• Rss
  • LinkedIn
  • Youtube
  • Twitter
  • Instagram
  • English English English en
  • Deutsch Deutsch German de
Sales: +49 5251 304-800 | Support: +49 5251 304-636
NoSpamProxy
  • HOME
  • PRODUCT
    • NoSpamProxy Cloud
    • NoSpamProxy Protection
    • NoSpamProxy Encryption
    • NoSpamProxy Large Files
    • NoSpamProxy Disclaimer
  • SUPPORT
    • Knowledge Base
    • Forum
    • Training courses
    • Support Request
    • Software-Download
    • Resources
  • PARTNERS
    • Finding Resellers
    • Becoming Reseller
    • Partner Portal
  • COMPANY
    • Team
    • Testimonials
    • Career
    • Contact
  • EVENTS
    • Events
    • Webcast Training
  • BLOG
  • FREE TRIAL VERSION
    • Price request
    • Free trial version
  • English
    • Deutsch
  • Search
  • Menu Menu
info icon

Installing NoSpamProxy on a Cloud Service

Settings 12.x
< zurück
Zuletzt aktualisiert am:28.05.2021

Note: As part of changes in the infrastructure, new IP addresses and a new FQDN come into effect. This article has been extended so that you can continue to use the TCP Proxy for NoSpamProxy. Make sure that you make all necessary changes.

With some cloud-based systems, for instance in Microsoft Azure, it is possible that port 25 outbound is blocked by the provider. However, port 25 is needed to send emails, which prevents NoSpamProxy from running on such a system.

For this purpose, we offer an alternative to use such systems in form of our TCP proxy. This system can be activated in NoSpamProxy in the way described below. In doing so, every outbound connection to a routable IPv4 address on TCP level is routed through the TCP Proxy for NoSpamProxy. The emails are then sent from the server to the TCP proxy via port 443 and then routed from there to the recipient system via port 25.

How to integrate the TCP proxy

  1. Stop the Gateway Role service via the NoSpamProxy Management Console or the Windows services.
  2. As administrator, open a text editor on the system on which the Gateway Role is installed.
  3. Open the configuration file Gateway Role.config from the directory C:\ProgramData\Net at Work Mail Gateway\Configuration\.
  4. In the file, search for <smtpServicePointConfigurationand change/add the values isProxyTunnelEnabled="true" proxyTunnelAddress="proxy.nospamproxy.com as attributes. Alternatively, if <smtpServicePointConfiguration cannot be found, search for <netatwork.nospamproxy.proxyconfiguration and add the following line directly below this value: <smtpServicePointConfiguration isProxyTunnelEnabled="true" proxyTunnelAddress="proxy.nospamproxy.com" />.
  5. Save the file and close the editor.
  6. Place the Root CA certificate in the Microsoft certificate store in the computer account under Trusted Root Certification Authorities > Certificates on the server on which the Gateway Role is installed.
  7. In the NoSpamProxy Management Console, under Configuration > NoSpamProxy Components > Gateway Roles, edit the corresponding Gateway Role and change the value for SMTP Server Name to the value outboundproxy.nospamproxy.com.
  8. Start the Gateway Role service.
  9. Open the Gateway Role.config file and check that the value has been retained.

Adjusting the SPF entry

  • If the TCP proxy is implemented, it acts as the sending system. Therefore, the TCP proxy must also be included in your SPF entry. We strongly recommend adding the following entry to your SPF entry:

include:_spf.proxy.nospamproxy.com

Importing the Root CA Certificate

  • Download the above certificate and import it to the system with the NoSpamProxy Gateway Role as “Trusted Root Certificate” in the Microsoft Certificate Management of the computer account.

Changing the SMTP server name in the properties of the Gateway Role

  1. In the NoSpamProxy Management Console, go to Configuration > NoSpamProxy Components.
  2. Under Gateway Roles, edit all Gateway Roles that are operated in Microsoft Azure as follows:
    1. Double-click the corresponding entry for the Gateway Role.
    2. Under SMTP Server Name, enter the value outboundproxy.nospamproxy.com.
  3. Click Save and close.

(Optional) Customise Office 365

If you send emails from Azure to your own Office 365 instance where a connector is bound to the IP addresses, please update the IP addresses to match the name outboundproxy.nospamproxy.com. Since with Office 365 the TLS certificates are checked against the HELO domain, it is only possible to implement this accordingly with significantly increased effort. We therefore recommend validation based on the name.

Tags:
  • 12.x
10.02.2019/by Stefan Feist

SEARCH

PRODUCT

  • All Topics
  • NoSpamProxy Cloud
  • NoSpamProxy Protection
  • NoSpamProxy Encryption
  • NospamProxy Large Files

Knowledge Base

Knowledge Base

Note: The information in this knowledge base is only relevant for NoSpamProxy up to version 13.2. All information for NoSpamProxy 14 and higher can be found in the online documentation.

CATEGORY

  • All Topics
  • News
  • Product
  • Tech & Support
  • Events
Subscribeto RSS Feed

NoSpamProxy

  • NoSpamProxy Cloud
  • NoSpamProxy Encryption
  • NoSpamProxy Large Files
  • NoSpamProxy Disclaimer
  • Price request
  • Team
  • Career
  • General terms and conditions
  • Data Protection Information for Business Partners and Applicants
  • Cybersecurity (PSIRT)

Partners

  • Becoming a reseller
  • Partners
  • Order Certificates
  • Newsletter

Categories

  • All topics
  • News
  • Support
  • Updates
  • Order certificates

Latest News

  • Info IconCritical Outlook vulnerability: No threat to NoSpamProxy customers24.03.2023 - 15:09
  • Default filter settings in NoSpamProxy 1422.03.2023 - 10:00
  • NoSpamProxy UpdateGlobal Rollout NoSpamProxy Version 14.0.515.03.2023 - 15:20
IMPRINT • EULA • Privacy Policy • © 2023 Net at Work GmbH
  • Rss
  • LinkedIn
  • Youtube
  • Twitter
  • Instagram
Recognition of emails by the Cyren AntiSpam filterInfo Iconinfo iconNoSpamProxy Software Archive
Scroll to top