Product » Xeams

Clustering

Consider a scenario where you have more than one Xeams installed to filter junk messages. This scenario is depicted in the image below.

Example

Consider the following scenario:

  • You have 3 MX records to process incoming emails.
  • You are running Xeams on all 3 servers, that filter junk messages
  • Eventually, good messages are sent to MS Exchange
  • The highest priority MX refers to a Xeams instance that is on the same network as your Exchange
  • Xeams running on secondary MX are somewhere on the Internet
Since there are 3 instances of Xeams, it becomes a lot easier from an administrative perspective to change a rule on MASTER instance and let it automatically propagate to the SLAVES.

Prerequisites

  • You must use version 5.3 or newer
  • The build number between MASTER and SLAVES must match

Steps to enable clustering

Enabling clustering is a two step process:

Step 1 - Designate the highest priority Xeams as MASTER.

  • Login as admin to the web interface of the Xeams that you want to make the MASTER.
  • Click Cluster Management under Home
  • Select Master for Role
  • Add one or more slaves. Master and slave will communicate with each other over HTTP(S) using the same channel administrators use to connect to the web interface. Therefore, use the URL you normally use in your browser AND ensure necessary TCP/IP port (5272 by default) is open between the two machines.
  • You can add as many SLAVES as you like.
  • Note that you will see Not Authorized for the status when a slave is first added. This is normal.

Step 2 - Authorizing a MASTER.

  • Login as admin to the web interface of the Xeams that you want to designate as SLAVE.
  • Click Cluster Management under Home
  • Select Slave for Role
  • Add the IP address of the machine where MASTER is running. If that machine has multiple IP addresses, you can separate them by a comma. NOTE that there can ONLY be one MASTER. Do not put IP addresses for more than one machine in this field.
  • Once a MASTER is authorized, refresh the browser that is connected to the MASTER and ensure both machines can talk to each other by looking at the Status

What is synchronized

Following information is synchronized between MASTER and SLAVES.

  • Modifications to filtering rules, such as Score Configuration, Content Filters, RBL Filters, Black/white listed IP address.
  • Aliases
  • Distribution List
  • Users Configuration along with passwords
  • Trusted Domains

What is NOT synchronized

Most global parameters are NOT synchronized. For example:

  • Server Configuration, such as TCP/IP ports, SSL certificates, server mode
  • Configuration for SMTP Server or SMTP Proxy Server
  • Adminstrator's email and password
  • Active Directory, Message Retention, Alerts, Local Host File, ClamAV
  • Live Monitor
  • Log files.
  • Global reports - daily, monthly, yearly

Message Repository and Reports

Message repository is automatically synchronized between MASTER and SLAVES. Therefore, when you search messages or display a list of all messages, the MASTER will pull necessary information from the SLAVES and display one consolidated result.

Additionally, different colors are used in the message repository when a message is pulled from a SLAVE. See image below for a screenshot.



Same goes with user reports that are sent on daily basis. Reports will only be sent out from MASTER and will contain records from the SLAVES. Therefore, user will only get one report that will pull data from every instance of Xeams.

Troubleshooting common problems

The communication between MASTER and server occur over HTTP(S). Assuming the URL for a slave is http://mx2.yourcompany.com:5272, you will have to open firewall ports allowing the MASTER server to reach the slave on port 5272.

Checking the slave's status from Server

  • Click Cluster Management under Home
  • Refer to the Status column. There are 4 possible values for this status:

    1. Up and Running - this means MASTER can successfully connect to slave
    2. Invalid Response - this occurs if the slave machine is using an older build, or the URL is referring to an HTTP server other than Xeams
    3. Not Authorized - this means the IP address of the MASTER is not among the authorized IP addresses. Connect to the slave and add MASTER's IP address as Authorized Server
    4. Unable to connect - this occurs if the slave is NOT running or a firewall is block traffic

Checking the MASTER's status from slave

  • Click Cluster Management under Home
  • The MASTER is supposed to ping the slaves once every 10 minutes. You will see a warning message on this page if these pings are not received.
  • If no pings are received for 30 minutes, the administrator will be sent an email.

Frequently asked questions

Can I change filtering rules on SLAVES?
No. Rules you modified on SLAVES will get overwritten by MASTER. Therefore, avoid modifying any filtering rules on SLAVES.
Do I have to purchase a separate license for the SLAVE?
No. The license gets inherited from MASTER to SLAVE(s).
Do I have to search every instance for an email?
No. Messages searches are integrated. Therefore, try searching email only on MASTER. It will display emails the were received by the SLAVES.
Will SLAVES send quarantined report?
No. Only MASTER will send a consolidated report displaying quarantined emails not only from its own instance but emails that were received and quarantined by SLAVES.