Norman Email Protection



Similar documents
Norman Protection

DirectQuarantine. Administrator s Guide. Norman Protection version Features

escan SBS 2008 Installation Guide

1 You will need the following items to get started:

Kaseya Server Instal ation User Guide June 6, 2008

Click Studios. Passwordstate. Installation Instructions

Frequently Asked Questions

Deploying ModusGate with Exchange Server. (Version 4.0+)

Immotec Systems, Inc. SQL Server 2005 Installation Document

Deployment Guide. For the latest version of this document please go to:

FaxCore Ev5 -To-Fax Setup Guide

Click Studios. Passwordstate. Installation Instructions

Install SQL Server 2014 Express Edition

Setting up Sharp MX-Color Imagers for Inbound Fax Routing to or Network Folder

How to set up Outlook Anywhere on your home system

F-Secure Messaging Security Gateway. Deployment Guide

Core Protection Suite

Installing Policy Patrol with Lotus Domino

POP3 Connector for Exchange - Configuration

ecopy ShareScan v4.3 Pre-Installation Checklist

Quick Scan Features Setup Guide

4.0 SP1 ( ) November P Xerox FreeFlow Core Installation Guide: Windows Server 2008 R2

RoomWizard Synchronization Software Manual Installation Instructions

Sophos UTM Web Application Firewall for Microsoft Exchange connectivity

ProSystem fx Document

Pearl Echo Installation Checklist

Installing GFI MailSecurity

Configuration Information

Sophos for Microsoft SharePoint startup guide

Quick Scan Features Setup Guide. Scan to Setup. See also: System Administration Guide: Contains details about setup.

Follow these steps to configure Outlook Express to access your Staffmail account:

Configuration Guide for Exchange 2003, 2007 and 2010

Scan to Quick Setup Guide

Guardian Digital Secure Mail Suite Quick Start Guide

Sage HRMS 2014 Sage Employee Self Service Tech Installation Guide for Windows 2003, 2008, and October 2013

Sage HRMS 2012 Sage Employee Self Service. Technical Installation Guide for Windows Server 2003 and Windows Server 2008

WhatsUp Gold v16.3 Installation and Configuration Guide

NSi Mobile Installation Guide. Version 6.2

Nexio Connectus with Nexio G-Scribe

Installing GFI MailSecurity

Installing Policy Patrol on a separate machine

Setup Guide for Exchange Server

WhatsUp Gold v16.1 Installation and Configuration Guide

ServiceDesk 7.1 Installation and Upgrade. ServiceDesk 7.1 Installation and Upgrade - Using Domain Service Credentials A Step by Step Guide

Secure Web Service - Hybrid. Policy Server Setup. Release Manual Version 1.01

Print Audit 6 - SQL Server 2005 Express Edition

Outlook Express POP Instructions - Bloomsburg University Students

Implementing MDaemon as an Security Gateway to Exchange Server

Sage 200 Web Time & Expenses Guide

Erado Archiving & Setup Instruction Microsoft Exchange 2010 Push Journaling

Installation Guide for Pulse on Windows Server 2008R2

Basic Exchange Setup Guide

Configuration Task 3: (Optional) As part of configuration, you can deploy rules. For more information, see "Deploy Inbox Rules" below.

Reference and Troubleshooting: FTP, IIS, and Firewall Information

CIMHT_006 How to Configure the Database Logger Proficy HMI/SCADA CIMPLICITY

eprism Security Appliance 6.0 Release Notes What's New in 6.0

StruxureWare Power Monitoring 7.0.1

Configuring Color Access on the WorkCentre 7120 Using Microsoft Active Directory Customer Tip

QUICK START GUIDE. Cisco C170 Security Appliance

Migrating MSDE to Microsoft SQL 2008 R2 Express

ArcMail Technology Defender Mail Server Configuration Guide for Microsoft Exchange Server 2003 / 2000

Exchange 2003 Mailboxes

Installation Guide ARGUS Symphony 1.6 and Business App Toolkit. 6/13/ ARGUS Software, Inc.

Kaseya 2. Installation guide. Version 7.0. English

Exchange Integration DME 4.4 Microsoft Exchange 2007, 2010, 2013

Microsoft Exchange 2003

Customer Tips. Configuring Color Access on the WorkCentre 7328/7335/7345 using Windows Active Directory. for the user. Overview

Outlook Profile Setup Guide Exchange 2010 Quick Start and Detailed Instructions

Installation Guide for Pulse on Windows Server 2012

Installation Guide For Choic Enterprise Edition

Quick Start Guide Sendio Hosted

Installing GFI MailEssentials

WebSpy Vantage Ultimate 2.2 Web Module Administrators Guide

1 Accessing accounts on the Axxess Mail Server

PureMessage for Microsoft Exchange startup guide

Server Installation, Administration and Integration Guide

WhatsUp Gold v16.2 Installation and Configuration Guide

Microsoft Outlook 2010

Quick Reference Guide: Business Mail

How To Upgrade A Websense Log Server On A Windows 7.6 On A Powerbook (Windows) On A Thumbdrive Or Ipad (Windows 7.5) On An Ubuntu (Windows 8) Or Windows

8.7. NET SatisFAXtion Gateway Installation Guide. For NET SatisFAXtion 8.7. Contents

Click Studios. Passwordstate. Installation Instructions

Installation Guide for Microsoft SQL Server 2008 R2 Express. October 2011 (GUIDE 1)

BlackBerry Enterprise Service 10. Version: Configuration Guide

Kaspersky Lab Mobile Device Management Deployment Guide

MailFoundry Users Manual. MailFoundry User Manual Revision: MF Copyright 2005, Solinus Inc. All Rights Reserved

Services Deployment. Administrator Guide

If you encounter difficulty or need further assistance the Archdiocesan help desk can be reached at (410) , option 1. Access Methods:

How to Secure a Groove Manager Web Site

Erado Archiving & Setup Instruction Microsoft Exchange 2007 Push Journaling

Basic Exchange Setup Guide

Integrating LANGuardian with Active Directory

WHITE PAPER Citrix Secure Gateway Startup Guide

Installation Guide. Tech Excel January 2009

Sitecore Ecommerce Enterprise Edition Installation Guide Installation guide for administrators and developers

StarterPlus Mailbox Software Setup Guide

Filter. SurfControl Filter 5.0 for SMTP Getting Started Guide. The World s #1 Web & Filtering Company

Configuration Guide. BES12 Cloud

White Paper. Installation and Configuration of Fabasoft Folio IMAP Service. Fabasoft Folio 2015 Update Rollup 3

Transcription:

Quick Install Guide Norman Email Protection version 5.51 Features Email relay gateway with antivirus Email relay with antivirus and antispam Web application

Table of Contents Overview... 3 System Requirements... 3 Exchange / Active Directory configuration... 3 Install checklist...4 Database...4 Firewall...4 Install Email Protection... 5 Route wizard...8 Mail flow test...9 Web apps on a separate server...10 Folder Permissions... 11 Change the MX record... 11 Antivirus software... 11 Online Help and Support... 11 ii

Overview This Quick Start Guide is designed to give you the basics for getting your Email Protection server installed and running. For more detailed instructions and descriptions of the features, please see the Administration Guide. System Requirements For minimum recommended system requirements for Email Protection Server, please visit: http://safeground.norman.com/business/system_requirements Exchange / Active Directory configuration Before you begin the Email Protection installation, verify the following settings on your Exchange / Active Directory server to ensure proper communication with Email Protection: 1. If using Exchange 2007 or 2010, it must be configured to accept mail relay from Email Protection. Please use this Microsoft Technet article for configuration instructions: http://exchangepedia.com/2007/01/exchange-server-2007-how-to-allow-relaying.html If using Exchange 2013, please refer to the article below: http://exchangeserverpro.com/exchange-2013-configure-smtp-relay-connector 2. For Exchange 2007 or 2010: check if the Hub Transport or Edge Transport server role is installed. If either role exists, you must change these message throttling settings under Set-ReceiveConnector: MaxInboundConnectionPercentagePerSource: Change the value to 20% MaxInboundConnectionPerSource: Change the value to 1000 NOTE For complete details, see the following Microsoft KB articles: Exchange 2007: http://technet.microsoft.com/en-us/library/bb232205(exchg.80).aspx Exchange 2010/2013: http://technet.microsoft.com/en-us/library/bb232205.aspx#receiveconn 3. You must have an account with Read permissions on the Active Directory/Global Catalog. This account and its password will be required when configuring Email Protection. Your Administrator account can be used, but creating a new account is recommended. Follow the steps below to create a new account (optional): 4. Optional: Log into the Domain Controller Server and go to Start > Programs > Administrative Tools > Active Directory Users and Computers. 5. Expand your domain name, right-click Users and select New > User. 6. Enter mgate in First name, copy it to User logon name and click Next. 7. Configure the Password, uncheck User must change password at next logon, check Password never expires, and click Next through the remaining screens to finish creating the user. 8. Click on View > Advanced Features. 9. Select Security, click on Add and enter mgate. 10. Under the Allow column, check Read and click Apply. 3

Install checklist On the server where Email Protection is to be installed, check the following settings: 1. The server must have a static IP and at least 1 DNS server address. Go to Local Area Connection settings > Properties > Internet Protocol (TCP/IP) > Properties to verify. 2. Go to My Computer >Properties > Network Identification > Properties. Confirm that the computer name appears in the Computer name field. Click on More > Primary DNS suffix for this computer: enter your domain name if missing. -- The server must be rebooted after this change. 3. IIS 6.0 or above is already installed. 4. Both.NET Framework versions 3.5 SP1 and 4.0 Extended are installed. 5. Microsoft s SMTP service is either disabled or set to manual (required to prevent conflicts on port 25). Go to Administrative Tools > Services and set Simplified Mail Transport Services to Stop. In the Startup Type dropdown menu, select either Disabled or Manual. 6. Verify that the following ports are open to allow for automatic spam, virus and license key updates and Web component access: Port 80 for HTTP Port 443 for HTTPS Ports 31804, 31805 and 31806 (for the Web components) Port 9000 (for directquarantine, if required) Database Email Protection requires databases for several of its features. If you do not have a database server installed, the Email Protection installation process installs Microsoft SQL Server 2005 Express or SQL Server 2008 Express with advanced services depending on your Windows version. Note that Full Text Indexing is required for some features. Firewall If you plan to use a firewall, we recommend that you do not use Windows Firewall as it can cause problems with internal communication required by Email Protection. Instead, use a hardware firewall to protect your network from unauthorized external access. 4

Install Email Protection Follow the procedure below to install the Email Protection Server application: 1. Log into the server using an Administrator account. 2. Click the applicable installer file (AS or ASV) to launch the installation. NEP-5.42.21-AS.exe (Antispam) NEP-5.42.21-ASV.exe (Antispam and Antivirus) 3. Accept the licence agreement and click Next to enter your license key. Click Validate > Next. 4. Select either Standard or Custom installation. Standard installs all components on the local server: the server application, directquarantine and the administration and reporting services. See the next step for Custom details. 5. Select Custom to view and/or disable components and configure advanced database settings. You must select Custom if the web components are to be installed on a separate web server: in this case, uncheck Administration and Reporting Services. Further instructions can be found in Web apps on a separate server on page 9. NOTE directquarantine must be installed on the same server as Email Protection if you plan to use it. 6. Click Next to verify the installation paths. Make any changes necessary and click Next to continue. 5

7. Select either Use existing SQL Server or Install SQL Server Express with Advanced Services. The latter option will direct you to the Microsoft download site when you click Next. 8. Enter the SQL Server connection details: SQL Server name or IP: for SQL Express, include \sqlexpress after the IP or name. SQL Administrator Account: enter the SA account name (or one with equivalent rights) and the Password. Click Connect to both test the database connection and get the list of existing database names. Database name: Either choose an existing name from the dropdown menu or enter a new name and click Next. 6

9. If the SQL account cannot be verified, you may be asked to configure the information manually: Select Use an existing user and enter the credentials. Or, select Create a new user and enter a new name and password to be used as the administrator account for Email Protection s databases. Click Verify to create and/or validate the user credentials. 10. Click Next to launch the Email Protection installation and to create the database tables. This process will take a few minutes. 11. Click OK to start the Email Protection and IIS services. 12. Delivery failure notices: Enter a valid address on the primary mail server, e.g. your postmaster address. 13. Click Next to launch both the Route Wizard and the What s Next guidelines. 7

Route wizard You must create a route for each domain for which Email Protection is to filter email. NOTE To enter multiple mail servers/domains, instead click Cancel and use the Administration Console > Connection screen. 1. Enter your Mail Domain Name, e.g. xyz.com. Email sent to this address will be filtered by Email Protection. 2. Select the appropriate Mail server type from the dropdown list. If your server type is not listed, select SMTP, SMTP_VRFY, or click the Cancel button and use the Administration Console > Connections screens to configure your settings. Please note the following important issues: The SMTP option cannot validate mail recipients, therefore invalid addresses will be created in the user list and count against your user license. In addition, if alias email addresses are used, they will be added to the user list and total user count. SMTP_VRFY is supported by most mail servers, but must only be used if the mail server is protected by a firewall with no direct public access. Without a firewall, the list of valid user accounts can be easily obtained over the Internet. Alias email addresses are supported by SMTP_VRFY; they will not be counted against the user license. 3. Enter the Mail server name or IP. 4. The SMTP Port number automatically displays 25; change this only if you use a different port number. 5. If your mail server type is either SMTP or SMTP_VRFY, enter a valid email address in the Enter Email to Test field and click Test Route. The system will attempt to connect to your mail server and send a message to your address. You will receive feedback if there are any errors. Check your Inbox to confirm the message was received. If you had selected Exchange as the mail server type, click Next and enter your Active Directory/LDAP server information. 6. Enter the AD root domain name. This is the root or internal domain name configured on your Active Directory/LDAP server, e.g. domain.local. 7. Enter the Server name or IP address for your Active Directory or LDAP server. 8. Verify the Port number: If using Exchange 2003-2013, port 3268 is automatically configured for the Global Catalog: this provides access to the entire list of users mailboxes. Selecting Use SSL/TLS will auto-reset the port to 3269. If using Exchange 5.5, LDAP port 389 is set. You may optionally enter a custom port. 9. User DN and Password: enter the email address and password of the Administrator (or the optional mgate user - see Exchange / Active Directory configuration). The email address format is supported by both Active Directory and LDAP. 8

SBS Server Configuration You must enter an account using the format @Windows domain in the User DN field, if your Windows domain differs from your email domain name. Example, your email domain name is company.com, but your Windows domain is company.local, enter administrator@company.local as the User DN. 10. Enter a valid email address in the Enter Email to Test field and click Test Route. The system will attempt to connect to your mail server and send a message to your address. You will receive feedback if there are any errors. Check your Inbox to confirm the message was received. 11. Click Next to view the summary table. Click Add to enter other domains or mail servers, if necessary. To edit or change any information, use the Console s Connection settings. Click Finish to close the wizard. Mail flow test After verifying the route configuration, you can optionally run this automated mail flow test to ensure the system is working properly: 1. After the installation is completed, open the Email Protection Administration Console to System > Services to verify that all services are running. The most important services required for basic functionality are: SMTPRS, SMTPDS, MODUSADM and MODUSCAN. 2. Locate the Email Flow Diagnostic Tool on the desktop and click to open the program. 3. Verify that the SMTP server displays the Email Protection server name, and enter your email address to perform the test. 4. Select to test a spam message, a legitimate message or both, and click Send Check your Inbox in Outlook to verify that you received the legitimate test email. On the Email Protection console, open the Quarantine tab and verify that the spam test message appears in the list (if the console Quarantine screen was already open, you might need to click the Refresh button to see the message). 5. The mail flow test can be re-run at any time. If using a Email Protection blockade or redundant setup, you can test other Email Protection server(s) by entering their server names. 9

Web apps on a separate server If the Web Components are to be installed on a separate server, do the following: 1. Log into the server using an Administrator account. 2. Copy the Email Protection.exe file to this server and click to launch the installation. 3. Enter the same license key you used on the Email Protection server and click Validate > Next. NOTE The license key must match that of the Email Protection server or the web components will not work. 4. Select Custom and ensure that only Administration and Reporting Services are selected. 5. Verify the installation path and click Next. Note that all web files will be installed together. Click Next to complete the installation. 6. Open Windows Explorer to the...email Protection\Web directory. 7. In the Quarantine folder: a) Locate the WebMailSvr.ini file and open it with Notepad. b) Locate the host=xxx.xxx.xxx.xxx and verify that it shows the IP address of the local (Web) server. c) Locate the SmtpServer=xxx.xxx.xxx.xxx address and change this to the IP of the Email Protection server. d) Locate DomainName=machine_name.mydomain.com: change this to match the primary domain as it appears on the Email Protection Console. e) Save the changes. 8. Next, go to the...email Protection\Web\WebMonitor directory. a) Locate the custom.config file and open it with Notepad. b) Locate <add key= Servers value= localhost ></add>: replace localhost with the IP address of the Email Protection server c) Save the changes. 9. Finally, go to the...email Protection\Web\WebAdmin\Root directory: a) Locate the web.config file and open it with Notepad. b) Locate <add key= Site value= /> and enter Email Protection s IP address between the empty quotes. c) Save the changes. 10. Configure the ODBC connection: go to Start > Administrative Tools > Data Sources (ODBC). 11. Click System DSN > Add. 12. Select the driver that matches your database type and click Finish. For SQL Server 2005 Express: select SQL Native Client For all other SQL versions, select SQL Server. 10

13. Enter a name for the connection and the SQL Server address (can be the IP address or hostname). For SQL Express, enter servername\sqlexpress. Click Next. 14. Select SQL Server authentication and enter your login credentials, e.g. the sa account and password. Click Next > Finish. Folder Permissions Configure Modify permissions on the...email Protection\Web directory for the local machine s IUSR, ASPNET and Network Service accounts. Replace the permissions on all child objects. This applies to both a single and dualserver configuration Restart the WEBMAILSVR and IIS services to register the above changes. All programs can be accessed using the following URL format: http://127.0.0.1/[app name], e.g. http://127.0.0.1/webmonitor. Change the MX record Once your connection(s) are tested and working, the next step is to change your DNS records. On the DNS Server, modify the MX (Mail Exchange) record so that your mail domain points to the Email Protection server instead of the Exchange. Create an A or Host record that maps the new Email Protection MX to the Gate server s IP address Since new MX records can take anywhere from 12 to 48 hours to propagate, only remove the mail server s MX after Email Protection s MX has been propagated. Do this to hide your mail server from public view: when spammers see multiple MX s for the same domain, they often bypass the primary (Email Protection s) and target the secondary (the mail server). If you wish to check whether your MX record change has been propagated, try using our Email Security Grader tool at www.emailsecuritygrader.com and enter your domain name. Antivirus software If you run an anti-virus program on the server where Email Protection is installed, you must exclude these directories from scanning to prevent interrupting mail processes: C:\winnt\temp (verify your system settings to ensure the path)...\email Protection\spool...\Email Protection\mailbox\@Quarantine Online Help and Support Please visit safeground.norman.com for support or contact information. 11

Headquarter Norway www.norman.com/no www.norman.com/en Offices Denmark Germany Spain France Italy Netherlands Sweden Switzerland United Kingdom www.norman.com/dk www.norman.com/de www.norman.com/es www.norman.com/fr www.norman.com/it www.norman.com/nl www.norman.com/sv www.norman.com/ch www.norman.com/uk norman contact details Norman Safeground AS PO box 43, 1324 Lysaker, Norway Office address: Strandveien 37, Lysaker Tel: 67 10 97 00 E-mail: norman@norman.com www.norman.com Norman Safeground AS is a wholly owned subsidiary of Norway s only IT security company Norman AS - established in 1984. Norman Safeground is a global company and has customers in more than 180 countries. Our mission is to offer businesses and home users premium protection from Internet threats through easy to use software offering you peace of mind while we take care of your security. We strive to understand and solve our customers and partners challenges and are passionate about providing high quality personal service.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information