I just found out some GOOD news from our McAfee Professional Services Engineers on site handling our conversion from IronMail 6.7.2 to McAfee Email Gateway 7.6.3 with MQM 7.0.1.
Our Professional Services team advised that McAfee supports a mixed environment for a single email domain with MEG 7.6.3 \ MQM 7.0.1 and IronMail 6.7.2 HF5 \ Central Quarantine Servers. Previously, McAfee advised that this configuration was not possible. But it seems with a MEG 7.6.3 \ MQM 7.0.1 environment you can operate the IronMail 6.7.2 HF5 \ IronMail Central Quarantine Servers without any issues. Not sure exactly how this works, but our Professional Services team says it is now possible.
For those of you still strugguling with the thought of shutting down and taking your IronMail Central Quarantine Server offline and bringing up the MQM 7.0.1 and MEG 7.6.3 servers, it looks like McAfee has got a way for the two Quarantine Systems to operate within one email domain without any issues. This will definitely allow a smooth cutover from one system to the other without the "YANK and PULL" process that was previously reccommended.
If there is anyone out there who is already running MQM 7.0.1 and CQS IronMail 6.7.2 in the same environment, please tell me if you have come accross some unexpected issues with the way the end users are accessing the both the CQS and MQM at the same time.
I am concerned about messages getting lost between the quarantine process of the MQM vs CQS or vice versus. I just want to be able to make sure that our employees are able to login to both end user UI's and message digests without any issues.
Also can anyone tell me which quarantine system determines the message needs to be quarantined? What happens if policies on both the CQS and the MQM fire at the same time, which server has the "right of way" to quarantine the message? How does this show up in the logs? Will it show in the MEG logs or the IronMail logs?
McAfee tech support, if you have some insight on the issues that you see with both the MQM and the CQS operating and quarantining message traffic within a single domain, can you please share this information.
Having been in IronMail support for 5 years, and now 2 years of doing professional services for MEG, I would question how much "support" there actually is. Could I make them work together? Sure. Would it be a good idea or be clean? Not really.
On a single domain, it would be interesting to see how the mail is sent to each. Mail from MEG would go to the MQM, and mail from the IronMail would go to the CQS, but unless there has been some big change in MEG or MQM (I have seen no release notes to that effect, and wouldn't expect them), the two relays don't speak the language of the other's quarantine system. CQS can be implemented as a relay with special filtering rules to do a limited version of the same process, but that would require reroute rules instead of quarantine on MEG. MQM has its own completely different protocols and ports, port 25 isn't really used as such.
As far as what message gets notified from which system, that would depend on where it gets quarantined. Rules could be put in place to route groups of user mail from one system to the other, but that seems highly inefficient.
My recommended course of action would be to set up the new systems and leave the CQS on line for some time, but no new messages going to it. Notifications can be sent to users that they have existing messages there, but I would direct all new messages coming through the MEGs to the MQM.
You could run both IronMail and MEG side by side with some load balancing / MX record method, but the rules will not necessarily be the same. This way messages would still go to both solutions, but users will of course get notifications from both.
If you don't mind, can you PM me the name of your PS engineer? I want to run it by them to see what exactly they were planning.
McAfee Service Portal customers please use your existing username and password to log into the community.