAANCMnd...==</CipherValue>
</CipherData>
</EncryptedData>
</connectionStrings>Change it so that it looks like this at the end:

   <connectionStrings>
</connectionStrings>

   Search the entire file for

   encryptedPassword=

   and change the occurrences that look similar to

   encryptedPassword="AQAAANCM...W9b17"

   in

   encryptedPassword="""

   Go analogously for all occurrences of

   <font color="#ffff00">-==- proudly presents

   and

   <font color="AQAAANCM...W9b17"

   as well as

   password="AQAAANCM...W9b17"

   in front of you.

   If De-Mail was configured, please search for

   certificatePin="AQKLM....D87W"

   and change the entry in

   certifcatePin="""

   off.

   Finally, search for any DKIM keys that may be available. Search for the following entry:

   <dkimKeys>
<key domain="example.com" selector="key1" privateKey="AAAAcVARJk3pG0SsnJkmR2FK..." />
</dkimKeys>

   Change the entry so that it looks like this:

   <dkimKeys>
</dkimKeys>

   Now save the file.

5. Install the SQL Server.
   Now install the SQL Server in the version you want starting with SQL Server 2008 R2.
   Do not forget to install the administration tools, in particular SQL Management Studio.
6. Stop the Intranet Role Service
   Stop the Intranet roles service via the NoSpamProxy console or via the Windows services to exclude access to the database and entries in the database of the Intranet role.
7. a) Back up the database files and restore them to the target SQL server.
   With the help of SQL Management Studio you first create a backup of the SQL database “NoSpamProxyAddressSynchronization” on the source server.
   Right-click on the database and select “Task / Backup”. A dialog opens. Leave everything there as it is in the standard system and simply add a “disk” and the corresponding path to the backup file in the lower section.
   Then start the backup.
   Copy the resulting backup file to the target server and restore it.
   To do this, right-click on “Databases” in the SQL Management Studio of the target server and select “Restore Database”. A dialog opens.
   First select “Device” and add a new “File” in the dialog that appears. This file is the currently copied backup file.
   Now start the recovery.OR

   b) Move the database files to the new directory and mount them in the SQL server.
   The SQL database files are usually located in the path “C:\Program Files (x86)\Microsoft SQL Server\MSSQL.XXXX\MSSQL\Data” or “C:\Program Files\Microsoft SQL Server\MSSQL.XXXX\MSSQL\Data”. You can recognize them by the name that begins with NoSpamProxy.
   Copy both the NoSpamProxyAddressSynchronization.mdf and NoSpamProxyAddressSynchronization.ldf files to the target computer and move the database files to the desired directory. This does not necessarily have to be the default directory of the SQL server.
   Then open SQL Management Studio. After logging on to the server, right-click Databases and select Add (or Databases and Attach).
   In the following dialog, add the first database file from the desired directory. The associated log file is automatically recognized.

8. Execute the NoSpamProxy Setup.
   Now start the setup of the NoSpamProxy. Select the Advanced Installation CONDITIONALLY.
   In the query which SQL Server is used, select that a SQL Server is already installed and set the corresponding connection parameters. The setup then recognizes all further configuration files and adapts them.
9. Connect the Intranet role to the Gateway role.
   As soon as the setup has been completed successfully, reconnect the intranet role under Gateway Components with the gateway role and, if necessary, the web portal.
   To do this, delete the existing connections, then restart the Intranet role and reconnect it.
10. Then check all previously set passwords and certificates and reassign the connectors.
    With the conversion, the device-dependent encrypted passwords were deleted or can no longer be decrypted. This applies in particular to the password for protecting sensitive data, with which the private keys of S/MIME and PGP are protected.
    In the interface, set the old password again to restore access.
    The same applies to any SSL certificates configured in the receive connector.
    Therefore, check all passwords and SSL certificates that were previously stored and reset them.
    In addition, the send and receive connectors must be reassigned to corresponding gateway roles.
11. Import the DKIM keys exported in step 1) to the target server.

Tips

• The gateway role and the web portal get all information from the intranet role. Therefore they are simply reinstalled during an upcoming migration.
• If template adjustments were made manually, you must copy the changed templates to the target system.
• If the disclaimer is licensed and configured, please note the following Knowledge Base article http://kb.nospamproxy.de/Wiki-Seiten/DisclaimerSSLCert.aspx and copy the templates for the disclaimer from the directory “C:\ProgramData\Net at Work Mail Gateway\Intranet\Templates” to the target system.