Mail Marshal 42

MailMarshalVersion 4.2

Release Date: June 2001

Copyright 1994-2001 Marshal Software Limited

No part of this publication may be reproduced, transmitted, stored in aretrieval system, nor translated into any human or computer language, in anyform or by any means, electronic, mechanical, magnetic, optical, chemical,manual, or otherwise, without the prior written permission of the copyrightowner, Marshal Software Limited, 19 Lambie Drive, Manukau City, NewZealand. Copyright infringement is a serious matter under the New Zealandand foreign Copyright Laws.

Marshal Software and MailMarshal are registered trademarks of MarshalSoftware Limited.

The Regular Expression Parser (Regex++) used in MailMarshal, and its documentation, are Copyright ©1998-2000 Dr John Maddock. Permission to use, copy, modify, distribute and sell Regex++ and its documentation forany purpose is hereby granted without fee, provided that the above copyright notice appears in all copies and thatboth that copyright notice and this permission notice appear in supporting documentation. Dr John Maddockmakes no representations about the suitability of this software for any purpose. It is provided �as is� withoutexpress or implied warranty.

The User License Agreement printed below is a copy for your information only of the actual agreement embedded in theMarshal Software product which is displayed and accepted by the user during installation of the product. In the event ofany discrepancies between these versions, the copy embedded in the product shall apply.

IMPORTANT: Do not install this software unless you accept the following terms and conditions.

Marshal Software Limited (hereafter called �Marshal�) licenses this Marshal Software product (the �Software�) only onthe condition that you accept all of the terms contained in this software license (�License�). Please read slowly throughthe terms of this License. Read it carefully before installing the Software. By installing or using the Software, you agreeto be bound by the terms of this Agreement.

1. The License1.1. Marshal is the exclusive owner of the Software.1.2. This License grants you the non-exclusive, non-transferable right to use one registered copy of the Software

strictly in accordance with the terms of this agreement. You may also make one copy for backup purposes only.

1.3. You shall only use the Software on the computer (�Designated Computer�) for which Marshal has issued youthe key. If you wish to use the Software on another computer, you must obtain another key and pay therelevant fees. However, with Marshal�s consent, you may replace or substitute a new computer for yourDesignated Computer without incurring new license fees. Marshal shall not unreasonably withhold itsconsent provided the Software is compatible with such replacement or substitute computer. In such case youmust cease running the software on the original designated computer and remove it from that machine assoon as it is installed on the replacement or substitute computer.

1.4. Except as provided in §1.3, under no circumstance shall you install the Software, or make a copy thereof, foruse on any other computer. You shall not modify the Software for use on any other computer.

1.5. You shall not exceed the number of users for which your current key was authorized by Marshal. If youwish to add more users, you must request a modification to your License and pay the relevant fees.

2. License Fee2.1. To use the Software, you must have paid all applicable license fees. If you do not pay such license fees,

Marshal shall revoke this License in which case you shall forthwith stop using the Software and remove allcomponents of it from all computers.

3. Documentation3.1. This Agreement extends to the Software documentation, whether in electronic or print format. The

documentation may not be copied, modified or used in any way not contemplated or expressly authorized bythis Agreement.

4. Your Obligations4.1. You shall not: (i) Copy, reproduce, translate, adapt, vary or modify the Software without the express consent

of Marshal; (ii) disassemble, decompile or �unlock�, reverse translate, or in any manner decode the Softwarefor any reason whatsoever; (iii) provide or otherwise make available the Software in any form to any personwithout the written consent of Marshal; (iv) rent, lend or lease the Software; (v) transfer the Software to anyother person under any circumstances without the written consent of Marshal; (vi) attempt to bypass orcircumvent the security procedures applicable to the Software; (vii) take any action that would cause injuryto Marshal�s intellectual property rights in the Software or that would deprive Marshal of the license fees towhich it is entitled.

4.2. You shall supervise and control the use of the Software in accordance with the terms of this Agreement. Youshall ensure your employees, subcontractors or agents who have authorised access to the Software are madeaware of the terms of this Agreement and comply therewith. You shall maintain safe custody of theSoftware.

5. Limited Warranty5.1. Marshal has used its best endeavors to develop a stable and reliable software product. Because there is such

a diverse range of computers, operating systems and applications, Marshal can not warrant that the Software will be compatible in every operating environment. It is your responsibility to ascertain whether the Software is compatible with your operating environment.

5.2. The Software is sold without warranties as to its performance or merchantability. To the extent allowed bylaw, Marshal disclaims all liability, whether in contract or tort, for any loss or damage arising from your useof the Software. Such disclaimer applies to direct, indirect, special and consequential damages including lossof profit, business revenue, goodwill, loss of production, loss of product, losses resulting from downtime ofyour domain or email system, losses resulting from system crashes, loss of data or emails, or failure toachieve anticipated savings or production efficiencies.

5.3. Marshal does not warrant that the Software is free of �bugs�, errors or defects. Marshal shall not be

Licensing Agreement i

Licensing Agreement

responsible to you for costs or damages incurred as a result of any such �bugs�, errors or defects. Marshaldoes not warrant that the Software is error free and the existence of such errors shall not constitute a breachof this Agreement. Marshal does not warrant that the Software will meet your requirements. Marshalexcludes, and expressly disclaims, all express and implied warranties of merchantability or fitness forpurpose.

5.4. Notwithstanding the above, Marshal warrants that the Software media supplied directly by Marshal is freefrom defects in manufacture. This warranty does not apply to Internet downloads.

5.5. Marshal will replace any defective media at no charge subject to notification of the said defect within90 days of the date that you acquired the Software from Marshal or its authorized reseller.

5.6. If the Software fails to operate in accordance with this warranty, you may, as your sole and exclusive remedy,return the Software media and related documentation, along with a dated proof of purchase, specifying theproblem. Marshal shall either replace the Software or give you a full refund, at Marshal�s discretion.

5.7. Except for the limited warranty described above there are no warranties, either expressed or implied, for theSoftware or documentation, which are licensed to you, �as is�.

5.8. Marshal�s maximum liability to you shall not, under any circumstance, exceed the license fees that you paidin respect to the Software.

5.9. Some jurisdictions do not allow the exclusion of certain implied warranties or conditions, so the aboveexclusions may not apply to you. This Agreement does not exclude any implied warranties or conditions thatmay not under applicable law be excluded. This Agreement gives you specific legal rights, and is in additionto any other legal rights that you may have under the laws of your jurisdiction. This Agreement does notaffect your statutory rights.

6. Other Services Excluded6.1. The license fees do not cover the cost of: (i) Installation services; (ii) Networking services; (iii) Software

configuration and preference setting; (iv) Technical support and troubleshooting; (v) Maintenance services;(vi) Training; (vii) Software �fixes� and updates; and (viii) Software upgrades. Contact Marshal if yourequire any of these services.

7. Copyright7.1. You acknowledge that the Software and documentation are the subject of copyright. You shall not, during or

at any time after the expiry or termination of this License, permit any act that infringes that copyright. Youexpressly agree that you shall not copy the Software except for back-up purposes pursuant to §1.2.

7.2. This is a License to use the Software. It is NOT an agreement for the sale of the Software. Marshalcontinues to own the Software. Your rights to use the Software are specified in this Agreement, and Marshalretains all rights not expressly granted to you in this Agreement.

8. Term of License8.1. This Agreement commences the moment you click or press the �ACCEPT� button during installation of the

Software. It shall continue until terminated by either party. You may terminate this License upon 90 daysnotice to Marshal Software. Marshal Software may terminate this License if you breach any clause thereofand fail to cure such breach within 30 days after notice thereof.

8.2. Upon termination, you or your representatives shall destroy the Software and documentation or otherwisereturn or dispose of such material in a manner directed by Marshal.

9. Verification of Compliance9.1. You hereby grant Marshal the right to enter your premises and to operate any computers at your premises in

order to verify that: (a) you are complying with your obligations in relation to the operation of the Softwareon Designated Computers (or any other computers approved by Marshal) in accordance with §1.3; (b) thenumber of users does not exceed the number of registered users in accordance with §1.5; (c) you are nototherwise in breach of your obligations under this Agreement. Marshal may, at its option, make use oflicense authentication logic that sends information on licensing to Marshal for the sole purpose of protectingthe Software against unauthorized use.

10. Governing Law10.1 Except as otherwise expressly mandated by the relevant law in your jurisdiction, this Agreement shall be

governed by, and construed in accordance with, the substantive laws of New Zealand whose courts shall havejurisdiction over all disputes which may arise in respect to this Agreement.

Marshal Software Ltd. P.O. Box 97639, S.A.M.C., Auckland, New ZealandTel: 64-9-261 2110, Fax 64-9-261 2112

ii Licensing Agreement

Important!

Read this manual before attempting to install, operate or maintain the Software.It contains important installation, operating, maintenance and back-upinstructions. The user must strictly comply with them.

The information contained in this manual is given in good faith and is believedto be true and correct at the time of publication. However, Marshal accepts noliability for any errors or omissions.

Any opinions, recommendations or suggestions given do not constitute aguarantee or warranty. The information in this manual does not constitute awarranty of any particular benefits that the user will derive from the Software.Information in this manual shall not be deemed a warranty, representation orguarantee concerning the Software�s suitability or fitness for a specific purpose.

It is the user�s responsibility to determine the suitability of the Software for itsown use. The user must make its own independent judgment and assessmentand should not rely upon any opinions, interpretations, statements, assurancesor representations contained in this Manual.

Marshal has endeavored to provide timely information. Future Softwaredevelopments may materially change the information. Marshal reserves theright to change the specifications of the Software, or the information in thismanual, without necessarily giving its users notice thereof.

The information in this manual is intended to provide general guidance to theuser. For specific guidance or support, contact a Marshal Software reseller.

Unless otherwise noted, a reference to brand names, product names andtrademarks constitutes the intellectual property of the owner thereof and noright of use is granted thereby.

This manual does not grant any license to use the Software. Use of theSoftware is subject to the terms and conditions in the Marshal SoftwareLicense. Read carefully the Marshal Software License before using the

Disclaimer iii

Disclaimer

Software.

Marshal has made every effort to explain the operating procedures as clearlyand completely as possible. Nonetheless, it is not possible to anticipate, noraddress, every conceivable problem that might arise from the use of theSoftware. This problem is compounded by the fact that no two operatingenvironments are exactly the same.

Therefore, Marshal is not able to guarantee that this manual will address everyissue or problem that might arise concerning the use of the Software.Furthermore, Marshal cannot represent that the information in this manual iscomplete.

Use of the Software shall constitute acceptance of the above conditions andlimitations.

The example companies, organizations, products, people, and events depicted inthis Manual are fictitious. No association with any real company, organization,product, person, or event is intended or should be inferred.

iv Disclaimer

Comments or suggestions regarding this document or the software should bedirected in writing to

Marshal Software Ltd

PO Box 97 639 S.A.M.C.19 Lambie DriveManukau CityAucklandNEW ZEALAND

Telephone: 64-9-261-2110Facsimile: 64-9-261-2112Email: [email protected] or

[email protected]

Web Home Page: http://www.marshalsoftware.comhttp://www.mailmarshal.com

Comments or Suggestions v

Comments or Suggestions

mailto:[email protected]


http://www.marshalsoftware.com/

Licensing Agreement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . i

Disclaimer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . iii

Comments or Suggestions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . v

Table of Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii

1. Introducing MailMarshal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-1What Does MailMarshal Do? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-1Where is MailMarshal Installed? . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-1How Does MailMarshal Work? . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2Virus Scanning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-3Encrypted Email . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-3Online Help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-4

2. Pre-Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-1Installation Planning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-1Hardware Required for MailMarshal Server . . . . . . . . . . . . . . . . . . . 2-1Software Required for MailMarshal Server . . . . . . . . . . . . . . . . . . . . 2-1Software Required for Other Components . . . . . . . . . . . . . . . . . . . . . 2-2Email Routing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-2

How MailMarshal Routes Email . . . . . . . . . . . . . . . . . . . . . . . . . 2-3Setting up Outbound Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-3Setting up Inbound Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-3When Installing MailMarshal on the Existing Email Server . . . . . . . 2-4

Installation Scenarios . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-5Gathering Information Before Installation . . . . . . . . . . . . . . . . . . . 2-7

3. Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-1Procedures to Install MailMarshal Server . . . . . . . . . . . . . . . . . . . . . . 3-1Installation Wizard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-2Configuring an Existing Email Server . . . . . . . . . . . . . . . . . . . . . . 3-11MailMarshal and Microsoft Proxy Server 2.0 . . . . . . . . . . . . . . . . . 3-11MailMarshal Console Installation . . . . . . . . . . . . . . . . . . . . . . . . . . 3-12

Table of Contents vii

Table of Contents

Console Security Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-13MailMarshal Configurator Remote Installation . . . . . . . . . . . . . . . 3-13Uninstalling MailMarshal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-14Importing a MailMarshal Configuration . . . . . . . . . . . . . . . . . . . . . . 3-15

4. The Configurator . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-1MailMarshal Configurator . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-2Server Properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-2Rulesets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-3User Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-3POP3 Accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-3Virus Scanners . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-3External Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-4Folders . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-4Email Templates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-4TextCensor Scripts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-4Logging Classifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-4Message Stamps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-4LDAP Connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-5News and Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-5

5. Rulesets and Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-1Best Practices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-1Viewing and Printing Rulesets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-2Creating a Ruleset . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-2Editing a Ruleset . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-4

To Copy or Move Rules Between Rulesets . . . . . . . . . . . . . . . . . . . . 5-5To Enable or Disable a Ruleset . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-5

Order of Evaluation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-5Adjusting the Order of Evaluation of Rulesets . . . . . . . . . . . . . . . . . 5-5Adjusting the Order of Evaluation of Rules . . . . . . . . . . . . . . . . . . . 5-5

Creating a New Rule . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-6Copying a Rule . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-7Editing a Rule . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-8User Matching Criteria . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-8Rule Conditions�Standard Rules . . . . . . . . . . . . . . . . . . . . . . . . . . 5-10Rule Actions�Standard Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-15Rule Conditions�Receiver Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-19Rule Actions�Receiver Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-19

viii Table of Contents

6. User Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-1To Create a New Standard User Group . . . . . . . . . . . . . . . . . . . . . . 6-1To Add Members to a Standard User Group . . . . . . . . . . . . . . . . . . 6-1To Add an LDAP User Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-1To Move and Copy User Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-3

7. POP3 Accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-1To Set Up POP3 Accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-1POP3 Accounts for Relaying Authentication . . . . . . . . . . . . . . . . . . 7-2To Edit POP3 Accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-3To Delete POP3 Accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-3

8. Virus Scanners . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-1Best Practices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-2Configuring a New Virus Scanner . . . . . . . . . . . . . . . . . . . . . . . . . . 8-2Viewing Virus Scanner Properties . . . . . . . . . . . . . . . . . . . . . . . . . . 8-3Using Other Virus Scanners . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-5Testing Virus Scanners . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-5MailMarshal Directories and Resident Scanning . . . . . . . . . . . . . . . . 8-6

9. External Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-1Uses of External Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-2

10. Folders . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-1Creating a New Folder . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-1

Standard Folders . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-2Parking Folders . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-2

Editing an Existing Folder . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-3Changing the Default Folder Location . . . . . . . . . . . . . . . . . . . . . . 10-3Folder Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-4

11. Email Templates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-1Creating an Email Template . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-1Duplicating an Email Template . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-3Editing an Email Template . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-3Deleting an Email Template . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-3

12. TextCensor Scripts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-1TextCensor Syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-1Weighting the Script . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-2Adding a TextCensor Script . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-3Editing a TextCensor Script . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-4

Table of Contents ix

Duplicating a TextCensor Script . . . . . . . . . . . . . . . . . . . . . . . . . . 12-5Importing a TextCensor Script . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-5Exporting a TextCensor Script . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-6Using TextCensor Effectively . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-6

Constructing TextCensor Scripts . . . . . . . . . . . . . . . . . . . . . . . . . . 12-6Decreasing Unwanted Triggering . . . . . . . . . . . . . . . . . . . . . . . . . 12-7

13. Logging Classifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-1Creating a Logging Classification . . . . . . . . . . . . . . . . . . . . . . . . . . 13-1Editing a Logging Classification . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-2Duplicating a Logging Classification . . . . . . . . . . . . . . . . . . . . . . . 13-2Deleting a Logging Classification . . . . . . . . . . . . . . . . . . . . . . . . . . 13-2Logging Classification Usage. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-2

14. Message Stamps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-1Creating a New Message Stamp . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-1Duplicating a Message Stamp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-2Editing a Message Stamp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-2Deleting a Message Stamp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-2

15. LDAP Connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-1What is LDAP? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-1Adding a New LDAP Server Connection . . . . . . . . . . . . . . . . . . . . . 15-1Editing an LDAP Server Connection . . . . . . . . . . . . . . . . . . . . . . . 15-5Deleting an LDAP Server Connection . . . . . . . . . . . . . . . . . . . . . . 15-5

16. Server Properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-1General . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-2Delivery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-3Dial-Up . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-4Mail Batching . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-5Local Domains . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-8

To Create a New Local Domain . . . . . . . . . . . . . . . . . . . . . . . . . 16-9To Edit a Local Domain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-10Wildcards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-10

Reports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-11Anti-Relaying . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-12License Info . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-14Advanced . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-17

Change Folders . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-17Export Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-18

x Table of Contents

Import Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-18Server Threads . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-19Enable RTF Stamping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-20Server Array . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-20

Blocked Hosts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-20Host Validation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-21

MAPS Lookups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-22DNS Validation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-23

Header Rewrite . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-24Field Matching . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-26Substitution Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-26Substitution Actions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-27Testing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-29Regular Expression Syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-29

17. Reports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-1Installing MailMarshal Reports . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-1To Produce Reports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-2

18. The Console . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-1Connecting to the MailMarshal Server . . . . . . . . . . . . . . . . . . . . . . 18-1Console Security Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-2The Main Console Screen . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-3The Services Screen . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-4

Receiver State . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-4Sender State . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-5Sender Actions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-5

Domain Detail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-6Message Folders . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-6Message Folder Actions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-7

Forwarding a Message . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-7Deleting a Message . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-7Processing a Message . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-8Viewing a Message and Message Log . . . . . . . . . . . . . . . . . . . . . . 18-9Interpreting Message Logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-10

Mail History . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-11Alert History . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-12News and Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18-12

19. MailMarshal Secure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19-1What is S/MIME? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19-1

Table of Contents xi

Options for Using MailMarshal Secure . . . . . . . . . . . . . . . . . . . . . . . 19-2Installing MailMarshal Secure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19-2Setting Up S/MIME Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19-4

Working with Domain Certificates . . . . . . . . . . . . . . . . . . . . . . . . 19-4Backing Up Certificates and Keys . . . . . . . . . . . . . . . . . . . . . . . . 19-12Protect the Certificates Folder . . . . . . . . . . . . . . . . . . . . . . . . . . . 19-12Exchanging Certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19-13

Checking Imported Certificates . . . . . . . . . . . . . . . . . . . . . . . . . . 19-13Basic Security Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19-13Rule Conditions�Security Rules . . . . . . . . . . . . . . . . . . . . . . . . . . 19-15Rule Actions�Security Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19-17

20. Case Studies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20-1SmartCo . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20-1

Protecting Against Viruses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20-2Conserving Network Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . 20-3Ensuring Appropriate Usage . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20-4Reducing Legal Liability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20-4Reports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20-5

Company Name Change . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20-5Encrypted Email . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20-6

Multiple Gateway-to-Gateway Encryption Partners . . . . . . . . . . . . . 20-7Gateway-to-Desktop Encryption Partners . . . . . . . . . . . . . . . . . . . 20-7

Blocking Spam. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20-8Email Aliases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20-9

21. Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21-1MailMarshal Console . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21-1Windows NT Event Viewer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21-1MailMarshal Working Directories . . . . . . . . . . . . . . . . . . . . . . . . . . 21-1MailMarshal Message Names . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21-2MailMarshal Log Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21-2Running MailMarshal in Debug Mode . . . . . . . . . . . . . . . . . . . . . . 21-3Some Common Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21-3

Error 2140 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21-3Unable to Determine the Domain . . . . . . . . . . . . . . . . . . . . . . . . . 21-3Moving MailMarshal to a New Server . . . . . . . . . . . . . . . . . . . . . 21-4

Further Help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21-4

22. MailMarshal and the MMC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22-1Configurator and Console in the Same MMC . . . . . . . . . . . . . . . . 22-1

xii Table of Contents

Appendix A: Other Email Servers . . . . . . . . . . . . . . . . . . . . . . . . . . . A-1Configuring Microsoft Exchange 5.5 . . . . . . . . . . . . . . . . . . . . . . . . . A-2

Exchange 5.5 and MailMarshal on Separate Machines . . . . . . . . . . A-2Exchange 5.5 and MailMarshal on The Same Machine . . . . . . . . . . A-3

Configuring Lotus Notes 4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-4Lotus Notes 4 and MailMarshal on Separate Machines . . . . . . . . . . A-4Lotus Notes 4 and MailMarshal on The Same Machine . . . . . . . . . A-5

Configuring Lotus Domino R5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-6Lotus Domino R5 and MailMarshal on Separate Machines . . . . . . . A-6Lotus Domino R5 and MailMarshal on The Same Machine . . . . . . . A-6

Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . I-1

Table of Contents xiii

MailMarshal is an Email Content Security application for organizations.

The purpose of MailMarshal is to enforce an organization�s Acceptable UsePolicy for email. Such a policy typically regulates what content can be sent inand out of the organization by email. A policy may also call for disclaimers orother official message stamps, archive copies of messages, and encryption ofsensitive email, as well as controls on the size or volume of email allowed.Protection against email transmission of viruses and other harmful material is anadditional goal in most cases.

What Does MailMarshal Do?MailMarshal scans the content of messages and attachments as they enter orleave the organization. It can scan lexical content (such as subject lines, messagetext and attached documents). It can also determine the structure and size ofmessages and attachments. MailMarshal also allows scanning for viruses usingthird-party virus scanners.

Based on the result of these scans, many actions may be performed. Theseinclude blocking or quarantining of messages, making copies, stripping ofattachments, sending notifications, adding disclaimers, and many others.

An optional module, MailMarshal Secure, allows signing, encryption anddecryption of email messages using the S/MIME standard.

Where is MailMarshal Installed?MailMarshal is a server-based SMTP (Simple Mail Transfer Protocol) emailcontent scanner that can be easily installed into a new or existing network withother gateway applications. It complements, and is compatible with, traditionalInternet firewalls, SMTP mail servers, anti-virus and security applications. Theonly pre-requisite is that MailMarshal must reside on a Windows NT 4.0 or2000 Server. MailMarshal consists of several pieces of software�the Server,Configurator, Console and Reporting Database.

Introducing MailMarshal 1-1

1. Introducing MailMarshal

The MailMarshal Server software is installed as the email gateway of anorganization. All email entering or exiting the organization passes through it.Depending on local needs, MailMarshal may be installed on the same physicalmachine as a corporate email server product (such as Microsoft Exchange), oron a separate machine. It may also be installed as a standalone POP3 emailserver for small to medium sized organizations.

The Configurator is installed on the same machine as the MailMarshal Serversoftware, and can also be run from a remote workstation. This module allowssetup of the basic connections required to use MailMarshal. It also allowsconfiguration of email processing rules and components, such as virus scannersand TextCensor scripts.

The flow of email through MailMarshal is monitored using the Console, whichcan be installed on the email administrator�s workstation. Through the ConsoleMailMarshal�s logs can be examined, and blocked items can be released ifnecessary.

MailMarshal can log email activity to a SQL Server database, and use theinformation to produce detailed reports. The reporting suite, using MicrosoftAccess, can be installed on any workstation.

How Does MailMarshal Work?MailMarshal is an SMTP gateway and is compatible with any SMTP emailserver on any platform, eg. Microsoft Exchange, Sendmail, Novell Groupwiseor Lotus Notes. Where the existing email server software is a Windows NTapplication, in most circumstances MailMarshal can reside on the same physicalserver. Full details of installation scenarios are given in the chapter Pre-Installation.

The MailMarshal Server consists of four major system services: the Receiver,Engine, Sender, and Controller. All email entering or leaving an organizationenters the MailMarshal Server software via the Receiver, and is processed in theEngine. The Engine unpacks each email message (unzipping archive orcompressed files if necessary) and splits the message into its individualcomponents. It then tests the whole message and each component against theRules that have been set up in the Configurator.

Rules are composed of three parts: User Matching, Conditions, and Actions.Details of rule configuration are given in the chapter Rulesets and Rules.

User Matching criteria allow filtering of messages by the sender and recipients.

1-2 Introducing MailMarshal

Other Conditions may match based on the header information, text content ofthe message and attachments, attached file types, message size, virus check by athird-party virus scanner, and other criteria.

Based on the results of User Matching and Condition testing, the emailmessage is accepted, modified or quarantined. Accepted email is passed to theMailMarshal Sender, which then forwards it to the appropriate recipients.

Messages may be stamped with a notice and/or stripped of objectionableattachments. Quarantined messages are placed into one of several foldersdefined for that purpose. They may be retrieved by the email administrator(using the Console) for examination or re-processing.

Messages which cannot be unpacked or delivered are directed to specialDeadLetter folders.

Where MailMarshal takes action on a message, notifications or copies of theoriginal message may be sent as required. These messages can be customized;see the chapter Email Templates.

All MailMarshal server activities are logged in detail to a text file. The relevantlog may be appended to a notification message.

Virus ScanningMailMarshal invokes other vendors� virus checking software to detect viruses. Anumber of commercially available scanners have been tested and shown towork with MailMarshal. For full virus protection, a licensed version of a virusscanner should be installed and its virus definition files kept up to date.MailMarshal can use multiple virus scanners to provide extra protection.Information on virus scanner configuration appears in the chapter VirusScanners.

Because many email viruses are associated with known message text or filetypes, MailMarshal can also block viruses using these criteria. Where bestsecurity practices are followed to block suspicious files, MailMarshal can oftenstop new viruses before scanner updates arrive.

Encrypted EmailMailMarshal Secure is an optional module of MailMarshal that provides forserver-based handling of encrypted messages. MailMarshal Secure uses theS/MIME (Secure MIME) standard for Public Key Encryption. MailMarshalSecure can communicate securely with any other encryption product that uses

Introducing MailMarshal 1-3

the S/MIME standard; communication is not limited to MailMarshal sites.

Where MailMarshal Secure is not installed (or the appropriate encryption key isnot available), MailMarshal will recognize the message as encrypted but will beunable to access the message contents. Such messages may be blocked orpassed through according to local policy.

Online HelpMailMarshal provides online help for assistance during installation and use ofthe software. Help is accessed through the Help menu or by pressing the [F1]key.

Extended up-to-the-minute support is available on the Marshal Softwarewebsite. The website at http://www.marshalsoftware.com features news, asupport Knowledge Base and Forum, and maintenance upgrades.

1-4 Introducing MailMarshal

Installation PlanningMailMarshal consists of several components, which may be located on differentmachines within an organization�s network. The components are:

� MailMarshal Server

� MailMarshal Configurator

� MailMarshal Console

� MailMarshal Reports

The MailMarshal Server software must be installed under Windows NT 4.0 orWindows 2000. All other components may be installed under Windows 95 orhigher, or Windows NT/2000.

Hardware Required for MailMarshal ServerMailMarshal will run on almost any Pentium-class machine. Hardwarerequirements naturally vary depending on the number of email users and theamount of email traffic. The following minimum specifications are suggestedas a guideline:

� 250 users: Pentium 166, 1GB HD, 64MB RAM

� 5000 users: Pentium III 500, 10 GB HD, 128MB RAM

Sites with more than 5000 users may require enhanced hardware. MailMarshalfully supports multi-processor computers for very high traffic sites. Pleasecontact Marshal Software for a recommended configuration.

Software Required for MailMarshal ServerNote

The following software can be installed during setup if necessary (if installingfrom the CD-Rom). As this may require several restarts, installing theprerequisite software before installing MailMarshal is recommended.

� Windows NT 4.0 Service Pack (SP) 4 or above�if not found, SP 6a will be

Pre-Installation 2-1

2. Pre-Installation

installed (however, MailMarshal Secure requires 128 bit SP 6a, or Windows2000 with the High Encryption pack�included in SP 2).

� Microsoft Management Console 1.2.

� Microsoft ActiveX Data Objects (ADO) 2.5.

� SQL Server 7.0�if not available, Microsoft Data Engine (MSDE) can beinstalled. MSDE is a free runtime version of SQL Server. SQL 7.0 ServicePack 2 is recommended for installation on either SQL Server or MSDE.

� Internet Explorer (IE) 5.01 or above (IE 5.5 is included on the MailMarshalCD-Rom).

NoteMailMarshal must be installed on a NTFS partition. MailMarshal Securerequires SQL 7.0 or MSDE to be available on the local system. Due to thelimitations on database size in MSDE, SQL Server is recommended for sitesover 500 users in size.

Software Required for Other ComponentsMailMarshal Configurator and MailMarshal Console may be run underWindows 95 or above, or Windows NT/2000. They require the MicrosoftManagement Console (MMC) 1.2, Microsoft Internet Explorer 5.01 or above,and (if run on Windows 95/98) the Remote Registry Service.

MailMarshal Reports requires Microsoft Access 97 or 2000 (only on theworkstation where Reports will be run).

Email RoutingInternet email travels from server to server using SMTP (Simple Mail TransferProtocol). MailMarshal functions as a SMTP relay. Logically, MailMarshal issituated on the local network so that email entering or leaving the organizationis routed through it. Physically, MailMarshal Server can be installed in severalscenarios. It may share a computer with other software or be run on adedicated computer. Before installing MailMarshal it is necessary to determinewhich functions MailMarshal will serve and how it will handle incoming andoutgoing email.

In general, SMTP email servers may route email in four ways:

2-2 Pre-Installation

1. By delivering a message to a �local user� (another user on the sameserver).

2. By sending email for a specific domain (eg. wellknown.com) to a fixedaddress entered by the administrator.

3. By sending all outbound email to a specific server (email relay).

4. By performing a Domain Name Service (DNS) lookup to determine theappropriate email server for a domain, and attempting to contact thathost directly.

How MailMarshal Routes Email

MailMarshal can use any of the four methods described above.

� If MailMarshal has been configured as a POP3 server, the POP3mailboxes are �local� to it.

� MailMarshal uses the term �Local Domains� to name the specific domains forwhich MailMarshal functions as the Internet email gateway. The localdomains should include all of the domains hosted by other email serverswithin the organization (such as Exchange or Groupwise servers). Messagesfor these domains will be delivered to fixed addresses.

� Where the address does not match any local domain, MailMarshal can beconfigured to deliver it either using DNS or by relaying to a specificdownstream host for delivery.

Setting up Outbound RoutingTake note of how the existing email server sends email to the Internet. Ingeneral MailMarshal should be configured to use the same process. Forinstance, email may be delivered to a firewall or ISP (email relay), or directlyusing DNS.

The existing email server must be reconfigured to forward all outboundInternet email to MailMarshal.

Setting up Inbound Routing

Determine how inbound email is currently delivered to your server. If theMailMarshal server retains the IP address and server name of the previousemail server (eg. if MailMarshal is installed on the same physical server as theother email server software), then no change to inbound settings will berequired.


If the MailMarshal server will have a different IP address and server name, inmost cases the route must be changed to ensure that inbound email messagesare sent to the MailMarshal server.

Before sending email messages to your organization, an email server on theInternet performs a DNS lookup to see which server (IP address) accepts emailfor your domain. The address returned may be that of your email server,firewall, proxy server or a downstream email relay (eg. an ISP).

If email messages were formerly sent directly to your organization�s emailserver (ie. the DNS MX lookup returned the email server�s IP address), then theDNS MX record should be changed to the IP address of the new MailMarshalmachine. Firewall permissions may also require modification to permit SMTPdelivery to MailMarshal.

If the DNS lookup returns the address of the firewall, and the firewall employsaddress translation, the translated address for incoming email must be changedto the address of the MailMarshal machine. If the firewall acts as an emailrelay, then the address to which it forwards inbound email must be changed tothat of the MailMarshal machine.

If the DNS lookup returns the address of an upstream email relay, then theforwarding address setting used by that email relay should be changed to that ofthe new MailMarshal machine.

When Installing MailMarshal on the Existing Email ServerWhen MailMarshal is installed on the same machine as the existing email serversoftware, normally no changes to the inbound routing are required. However,as MailMarshal will take over the role of listening for SMTP traffic on port 25,the existing email server must be configured to listen for SMTP traffic onanother port (port 97 is usually available, but any free TCP port will do).

MailMarshal should be configured, via its Local Domains information, toforward all inbound email messages to the local machine on the new port. It isrecommended that you use the localhost IP address 127.0.0.1.

The existing email server should be configured to forward all outbound emailmessages to the local machine (127.0.0.1) on port 25.


Installation ScenariosMailMarshal can be installed in a variety of scenarios. More detailedinstructions and some examples are given in the chapter Installation.

1. On its own physical server, as an email relay within an organization (seeFigure 2.1). In this example, all email sent from within the organizationshould be delivered to the email server. The email server forwards allexternal messages to the MailMarshal server for processing and delivery.

The DNS MX record (or the firewall�s relay setting) is also set to deliverall inbound email to the MailMarshal server.

Figure 2.1: Typical MailMarshal separate server installation

2. As a standalone POP3/SMTP server for a small organization (see Figure2.2) In this example, all email sent from within the organization shouldbe sent to the MailMarshal server on port 25 for processing. Email forinternal addresses will be delivered to MailMarshal�s POP3 boxes forcollection by email clients. Email to and from external addresses isdelivered over a dial-up or other link to an ISP.

Internet

MailMarshal Server

Firew

all

Email Server

SMTPPort 25

SMTPPort 25

Workstation

Workstation

Workstation

Email Admin


Figure 2.2: MailMarshal as a standalone POP3/SMTP server

3. On the same physical server as the organization�s email server software(see Figure 2.3). All email sent from outside the organization should bedelivered to the email server computer on port 25. MailMarshalforwards processed inbound email to the other server software using the�localhost� IP address and port 97. The other server sends email foroutside delivery to MailMarshal at �localhost� port 25.

Figure 2.3: MailMarshal and another email server on the same computer

Internet

Email ServerComputer

Firew

all

MailMarshal Port 25

Port 97Other EmailSoftware

LocalhostPort 25

LocalhostPort 97

Workstation

Workstation

Workstation

Email Admin

Dialupconnection

ISP

Internet

Workstation

Workstation

Workstation

Email Admin

MailMarshalServer

SMTP Port 25POP3 Port 110


4. On a separate computer in a DMZ (see Figure 2.4). The advantage ofDMZ installation is that all messages must pass through the firewalltwice�there is no direct access through the firewall.

This is a variation on scenario #1. If the administrator Console isrequired to communicate with the MailMarshal server from the internalnetwork, TCP port 19001 must be opened in the firewall. Use of thelogging/reporting function from the internal network will require TCPport 1433 to be opened.

NoteDirect Configurator access through a firewall is not recommended since thiswould require opening additional NetBios ports. If access through a firewallis required, use of a remote access tool such as Microsoft Terminal Server isrecommended.

Figure 2.4: MailMarshal in a DMZ

Gathering Information Before Installation

Before beginning installation of MailMarshal, information about theenvironment should be gathered. A basic list of required information is givenbelow. A more detailed MailMarshal Pre-Install Guide is available on theMarshal Software website (http://www.marshalsoftware.com) underSupport|Documentation.

Internet

MailMarshal Server

Firewall

Workstation

Workstation

Email Admin

WorkstationEmail Server

TCPPort

19001

Port25


� The organization�s Internet domain name (eg. ourcompany.com).

� Names of any other local domains for which MailMarshal will process email(eg. oursubsidiaries.com).

� The IP address of the existing local email server.

� The administrator�s email address.

� The virus scanning software (with an appropriate license) to be used withMailMarshal.

� The IP addresses of DNS servers.

� Who provides DNS? What is the lead time to alter settings, if necessary?

� Are all prerequisites present? (If not, system restart may be required to installthem.)

� Is a Firewall in use? If so, who administers it and what is the lead time tochange settings, if necessary?

� What is the outbound email delivery method now in use?

� What is the inbound email delivery method�will any changes be required?


The MailMarshal Installation process consists of two parts: installation of thesoftware and any prerequisites onto the server, and configuration of thesoftware to send and receive email.

Installation optionally includes setting up the MailMarshal Reports database,which stores usage information.

After installation and configuration, Rules must be customized to implementthe desired policies.

The MailMarshal Server, Configurator, Console, and Reports may be installedon different computers. The Configurator and Console will always be installedon the MailMarshal server computer, but may also be installed elsewhere.

This chapter assumes that decisions have been made as to where in the networkMailMarshal will be installed, and how email will be forwarded. Several typicalinstallation scenarios are presented in the chapter Pre-Installation.

Procedures to Install MailMarshal Server

Preliminary Steps:

1. Log on to the server as a user with administrative privilege. Insert theMailMarshal disk into the server CD-Rom drive and select InstallMailMarshal 4.2. Or, run the downloaded MailMarshal Installer file.

2. Carefully read the information given on the screens Welcome toMailMarshal Setup, Marshal Software License Agreement, and Important Pre-Installation Information. By clicking Yes on the Software License screen, youaccept the terms of the License. (The License is printed in the front ofthis manual for more convenient reading.)

3. In the Select MailMarshal Setup Type dialog, select the desired installationoption, then click Next. In the following dialogs, choose the destinationlocation and the program folder.

Installation 3-1

3. Installation

NoteMailMarshal must be installed on a NTFS partition. MailMarshal Securerequires SQL 7.0 or MSDE to be available on the local system.

4. Review the information in the Start Copying Files dialog. If it is correct,click Next to start installation.

5. When the MailMarshal Setup Complete dialog appears, choose whether ornot to launch the Configurator. You must run the Configurator tocomplete the installation.

Installation WizardWhen the MailMarshal Configurator is first run, MailMarshal launches a wizardwhich requests the configuration information needed to complete installation.For more information on configuration options, please refer to the chapterServer Properties later in this manual. The Wizard process includes the followingsteps:

1. License Key

Enter your company name in the first field (see Figure 3.1). Enter yourLicense Key, provided by Marshal Software or your local MarshalSoftware reseller, in the second field. If you do not have a License Key,click the URL link provided to connect to the Marshal Software web site.Complete the MailMarshal Trial Key Request form; a trial key willimmediately be emailed to the address you specify.

Click Next. An information box will report the validity details of the keyyou entered.

2. Local Domains

This dialog specifies the names of local domains for which MailMarshalwill accept inbound email (see Figure 3.2). The list should include all(and only) the domains of email addresses your organization actuallyuses through this gateway. (The Local Domains list should exactly matchthe DNS MX records pointing at this server.)

3-2 Installation

Figure 3.1: Installation Wizard–Key

Local domains may be of two types: Relay and POP3. Email for a relaydomain is sent on to another email server. Email for a POP3 domain isdelivered to a mailbox hosted by the MailMarshal server. Most oftenthere will be a single entry in this section for the local email server.However, if the email server handles more than one domain, multipleentries may be needed. Note that all relay servers defined here will also beallowed to relay outbound email through MailMarshal.

NoteIf POP3 service for a domain is already provided by other software (such asMicrosoft Exchange), that domain should be configured as a Relay domain inMailMarshal.

Click New to start the New Local Domain Wizard. Choose whetherMailMarshal will host any POP3 mailboxes for the domain. In the finalscreen, enter the domain name. Enter the IP address of the server towhich email should be relayed. Optionally enter a second email serveraddress (used only as a fail-over if the first server does not respond).

Installation 3-3

If this is a POP3 domain, choose the action to be taken forundeliverable messages.

Click Finish to return to the Local Domains dialog.

Figure 3.2: Installation Wizard–Local Domains

Multiple Relay local domains may be entered using wildcards (eg.*.ourbusiness.com may be entered to direct email for all subdomains ofourbusiness.com to a single address). See the section Wildcards in ServerProperties for a description of MailMarshal�s wildcard syntax.

NoteMailMarshal�s permanent License Keys are bound to the list of local domainsspecified in this list. Each time the list of domain names changes, a new keyis required. Changes in IP addresses or ports, or between relay and POP3domains, do not require a new key. See the section License Info in ServerProperties for information on requesting a new key.

Repeat the New Local Domain Wizard for each local domain required.When all domains have been entered, adjust the order of matching by

3-4 Installation

highlighting a domain from the list and using the up and down arrows.

NoteEnsure that local domains are matched in the correct order;otherwise email may be misdirected. Eg. if the (incorrect) sequence is

*.example.com Relay 10.1.2.1:25pop.example.com POP3 10.2.5.4:25

POP3 mailboxes will be ignored and all email will be delivered to the firstaddress, ie. 10.1.2.1 port 25, because *.example.com will match for messagesaddressed to pop.example.com. In this example, to have the email correctlydelivered, pop.example.com should be the first domain in the sequence.

3. General

Administrative notifications (such as DeadLetter reports) will be sent tothe address specified in the first box (see Figure 3.3). This should be avalid and appropriate mailbox or group alias. Administrative and usernotifications and other automated email from MailMarshal will be sent�from� the address entered in the second box.

Figure 3.3: Installation Wizard–General

Installation 3-5

4. Delivery

The primary DNS (Domain Name Server) address used by theorganization must be entered, and a secondary address is recommended(see Figure 3.4). These servers should be located no further away thanthe ISP.

By default MailMarshal will attempt to deliver outbound email directly,using DNS resolution to determine the appropriate destination.However, if all outbound email is forwarded to a firewall or a fixed relayserver (such as an ISP), then select the appropriate radio button andenter the host name or IP address of the relay or firewall.

Figure 3.4: Installation Wizard–Delivery

3-6 Installation

5. Dial on Demand

See Figure 3.5. If outbound email is to be delivered over a dial-upconnection, check the box and fill in the appropriate information(otherwise proceed to the next page). Select a RAS entry from the drop-down list, or click on New Phonebook Entry to add the desiredinformation. Fill in other information as appropriate. The correctsettings should be obtainable from existing email server settings or fromyour ISP.

Figure 3.5: Installation Wizard–Dial on Demand

6. Mail Batching

See Figure 3.6. MailMarshal supports batch receipt and delivery of emailmessages where on-demand connection to the upstream email server isnot desired (eg. due to cost). If this feature is to be used, check the boxand fill in the appropriate information. The correct settings should beobtainable from existing email server settings or from you ISP. Fordetailed discussion of these settings see Mail Batching in Server Properties.

Installation 3-7

Figure 3.6: Installation Wizard–Mail Batching

7. Reports

See Figure 3.7. MailMarshal can log details of the processing anddelivery status of messages to a database. When logging has beenenabled, the Mail History can be viewed in the Console and a widevariety of reports run from MailMarshal Reports.

To enable logging, check the Enable Report Logging checkbox. Check theLog Attachment Details checkbox to enable reporting on attachmentswithin email messages.

3-8 Installation

Figure 3.7: Installation Wizard–Reports

Click Create/Select Database to choose the location of the SQL databasewhere the information will be stored. In the Create/Select Database dialog(Figure 3.8), enter the name of the SQL Server (or MSDE) computer inthe first box. You can browse the network if necessary. Enter the nameof the database you wish to use, and the SQL user name and password.(The default user �sa� does not normally require a password.) If youbelieve that a MailMarshal database has previously been installed in thegiven location and you wish to overwrite it, check the box to recreate thedatabase.

NoteThe database password may be changed using SQL administration tools orcommand-line SQL entry. However this procedure must be used withcaution if other applications may be using the database. For furtherinformation please see Marshal Software Knowledge Base article KB203.

Installation 3-9

Figure 3.8: Installation Wizard–Create/Select Database dialog

8. Finished

Basic configuration of the MailMarshal Server is now complete. TheMailMarshal Configurator starts automatically on completion of theWizard.

Changes to the configuration may be made through the Tools|ServerProperties menu in the Configurator. Several advanced selections are alsoavailable in that menu. For complete information see the chapter ServerProperties.

Before MailMarshal can be put into production, the following stepsshould be taken within the MailMarshal Configurator:

1. Configure virus scanners within MailMarshal, if desired. Mostinstallations use a virus scanner. See the chapter Virus Scanners.

2. Customize Rulesets and enable Rule processing. See the chapter Rulesand Rulesets.

3. Start MailMarshal Services.

The following additional steps may be required:

1. Configure an existing email server to pass email through MailMarshal.

2. Install and configure third party virus scanning software.

3-10 Installation

Configuring an Existing Email Server Typically MailMarshal receives inbound email, processes it, then relays it to theorganization�s internal email server as specified in the Local Domains list.Outbound email is passed from the internal email server to MailMarshal forprocessing and external delivery. See the chapter Pre-Installation for a variety ofinstallation scenarios.

The internal email server software must be configured to send outgoing emailto MailMarshal for processing and delivery.

Where MailMarshal is installed on the same computer as the existing emailserver software, the two applications must use different �ports� to receive emailIn this case, the following steps are typically necessary:

� As the MailMarshal receiver is now accepting SMTP traffic on port 25, changethe SMTP port that the other email server uses for SMTP (port 97 is usuallyavailable, although any free TCP port will do).

� Configure the other email server software to forward all Internet email to thelocal machine (use the �localhost� IP address 127.0.0.1, port 25).

� Check that MailMarshal is configured, via its Local Domains information, toforward all inbound email to the local machine on the alternative port (again,use the localhost IP address and port, eg. 127.0.0.1:97).

Specific details for configuring Microsoft Exchange 5.5 and Lotus Notes 4 and5 are given in Appendix A. For more detailed information, and to configureother email server software, please refer to the product documentation for theother software. The Marshal Software Knowledge Base also contains someadditional setup information.

MailMarshal and Microsoft Proxy Server 2.0Where MailMarshal is installed in the same network as Microsoft Proxy Server2.0, there are two possible scenarios:

� MS Proxy routes incoming connection requests through to the email server.In this scenario the email server has Winsock proxy client installed on it andthere is a wspcfg.ini file in the MailMarshal install directory.

� MailMarshal (or an email relay or gateway to the MailMarshal server) isinstalled on an MS Proxy Server.

Each scenario has a range of MailMarshal installation options.

MailMarshal can be installed on the same machine as Microsoft Proxy Server

Installation 3-11

and could replace an existing email relay or gateway, or may be installed inparallel. If WinSock Proxy Client was used by the email server it is no longerneeded, as MailMarshal will relay messages to and from the email server.

Alternatively, MailMarshal may be installed on a separate machine with twonetwork cards and be used to route email from the Internet to the email server.In this case, email is no longer routed via Microsoft Proxy Server.

MailMarshal may also be installed on a machine �inside� the proxy server (onthe trusted network) when the proxy server has two network cards. Thisscenario will require use of WinSock Proxy Client in order to communicatewith the Internet. Ensure that an appropriate wspcfg.ini is created in theMailMarshal installation directory to bind the MailMarshal receiver to theexternal interface of the proxy server. More information on MailMarshal andMS Proxy 2.0 is available in Marshal Software Knowledge Base article KB31.

NoteMicrosoft Proxy can be configured to implement security at user level.Where this has been done, MailMarshal should initially be configured to rununder the same user account as your existing email server, email relay orgateway.

MailMarshal Console InstallationThe MailMarshal console provides day-to-day administrative access to theMailMarshal server and email stream, including a real-time view of emailprocessing and management of rejected and quarantined messages. Theconsole is installed automatically on the MailMarshal Server when a serverinstall is performed. If the MailMarshal Console software is to be used on anyother machine it must also be installed on that machine. It may be installeddirectly from the MailMarshal CD-ROM or from an install folder copied fromthe CD-ROM. See the chapter Pre-Installation for a list of software prerequisitesfor the Console.

To install the MailMarshal Console:

� Log in with sufficient access rights to install software onto the local machineand to access the install folder for MailMarshal.

� Run the MailMarshal installation program or setup.exe to install the MailMarshal Console software.

� Under Setup, choose Custom/Complete, then Console.

� Run the newly installed software.

3-12 Installation

� If the MailMarshal Server is not running on the same machine, a Change Serverdialog box will prompt for the IP Address or name of the MailMarshal Servermachine. This dialog box can be reached at any time by right-clicking on theMailMarshal Console folder in the Console menu tree.

Configuration information for MailMarshal Console is stored in the clientmachine registry.

NoteWhenever you update or upgrade the MailMarshal Server you mustalso upgrade the Console on remote machines.

Console Security IssuesMailMarshal Console uses Windows NT�s secure RPC mechanism tocommunicate (via TCP port 19001) with the MailMarshal Server. A consoleuser must have an account and password that can be validated by theMailMarshal Server. If the MailMarshal machine is in a different domain youcan either set up a trust relationship or create local accounts on theMailMarshal Server computer. If the Console and the Server are separated by afirewall (eg. if the Server is located in a DMZ), port 19001 must be opened inthe firewall to allow remote Console access.

To view the messages in the quarantine folders the account in use must haveread access to the folders. If you wish to make changes to items (eg. forwardemail, kill messages) the account will also need write access. Access to thefolders should be limited by using Windows NT security.

To implement access control for other features, edit the access permissions onthe MailMarshal.key file (in the MailMarshal folder on the server). Read accessto this file allows the user to view the service status, queued domains and mailhistory. Write access to this file gives the ability to kill messages, dial now, retrydomains and reload services.

NoteFor details on changing the Console communication to another port, contactMarshal Software support.

MailMarshal Configurator Remote InstallationThe MailMarshal Configurator software provides access to all setup functionsfor MailMarshal, including server configuration and setup of Rules and Ruleelements. The Configurator is installed automatically on the MailMarshal

Installation 3-13

Server when a server install is performed. If the MailMarshal Configuratorsoftware is to be used on any other machine it must also be installed on thatmachine. It may be installed directly from the MailMarshal CD-ROM or froman install folder copied from the CD-ROM. See the chapter Pre-Installation for alist of software prerequisites for the Configurator.

NoteIt is not recommended to connect the Configurator to the MailMarshalServer through a firewall, as additional NetBios ports must be opened tomake this possible. If access through a firewall is required, use of a remoteaccess tool such as Microsoft Terminal Server is recommended.

To install the MailMarshal Configurator:

� Log in with sufficient access rights to install software onto the local machineand to access the install folder for MailMarshal.

� Run the MailMarshal installation program or setup.exe to install theMailMarshal Configurator software.

� Under Setup, choose Custom/Complete, then Configurator.

� Run the newly installed software.

� If the MailMarshal Server is not running on the same machine, a Change Serverdialog box will prompt for the IP Address or name of the MailMarshal Servermachine. This dialog box can be reached at any time by right-clicking on theMailMarshal Configurator element in the left pane of the Configurator.

NoteWhenever you update or upgrade the MailMarshal Server you must alsoupgrade the Configurator on remote machines.

Uninstalling MailMarshalUse the following steps to uninstall MailMarshal.

Before uninstalling, ensure that any settings changes made to the email system(eg. the DNS MX records and email server settings) are revised to excludeMailMarshal from email processing.

Log on to the MailMarshal Server computer with administrative rights. Stopthe MailMarshal Controller service using the Control Panel Services applet. Thisshould stop all other MailMarshal services.

Uninstall MailMarshal (and MailMarshal Reports, if installed) using the ControlPanel Add/Remove Programs applet. System restart may be suggested to remove

3-14 Installation

some files.

Uninstall the MailMarshal Configurator, Console and Reports software onworkstations.

If appropriate, drop the MailMarshal and MailMarshalCertStore databases usingSQL administration tools.

Importing a MailMarshal ConfigurationWhere MailMarshal is being reinstalled, or installed in a cluster environment, itmay be desirable to import configuration settings.

WarningIncorrect use of this feature could damage your MailMarshal installation.Always save current settings (using the export facility) before performing thisprocedure.

The Merge with current configuration option must only be used with speciallyconstructed files supplied by Marshal Software.

Start the Configurator, choose Tools|Server Properties from the menu to see theServer Properties dialog, and choose the Advanced tab.

To display the Import Configuration dialog box, click on the Import Configurationbutton. Click on Browse to select the file to import. Select Overwrite currentconfiguration to replace your current configuration with the imported settings.Click on OK.

User Group information is stored in the file UserGroups.txt within theMailMarshal install folder. To import User Groups, copy this file to theappropriate location.

Files with �known fingerprints� are stored in the folder ValidFingerprintswithin the MailMarshal install folder. To preserve fingerprint information, copythis folder to the appropriate location.

Installation 3-15

The MailMarshal Configurator is used to set up and modify the Rules and ruleelements that control how email is processed by the MailMarshal Server. TheConfigurator also allows advanced setup and modification of the ServerProperties, which determine how MailMarshal sends and receives email. TheConfigurator is always installed on the MailMarshal Server computer duringinitial setup. It may also be installed on any workstation�for installationinstructions, please see the chapter Installation.

The MailMarshal Configurator is implemented as a snap-in to the MicrosoftManagement Console (MMC). For general information and tips about theMMC, please see the chapter MailMarshal and the MMC. This manual assumesthat the MMC is displaying both the left (menu tree) and right (details) panes.

Figure 4.1: The MailMarshal Configurator

The Configurator 4-1

4. The Configurator

To use the MailMarshal Configurator, ensure that the MailMarshal Configuratorfolder is expanded. The left menu pane presents the top level functions ofMailMarshal. Detailed information is presented in the right pane.

Note Only one instance of the MailMarshal Configurator may be active perMailMarshal Server. Attempting to start a second Configurator results in thenotice �MailMarshal settings are locked.�

The following elements are available in the Configurator. Many of theseelements are covered in more detail in following chapters of this manual.

MailMarshal ConfiguratorWhen MailMarshal Configurator is selected in the left pane, the status of theMailMarshal services is shown at the bottom of the right pane. These willinclude the Engine, Receiver, and Sender. They may also include the POP3service if this option has been configured, and the Encrypt and Decryptservices if MailMarshal Secure is installed and enabled.

To start the MailMarshal services, click the Start icon in the toolbar. To

stop the services, click the Stop icon in the toolbar. An individual servicemay also be started or stopped by selecting it then clicking the appropriate icon.The start/stop status of these services persists through server restarts.

When changes to the Rules or rule elements have been made in theConfigurator but not yet reloaded on the Server, the caption MailMarshalConfigurator will be followed by a * (see Figure 4.1). To reload the Server, click

the Reload icon on the toolbar. Changes will take effect immediately.

Some configuration changes require the MailMarshal services to be restarted.Where this is necessary the option to do so will be given. Restarting theservices takes only a few seconds and does not seriously affect email flow.

Server PropertiesClick Tools|Server Properties in the menu to view the MailMarshal ServerProperties dialog. The various tabs of this dialog allow setup of MailMarshal�semail delivery and receipt options, logging database, and Header Rewritefunction, as well as several minor options. Backup and restore of the

4-2 The Configurator

MailMarshal configuration is also available. Detailed information on this dialogis available in the chapter Server Properties.

RulesetsSelect this item to view a list of MailMarshal�s Rulesets in the right pane.Rulesets contain the Rules which determine how email messages are processed.Rules may depend on recipient, message size, and other factors. Availableactions include content scanning, third-party virus scanning, message stamping,and others. For detailed information on Rules and Rulesets, please see thechapter Rulesets and Rules.

NoteWhen this item is selected, click the Print icon in the toolbar to view andoptionally print a list of all currently configured Rulesets and Rules.

User GroupsSelect this item to view a list of MailMarshal�s User Groups. These Groupsmay be used to apply different Rules to various email users�for instance, toapply different message stamps to outbound email from various departments.User Groups may be created within MailMarshal or imported via LDAP fromany available directory server. For detailed information please see the chapterUser Groups.

POP3 AccountsSelect this item to view a list of POP3 accounts which have been set up on theMailMarshal server. MailMarshal is effective as a POP3 server for up to 300users. POP3 accounts may also be used to provide relay access toMailMarshal�s rule processing and SMTP sending abilities for remote users,even if inbound email is not delivered to POP3 mailboxes. For detailedinformation please see the chapter POP3 Accounts.

Virus ScannersSelect this item to view a list of third-party virus scanners which have beenconfigured for use by MailMarshal. Scanners in the list may be used to checkmessage content and attachments. For more information on configuring virusscanners, please see the chapter Virus Scanners.


External CommandsSelect this item to view a list of external commands which MailMarshal caninvoke. Most command-line executable programs can be used in this way.DLLs can also be invoked. External commands can be used either to test thecontent of a message, or to perform an action as a result of a condition beingtriggered by a message. For more information, please see the chapter ExternalCommands.

FoldersSelect this item to view a list of folders into which MailMarshal can place emailitems. Folders may be used to quarantine items based on content, to takecopies of selected items, and to park messages for later delivery. Folder names,subfolders, and physical locations may be changed. For more informationplease see the chapter Folders.

Email TemplatesSelect this item to view a list of templates which may be used whenMailMarshal sends an automated message. Templates may contain variablesand may have attachments. They can be created and modified to suit any need.For more information please see the chapter Email Templates.

TextCensor ScriptsSelect this item to view a list of MailMarshal�s TextCensor Scripts. TheseScripts are used within Rules to review the content of email messages andattachments. A number of scripts are installed by default. They may be editedand new scripts added. For more information, please see the chapter TextCensorScripts.

Logging ClassificationsSelect this item to view a list of classifications available when message traffic islogged by MailMarshal. Classifications may be added and modified to suit localneed. For more information, please see the chapter Logging Classifications.

4-4 The Configurator

Message StampsSelect this item to view a list of message stamps which may be appended byMailMarshal. Stamps may be used for disclaimers, or to notify a recipient ofaction taken by MailMarshal. Message stamps may be in HTML and plain textformat, and may be inserted at the top or bottom of an email message. Formore information please see the chapter Message Stamps.

LDAP ConnectionsSelect this item to view a list of LDAP (Lightweight Directory Access Protocol)server connections which have been configured in MailMarshal. LDAP allowsMailMarshal to populate User Groups from remote directory servers. LDAP isalso used by MailMarshal Secure to retrieve user Certificates from a remotestore. For more information on configuring LDAP connections, please see thechapter LDAP Connections. Information on LDAP User Groups may be foundin the chapter User Groups; information on using LDAP certificate stores isfound in the chapter MailMarshal Secure.

News and SupportSelect this item to view the Marshal Software website in the right pane. Thissite features the latest support information, including Frequently AskedQuestions, a Knowledge Base, and a Support Forum. To access the full rangeof resources, customers should log in to the site. Obtain login details, ifnecessary, by contacting Marshal Software.


Rules define how MailMarshal treats email messages. For convenience, all Rulesare defined within Rulesets (groups of Rules that share base User Matchingconditions). Conditions defined for a Ruleset must be satisfied before any Rulein that Ruleset is evaluated.

An organization may have just a few Rulesets, or many. For example, oneRuleset might apply to all messages outbound from the organization, andanother Ruleset apply to all inbound messages. Alternatively or in addition, anorganization may be divided into departments, with Rules governing email toand from each department grouped into a separate Ruleset. While some defaultRulesets and Rules are provided with MailMarshal, changes and additionsshould be made to meet local needs. A minimum of two Rulesets isrecommended: one for incoming email and one for outgoing email.

Each Rule has three parts: User Matching, Conditions, and Actions. The UserMatching and Conditions sections are used to evaluate each message. Messageswhich meet the specified criteria are subjected to the specified Actions. Figure5.1 displays an example Rule.

Best PracticesA wide variety of Rules may be created within MailMarshal. Marshal Softwarerecommends the following basic practices to ensure security and ease ofadministration:

� Keep rules simple. Simple rules are easier to debug and often faster to run.

� Archive messages. Archiving gives an extra layer of backup in case of emailserver or delivery problems, as well as being useful for rule testing.

� Block most attached files by default (both by file extension and by file type).MailMarshal is shipped with example Rules to accomplish this.

� Block password protected attachments.

� Block encrypted attachments (eg. files of type �Encrypted Word Document�).

� Block encrypted messages which MailMarshal cannot decrypt (eg. PGP

Rulesets and Rules 5-1

5. Rulesets and Rules

messages, and S/MIME messages if MailMarshal Secure is not installed).

� Subscribe to email notification lists for virus outbreaks (such lists are offeredby many anti-virus software companies). When an outbreak occurs, block theoffending messages by subject line or other identifying features.

Viewing and Printing RulesetsTo view and optionally print a list of all currently configured Rulesets and Rulesfirst select Rulesets in the left pane of the Configurator. Click the Print icon inthe toolbar to view the Ruleset and Rule definitions in a new window (seeFigure 5.1). To view an individual ruleset, select that ruleset in either pane andclick the Print icon.

Figure 5.1: Ruleset Print Preview window

Creating a RulesetTo create a Ruleset, in the MailMarshal Configurator, select Rulesets in the leftpane. Then click the New Ruleset icon in the toolbar to start the New RulesetWizard (see Figure 5.2).

Select the conditions under which the Ruleset should be used by checking

5-2 Rulesets and Rules

boxes in the upper pane. Scroll down to see the full list of conditions. Theconditions selected will be presented in the lower pane.

Where the matching condition requires specific information to be completed,the incomplete information appears in the rule description as a red hyperlink.Click on the hyperlink to bring up a dialog box allowing this information to beentered. Where specific information has been entered the rule descriptiondisplays the specifics as a blue hyperlink; click on this link to edit them.

Figure 5.2: New Ruleset Wizard–Message Filtering

Clicking on the hyperlink People opens the Enter Users dialog (see Figure 5.3).This dialog presents a list of MailMarshal User Groups. Expand any group inthe right pane of this dialog to see its members. Double-click on any usergroup or individual address to add it to the list.

A new user may be added to the list by clicking the New User button. A newUser Group may be created by clicking the New User Group button. Once theruleset has been created the group should be populated using the functionsavailable in the User Groups item of the Configurator tree.


Figure 5.3: Enter Users dialog

Delete a group or address from the list by clicking the Delete button. Close thisdialog and return to the New Ruleset Wizard by clicking OK.

In the final screen of the New Ruleset Wizard (Figure 5.4), give the Ruleset aname. Choose whether to enable the ruleset, and whether to launch the NewRule Wizard. A Ruleset must contain at least one Rule to have any effect.

Figure 5.4: New Ruleset Wizard–Finished

Editing a RulesetTo edit a Ruleset, in the MailMarshal Configurator, select Rulesets in the leftpane. Right click the Ruleset to be edited in the right pane and select Propertiesfrom the context menu. The Ruleset is presented in a dialog with two tabs,


�General� and �Filtering�, which allow all information in the Ruleset to bemodified.

To Copy or Move Rules Between RulesetsTo move a Rule between Rulesets, select the Rule�s parent Ruleset in the leftpane of the Configurator. Drag the desired rule from the list in the right paneto a different Ruleset in the left pane.

To copy a Rule, hold down the <CTRL> key while dragging the Rule.

To Enable or Disable a RulesetTo enable or disable a Ruleset, edit it then check or uncheck the box �enableruleset after next reload�. Alternatively, right click the Ruleset in the right paneand select All Tasks|Enable or All Tasks|Disable from the popup menu.

Order of EvaluationThe order in which Rulesets and Rules are evaluated is significant. Certain Ruleactions are terminal (they stop further Rule processing). This is indicated in theRule description.

For instance, a virus scanning rule will normally be evaluated first, and if avirus is found the message will be quarantined immediately�no further ruleswill be evaluated.

Rulesets are evaluated in �top down� order as shown in the Configurator.

Adjusting the Order of Evaluation of RulesetsTo adjust the order of evaluation of Rulesets, select Rulesets in the menu pane.Select a Ruleset in the right pane, and move it up or down using the arrows inthe toolbar. Click the Reload Server Rules icon to effect the change in order.

Adjusting the Order of Evaluation of RulesTo adjust the order of evaluation of Rules, expand a Ruleset. Select a Rule inthe right pane, and move it up or down using the arrows in the toolbar. Clickthe Reload Server Rules icon to effect the change in order.

NoteA rule containing a �Goto� condition (Pass the message to rule) cannot bemoved below the rule it is set to go to. Attempting such a move raises a


warning notice. See the section on rule conditions below for moreinformation.

Creating a New RuleTo create a new Rule, in the left pane of the Configurator, expand the Rulesetthat should contain the new Rule. Click the New Rule icon in the toolbar tostart the Rule Wizard.

In the first screen of the Rule Wizard, select the appropriate rule type.

Standard Rules are processed by the MailMarshal Engine and offer the fullrange of Conditions and Actions. Most rules will be of this type.

Receiver Rules are processed by the MailMarshal Receiver before the receiptof the message body. The only conditions available for Receiver Rules aremessage size (this works only where the sending email server supports ESMTP)and message source (User Matching and incoming/outgoing). The advantageof Receiver Rules is that they may reduce traffic volume by refusing delivery ofmessages completely before they are received.

Security Rules (available only when MailMarshal Secure is enabled) control theencryption, decryption and signing of S/MIME messages. For information onSecurity Rules, please see the chapter MailMarshal Secure.

Figure 5.5: Rule Wizard–User Matching


The next screen of the Rule Wizard, User Matching, specifies to whom the rulewill apply (see Figure 5.5). Check the appropriate boxes in the upper pane toadd matching conditions to the rule description. Scroll down to see the full listof conditions.

NoteIf no User Matching boxes are checked, the Rule will apply to all messages(subject to the limitations imposed by the parent Ruleset). Matchingconditions determined by the parent Ruleset are displayed in grey text andcannot be edited here. If these conditions must be changed, edit theproperties of the parent Ruleset.

Where the matching condition requires specific information to be completed,the incomplete information appears in the rule description as a red hyperlink.Click on the hyperlink to bring up a dialog box allowing this information to beentered. Where specific information has been entered the rule descriptiondisplays the specifics as a blue hyperlink; click on this link to edit them.

The third screen of the Rule Wizard, Conditions, specifies other tests to beperformed on the message and its attachments. Choices are made as in theprevious screen. Detailed lists of Conditions are presented later in this chapter.

The fourth screen of the Rule Wizard, Actions, sets the actions to be taken if amessage meets the specified conditions. Choices are made as in the previousscreens. Detailed lists of Actions are presented later in this chapter.

The fifth and final screen of the Rule Wizard, Finish, presents the completeRule in the description pane where it may be edited (see Figure 5.6). The rulemust be named. By default the rule is �turned on� (used to process messages).

NoteNew Rules and changes do not take effect until the Rules are reloaded (usingeither the Reload Server Rules icon in the toolbar or the menu item Tools|ReloadRules on Server).

Copying a RuleTo copy a Rule, right-click it in the Configurator. To make a copy in the currentRuleset, choose Duplicate from the context menu. To make a copy in anotherRuleset, choose Copy from the context menu; then right-click the target Rulesetand choose Paste.


Editing a RuleTo edit a Rule, double click it in the right pane of the Configurator. The rulewill be presented in the Finish dialog of the Rule Wizard (see Figure 5.6).Hyperlinked details may be edited from this pane. If more basic changes toconditions or actions are required, use the Back button to view the UserMatching, Conditions, and Actions screens.

Figure 5.6: Rule Wizard–Finish

User Matching CriteriaWhen creating Rulesets and Standard and Receiver Rules, the following UserMatching criteria are available:


Where message is incoming

Action will be taken if the message is addressed to a domain withinMailMarshal�s Local Domains list.

Where message is outgoing

Action will be taken if the message is addressed to a domain outsideMailMarshal�s Local Domains list.

Where addressed to people

Action will be taken if a recipient of the message is found in the list ofaddresses specified. See the section on Rulesets, above, for details on choosingwhich �people� are included in these conditions.

NoteWhenever a list of �people� is required in a condition, the list may containindividual email addresses, domains, and MailMarshal user groups (see Figure5.3).

Where addressed from people

Action will be taken if the sender of the message is found in the list specified.

Where addressed either to or from people

Action will be taken if a recipient or sender of the message is found in the listspecified.

Where addressed both to and from people

Action will be taken if the sender of the message is found in the first listspecified, and the recipient of the message is found in the second list specified.

Except where addressed to people:

Action will not be taken if a recipient of the message is found in the listspecified.

Except where addressed from people

Action will not be taken if the sender of the message is found in the listspecified.

Except where addressed either to or from people

Action will not be taken if an recipient or sender of the message is found in


the list specified.

Except where addressed both to and from people

Action will not be taken if the sender of the message is found in the first listspecified, and the recipient of the message is found in the second list specified.

Note�Except� matching criteria are the key to creating exception based policies.Rules which apply to all recipients with the exception of small specific groupshelp to ensure that security policies are uniformly applied. For instance, arule may apply “Where the message is incoming except where addressedto Managers”

Rule Conditions–Standard RulesThe following conditions are available for use in Standard Rules. They arefurther explained below:

� Where message attachment is of type

� Where attachment parent is of type

� Where attachment fingerprint is/is not known

� Where message is of a particular size

� Where message attachment is of a particular size

� Where the estimated bandwidth required to deliver this message is

� Where message contains attachments of name

� Where message triggers text censor script(s)

� Where message contains a virus

� Where the external command is triggered

� Where number of recipients is count

� Where number of attachments is count

NoteIf many conditions are specified in a single rule they must all be satisfied forthe Rule action to be taken. To match any of several single conditions, placeeach one in its own Rule. It pays to keep rules simple and ensure they arelogical�it is possible to create nonsensical rules in MailMarshal!

Where message attachment is of type

MailMarshal checks the structure of all attached files to determine their type.Over 80 types are recognized as of this writing. Selecting the hyperlink �file


types� opens a selection dialog including several categories of files (see Figure5.7). Select an entire category by checking the associated box. Expand anycategory to see the list of types included, and check the required boxes. Whensatisfied click OK to return to the Rule Wizard.

Figure 5.7: File Attachment Types dialog

Where attachment parent is of type

This condition is intended to be used with the above condition (attachment oftype), and causes MailMarshal to consider the file type of the parent container aswell as that of the attachment (for instance, MS Word documents containingimages). Clicking the hyperlink �parent types� opens a selection dialog offeringall valid parent types. The dialog also allows the condition to be applied totypes in or out of the selected list (see Figure 5.8).

NoteThis condition may be useful to exclude images and other inclusions withinMS Word documents from quarantine rules. Eg.When a message arrivesWhere message attachment is of type IMAGE

And where attachment parent is not of type: DOC

See also the next condition (attachment fingerprint).


Figure 5.8: Parent Types dialog

Where attachment fingerprint is/is not known

The �fingerprint� identifies a specific file (such as a particular image). Click thehyperlink and choose to base the condition on fingerprints which are known orunknown. To add a file to the list of �known� files, use the �add to validfingerprints� rule action, or select Add Fingerprints while processing messages inthe Console (see the chapter The Console for further information). To delete afile from the list of �known� files, delete the file from the ValidFingerprintssubfolder of the MailMarshal install folder then reload the MailMarshalconfiguration.

NoteThis condition may be useful to exclude certain images, such as corporatelogos or signatures, from triggering quarantine rules. Eg. to take action onlyon unrecognized images, use the following conditions:When a message arrivesWhere message attachment is of type IMAGE

And where attachment fingerprint is not known

NoteFiles may also be made known by placing them in the ValidFingerprints sub-folder and restarting the Engine; however this must be done with care. Seethe Marshal Software Knowledge Base for further information.

Where message is of a particular size

The size of the entire message, before unpacking, will be considered. Choose a


size and matching method using the Message Size dialog (see Figure 5.9)

NoteMailMarshal checks the size of the received message in its encoded format.This is typically 33% larger than the size reported by an email client.

Figure 5.9: Message Size dialog

Where message attachment is of a particular size

The size of each attachment is evaluated after all unpacking, unzipping, etc. iscomplete. An attachment size may be larger than the size of the originalmessage, due to decompression of archive files.

Where the estimated bandwidth required to deliver this message is

The bandwidth required to deliver a message is calculated by multiplying themessage size by the number of unique domains to which it is addressed. Theintended use of this criterion is to move high-bandwidth messages to a�parking� folder for delivery outside peak hours. They could also be blockedentirely.

Where message contains attachments of name

Enter a list of file names, separated by semi-colons. The * and ? wildcards aresupported (eg. *.SHS;*.VBS;*.DO?). This condition is particularly useful forquickly blocking dangerous file types such as VBS, or known virus attachmentssuch as �creative.exe�. However, it checks only the file name and not theinternal type; use �Where message attachment is of type� to check files bystructure.

Where message triggers text censor script(s)

Choose a TextCensor script to be used in evaluating the message (see Figure5.10). Depending on the settings of the individual script, various parts of themessage and its attachments may be scanned. Within the Select TextCensor Script


dialog, select a script and click Edit Script to view or change it; click New Scriptto create a new script which will be automatically selected when you return tothe dialog. See the chapter TextCensor Scripts for detailed information oncreating Scripts.

NoteMore than one TextCensor script may be included in a rule. However, forthe rule to be triggered all included scripts must trigger.

Figure 5.10: Select TextCensor Script dialog

Where message contains a virus

All currently configured virus scanners will be used to scan all portions of themessage and attachments. See the chapter Virus Scanners for information onchoosing and configuring virus scanners within MailMarshal

NoteWhere policy based choice of scanners or scanning actions is desired, virusscanners may be defined as external commands (see the next rule conditionand the chapter External Commands for more information).

Where the external command is triggered

Select one or more external commands to be used to test the message. If morethan one command is specified, all commands must be triggered for thiscondition to be triggered. External commands can be executable programs orDLLs. See the chapter External Commands for more information.


Where number of recipients is count

This condition is typically used to block messages with large recipient lists assuspected �Spam�.

Where number of attachments is count

This condition is typically used to block messages with large numbers ofattachments. The number of attachments may be counted using top levelattachments only, or top level attachments to email messages including anyattached messages, or all attachments at all levels (see Figure 5.11).

Note�Top level attachments� are the files explicitly attached by name to an emailmessage. Other files, such as the contents of a zip archive or images within aMS Word document, may be contained within the top-level attachments.

Figure 5.11: Number of Attachments dialog

Rule Actions–Standard RulesThe following actions are available for selection in Standard Rules. Details ofeach action are given below.

� Copy the message

� BCC a copy of the message

� Run the external command

� Send a notification message

� Strip attachment


� Write log message(s)

� Stamp message with text

� Add attachments to valid fingerprints list

� Move the message (terminal action)

� Park the message (terminal action)

� Delete the message (terminal action)

� Pass the message to rule

If a terminal action is performed, no further rules will be processed for theaffected message.

By default the following options are checked: send notification message, writelog message, move the message (to a folder).

Copy the message

Copy the email message file to the specified folder. To make the messageprocessing log available in the same folder, check the box at the bottom of thedialog. The message log showing how the message was processed will then beavailable in the Console. If a new folder is required, click the New Folder buttonto bring up the New Folder Wizard (see the chapter Folders for moreinformation).

BCC a copy of the message

Send a blind copy of the message to one or more email addresses. Theseshould be entered as complete SMTP addresses (eg. [email protected]),separated by semi-colons. The original message will not be modified in any wayby this action, so the original recipient would not know a copy had been taken.

NoteYou can use this action in combination with �delete the message� toeffectively forward messages to a different recipient.

Run the external command

Choose one or more commands to be run from the list of pre-defined externalcommands. See the chapter External Commands for information on definingexternal commands. To run the same application with different parametersunder different conditions, use more than one external command definition.


Send a notification message

Send one or more email messages based on the templates checked in theselection dialog. To view or edit the details of a particular template, select itthen click Edit Template. To create a new template, click New Template; the newtemplate will automatically be selected for use when you return to the templateselection dialog. For further information on templates, see the chapter EmailTemplates.

Strip attachment

Where the rule conditions are triggered by a specific attachment, remove thisattachment from the message. This action would typically be used to removeattachments of specific file types or file names.

NoteWhen an attachment is stripped, normally the original message should becopied for later retrieval if necessary, and stamped to inform the recipientthat an attachment has been stripped.

Write log message(s)

Select one or more logging classifications from the list. Check the box to writea logging classification for every component of the message (eg. a separaterecord for each image file in a message). To view or edit the detailedinformation in the classification, click Edit in the selection dialog. To create anew classification, click New in the selection dialog. For details onclassifications, see the chapter Logging Classifications.

Stamp message with text

Choose one or more message stamps to be added to the message body. Stampswill be at the top or bottom of the message as selected when they were created.To view or edit the details of a particular message stamp, select it then clickEdit Stamp. To create a new stamp, click New Stamp; the new message stampwill automatically be selected when you return to the stamp selection dialog.See the chapter Message Stamps for details.

Add attachments to valid fingerprints list

Add the attachments to MailMarshal�s list of �valid fingerprints� (normally usedfor images or other files which require special treatment, such as companylogos). Choose whether to add all attachments, or only images, to the list. Seethe rule condition �where attachment fingerprint is/is not known� for more


information.

Move the message

Move the email message file to the specified folder. To make the messageprocessing log available in the same folder, check the box at the bottom of thedialog. The message log explaining how the message was processed will thenbe available in the Console. If a new folder is required, click the New Folderbutton to bring up the New Folder Wizard (see the chapter Folders for moreinformation). This is a terminal action�no further rules will be processed for a message ifthis action is performed.

Park the message

Move the email message file to the specified parking folder for releaseaccording to the schedule associated with that Folder. If a new folder with adifferent schedule is required, click the New Folder button to bring up the NewFolder Wizard (see the chapter Folders for more information). This is a terminalaction�no further rules will be processed for a message if this action is performed.

Delete the message

Delete the email message file. Do not send the message to its originaldestination. This is a terminal action�no further rules will be processed for a message ifthis action is performed.

Pass the message to rule

If no �terminal� rule action has been taken, this action allows a choice ofwhich further rules to apply. Several choices are available (see Figure 5.12),including

� Skip the next rule (do not apply it).

� Skip to the next ruleset (do not apply further rules in this ruleset).

� Skip all further rules (pass the message through to the intended recipients).

� Skip to a particular ruleset or rule.

NoteIt is only possible to skip to a rule which is evaluated after the current rule.(The order of evaluation may be changed; see Order of Evaluation earlier inthis chapter.)


When skipping to a rule in a different ruleset, remember that the parentruleset conditions may prevent its having any effect. For instance, skippingfrom MailMarshal�s default Inbound ruleset to the Outbound ruleset isallowed, but rules in the Outbound ruleset will have no effect on inboundmessages.

Figure 5.12: Continue Processing dialog

Rule Conditions–Receiver RulesThe following condition is available for use in Receiver Rules. Note thatReceiver processing of this condition depends on an ESMTP connection fromthe outside server. This condition should be repeated in a Standard Rule toinclude messages received from non-ESMTP sources.

Where message is of a particular size:

This condition is normally used with a �block receipt� action to refuse largemessages. Choose the size criteria in the Message Size dialog (see Figure 5.9).

Rule Actions–Receiver RulesThe following actions are available for use in Receiver Rules.

Block receipt of message (default action):

MailMarshal will refuse the message based solely on the message headers. ASMTP response refusing delivery will be transmitted to the sending server.


This action is intended to be used in conjunction with a size-limiting conditionto conserve bandwidth, or to refuse messages from specific problem addressesconfigured in the parent Ruleset.

Allow relaying

If selected, this condition permits receipt of the message by MailMarshal fordelivery subject to Standard Rules. Furthermore the message may be relayed toan address outside MailMarshal�s local domains. This condition is intended tobe used in conjunction with a �from� User Match in the parent Ruleset, toallow relaying by specific email users.

Relaying may also be allowed by authentication of the client. See the chapterPOP3 Accounts for details.

NoteThe Allow Relaying action should not be combined with a size condition.


MailMarshal User Groups are used within Rulesets and Rules to specify towhom the Rules apply. MailMarshal uses SMTP email addresses to performuser matching. User Groups may be created and populated within MailMarshalby entering email addresses manually (wildcards may be used). User Groupsmay also be imported from an LDAP server (such as Microsoft Exchange orLotus Notes), in which case their membership is updated automatically on adefined schedule.

To create and maintain User Groups, in the Configurator, expand the elementUser Groups.

To Create a New Standard User GroupClick the New User Group icon in the toolbar to bring up the New User Groupdialog. Enter a name for the User Group.

To Add Members to a Standard User GroupSelect the appropriate User Group from the right pane of the Configurator.Click the New Member icon in the toolbar to see the Insert into User Group dialog.

Enter an individual SMTP address, a wildcarded address, or a domain name inthe box. (The available wildcards are the same as those used for local domainnames�see the Wildcards section of the chapter Server Properties for details.) ClickAdd (or use the <Enter> key) to add the value. The dialog remains open andadditional values may be added. If an individual address was entered, thedomain name portion of the address is retained and only the new user nameneed be entered.

To Add an LDAP User GroupLDAP user groups are used in the same way as standard MailMarshal usergroups. However, MailMarshal populates an LDAP group by retrieving a list ofmembers from an LDAP server, such as Lotus Notes. The membership of

User Groups 6-1

6. User Groups

LDAP groups is automatically updated on the schedule specified in the LDAPconnection dialog.

To work with LDAP User Groups, you must configure at least one LDAP UserGroup Connection (see the chapter LDAP Connections).

Click on the Add LDAP User Group icon, or right-click on User Groups in thetree then click on New, then on LDAP user group... to see the New LDAP UserGroup dialog box (see Figure 6.1). Select the LDAP connection to be workedwith from the drop down menu and click OK. If no entries appear in themenu, no LDAP user group connections have been configured.

Figure 6.1: New LDAP User Group dialog

MailMarshal will then query the server for a list of available user groups, anddisplay the results in a list (see Figure 6.2). (If MailMarshal is unable toconnect to the server no groups will be shown.) Select an LDAP group fromthe list. This group will appear in the list of User Groups. The group namewill consist of the LDAP Connection name and the group name as retrievedfrom the server. Repeat this action to add other user groups. When done, clickOK.

Initially, an LDAP group will be empty of users; it will be populated at the nextscheduled update. An LDAP user group can immediately be specified in anyMailMarshal rules; however, such rules should not be made effective (ie. theserver should not be reloaded) until the group has been populated.

NoteAlthough MailMarshal does not prohibit adding and deleting members fromLDAP groups, such changes will not be sent to the LDAP server, and theywill be lost during the next scheduled update from the LDAP server.

Any changes to membership of these groups must be made at the LDAPserver.

6-2 User Groups

Figure 6.2: Available LDAP Groups

To Move and Copy User GroupsTo copy a User Group, right-click it in the Configurator. To make a copy,choose Duplicate from the context menu.

To move a User Group so that it is included within another User Group, drag itover the target Group.

To copy a User Group so that it is included within another User Group, holddown the <CTRL> key while dragging.

User Groups 6-3

MailMarshal can function as a POP3 server for local domains (as specifiedduring setup or in Server Properties). A POP3 login must be created for eachmailbox that will be hosted by MailMarshal.

If MailMarshal receives an email message addressed to the POP3 domain butno matching account has been created, the message will be dealt with(forwarded or refused) according to the options set up for the domain. SeeLocal Domains in the chapter Server Properties for more information on POP3domains.

If a POP3 domain exists, MailMarshal automatically starts an additional serviceto respond to POP3 requests. This POP3 service appears in the list of servicesin the Configurator and Console.

POP3 accounts also permit email relaying. Since the MailMarshal serverfunctions as an email gateway, it is likely to be available from anywhere on theInternet. Traveling email users who wish to send email from their businessaddress, using the scanning and stamping features of MailMarshal, can do so ifthey have MailMarshal POP3 accounts. See POP3 Accounts for RelayingAuthentication below.

NoteThe relaying authentication feature may be used regardless of whereMailMarshal delivers messages for an address, and without any POP3 localdomains being configured. See POP3 Accounts for Relaying Authentication below.

To Set Up POP3 AccountsIn the left pane of the Configurator, select POP3 Accounts. Click on the NewPOP3 Account icon in the toolbar. Enter the details for the account holder andauthentication information in the New POP3 Account dialog (see Figure 7.1).

If the account will be used for email delivery (if MailMarshal is operating oneor more POP3 local domains), MailMarshal will automatically enter anappropriate SMTP alias for email delivery to this account�s mailbox. Make any

POP3 Accounts 7-1

7. POP3 Accounts

desired changes to this alias, and enter any additional SMTP addresses forwhich email should also be delivered to this account�s mailbox. (The domainname of each alias address must be one for which MailMarshal is functioningas a POP3 local domain server.)

If more than one POP3 account has the same SMTP alias, messages directed tothat alias will be delivered to all of the mailboxes.

Figure 7.1: New POP3 Accounts dialog

If the password fields are left blank, MailMarshal will use Windows NTauthentication to determine access for this account. In this case, ensure thatthe account name matches the name of a valid Windows NT user accountpermitting access to files on the MailMarshal server computer.

Click Add to add the account. When all accounts have been added, click Close.

POP3 Accounts for Relaying AuthenticationA �POP3 account� may be used for relaying authentication only, and not formessage delivery. This feature may be useful, for instance, to traveling emailusers who wish to send email from their business address, using the scanningand stamping features of MailMarshal. In this case, enter an arbitrary value(such as �none�) in the SMTP Address field. Delete any valid SMTP addresses

7-2 POP3 Accounts

which MailMarshal may have inserted automatically.

The users� email client software must be configured to use authentication whensending outbound messages. Consult the client software documentation forfurther information on how to do this.

To Edit POP3 AccountsTo edit an existing POP3 account, select POP3 Accounts in the left pane of theConfigurator. Double-click the account to be edited. Change the password andaliases as required, then click OK.

To Delete POP3 AccountsTo delete a POP3 account, select POP3 Accounts in the left pane of theConfigurator. Select the account to be deleted then click the Delete icon in thetoolbar.

POP3 Accounts 7-3

MailMarshal is not a traditional virus scanner; however MailMarshal doesprovide substantial proactive protection against viruses through file name andfile type checking, as well as TextCensor scanning for virus-related text andharmful commands.

MailMarshal can also invoke third-party virus scanners to check email messagesand attachments for viruses. Nearly all MailMarshal installations use third-partyvirus scanning.

MailMarshal allows one or more virus scanners to be used to check email forviruses. Because virus scanners have differing architecture, some organizationschoose to use multiple scanners.

MailMarshal invokes the virus scanner after unpacking all elements of an emailmessage. MailMarshal then passes the elements to the scanner software foranalysis, and takes action based on the code returned from the scanner.

A sample virus scanning Rule is include in the MailMarshal default Rules. Itmay be modified to suit local conditions. For details on configuring virusscanning Rules, see the chapter Rulesets and Rules.

To work with MailMarshal, a virus scanner must have a command-line interfaceor a special MailMarshal DLL. The scanner must return a documentedresponse indicating whether or not a virus is detected. Most commerciallyavailable virus scanners meet these specifications.

NoteDLL based scanners are significantly faster than command line scanners,because the scanner is always memory resident. Marshal Softwarerecommends the use of DLL scanners for sites with high message traffic.

The virus scanners listed below have been tested and validated for use withMailMarshal as of this writing; contact Marshal Software for the latest list.Appropriate parameters for these scanners are pre-coded in the Configurator,ready for selection:

Virus Scanners 8-1

8. Virus Scanners

� Sophos Anti-Virus (MMSAVI.DLL)� Norman Virus Control (MMNORMAN.DLL)� Network Associates Netshield and McAfee Command Line Scanner� Vet Anti-Virus for NT Server� InnoculateIT 6.x

Each virus scanner to be used should be installed on the MailMarshal Servercomputer according to the manufacturer�s instructions.

NoteIf resident or �on access� virus scanning is enabled, MailMarshal�s workingfolders must be excluded from scanning. See the section MailMarshalDirectories and Resident Scanning later in this chapter.

Best PracticesMarshal Software recommends the following basic practices to ensure securitywith respect to viruses and virus scanning:

� Block messages and attachments which MailMarshal cannot scan, such aspassword protected attachments and encrypted attachments (eg. files of type�Encrypted Word Document�).

� Block encrypted messages which MailMarshal cannot decrypt, such as PGPand S/MIME messages.

� Block executable and script files by type and name. This helps to ensure thatunknown viruses will not be passed through.

� Subscribe to email notification lists for virus outbreaks (such lists are offeredby many anti-virus software companies). When an outbreak occurs, block theoffending messages by subject line or other identifying features.

Configuring a New Virus ScannerTo configure a new virus scanner within MailMarshal, in the left pane of theConfigurator select Virus Scanners. Click the New Virus Scanner icon in thetoolbar to start the New Virus Scanner Wizard.

Select a pre-configured scanner from the list, or select �Custom Scanner� toenter full information about a scanner not on the list of supported scanners.

In the next wizard screen, enter (or browse to) the location where the mainexecutable scanner file is located (eg. c:\McAfee\Scan.exe). DLL basedscanners do not require this information to be entered. If this is a custom

8-2 Virus Scanners

scanner, enter the other required information�see Viewing Virus ScannerProperties, below, for information on the fields.

NoteIf further information about a pre-configured scanner is required, click theVendors Web Site button to open the manufacturer�s web site in a web browserwindow.

In the final screen, click Finish to add the virus scanner; it will appear in theright pane of the Configurator. When at least one scanner is configured, virusscanning rules may be enabled.

Viewing Virus Scanner PropertiesDouble click the name of any virus scanner in the right pane to review andchange MailMarshal�s configuration information for that scanner (see Figure8.1).

Figure 8.1: Virus Scanner Properties

The Name is MailMarshal�s friendly name for this scanner. The Command Linerefers to the location of the executable or DLL file. The Parameters box allowsentry of any necessary additional command line parameters to ensure operation

Virus Scanners 8-3

compatible with MailMarshal.

The Timeout values indicate how long MailMarshal will wait for the scanner tocomplete its task. The default values are generous. If review of theMailMarshal logs indicates that the virus scanner is timing out, these values maybe adjusted; however repeated timeouts probably indicate a need for greatersystem resources.

The checkbox Single Thread indicates whether the scanner must operate on onemessage at a time, or may be invoked multiple times. Non-DLL scanners willgenerally have this box checked.

The two remaining fields are used to enter trigger values which specify themeaning of the code returned from the virus scanner.

The field Command is triggered if return code is should include values used by thevirus scanner to indicate the presence of a virus or errors encountered scanningthe file. When one of these values is returned, the MailMarshal Rule conditionWhere message contains a virus is triggered.

The field Command is not triggered if return code is should include values used bythe virus scanner to indicate the absence of a virus. When one of these valuesis returned, the MailMarshal Rule condition Where message contains a virus is nottriggered.

If the code returned matches neither field, the associated email message ismoved to the �Undetermined� deadletter folder and an email notification issent to the MailMarshal administrator.

Entries in both fields may be exact numeric values, ranges of values (eg. 2-4),greater than or less than values (eg. <5, >10). More than one expression maybe entered in each field, separated by commas (eg. 1-6,8,>10). Consult thevirus scanner documentation for details on return codes.

NoteBefore entering new values for scanner parameters in MailMarshal, test thescanner from the command line using the new parameters. If MailMarshalinvokes a scanner with invalid parameters, the result may cause all messagesto be treated as infected.

8-4 Virus Scanners

Using Other Virus ScannersMost commercial virus scanners can be used with MailMarshal. Generally, thefollowing considerations apply when using an alternative virus scanner.

Verify that a Windows NT 4.0 (or Windows 2000) compatible version isavailable. The product must have a command line interface and must becapable of running silently in the background.

When entering the virus scanner information in the New Virus ScannerWizard, choose Custom Scanner. Enter the path to the executable file and theparameters for silent operation. In the Parameters box, use the string�%CmdFileName%� (including the quotation marks) to indicate to the scannersoftware which folders it is to scan. Review the parameter syntax for a pre-configured scanner to understand the use of this entry.

Testing Virus ScannersVirus scanner setup may be tested using the VirusScannerCheck.exe applicationfound in the MailMarshal install folder. This application performs tests andreports whether virus scanning is correctly integrated with MailMarshal.

If MailMarshal virus scanning rules are enabled, scanning can be checked bysending a test virus in an email message. To create a test virus, open a new textfile and paste in the following string (without a line break):

X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

Save the file as �eicar.com�. (A copy of this file may be found in theMailMarshal install directory). Attach the file to an email message and send itthrough MailMarshal to an external test email account. If the virus scanner andscanning Rule are correctly configured to stop outbound viruses, yourMailMarshal installation should take action on the message. Alternatively, sendan email message to [email protected] to receive information on howto receive a message containing the file eicar.com (this is an automated service).

Virus Scanners 8-5

MailMarshal Directories and Resident ScanningNetwork servers are usually protected by virus scanning packages to search diskdirectories for contaminated files, particularly newly-created or imported files.

However, you must ensure that MailMarshal directories, their sub-directories,and the Explode directory (located off the root directory, usually C:\MMExp)and its sub-directories are excluded from any existing resident or �on-access�anti-virus scanning. MailMarshal copies files to the Explode directory andinvokes virus scanners explicitly to check for viruses. If a resident virusscanner found and cleaned a file here, MailMarshal�s virus scanning might thendetermine the file to be clean. MailMarshal would then pass the originalmessage through with the virus still present.

MailMarshal checks for resident file scanning by placing the standard test virusfile eicar.com (not a real virus) in each of its working directories. If any of thesefiles are removed or cleaned by a resident scanner, or MailMarshal is deniedaccess to the files, the MailMarshal engine may not start and the emailadministrator will be notified.

Please refer to the virus scanner manufacturer�s documentation for informationon excluding directories from on-access scanning (eg. in Networks AssociatesNetShield, exclusions are set via the Exclusions tab in Scan Properties). If thevirus scanner does not have the facility to exclude the appropriate directories,on-access scanning must be disabled completely.

8-6 Virus Scanners

An external command is a custom executable or batch file that can be run byMailMarshal. The command can be used to check email messages for acondition, or to perform an action when a message meets some othercondition. Some suggested uses are given at the end of this chapter.

In order for an external command to be used to check for a condition, thecommand must return a standard return code.

External commands must be defined within MailMarshal before they can beused in Rules. To create a new external command, in the left pane of theConfigurator select External Commands. Click the New External Command icon inthe toolbar to see the New External Command dialog (see Figure 9.1).

Figure 9.1: New External Command dialog

Enter a name for the external command. Type the path for the executable file(or browse to it using the button provided). In the Parameters box, enter any

External Commands 9-1

9. External Commands

command line parameters necessary.

The Timeout and Timeout per MB values control how long MailMarshal will waitfor a response before ignoring the external command. The default values arevery generous.

The Single Thread setting indicates whether the scanner must operate on onemessage at a time, or may be invoked multiple times. In most cases thischeckbox should be left checked. Certain executables and DLL applicationsmay be run multi-threaded.

The Only execute once for each message setting determines whether an external rulecondition command will be run for each component of a message, or onlyonce. Eg. if an external command definition is being used for policy-basedvirus scanning, this box should be unchecked to ensure that each component ofeach message is scanned.

Where the external command will be used as a Rule condition, set the triggerreturn code information. This information should be specified in thedocumentation of the executable.

Two fields are used to enter trigger values which further specify the meaning ofthe code returned from the virus scanner.

If the code returned matches any value entered in the field Command is triggeredif return code is, MailMarshal will consider the condition to be satisfied.

If the code returned matches any value entered in the field Command is nottriggered if return code is, MailMarshal will consider the condition not to besatisfied.

If the code returned matches neither field, the file is moved to theUndetermined deadletter folder and an email notification is sent to theMailMarshal administrator.

Entries in both fields may be exact numeric values, ranges of values (eg. 2-4),greater than or less than values (eg. <5, >10). More than one expression maybe entered in each field, separated by commas (eg. 1,4,5,>10).

Uses of External CommandsCustom executables or batch files may be used with the Rule condition Wheremessage triggers an external command. For instance, fgrep.exe can be used for

9-2 External Commands

advanced expression matching.

Custom executables may also be used with the Rule action Run the externalcommand. For instance, a particular email subject line might invoke a batch fileto start or stop a system service, or to send a page or network notification to anadministrator.

External Commands 9-3

MailMarshal uses folders for several purposes related to rule processing.

An email message which triggers a rule may be copied or moved to a folder.This action is commonly taken for messages which are suspected of containingviruses, but may also be used for archival or other purposes.

An outgoing email message may be �parked� to a folder for scheduled laterdelivery.

An email message which cannot be processed (due to addressing or structureproblems) will be placed in a subfolder of the DeadLetter folder.

To work with folders, select Folders in the left pane of the Configurator.

Creating a New FolderTo create a new folder, click the New Folder icon in the toolbar to start the NewFolder Wizard. In the first screen of the Wizard, choose whether the folder isto be a Standard or a Parking folder. In the next screen of the Wizard, give thefolder a name. Further options depend on whether the folder is a Standard ora Parking folder.

Figure 10.1: New Folder Wizard–Standard Folder

Folders 10-1

10. Folders

Standard FoldersSee Figure 10.1. A time limit may be set for message retention in the folder.This option is typically used for �quarantine� folders where the message may bereleased on request to an administrator. Messages will be deleted automaticallyafter the set time.

Subdirectories may be created periodically within the folder This option istypically used where a substantial volume of email is expected, so that messagesare easier to find.

Check the box �folder is used for message archiving� to create an Archivefolder. Within the MailMarshal Console, messages in Archive folders areassumed to be �stored�: they may be viewed and forwarded but not deleted.Messages in other Standard folders are assumed to be �in process� and theymay be reprocessed or deleted, among other actions. See the chapter TheConsole for further information.

Click on OK to create the folder, or Cancel to lose any changes.

Parking FoldersWhen a Rule moves a message to this type of folder, it will be �parked� if thetime is within the blue schedule block and released (or sent immediately) whenthe time is outside the blue schedule block (see Figure 10.2).

Use the checkbox Continue processing rules on release to determine what happens toparked messages when they are released from this Folder for delivery. If thebox is checked, the message will be evaluated against all rules after the Rulewhich placed the message in this Folder.

Alter the schedule block if desired:

� Drag using the left mouse button to add to the blue �parking� area.

� Drag using the right mouse button to erase from the blue �parking� area.

� To reset the schedule to the default time block, click on Set Default Schedule.

� Choose to �snap� the schedule times to the nearest full, half or quarter hourusing the drop down box.

Click on OK to create the folder, or Cancel to lose any changes.

10-2 Folders

Editing an Existing FolderTo edit the properties of an existing Folder, double-click its name in the righthand pane of the configurator. Make any required changes, then click OK.

Figure 10.2: New Folder Wizard–Parking Folder Schedule

Changing the Default Folder LocationThe default location for message folders is the Rulesets subfolder of theMailMarshal install directory. The base physical path for all folders can bechanged to any location on a local drive. Please see the section Advanced in thechapter Server Properties for details.

NoteIf the folder physical path is changed, any messages in the old location mustbe moved manually to the new location.

Folders 10-3

Folder SecurityPermission to use the MailMarshal Console (to view and take action onmessages in folders) is controlled by setting user permissions on theMailMarshal.key file. See Console Security Issues in the chapter The Console fordetails.

In some cases it may be desirable to set different access permissions fordifferent folders (for instance, if archived messages are to be available to theusers who sent them). Such permissions may be set using standard WindowsNT security procedures for the physical folder.

10-4 Folders

Email Templates allow notification email messages to be sent based on theoutcome of Rule processing. This facility is most often used to notifyappropriate parties when a message is blocked.

Notifications are a very powerful tool to inform and modify user behavior.When well thought out and constructed, they can save the administrator a lot oftime.

Notifications may also be used as a general autoresponder based on messageheaders or content. For instance, a message to [email protected] withthe subject �Send Catalog� might trigger a rule returning the product catalog tothe sender as an email attachment.

The same Rule outcome may send several notification messages. For instance,if a virus is detected the email administrator, external sender, and intendedinternal recipient of the message might each receive a different message.

Attachments to a notification may be made. Attachments may include theoriginal message, the MailMarshal processing log for the message, and any otherfile (such as a virus scanner log file).

To work with Templates, select Email Templates in the left pane of theConfigurator.

MailMarshal is provided with numerous templates by default. These are a goodsource of ideas for the creation of new templates.

Creating an Email TemplateClick the New Template icon in the toolbar to see the New Email Templatedialog (see Figure 11.1). Give the Template a name.

MailMarshal allows variable information to be inserted into the messageheaders and body from the original email (which triggered a Rule, invoking thisTemplate). Variables are marked by percent signs (%). To see a list of variablesavailable in any field, type % to bring up a context menu (see Figure 11.1).

Email Templates 11-1

11. Email Templates

Enter appropriate information in the Header Details section. For instance, enterthe email address to which replies should be sent in the Return Path field.

To attach the original message, the MailMarshal message processing log, oranother file to the notification, check the appropriate box and enter the filename if necessary.

Enter an appropriate message in the Message Body field. Variables marked with% signs may be used.

Figure 11.1: Edit Email Template dialog

NoteWhen sending a notification to the original sender of an email message, usethe %ReturnPath% variable in the To: field to reduce the chance of loopedmessages.

11-2 Email Templates

Duplicating an Email TemplateTo copy a Template, right-click it in the Configurator. Choose Duplicate fromthe context menu. After duplicating the Template, make any required changesto the copy.

Editing an Email TemplateTo edit a Template, double-click on its name in the right hand pane of theConfigurator. Make the required changes then click OK.

Deleting an Email TemplateTo delete a Template, select it in the right hand pane of the Configurator thenclick the Delete icon in the toolbar.

Email Templates 11-3

TextCensor scripts are used to check for the presence of particular lexicalcontent in an email message. The check may include all parts of the message,including the message headers, message body, and any attachments that can belexically scanned. It may also be limited to one or more of these areas.

A script may include many conditions based on text combined with Booleanand proximity operators. Triggering of the script is based on the weightedresult of all conditions.

TextCensor scripts are invoked by Standard Rules.

To work with TextCensor Scripts, select TextCensor Scripts in the left pane of theConfigurator.

TextCensor SyntaxTextCensor scripts contain one or more lines, each consisting of a word orphrase.

� The wildcard character * may be used at the end of a word only (eg. �be*�matches �being� and �behave�).

� Parentheses may be used to clarify the order of evaluation and for grouping.

� Each line may include Boolean and proximity operators. The operators mustbe entered in capital letters. The six supported operators are:

TextCensor Scripts 12-1

12. TextCensor Scripts

Default settings

INSTANCES has no default�a value must be specified.

If FOLLOWEDBY has no argument, the default is 5.

If NEAR has no argument, the default is 5.

NoteThe INSTANCES operator is provided for compatibility with earlierTextCensor scripts, but its use is discouraged. The use of appropriateweighting (see below) will produce the same result with improvedperformance.

Weighting the ScriptEach script is given a trigger level, expressed as a number. If the total score ofthe content being checked reaches or exceeds this level, the script is triggered.The total score is determined by summing the scores resulting from evaluationof the individual lines of the script.

Each line in a script must be given a weighting level and type. The typedetermines how the weighting level of the line is figured into the total score ofthe script. There are four weighting types:

Operator Function Example

AND Matches when all terms are present

dog AND cat

OR Matches when any term is present

dog OR cat dog OR (cat AND rat)

NOT Logical negation Dog AND NOT cat Dog FOLLOWEDBY (NOT house)

NEAR Matches when two terms are found within the specified number of words of each other

Dog NEAR=2 bone

INSTANCES Matches when a term is found the specified number of times

Dog INSTANCES=3

FOLLOWEDBY Matches when one term follows another within the specified number of words

Dog FOLLOWEDBY=2 house

12-2 TextCensor Scripts

Negative weighting levels and trigger levels can be used to allow for the numberof times a word may appear in an inoffensive message. For instance: if�breast� is given a positive weighting in an �offensive words� script, �cancer�could be assigned a negative weighting (since the presence of this wordsuggests the use of �breast� is medical/descriptive).

Adding a TextCensor ScriptClick on the New TextCensor Script icon in the toolbar to see the New TextCensorScript dialog (Figure 12.2). Give the script a name. Check the various boxes toselect which portions of an email message will be scanned by this script.

By default only alphanumeric characters may be entered in TextCensor items.If any non-alphanumeric characters are required, click on the checkbox toenable matching for special characters and enter any special characters to bematched. For instance, to match the HTML tag fragment �<script� you mustenter the < in this field.

Click on the New button to obtain the New TextCensor Item dialog (see Figure12.1). Select a weighting level and type for this item (see Weighting the Script,earlier in this chapter, for more information)

Enter the item, optionally using the operators described earlier in this section,eg.

(Dog FOLLOWEDBY hous*) AND NOT cat

In this example the item weighting will be added to the script total if thescanned text contains the words �dog house� (or �dog houses�, etc.) in order,

Standard Each match of the words or phrases will add the weighting value to the total.

Decreasing Each match of the words or phrases will add a decreasing (logarithmic) weighting value to the total. Each additional match is less significant than the first.

Increasing Each match of the words or phrases will add an increasing (exponential) weighting value to the total. Each additional match is more significant than the first.

Once Only Only the first match of the words or phrases will add the weighting value to the total.


and does not contain the word �cat�.

Figure 12.1: New/Edit TextCensor Item dialog

NoteTextCensor items are case insensitive by default. However, quoted contentis case sensitive. Eg. �textcensor� would not trigger on the caption ofFigure 12.1.

Click on Add (or press <Enter>) to add the item to this script. The dialog boxremains open and additional items may be created.

When all items have been entered, click on Close to return to the New TextCensorScript dialog.

Select a Weighting Trigger Level. If the total score of the script reaches orexceeds this level, the script will be triggered. The total score is determined byevaluation of the individual lines of the script.

Editing a TextCensor ScriptDouble-click the script to be edited in the right pane to bring up the EditTextCensor Script dialog.

A line may be edited by double-clicking on it or deleted by selecting it thenclicking the Delete button.

The script name, parts of the message tested, special characters, and weightingtrigger level may be changed.


Click OK to accept changes or Cancel to revert to the stored script.

Duplicating a TextCensor ScriptTo copy a TextCensor Script, right-click it in the Configurator. Choose Duplicatefrom the context menu. After duplicating the Script, make any requiredchanges to the copy.

Figure 12.2: New/Edit TextCensor Script dialog

Importing a TextCensor ScriptTextCensor Scripts may be imported from CSV (comma separated) files.

Click on the New TextCensor Script icon in the toolbar. Click on the Import


button.

Choose the file to be imported, and click Open. In the Edit TextCensor Scriptdialog, click OK

Exporting a TextCensor ScriptTextCensor Scripts may be exported to CSV (comma separated) files.

Double-click the script to be exported in the right pane to bring up the EditTextCensor Script dialog.

Click on the Export button. Enter the name of the file to which the scriptshould be exported, and click Save.

In the Edit TextCensor Script dialog, click OK.

NoteAs of this writing, TextCensor Import and Export does not save the WeightingTrigger Level, Special Characters, and Apply to following parts settings. Thisinformation must be added manually after import.

Using TextCensor EffectivelyThe effective use of TextCensor scripts depends on understanding how theText Censor facility works and what it does.

Text censor rules are evaluated against text portions of messages (includingheaders, message bodies, and attachment content).

Constructing TextCensor ScriptsThe key to creating good TextCensor scripts is to enter exact words andphrases that are not ambiguous. They must match the content to be blocked.Also, if certain words and phrases are considered to be more undesirable thanothers, those words and phrases should be given a higher weighting to reflectthe level of undesirability.

In creating TextCensor scripts, a balance must be struck between over-generality and over-specificity. For instance, suppose a script is required tocheck for sports-related messages. To enter the words �score� and �college�alone would be ineffective in that those words could appear in many messages.Hence the script would trigger too often, potentially blocking general email


content.

The same script (to find sports-related messages) would be better constructedusing the phrases �extreme sports�, �college sports� and �sports scores� asthese phrases are sport specific. However, using only a few very specific termsmay mean that the script does not trigger often enough.

Again using the sports example used above, the initials NBA and NFL, whichare very sports specific, should be given a suitably higher weighting (ie.promoting earlier triggering) than, eg. �college sports�.

Decreasing Unwanted TriggeringTextCensor scripts may trigger on message content which is not obviouslyrelated to the content types they are intended to match. The recommendedprocedure to troubleshoot this problem is:

1. Use the problem script in a Rule which copies messages and theirprocessing logs to a folder (eg. �suspected sports sites�).

2. After using this rule for some time, check on the messages that havetriggered the script. Review the message logs to determine exactly whichwords caused the script to trigger (see Interpreting Message Logs in thechapter The Console).

3. Revise the script by changing the weighting, weighting type, or keywords, so as to trigger only on the intended messages.

4. When satisfied, modify the Rule so as to block messages that trigger thescript, and to notify the sender and/or the intended recipient.


Log records are further categorized by Logging Classifications. TheseClassifications are available within Standard Rule Actions.

To enable reporting on which Rules have triggered, each Rule should include alogging action. MailMarshal�s default Rules include such actions.

Logging Classifications may be added and customized. To work with LoggingClassifications in the Configurator, select Logging Classifications from the lefthand menu tree.

NoteFor general information on logging and reporting see the chapter Reports.

Creating a Logging ClassificationClick the New Logging Classification icon in the toolbar to see the New LoggingClassifications dialog.

Figure 13.1: New/Edit Logging Classification dialog

Logging Classifications 13-1

13. Logging Classifications

In the dialog box, enter a meaningful name for the classification.

Enter a number as the classification code for this classification. Reports can begenerated using these codes. By default the next available number in sequenceis used for a new classification; however, the same number may be used formore than one classification.

Give a brief description of the classification and its purpose. This descriptionwill be used in the Console and Reports, and may contain % variables as in theEmail Templates.

Click on OK to add the classification.

Editing a Logging ClassificationTo edit an existing logging classification, double-click it in the right pane of theconfigurator to view its properties. Make any required changes then click OK.

Duplicating a Logging ClassificationTo copy an existing logging classification, right-click it in the Configurator.Choose Duplicate from the context menu. After duplicating the classification,make any required changes to the copy.

Deleting a Logging ClassificationTo delete a logging classification, select it in the right pane of the configurator,then click the Delete icon in the toolbar.

Logging Classification UsageLogging classifications are most commonly used to report on broad categories,such as viruses or executable files quarantined. However they may also be usedto record very specific occurrences such as a specific file or size of file beingsent. Eg. the question �How many PDF files over 500K in size were sent bySales� could be answered by creating a Rule to log sending of such files.

13-2 Logging Classifications

Message stamps are short blocks of text which may be applied to the top orbottom of an email message body. MailMarshal message stamps may include aplain text and an HTML version. The appropriate stamp format will be appliedto the body text of the same type in the message.

Message stamps are typically used for corporate disclaimers or advertising onoutgoing email. Message stamps can also be used by MailMarshal to notify therecipient that a message has been processed (eg. by having an offendingattachment stripped).

To work with message stamps in the Configurator, select Message Stamps in theleft pane. Message stamps may also be created and edited from the stampselection dialog during Rule creation.

Creating a New Message StampIn the Configurator, click the New Message Stamp icon to bring up the NewMessage Stamp dialog (see Figure 14.1). Give the stamp a name and selectwhether it is to appear at the top or the bottom of messages.

Enter a plain text version of the message stamp in the Plain Text tab. Thenenter an HTML version of the stamp, if desired, in the HTML tab. Variousformatting, including hyperlinks, may be applied to the HTML text using thebuttons provided.

To view the raw HTML, right-click in the HTML pane and select Edit RawHTML. Edit the HTML, or paste HTML source from another editor, thenclick OK to return to the message stamp dialog.

Click OK to add the new stamp to the list of available message stamps.

NoteIf RTF message stamping is enabled, the plain text message stamp will beused with RTF messages. To enable RTF stamping, see the Advanced tab ofServer Properties.

Message Stamps 14-1

14. Message Stamps

Both plain text and HTML message stamps may include the same variablesavailable within email notification templates. See the example stamps providedwith MailMarshal, and the chapter Email Templates, for more information.

Figure 14.1: New/Edit Message Stamp Dialog

Duplicating a Message StampTo copy a Message Stamp, right-click it in the Configurator. Choose Duplicatefrom the context menu. After duplicating the Message Stamp, make anyrequired changes to the copy. Remember to make changes to both the PlainText stamp and the HTML stamp.

Editing a Message StampTo edit a Message Stamp, double-click on its name in the right hand pane ofthe Configurator. Make the required changes then click OK. Remember tomake changes to both the Plain Text stamp and the HTML stamp.

Deleting a Message StampTo delete a Message Stamp, select it in the right hand pane of the Configuratorthen click the Delete icon in the toolbar.

14-2 Message Stamps

What is LDAP?LDAP (Lightweight Directory Access Protocol) is a system for retrievingdirectory information, such as lists of users, from a remote source. The sourcemay be public (available for anonymous use) or private. Servers providingLDAP support include:

� Lotus Notes� Microsoft Exchange� Microsoft Active Directory� Novell GroupWise� Many Sendmail systems

Within MailMarshal, LDAP connections are used to import user and groupinformation for User Groups. MailMarshal Secure can use LDAP to retrieveSecurity Certificates for use in S/MIME encryption. See the appropriatechapters of this manual for further information.

Before LDAP can be used to retrieve information, a connection to the remoteLDAP server must be established.

Adding a New LDAP Server ConnectionRight-click on LDAP Connections in the menu tree, then click on New, then onLDAP Connection... to see the New LDAP Connection wizard. In the first screenof the Wizard, choose whether this connection will be used to retrieve UserGroups or Certificates.

NoteTo retrieve both User Groups and Certificates from the same server, createtwo connections.

In the LDAP Connection Wizard�Server dialog, enter the name of the server to bequeried into the LDAP Server field. This may be a fully qualified Internet servername or simply the name of a server on the local LAN. Examples of LDAPserver names are:

LDAP Connections 15-1

15. LDAP Connections

� ldap.netscape.com� directory.baycorpid.co.nz� IBMMAIL01

If desired use the browse button provided to select a server on the LAN.

The Port number field is used to enter the port on which the remote LDAPserver accepts queries. The default value is port 389. However this may bechanged where more than one LDAP server is hosted at the same IP address.For example, when running Microsoft Exchange 5.5 on a Windows 2000 ActiveDirectory server, both Exchange and Active Directory provide LDAP services.The network administrator will configure the servers to use different portnumbers.

NoteServer name, port, and login information should be obtained from the LDAPserver administrator.

Enter the logon name and password, if required, in the appropriate fields. Ifusing Windows integrated security, enter the logon domain as well.

Figure 15.1: The LDAP Connection Wizard–Server dialog

Select an LDAP Search Root, if necessary, in the next dialog. The Search Root

15-2 LDAP Connections

is used to limit the amount of information returned in LDAP queries, andspecifies the root container of the LDAP server to be searched. This field isusually left blank; however, if the search does not work, ask the LDAP serveradministrator for an entry. Typically the entry would be the base LDAPDistinguished Name for the organization (eg. dc=ourcompany.com oro=OurCompany Corporation).

Alternatively, if the LDAP server is a Microsoft Active Directory server, checkthe box to populate the list of available search roots. Then select a root fromthe list.

In the final dialog of the Wizard (see Figure 15.2), enter a name that will beused to identify the LDAP connection (within MailMarshal only.)

Figure 15.2: The LDAP Connection Wizard–Finish dialog

If this is a User Groups connection, select an Update Interval. The defaultperiod between updates is 240 minutes (4 hours). All groups derived from thisconnection will be updated at the time specified. A shorter time may bedesirable if, for example, this option is used to synchronize user informationbetween MailMarshal and MS Exchange, and many new users are being added.Conversely, if few users are ever added, setting a longer interval will reduceoverhead.

The field Next Update shows the time when the next update is due.

NoteIf the Next Update time is reset, updates will occur at the time set and ateach Update Interval thereafter. Eg. if the Next Update field is changed to


14:30 today and the Next Update field shows 240 minutes, the updates willoccur at 14:30, 18:30, and each 4 hours thereafter.

The Controller checks every 5 minutes to see if any LDAP user groups needupdating. If the Next Update field is used to schedule an immediate update,this may not occur for up to 5 minutes.

Check the box Test the connection on finish then click Finish to test that the serverdetails are correct. If the connection type is User Groups, MailMarshal shouldstate that the connection has been made and some groups and members found(see Figure 15.3).

Figure 15.3: Successful LDAP Groups Test

If the type is Certificates, MailMarshal will request an email address for whichto seek a certificate, and state whether one was found (see Figure 15.4).

Figure 15.4: Successful LDAP Certificates Test

NoteIf you enter an email address for which the LDAP server holds no certificate,MailMarshal will report that no certificate was found. However, this resultmeans that the server name, logon, password and port number are correct.

Other messages are less specific. The information given (eg. �no groupsfound�) may not necessarily pinpoint the problem entry, so all informationentered must be checked. If necessary contact the LDAP serveradministrator.

15-4 LDAP Connections

NoteA local network or LDAP server may be configured to allow access only fromcertain machines or users. The Test button only tests the connection from theConfigurator. Because the MailMarshal Controller service may have differentsecurity permissions, be sure to check that the Controller is updating LDAPgroups correctly. The Controller log file may show messages from the LDAPaction. The membership of the groups should change appropriately.

When all details are correct, click on the Finish button in the New LDAPConnection dialog. The LDAP connection is ready to be used. See the chaptersUser Groups and MailMarshal Secure for further details on using informationretrieved through LDAP.

Editing an LDAP Server ConnectionTo edit an existing LDAP connection, double-click it in the right pane of theConfigurator to restart the LDAP Connection Wizard.

Deleting an LDAP Server ConnectionTo delete an existing LDAP connection, select it in the right pane of theConfigurator then click the Delete icon in the toolbar.


MailMarshal�s Server Properties include a variety of server setup informationand advanced options. During installation a wizard gathers enough of thisinformation to enable the product to function. To access the full range ofServer Properties for maintenance and reconfiguration purposes, chooseTools|Server Properties from the Configurator menu to view the Server Propertiesdialog. This dialog includes the following tabs, which are covered in detail inthe sections of this chapter:

General: Alter server email address information.

Delivery: Select how MailMarshal should deliver outbound email.

Dial-Up: Configure settings for Dial-Up connectivity.

Mail Batching: Configure settings for batched email sending.

Local Domains: Select how MailMarshal should deliver inbound email.

Reports: Choose whether, where, and how much information shouldbe logged.

Anti-Relaying: Choose which hosts if any may relay email throughMailMarshal.

License Info: Make Permanent Key request; see details of the currentlicense key and S/MIME certificate database (if enabled).

Advanced: Control configuration export/import, folder location, serverthread and logging array configuration.

Blocked Hosts: Select which hosts may not send email to local domains.

Host Validation: Enable DNS and MAPS list checking before acceptingemail.

Header Rewrite: Set up rules to modify message headers, including email aliassupport.

(The tabs General, Delivery, Dial-Up, Mail Batching, Local Domains, andReports are presented in the Installation Wizard when MailMarshal is installed.)

Server Properties 16-1

16. Server Properties

GeneralAdministrative notifications (such as DeadLetter reports) will be sent to theaddress specified in the first box. This should be a valid and appropriatemailbox or group alias, which is regularly monitored by the email administrator.Administrative notifications and other automated email from MailMarshal willbe sent �from� the address entered in the second box (Template generatedmessages may have a different �from� address). This address should also be avalid SMTP address to allow for replies to notifications.

Figure 16.1: Server Properties–General tab

16-2 Server Properties

DeliveryThe primary DNS (Domain Name Server) address used by the organizationmust be entered in the first field of this tab, and a secondary address isrecommended. These servers should be in the local network if possible, but inany case no further away than the ISP. They must be able to resolve domainnames outside your organization.

Figure 16.2: Server Properties–Delivery tab

NoteIf MailMarshal must perform DNS lookups through a firewall, the firewallmust permit both TCP and UDP based lookups.

By default MailMarshal will attempt to deliver outbound email directly, using


DNS resolution to determine the appropriate destination.

If all outbound email (not for local domains) is to be forwarded to a firewall ora fixed relay server (such as an ISP), then select the appropriate radio buttonand enter the host name or IP address of the relay or firewall in the�Forwarding Host� box.

Dial-UpIf outbound email is to be delivered over a dial-up connection, check the boxand fill in the appropriate information. Select a RAS entry from the drop-downlist, or click on New Phonebook Entry to add the appropriate information. Fill in

Figure 16.3: Server Properties–Dial-Up tab


other information as appropriate. The correct settings should be obtainablefrom existing email server settings or from the ISP.

NoteTest Dial-Up connections using Windows NT�s standard Dial-Up Networkingcapabilities.

Mail BatchingMailMarshal supports batch receipt and sending of email messages where on-demand connection to the downstream email server is not desired. Normallythis option will be used with a dial-up connection. It may also be used with

Figure 16.4: Server Properties–Mail Batching tab


ADSL connections where the MailMarshal server does not have a fixed IPaddress, or in situations where frequent connections incur high cost. Check thebox to enable the fields on this tab.

Click the Configure Schedule button to see the Delivery/Polling Schedule dialog (seeFigure 16.5). Alter the schedule block if desired:

� Drag using the left mouse button to add to the blue �business hours� area.

� Drag using the right mouse button to erase from the blue �business hours�area.

� To reset the schedule to the default time block, click on Set Default Schedule.

� Choose to �snap� the schedule times to the nearest whole, half or quarterhour using the drop down box.

� Select the frequency of connection for inbound and outbound email forbusiness and out-of-business hours.

Figure 16.5: Delivery/Polling Schedule

NoteWhen MailMarshal delivers outgoing email it will always poll the server forinbound email unless the �Never� option is selected in the Check for incomingmail every drop-down list.


� Click on OK to return to the Mail Batching tab.

NoteMail Batching can be overridden from the MailMarshal Console using theSend/Receive Now button at the bottom of the Console window.

Next choose how email retrieval will be requested. If the downstream servercontrols delivery click the Do Nothing radio button.

To send an ETRN command to a server, click on the radio button and enterthe host name or IP address of the downstream email server.

To collect email from a POP3 account, click on the appropriate radio buttonthen click on Modify... to obtain the POP3 Email Collection dialog box (seeFigure 16.6). Complete the fields in this box and click on OK. (POP3 can beused for multiple addresses within a single account. The downstream serverwill have a POP3 account containing an email alias for each user.)

Figure 16.6: POP3 Email Collection dialog

The list of POP3 recipient fields is used by MailMarshal to determine therecipients for messages addressed to multiple users. Additions and deletionsshould be made only if problems with delivery occur. Consult the ISP forinformation on custom address headers which may be added.

To collect email using a custom executable command, click the radio buttonExecute the following command, then enter (or browse to) the full path of theexecutable application. For instance, some ISPs use the finger command, eg.


c:\winnt\system32\finger [email protected]. If a command is required, theISP or downstream server operator will provide instructions.

Local DomainsThis tab specifies the names of local domains for which MailMarshal willaccept inbound email. The list should include all (and only) the domains ofemail addresses your organization actually uses through this gateway. Eachentry in this list should be matched by DNS MX records (and firewall relaysettings, if necessary) so that email for these domains is passed to MailMarshalfor delivery.

Figure 16.7: Server Properties–Local Domains tab


Local domains may be of two types: Relay or POP3. Email for a relay domainis sent on to another email server. Email for a POP3 domain is typicallydelivered to a mailbox hosted by the MailMarshal server. Often there will be asingle entry in this section for the local email server. However, if the emailserver handles more than one domain, multiple entries may be needed. Notethat by default all relay servers defined here will also be allowed to relayoutbound email through MailMarshal.

To Create a New Local DomainClick New to start the New Local Domain Wizard. Choose the type of localdomain (relay to another server, or POP3). In the final screen, enter thedomain name.

Enter the IP address of the server to which email should be relayed.Optionally enter a second email server address (used only if the first server isunavailable). Multiple Relay local domains may be entered using wildcards (eg.*.ourbusiness.com may be entered to direct email for all subdomains ofourbusiness.com to a single address). See the section Wildcards below for adescription of MailMarshal�s wildcard syntax.

If this is a POP3 domain, choose the action to be taken for messages addressedto non-existent mailboxes:

� Forward the message to the administrator account - The administrator emailaddress is entered in the installation wizard and may be changed on theGeneral tab of Server Properties.

� Reject the message - A non-delivery message will be returned to the senderwith a �Mailbox/User is unknown� reason code.

� Forward the message to the following Mail Server IP Address/Port - this allowsfor messages not destined for POP3 accounts in MailMarshal to bepassed on to another email server for final delivery.

Click Finish to return to the Local Domains dialog.

NoteMailMarshal�s permanent License Keys are bound to the list of local domainsspecified here. Each time the list of domain names changes, a new key isrequired. Changes in IP addresses or ports, or between relay and POP3domains, do not require a new key. See the section License Info, later in thischapter, for information on requesting a new key.


When invalidated because of a domain change, the key reverts to a fullyfunctional 14 day trial. This allows ample time to contact Marshal Softwarefor a new permanent key. There is no charge for the new key.

Repeat the New Local Domain Wizard for each local domain required. Whenall domains have been entered, adjust the order of matching by highlighting adomain from the list and using the up and down arrows.

Note

Ensure that local domains are matched in the correct order; otherwise emailmay be misdirected. Eg. the following sequence is wrong:

*.example.com Forward 10.1.2.1:25pop.example.com POP3 10.2.5.4:25

Here POP3 mailboxes will be ignored and all email will be delivered to thefirst address, ie. 10.1.2.1 port 25, because both domains match*.example.com. In this example, to have the email correctly delivered,pop.example.com should be the first domain in the sequence.

To Edit a Local DomainSelect the domain to be edited from the list and click Edit to start the LocalDomain Wizard. Make any changes required, then click Finish.

NoteTo change a domain from POP3 to Relay or vice versa, the entry must bedeleted and recreated.

WildcardsLocal domains may be entered using several wildcard characters. The samecharacters are used in User and Group matching for standard and receiver rules.

The following syntax is supported:

* Matches any number of characters ? Matches any single character [abc] Matches a single character from a b c [!abc] or [^abc] Matches a single character except a b or c [a!b^c] Matches a single character from a b c ! ^ [a-d] Matches a single character in the range from a to d inclusive [^a-z] Matches a single character not in the range a to z inclusive


Examples

*.ourcompany.com matchespop.ourcompany.com, hq.ourcompany.com, etc.

mail[0-9].ourcompany.com matchesmail5.ourcompany.com but not maila.ourcompany.com

mail[!0-9].ourcompany.com matches mails.ourcompany.com but not mail3.ourcompany.com

NoteThe !, -, and ^ are special characters only if they are inside [ ] brackets.To be a negation operator, ! or ^ must be the first character within [ ].

ReportsSee Figure 16.8. To enable logging of MailMarshal�s message processing, checkthe box. When logging has been enabled, the Mail History can be viewed inthe Console and a wide variety of reports run from MailMarshal Reports. Formaximum detail, check the Log Attachment Details checkbox. Choose the periodfor retention of data (the default is 100 days).

Click Create/Select Database to choose the location of the SQL database wherethe information will be stored. In the Create/Select Database dialog, enter thename of the SQL Server (or MSDE) computer in the first box. Browse thenetwork if necessary using the button provided. Enter the name of thedatabase to use, and the SQL user name and password. (The default user �sa�does not normally require a password.)

The option Connect using TCP may be chosen where the database is behind afirewall. TCP port 1433 must be opened through the firewall in this case.

If you believe that a MailMarshal database has previously been installed in thegiven location and you do not wish to use it, check the box to recreate thedatabase.

NoteThe database password may be changed using SQL administration tools orcommand-line SQL entry. However this procedure must be used withcaution if other applications may be using the database. For furtherinformation please see Marshal Software Knowledge Base article KB203.


Figure 16.8: Server Properties–Reports tab

Anti-Relaying This tab is used to control SMTP Relaying through MailMarshal. Relaying isthe passing of messages to another server for delivery. If an email serverallows open relaying, anyone (including bulk and spam senders) can use thename and resources of that server. Best practices require relaying to be tightlycontrolled.

MailMarshal relaying control may be configured in three locations and by threedifferent methods: POP3 accounts (see the chapter POP3 Accounts), Receiver


rules (see the chapter Rules and Rulesets), and this Server Properties tab.

By default MailMarshal is configured to stop all external domains relaying emailthrough it.

NoteThe local domain email servers, entered in the Installation Wizard or the LocalDomains tab of Server Properties, are always allowed to relay throughMailMarshal.

Figure 16.9: Server Properties–Anti-Relaying tab

The list of �local network� addresses determines which additional computersare allowed to relay email through MailMarshal. For instance, if email clientssuch as Eudora send email directly to MailMarshal, their addresses (or the entire


internal network) should be added.

To disable anti-relaying completely (not recommended), click to uncheck thecheckbox Prohibit Relaying.

To add the addresses of local servers or networks to the list permitted to relay,click New to use the New Local Network dialog.

Enter the IP address of a computer or network in the dotted box.

Enter the network mask. A 32 bit mask defines a single address(255.255.255.255); a 24 bit mask includes a class C network (255.255.255.0)

Select the appropriate radio button to choose whether this range of addresses isto be included in the local network (permitted to relay) or excluded (forbiddento relay).

NoteSince addresses not specifically permitted to relay will be forbidden,exclusions here are only used for exceptions within a permitted group. Forinstance, a university using POP3 email clients might include its entire privatenet block as permitted to relay, but exclude the portion of the block assignedto public access computers.

Click OK to add the address range to the list.

To edit an existing range, select it then click Edit. To delete a range, select itthen click Delete.

License InfoSee Figure 16.10. This tab displays the details of the current Product LicenseKey. It also allows enabling of the MailMarshal Secure S/MIME module (ifthis module is licensed) and allows configuration of the S/MIME certificatedatabase.

A new key must be requested if the local domain names are changed. A keymay also be requested to increase the licensed user count, or to purchase theproduct (if it is running as a free trial).

To request a new key click the Request Key button. Enter the appropriatecontact information in the form (see Figure 16.11). MailMarshal automaticallyappends the current local domain list and key details. Enter any additional


comments (such as the number of new user licenses desired) in the AdditionalInformation field. Click Send Request to email the data to Marshal Software.

Figure 16.10: Server Properties–License Info tab

NoteChanging or adding a local domain name will invalidate the license key.When invalidated for this reason, the key reverts to a 14 day trial. This allowsample time to contact Marshal Software for a new permanent key. There isno charge for this service.

If the trial license expires, MailMarshal continues to operate as a SMTP relaybut no rules or limits will be applied. The administrator will be notified dailyby email if a key is due to expire or has expired.


Figure 16.11: Request Permanent License Key dialog

To enter a key click the Enter Key button, type or paste the key provided byMarshal Software, then click OK. An information box will report the validitydetails of the key you entered.

To enable MailMarshal Secure S/MIME support, check the appropriate box.This box will be grayed out if the license key does not support MailMarshalSecure.

When MailMarshal Secure is enabled, the public Certificate database may beselected (or created) using the Configure Database button. In the Create/SelectDatabase dialog, enter the location of the SQL Server or MSDE computerwhere the database will reside. It is strongly recommended for speed andsecurity reasons that the database be created on the MailMarshal server.

The option Connect using TCP may be chosen if the database must be locatedbehind a firewall. TCP port 1433 must be opened through the firewall in thiscase. However this configuration should be avoided.

If a database exists in the location selected, check recreate database to delete it.


Click OK to return to the Server Properties dialog.

AdvancedSeveral options are available on this tab.

Figure 16.12: Server Properties–Advanced tab

Change FoldersLocations of the folders used by MailMarshal may be altered. Stop allMailMarshal services using the Configurator before changing locations.

Before changing folder locations here, the new locations should be planned.MailMarshal will create the folders, if necessary, during the change process.


Any data (such as message files) must be manually moved to the new folders.

WarningChanging the directory paths may damage the MailMarshal installation ifperformed incorrectly. Current settings and data should be backed up beforeperforming this procedure.

Folder locations are discussed in Marshal Software Knowledge Base articleKB84.

Click on Change Folders to see the MailMarshal Folders dialog box. Enter orbrowse for the appropriate location for each folder.

When done, click on OK to close the dialog box and return to ServerProperties, or Cancel to discard any folder location changes.

Export ConfigurationThe MailMarshal configuration data, including server properties, Rulesets, andRule elements, is stored in the Windows Registry (with the exception of usergroup information, which is found in the file UserGroups.txt in theMailMarshal install folder, and files with known fingerprints, which are stored inthe subfolder ValidFingerprints of the MailMarshal install folder).

To export configuration data, click the Export Configuration button. Enter anappropriate file name and location. To save User Group information, copyUserGroups.txt. To save fingerprint information, copy the folderValidFingerprints and its contents.

Import ConfigurationMailMarshal Registry information can be imported, either to restore apreviously created configuration or to merge a partial configuration.

WarningExport configuration data safely before performing an import. The Mergefunction requires a specially created file, and should be used only on advicefrom Marshal Software Support.

To import configuration data, click the Import Configuration button. Enter orbrowse to the appropriate file name. Choose to overwrite or mergeconfigurations using the radio buttons. Click OK to perform the import. IfUser Group information is needed, copy UserGroups.txt to the MailMarshalinstall folder. If attachment fingerprint information is needed, copy the


required files to the folder ValidFingerprints in the MailMarshal install folder.

Server ThreadsClick on the button Server Threads to modify MailMarshal�s usage of processingthreads (see Figure 16.13).

Click on a radio button to select the appropriate size site. The thread settingsselected will be displayed, grayed out, in the spinner boxes.

Figure 16.13: Server Threads dialog

If a custom setup is required, click the appropriate radio button to enable thespinner boxes. The four choices available for configuration are:

Total Sender Threads - the maximum number of simultaneous threads whichwill be used by MailMarshal Sender to deliver messages.

Local Domain Threads - the maximum number of sender threads used todeliver messages to local domains.

External Domain Threads - the maximum number of sender threads used todeliver messages to any one non-local domain.

Total Receiver Threads - the maximum number of simultaneous connectionsthat will be accepted by the MailMarshal Receiver.

Click on OK to return to the Advanced tab.


Enable RTF StampingCheck this box to enable message stamping of messages generated in RTFformat by Microsoft Exchange.

NoteThis option requires MAPI32.DLL (and its prerequisites) to be installed onthe MailMarshal Server. This DLL is installed as part of Outlook97/98/2000 or the Exchange 5.x client. Please see the Marshal SoftwareKnowledge Base for more information.

Server ArrayMailMarshal can be configured into an array of servers, typically for loadbalancing purposes. All MailMarshal servers can log reporting information tothe same SQL database. To allow identification of the individual MailMarshalserver logs, each MailMarshal instance (up to 26) may be identified by a letter.

To enable array logging, click the checkbox MailMarshal is used in an array.Choose an identifying letter from the drop-down box.

Blocked HostsThis tab is used to enter the names or IP addresses of SMTP servers which arenot allowed to deliver email to MailMarshal. MailMarshal will refuse SMTPconnections from these servers.

To activate host blocking, click the checkbox then click the New button. Entera host name or IP address in the field provided. Wildcard entries are notsupported�each host name or address must be entered in full.

To edit an entry in the list, double-click to enable editing.

To delete an entry, select it then click the Delete button.


Figure 16.14: Server Properties–Blocked Hosts tab

Host Validation This tab is used to configure email blocking based on domain nameinformation. Messages may be blocked outright, or logged, if they come froma host listed in a MAPS or MAPS compatible database. These databases listopen email relays and other Spam related hosts.

Messages may also be blocked based on reverse DNS lookups to confirm theidentity of the sending host.

NoteThese features intentionally refuse email messages from sites that fail the


validation criteria. MAPS compatible databases, in particular, are subject tochange without warning. Enable these features only after carefulconsideration and monitor the results periodically.

Figure 16.15: Server Properties–Host Validation tab

MAPS LookupsTo enable checking of the MAPS database (and compatibles), check theappropriate box. Individual databases must also be enabled using the Editprocess (below).

To add a new MAPS-compatible database for checking, click the New button tosee the New MAPS RBL Compatible Validator dialog (Figure 16.16).


Figure 16.16: New/Edit MAPS RBL Compatible Validator dialog

The checkbox Enable this validator specifies whether the service will be used.The checkbox Block email if address is listed specifies how the service is used. Ifthe box is not checked, email from hosts in the database will be logged to theWindows NT event log, but not refused. This option is useful for �what if �testing purposes.

In the first text box, enter a name by which the service will be known withinMailMarshal.

In the second text box, enter the domain name of the service (eg.blackholes.mail-abuse.org).

In the third text box, enter a message to return to the external SMTP server ifno message is returned by the MAPS service.

Click OK to return to the Host Validation tab.

To edit a MAPS-compatible database listing, select it and click the Edit button.

To delete a listing entirely, select it and click the Delete button.

DNS ValidationTo validate hosts sending incoming email against DNS information, click onthe appropriate checkbox. MailMarshal will perform a reverse DNS lookup onthe IP address from which email is being sent.

Select an option using the radio buttons.


Choose to Accept unknown hosts if hosts without appropriate DNS informationare to be allowed to send email, but logged to the Windows NT event log. Thisoption annotates the message header as �not validated�. It is usually used fortesting or debugging purposes.

Choose Host must have a PTR record to block messages from any host that doesnot have a valid DNS PTR record.

Choose PTR Record must match the HELO connection string to block messages fromhosts whose PTR domain does not match the HELO identification sent by theserver. This is the most restrictive option.

NoteValid email traffic may be blocked by DNS checking if the sending site doesnot have PTR records or they are faulty.

Header RewriteMailMarshal can modify email header and envelope detail (eg. to allow emailaliasing). Modification is performed by the MailMarshal Receiver during emailmessage receipt and is controlled by a series of user-configurable headerrewriting rules that are created under the Header Rewrite tab (see Figure 16.17).

The rewriting rules use a regular expression engine to perform the matchingand substitution. Regular expressions are extremely powerful but somewhatdifficult to construct. Great care should be taken to ensure that the rulesperform only the changes required. Some examples of actions that can beperformed are

� Address modification - for example, changing [email protected] [email protected].

� Field removal - for example, stripping out the received: lines from outboundmessages.

� Alias substitution - for example, replacing addresses via a lookup table, asin [email protected] being replaced by [email protected].

� Domain masquerading - for example, replacing all addresses inthisdomain.com with identical addresses in thatdomain.com.

NotePlease note that this is an advanced option and most sites will not need touse this facility. Test any rules thoroughly, as errors may cause all affected


messages to be undeliverable.

Figure 16.17: Server Properties–Header Rewrite tab

Header rewriting rules are created using a wizard. To start the wizard, clickNew. The screens in the wizard are as follows:

� An introduction screen that gives warning information.

� A field matching screen to select the header or envelope fields to berewritten, and the portion of the field to be modified.

� A substitution options screen where matching and substitutionexpressions are entered.

� A naming and test screen for naming the rule and testing thesubstitution options.


In addition, the order of evaluation of header rewriting rules may be adjustedusing the arrows at the bottom of the Header Rewrite tab (see Figure 16.17).

Field MatchingMost standard email header fields can be rewritten. For instance, to modify theappearance of internal email addresses to outside recipients you would select acombination of the fields From:, Envelope return path and Reply-to:.

Consider the following To: header.

To: (A User) [email protected], �Another user at domain2.com�[email protected]

The following table shows the field data that is passed to the substitutionengine for the various parsing methods.

When modifying address fields in the email header you would usually select thefield parsing method Email Address. Each email address in the field is thenpassed to the substitution engine, while no other characters will be changed.

Substitution OptionsAn optional exclusion filter allows you to specify an expression that, ifmatched, will prevent the field being substituted. This is provided since it canbe difficult to express exclusions in regular expressions.

The field search expression is a regular expression that is used to select the datathat will be substituted. For instance, the expression

Parsing method

Data passed to the substitution engine

Entire line

(A User) [email protected], �Another user at domain2.com� [email protected]

Email address

[email protected] [email protected]

Domain

domain.com domain2.com


(.+)@(.+)\.ourcompany\.com$

will match a sequence of 1 or more characters followed by an @ followed byanother sequence of 1 or more characters, followed by .ourcompany.com at theend of the field. That is, it will match [email protected] [email protected] but [email protected]

Figure 16.18: Header Rewrite Wizard–Substitution Options

Substitution ActionsThree actions are available to be taken on the data matched.

Substitute into field using expression allows the matched data to be replaced using ased or Perl-like syntax. Using the example given above, the substitutionexpression

$1@$2.co.uk.eu


would yield [email protected], [email protected] [email protected] respectively. The last address may besomewhat surprising, but data that does not match part of the regularexpression is simply copied across.

Map using file allows a level of indirection in resolving what to substitute into thefield. A map file must be plain text; each line of the file must contain a key andvalue pair separated by a comma�for example

[email protected], [email protected]@domain.co.uk, [email protected]

The first entry in the line is a lookup key. The second value is the result to besubstituted in place of the original field when the key is matched. Eg. for asearch expression of

(.+)@domain\.co\.uk$

the above map file and a key expression of

[email protected]

would, for the input string [email protected], return [email protected] the key value is not found in the map file then it is returned unchanged asthe result.

Internal host information for outbound email could be removed usingsubstitution; the same information could be added to incoming email forspecific users by use of a map file.

Delete the field returns an empty string if the search expression matches. Moreusefully, if Entire line is selected in the parsing options, Delete the field removesthe entire header line from the email.

A possible use may be to remove Received: lines from outbound email to hideinternal routing information from external recipients.

To achieve this effect, select the Received: field and a parsing method of Entireline, then provide a search expression that will match the hosts you wish to hideand select Delete field. For instance, your search expression might look like

from (secret.host | private.host).my.domain.com


NoteWhile such deletions give a higher level of security, they are not generallyrecommended as they make tracing any email problems difficult.

Testing

The final dialog of the Header Rewrite Wizard (see figure 16.19) allows the newrule to be named, and provides for a comment which should explain thepurpose of the rule. To test the rule, enter a sample string in the Source boxand click Test. If the result is not as expected, go back and modify the rule.When satisfied, click Finish to return to the Header Rewrite tab. If several rulesare in use, adjust the order of evaluation using the arrows.

Figure 16.19: Header Rewrite Rule Wizard–Finish

Regular Expression SyntaxMailMarshal implements a full-featured regular expression syntax. Full


documentation of this syntax is beyond the scope of this manual. Additionaldocumentation and links to further information may be found in MarshalSoftware Knowledge Base article KB162.

A few basics are given below.

Reserved Characters

The following characters are reserved as operators:

* . ? + ( ) { } [ ] $ \ | ^

To match any of these characters literally, precede it with \

To match marshalsoftware.com enter marshalsoftware\.com

Wildcard Character .

The dot character . matches any single character.

Repeat Operators * + ? {}

A repeat is an expression that occurs an arbitrary number of times.

An expression followed by * can be present any number of times, includingzero. An expression followed by + can be present any number of times, butmust occur at least once. An expression followed by ? may occur zero times oronce only. A precise range of repeated occurrences may be specified as acomma-separated pair of numbers within {}. For instance,

ba* will match b, ba, baaa, etc.

ba+ will match ba or baaaa for example but not b.

ba? will match b or ba.

ba{2,4} will match baa, baaa and baaaa.

Parentheses ( )

Parentheses serve two purposes, to group items together into a sub-expression,and to mark what generated the match.

For example, the expression

(ab)*


would match all of the string

ababab

Alternatives

Alternatives occur when the expression can match either one sub-expression oranother. In this case, each alternative is separated by a |. Each alternative isthe largest possible previous sub-expression (this is the opposite to repetitionoperator behavior).

a(b|c) could match ab or ac

abc|def could match abc or def


MailMarshal Reports allows generation of reports based on the informationlogged by the MailMarshal Server. A wide range of reports is availableincluding overall summaries and per-user information.

In order for reports to be generated, logging must first be enabled, either in theMailMarshal installation wizard or from the Reports tab of Server Properties.

MailMarshal Reports may be installed on any Windows (95 or higher)workstation which can connect to the logging database. MailMarshal Reports isimplemented as a Microsoft Access 97 or 2000 database application. As such itrequires Microsoft Access and a printer driver to be installed as prerequisites.The Reports application is available on the MailMarshal distribution CD-Rom,or by separate download from the Marshal Software web site.

Installing MailMarshal ReportsInsert the MailMarshal CD-Rom and choose Install Reports from the autorun orSetup Wizard application. Alternatively, run the downloaded MailMarshalReports installation file. Carefully read and accept the license information.Choose a destination location and program folder.

Once installation is complete, run MailMarshal Reports from the Start menu.When first run, the Reports database will raise the Select Data Source dialog toconfigure an ODBC connection to the logging database.

NoteThe MailMarshal logging database should be created from the Server (inServer Properties or the Installation Wizard) before this procedure isattempted.

If necessary, choose the Machine Data Source tab, then click New.

Choose to create a System data source, with the SQL Server driver. Click Next,then Finish, to see the Create a New Data Source dialog.

Give the data source a friendly name and description, and select the source

Reports 17-1

17. Reports

machine from the drop-down list (or enter its name or IP address if necessary).

Select the option SQL Server authentication. Check the box to require login. Usethe login and password configured when the database was created. For MSDEand many SQL installations, the default login sa with no password will work.

The Client Configuration button is used to select a protocol for communicationwith the database. If the logging database is on the other side of a firewallfrom the Reports computer, use Client Configuration to choose TCP/IPconnection and port 1433, then click OK. Ensure that the firewall is configuredto allow traffic on this port.

Click Next to continue to the next screen. Check the box to change the defaultdatabase; select the MailMarshal database from the list. On the next screen,click Finish.

In the Reports database, enter the appropriate data source name, user name,and password if required, then click Connect to establish the connection. Theconnection will be remembered when Reports is run again.

To Produce ReportsRun the Reports application from the Start menu.

Figure 17.1: MailMarshal Reports

17-2 Reports

To view the list of available reports, expand the various branches of the leftpane menu tree.

Select a report by clicking on it in the left pane. Information about the reportis shown in the lower right pane. Any options for the report type are given inthe upper right pane.

Choose the appropriate options. To choose an arbitrary range of dates, selectthe �Other� radio button, then use the drop down menus to see a date picker.

When all options are chosen, click Preview to view the report on screen.

To print a report, use File|Print from the Access menu. To send the report viaemail, use File|Send To and select an appropriate format, such as Rich Text.

Reports 17-3

The MailMarshal Console is used for day-to-day administration of theMailMarshal Server. Actions available from the Console include:

� Viewing the status of the MailMarshal services.

� Viewing information on queued outbound email messages.

� Reviewing messages that MailMarshal has moved or copied to folders.

� Releasing or reprocessing messages from folders if appropriate.

� Viewing a list of messages processed and their disposition.

� Viewing service alerts.

� Viewing the status of Mail Batching, if configured.

� Viewing news and support information from the Marshal Software web site.

The Console is installed on the MailMarshal Server computer and may also beinstalled on any Windows 95 or higher workstation in the local network. Seethe chapter Installation for prerequisites and detailed instructions.

The Console is implemented as a snap-in to the Microsoft ManagementConsole (MMC). For general information and tips on the MMC, please see thechapter MailMarshal and the MMC. This manual assumes that the MMC isdisplaying the left (menu tree) pane as well as the right (details) pane.

Connecting to the MailMarshal ServerWhen the Console is first run, or if one console is used to connect to morethan one Server, it is necessary to make a connection. Select Action|Connect toServer from the menu.

Choose the name of the server from the drop-down list, or browse the networkusing the button provided (see Figure 18.1). If the Server expects connectionson a port other than the default 19001, enter the correct value. (Forinformation on changing this value at the Server, please contact MarshalSoftware Support.)

To connect as a user other than the current Windows user, select theappropriate radio button then enter the user information.

The Console 18-1

18. The Console

Click OK to attempt to connect.

Figure 18.1: Connect to Server dialog

Console Security IssuesMailMarshal Console uses Windows NT�s secure RPC mechanism tocommunicate with the MailMarshal Server. A console user must have anaccount and password that can be validated by the MailMarshal Server. If theMailMarshal machine is in a different domain you can either set up a trustrelationship or create local accounts on the MailMarshal Server computer. Ifthe Console and the Server are separated by a firewall (eg. if the Server islocated in a DMZ), port 19001 must be opened in the firewall to allow remoteConsole access.

To view the email in the quarantine folders the account in use must have readaccess to the folders. If you wish to make changes to items (eg. forward email,kill messages) the account will also need write access. Access to the foldersshould be limited by using Windows NT security.

To implement access control for other features, edit the access permissions onthe MailMarshal.key file (in the MailMarshal folder on the server). Read accessto this file allows the user to view the service status, queued domains and mailhistory. Write access to this file gives the ability to kill messages, dial now, retrydomains and reload services.

18-2 The Console

The Main Console ScreenIn the left pane, expand the element MailMarshal Console to see the consolemenu tree. Select MailMarshal Console to view the main Console screen in theright pane. This screen provides summary information on MailMarshaloperation (see Figure 18.2).

Figure 18.2: The MailMarshal Console

The top section displays the status, version number, and number of messagesprocessed for each MailMarshal Service. Click the button View Detailed Status tosee details in the MailMarshal Services screen.

The middle section displays recent Service Alerts. Click the button View AlertHistory to see a complete list in the Alert History screen.

The bottom section displays information on Remote Access (dial-upconnectivity) and Mail Batching, including the next scheduled send and pollingtimes. Click the button Send/Receive Now to initiate an immediate check anddispatch of queued messages.

The Console 18-3

NoteMessages processed today for each service will not generally be equal. Not allmessages received are delivered (eg. due to quarantine Rules), andMailMarshal�s notification messages are delivered but not received.

The Services ScreenSelect the item Services in the menu tree to view the Services screen in the rightpane (see Figure 18.3). The upper pane of this screen gives information aboutthe MailMarshal Receiver; the lower pane gives information about theMailMarshal Sender.

Figure 18.3: The Console Services screen

Receiver StateThe following information about the Receiver is available:

Internal Msgs: the number of messages, addressed to recipients inMailMarshal�s local domains, which have been processed today.

External Msgs: the number of messages, addressed to recipients outsideMailMarshal�s local domains, which have been processed today.

Message details: a pane shows details of each message being processed by the

18-4 The Console

Receiver, and its status.

Active Threads: the number of messages currently being processed by theReceiver service.

Licensed Users: the number of users recorded in the MailMarshal LicenseKey.

Current Users: the number of local email addresses from which email hasbeen received in the last 28 days.

NoteThe Current Users value will be displayed in red if the value exceeds thelicensed number. However, rule processing and sending will continue asnormal. Please contact Marshal Software or your reseller to obtain additionallicenses.

Sender StateThe following information about the Sender is available:

Internal Msgs: the number of messages, addressed to recipients inMailMarshal�s local domains, which have been processed today.

External Msgs: the number of messages, addressed to recipients outsideMailMarshal�s local domains, which have been processed today.

Message details: a pane shows details of each message being processed by theSender, and its status.

Active Threads: the number of messages currently being processed by theSender service.

Msgs Queued: the number of messages waiting to be sent.

Domains Queued: the number of unique Internet domains to which messagesare waiting to be sent.

Sender ActionsA message visible in the detailed Sender list can be killed (deleted) by selectingit and clicking the Kill Message button.

A detailed list of information about domains for which email is queued (waitingto be sent) can be viewed by clicking the button View Domains (or the menu tree

The Console 18-5

item Queued Domains). The listing also shows the number of messages queued,number of sender threads dedicated to this domain, number of times deliveryhas been attempted, and the next retry time.

Domain DetailDouble-click on a domain record in the Queued Domains screen to view details inthe Domain dialog (see Figure 18.4). The upper pane of this dialog shows a listof MX records found for the domain. The lower pane shows details of eachmessage awaiting delivery to this domain.

Highlight one or more messages in the lower pane then click Kill Message todelete the messages. Click the Retry Domain Now icon in the toolbar to force animmediate attempt to deliver messages to this domain.

NoteThese actions will be grayed out if the user does not have sufficientpermissions.

Figure 18.4: The Console Domain Dialog

Message FoldersTo view a list of MailMarshal�s message folders, expand the menu item MailFolders. These Folders include the Archive, Parking and regular folders into

18-6 The Console

which messages are placed through Rule action, as well as the Dead Letterfolders used for messages which cannot be processed.

To view the contents of a folder, select it in the left pane. The contents will bedisplayed in the right pane (see Figure 18.5). Folders may have subfolderscreated periodically if this option has been set up in the Configurator. Bydefault no more than 1000 items will be retrieved for each folder. This numbermay be adjusted by choosing Tools|Options from the menu.

Figure 18.5: The Console Folders view

Message Folder ActionsTo search for a message by its MailMarshal message name, use the search iconin the toolbar.

Messages in folders may be forwarded, deleted, processed, and viewed.

NoteUsers who have read-only access to a folder cannot delete messages.Messages in Archive folders cannot be deleted or processed.

Forwarding a MessageTo forward a message, select it then click the Forward icon on the toolbar (oropen it then click the Forward icon on the message window toolbar). To forwardto multiple addresses, enter them separated by semi-colons ([email protected]; [email protected]).

Deleting a MessageTo delete a message, select it then click the Delete icon. This option deletes the

The Console 18-7

message from the folder permanently.

Processing a MessageOne or more messages may be selected for processing. Clicking the ProcessMessage(s) icon raises the Process Message dialog box (see Figure 18.6). Thefollowing actions are available:

Figure 18.6: Process Message dialog

Continue processing the message: this option continues processing themessage after the Rule which placed it in the current folder. This action maybe used to release a message from quarantine while testing it for any furtherviolations of policy.

Reprocess the message: this option resubmits the message for processing bythe current set of MailMarshal Rules. This option may be useful when rules

18-8 The Console

have been adjusted.

Pass the message through: this option allows the message to be queued fordelivery with no further evaluation.

If the checkbox Only apply this action to the following users is checked, the selectedoption will be effective for one or more recipients of the message as selectedusing the detail checkboxes..

The following additional options are available:

Delete the message after processing (selected by default): Once the selectedactions have been performed, the message is deleted from the folder.

Add attachment fingerprints: Attachments (including images embedded inMS Word documents) will be saved in the folder ValidFingerprints (located inthe MailMarshal install folder). The unique �fingerprint� of each attachmentwill be loaded by the MailMarshal Engine. These attachments can be the subjectof a Rule condition if they are found in the future. See the Standard Rulecondition �where attachment fingerprint is/is not known� for more details. Allattachments, or only images, may be �fingerprinted.�

NoteA file can be removed from the list of recognized fingerprints by deleting itfrom the ValidFingerprints folder and reloading the configuration.

MailMarshal automatically deletes a fingerprint (and the associated file) if itdoes not trigger a condition for six months.

Viewing a Message and Message LogTo view a message and its associated processing log (which indicates the reasonfor its placement in the folder), double-click on it in a Message folder (seeFigure 18.7).

The message headers may be examined by clicking the View Message Header iconin the message window toolbar.

NoteProcessing logs are only available if copied by the Rule which placed the itemin the folder.

The Console 18-9

Figure 18.7: Message and log display

Interpreting Message LogsA message log includes information on the structure of the message, andrecords any Rules which it triggered and the reasons for triggering.

Figure 18.6 shows a message which MailMarshal has identified asB00000001.00000001.mml. The message contains a message header (MHDR),a message body (MBODY), an attached ZIP archive (ZIP), and an executablefile (EXE) included within the archive (inclusion is indicated by the indentationof the line in the log).

The message log also indicates which Rules were applied to the message, whichif any were triggered, and what action was taken. The log line for a triggeredRule includes the notation �TRUE� and actions taken follow this line. In theexample, the executable triggered the rule �Block EXECUTABLE Files� in theruleset �Inbound Messages� (see the log excerpt below).

...1452 15:44:57.576 1 user(s) match rule - Block EXECUTABLE Files1452 15:44:57.576 Name=U1\B000000001.00000001.mml (MAIL,55320) False1452 15:44:57.576 Name=U2\MsgHeader.txt (MHDR,602) False1452 15:44:57.576 Name=U2\Plain (MBODY,14) False1452 15:44:57.576 Name=U2\Fgrep.zip (ZIP,39657) False

18-10 The Console

1452 15:44:57.576 Name=U3\fgrep.exe (EXEW32,82944) TRUE Terminal1452 15:44:57.576 Requesting Action <Inbound Messages:Block EXECUTABLE

Files:MailTemplate> be run1452 15:44:57.746 Requesting Action <Inbound Messages:Block EXECUTABLE

Files:LogMessage> be run1452 15:44:57.746 Requesting Action <Inbound Messages:Block EXECUTABLE

Files:MoveMessage> be run1452 15:44:57.746 Action LogMessage for Component U3\fgrep.exe1452 15:44:57.756 Action MoveMessage for Component U3\fgrep.exe...

If a TextCensor script is triggered, the details of the script evaluation areincluded in the log. In the following excerpt, two expressions in the GenericChain Letters script were triggered:

...1452 16:02:24.551 1 user(s) match rule - Block Chain Letters1452 16:02:24.551 TextCensor triggered: Script Generic Chain Letters TriggeredExpression: chain letter* Triggered 1 times weighting 5Expression: send this FOLLOWEDBY=6 (many OR all OR friends OR anyone OR

others OR people OR every*) Triggered 1 times weighting 5

1452 16:02:24.551 Name=U1\B000000002.00000001.mml (MAIL,2998) TRUE Terminal

...

Mail HistoryMail History is a record of recent messages processed by MailMarshal. Bydefault no more than 1000 items will be retrieved. This number may beadjusted by choosing Tools|Options from the menu.

This information is derived from the report logging database, so logging mustbe enabled to view the history.

To view the history, select Mail History in the console tree.

Messages which were successfully sent display a yellow envelope icon and SentTo: information in the Status column.

Messages which passed the Rule processing but could not be sent display anicon with a red �x� and the failure reason in the Status column.

If a message triggers a rule which generates a logging classification, the iconwill be blue and the Status column will display the text associated with theclassification. In addition, the Class Code column shows the numerical logging

The Console 18-11

classification code.

Alert HistoryTo view a historical list of service alerts, select Alert History in the menu tree.

News and SupportSelect this item to view the Marshal Software website in the right pane. Thissite features the latest support information, including Frequently AskedQuestions, a Knowledge Base, and a Support Forum. To access the full rangeof resources, customers should log in to the site. Obtain login details, ifnecessary, by contacting Marshal Software.

18-12 The Console

MailMarshal Secure is an additional module of MailMarshal which implementsthe S/MIME (Secure MIME) standard for encryption and signing of emailmessages using the Public Key Infrastructure.

What is S/MIME?S/MIME is an industry standard method of protecting email privacy using thePublic Key Infrastructure (PKI). MailMarshal Secure interoperates with otherS/MIME aware products, whether server-based or workstation-based.

PKI begins with two digital Keys, known as the Public and Private Key. PublicKeys are made freely available, while Private Keys are kept secret and secure.The Public Key is contained in a digital certificate. A Certificate may begenerated within MailMarshal, or issued by a trusted authority. The Keys areknown as an �asymmetric pair�; messages encrypted using the Public Key canbe read with the Private Key.

Public Certificates are maintained in a database such as MailMarshal�sCertificate Database. A Certificate may be exported into a file which is madeavailable to sites with which S/MIME email will be exchanged.

PKI allows email to be processed in two ways, known as Encryption andSigning. They are often used together�a message may be both encrypted andsigned.

Encryption is the �scrambling� of a message so that it is illegible untildecrypted. Typically email sent to a site will be encrypted with the recipient�sPublic Key (which any sender may have); such messages can only be decryptedby the recipient using their Private Key.

Signing involves processing a message using a Private Key, to generate a uniqueblock of data known as the �signature�. The sender �signs� a message usingher Private Key. This signature is sent with the original message. The recipientcan determine that the message is unchanged and that it originated from thesender, by testing it using the sender�s Public Key.

MailMarshal Secure 19-1

19. MailMarshal Secure

Options for Using MailMarshal SecureMailMarshal Secure can be used to encrypt messages from gateway to gateway,desktop to desktop, or gateway to desktop. Brief explanations of these optionsare given below. Details of the MailMarshal Rules required to implement theseoptions may be found elsewhere in this chapter.

1. Gateway to Gateway: All encryption and decryption of messages iscompleted at the server. Internal networks are trusted for securitypurposes. This mode is easy to set up and run, because all setup andmaintenance is done at the server. Users simply send and receive email.MailMarshal can stamp incoming encrypted messages as valid, and canalso perform content checks on the messages. The default rules given inthe section Basic Security Rules, below, support this method.

2. Desktop to Desktop: Encryption and decryption takes place at the emailclient (such as Microsoft Outlook). In this case, MailMarshal can stillperform content checks if the messages are also encrypted with acertificate for which MailMarshal holds the private key. Messages forwhich MailMarshal does not hold the key may be passed throughunscanned, or rejected, according to local policy.

3. Gateway to Desktop: MailMarshal can sign outbound messages with a�proxy certificate� so that the receiving email client recognizes themessage as validly signed from the sending email address. MailMarshalmust hold public keys for all external addresses to which messages are tobe encrypted. This option is used where MailMarshal performs gatewayencryption, but the remote recipient uses desktop encryption software.

Installing MailMarshal SecureMailMarshal Secure is available on the MailMarshal CD-Rom or in thedownloadable installation file. The product requires an S/MIME enabledLicense Key, available from Marshal Software resellers and the MarshalSoftware sales department ([email protected]). Trial license keysavailable from the Marshal Software website do not enable MailMarshal Secure.

MailMarshal Secure is installed with the Complete installation of MailMarshal.MailMarshal Secure requires Windows NT SP 6a or Windows 2000 with 128 bitencryption, and a MSDE or SQL server to host the Public Certificate Database.

If a minimal installation of MailMarshal was performed, rerun the MailMarshalinstallation program and select the option �MailMarshal S/MIME Server.�

19-2 MailMarshal Secure

This may be done without affecting current settings. For full details of theinstallation process, please see the chapter Installation.

NoteIt is very strongly recommended, for speed, security, and availability reasons,that the Certificate Database be installed on the MailMarshal Servercomputer; therefore the installation program requires that SQL 7.0 or MSDEbe installed locally. In some cases (for instance, a cluster installation) theCertificate Database can be created on a different server.

Once the S/MIME module is installed, select Tools|View License Details from theConfigurator menu bar to see the License Info tab of Server Properties (seeFigure 19.1)

Figure 19.1: The License Info tab of Server Properties


Click Enter Key and enter the S/MIME enabled Key.

Check the box Enable Security. Click the button Create/Select Database to connectto a Certificate Database.

In the Create/Select Database dialog, enter the location of the SQL Server orMSDE computer where the database will reside. It is very stronglyrecommended for speed, security, and availability reasons that this be theMailMarshal server.

If a database exists in the location selected, check �recreate database� to deleteit.

Click OK to return to the License Info tab, and OK again to exit ServerProperties.

Setting Up S/MIME FeaturesPreparing MailMarshal Secure�s S/MIME features for use involves three steps:

1. Create a Domain Certificate (also known as a Server Certificate). Thesame certificate may be used to process email for several domains usingGateway-to-Gateway encryption. See the section Working with Certificatesbelow.

2. Exchange certificates with other sites. Since email messages will typicallybe encrypted and signed in both directions between two or moreorganizations, each must have the appropriate information to encryptfor, and validate signatures from, the other. See the section ExchangingCertificates below.

3. Configure Security Rules. A basic set of Security Rules is required toensure the security of encrypted links with other sites. See the sectionBasic Security Rules and the detailed descriptions of Security RuleConditions and Actions below.

Working with Domain CertificatesWithin MailMarshal, Certificates are created and managed using the CertificateManager. To access the Certificate Manager, choose Tools|S/MIME CertificateManager from the Configurator menu bar.

The Certificate Manager dialog offers five tabs:

Our Domains - used to create and manage Certificates for local domains.


Only certificates under this tab will have private keys associated with them.

Other People - used to import and manage Certificates for individual emailaddresses (whether inside or outside the Local Domains). Domain Certificatesfor external domains also appear on this tab, if they are generated by aCertification Authority.

Intermediate Cert Authorities - used to import and manage Certificatesprovided by external authorities which provide a certification link between aRoot Authority and the local Certificate.

Trusted Root Cert Authorities - used to import and manage DomainCertificates from other Certification Authorities. These include other sites� self-signed certificates and certificates provided by Certification Authorities such asVeriSign, BayCorpID, and Thawte.

CRLs - used to import and manage Certificate Revocation Lists, which areprovided by Certificate issuers to invalidate Certificates before their expirationdate. CRLs may be automatically updated from an Internet source.

Figure 19.2: MailMarshal Certificate Manager–Our Domains tab

NoteThe Import button for Certificates is available on the first four tabs. It willimport the certificate to the appropriate location based on certificate type,regardless of which tab is showing. Eg. a personal certificate will be placed inthe �other people� list even if import is invoked while the �our domains� tab


is showing. A Domain Certificate provided by a Root CA may import asmany as three certificates.

Our Domains tab

This tab is used to create and manage Certificates for local domains (see Figure19.2).

Create a New Certificate: Click on New to see the New Domain Certificate Detailsdialog (see Figure 19.3). Enter the name of your organization and the domainfor which the certificate is to be used.

Figure 19.3: The New Domain Certificate Details dialog

Select a key strength using the radio buttons. Stronger keys are more secure butrequire more processing time when used. 1024 bits is the standard key strengthin common use.

If desired, check the box to generate two certificates, one for signing and onefor encryption. The appropriate settings will be entered into the database foreach certificate.

Select a validity period using the radio buttons. Shorter validity periods requiremore administration (as new certificates must be created and exchanged), butmay enhance security by becoming outdated more quickly.

Choose the source of the certificate using the radio buttons. Self-signedcertificates are typically adequate for encryption and signing between partner


sites which trust each other. A certificate from a CA (Certificate Authority)may be desired where messages are to be signed to prove their origin publicly(eg. to guarantee that information in a message comes from your company).The CA undertakes that the certificates it issues were issued to the companynamed in the certificate. There is no difference in the encryption strengthbetween self-signed and CA certificates.

Click OK. If the certificate is self-signed, it will be created and entered in the�Our Domains� list ready for use.

If the certificate is to be requested from a CA, a certificate request string willbe provided in a new window. Copy this information into the certificaterequest to the CA. A notice of the request will appear in the �Our Domains�list. When the certificate is received from the CA, import it (see below) anddelete the request notice if necessary.

Import Certificate: Click on Import and choose the name of a certificate file to beimported. MailMarshal recognizes several common certificate file types.

NotePKCS12 certificates (.pfx files) may be imported into MailMarshal by firstimporting them into the Microsoft Certificate Store then using the Import fromWin button (see below).

Delete Certificate: Select a Certificate from the list and click on Delete.

WarningThis action will permanently destroy the Certificate and the private key forthis domain. A new one can be created, but it will not allow decryption ofemail sent using the old certificate. If no backup of the Certificate exists, itwill be necessary to create a new certificate and distribute it to everyone whowas using the old one.

Export Certificate: Select a Certificate from the list. Click on Export, then choosethe file format to be used. Enter the file name and location, and save the file.This file may be sent to another site if appropriate for use in transmittingencrypted email. (Only the Public Key is exported.)

View Details: Select a Certificate from the list, then click View Details to see theinformation it contains including validity dates (see Figure 19.4). In the ViewCertificate dialog, select the Certification Path tab to see the details of allcertifying authorities. MailMarshal Secure�s self-signed certificates will be signedby �domain-confidentiality-authority� or �review-authority�.


Figure 19.4: The View Certificate dialog–Details tab

Edit Settings: Select a Certificate from the list, then click Edit Settings to bring upthe Edit Certificate Details dialog (see Figure 19.5).

Figure 19.5: The Edit Certificate Details dialog

If this Certificate is to be used to process email to or from more than one


email domain, add the appropriate names to the list in the top pane. Eg. thecertificate created for marshalsoftware.com might also be used to decryptmessages addressed to marshalsoftware.co.nz. External domains wishing tosend encrypted messages should be informed of this setting. Enter onedomain name per line. Wildcards are not allowed.

Check the appropriate boxes to indicate whether the certificate is preferred forencryption and/or signing purposes.

NoteIf the �preferred� certificate is not available (eg. because it is out of date),another certificate for the same domain will be used, if available. This maycause an encrypted message to be undecryptable if the recipient does nothave the appropriate key.

Choose whether to leave or remove a signature based on this key when it isfound on incoming email. Typically the signature will be removed in gateway togateway encryption situations (since MailMarshal has verified it). The signatureshould be left in desktop to desktop encryption situations so it can be verifiedby the client software.

Proxy Certificates: Select a certificate and click the Proxy Certificates button togenerate a Proxy Certificate for a specific user in the domain governed by thecertificate. See the information on Security Rule Actions later in this chapterfor uses of Proxy Certificates.

NoteMailMarshal Secure will generate Proxy Certificates on the fly and retain themfor future use. It is not normally necessary to create Proxy Certificatesmanually. Proxy Certificates require a specific Domain Certificate for eachdomain supported.

Import from Win: Click this button to import a Certificate (with its associatedPrivate Key if available) from the Windows Certificate Store on the localcomputer.

Export to Win: Select a Certificate then click this button to export a Certificate(with its associated Private Key) to the Windows Certificate Store on the localcomputer.

Other People tab

(See Figure 19.6 for features typical of the next three tabs.) This tab is used to


import and manage Certificates used for individual email addresses, whetherinside or outside the Local Domains, and Domain Certificates for externaldomains which have been issued by CAs.

Figure 19.6 : The MailMarshal Certificate Manager dialog–Trusted Root CA tab

Import Certificate: Click on Import and choose the name of a certificate file to beimported. MailMarshal recognizes several common certificate file types.

Delete Certificate: Select a Certificate from the list and click on Delete.

Export Certificate: Select a Certificate from the list. Click on Export, then choosethe file format to be used. Enter the file name and location, and save the file.This file may be sent to another site if appropriate for use in transmittingencrypted email.

View Details: Select a Certificate from the list, then click View Details to see theinformation it contains including validity dates. In the Details dialog, select theCertification Path tab to see the details of all certifying authorities.

Edit Settings: Select a Certificate from the list, then click Edit Settings to bring upthe Edit Certificate Details dialog (see Figure 19.5).

If this Certificate is to be used to process email to or from more than oneemail domain, add the appropriate names to the list in the top pane. Ask thecertificate holder for a list of valid domains. Enter one domain name per line.Wildcards are not allowed.

Choose the level of trust for the certificate. Explicitly Trust This Certificate, thedefault, allows the certificate to be used. Explicitly Don�t Trust This Certificate will


cause messages related to this certificate to be rejected. Inherit Trust from Issuer(only available for CA issued certificates) bases the trust level on the trust forthe root certificate to which this certificate is chained.

Choose whether to leave or remove a signature based on this key when it isfound on incoming email. The signature might be left if the end user may wishto verify it.

Intermediate Cert Authorities tab

This tab is used to import and manage Certificates provided by externalauthorities which provide a certification link between a Root Authority and thelocal Certificate.

The available buttons and actions are the same as those for �Other People� (seeabove). Note that the trust level for some individual and domain certificatesmay depend on the level of trust granted to intermediate certificates.

Trusted Root Cert Authorities tab

This tab is used to import and manage Domain Certificates provided by othersites, including self-signed and Root Authority certificates.

The available buttons and actions are the same as those for �Other People� (seeabove). Note that the trust level for some individual, intermediate, and domaincertificates may depend on the level of trust granted to Root certificates.

CRLs tab

This tab is used to import and manage Certificate Revocation Lists, which areissued by Certificate issuers to invalidate Certificates before their expirationdate.

Figure 19.7: The MailMarshal Certificate Manager dialog–CRLs tab

Import from File: Click this button and select a file containing the CRL to be


imported. Information on the CRL will appear in the list.

View Details: Select a CRL from the list and click this button to view the detailsof the CRL. The first tab shows a list of Certificate serial numbers which arerevoked. The second tab, Updating, allows entry of a URL from which theCRL should be updated when it expires (see Figure 19.8).

Figure 19.8: The CRL Details dialog–Updating tab

Delete: Select a CRL from the list and click this button to delete it. MailMarshalwill no longer have access to the revocation information from this source.

NoteAutomatic CRL updating requires MailMarshal to access remote websites.The Internet connection and proxy settings should be configured withinInternet Explorer on the MailMarshal Server computer.

Backing Up Certificates and KeysThis is very important. Keep a copy of all Private Keys and the associatedCertificates. Each certificate in the Our Domains tab must be exported. Asimple way of doing this is to export the Certificates to Windows, then exportthem from Windows in PKCS12 format (including Private Keys). Theexported information should be kept securely (eg. on a floppy disk in a safe).

Protect the Certificates FolderThis is very important. The Certificates folder is located in the MailMarshalinstallation folder. Please control access to this folder very carefully as, ifanyone gains access to it, the security of your email may be compromised. Ifsomeone has a copy of the files inside the directory, they would possibly beable to decrypt and read your email and impersonate you.


Exchanging CertificatesTo exchange encrypted email between sites, it is necessary for each site toimport the other�s certificates.

Export the domain certificates for local domains from the MailMarshalCertificate Manager�s Our Domains tab. Email these certificates to the otherdomain�s administrator. Alternatively if the other endpoint for encryption is aclient application that does not recognize domain certificates, it may benecessary to create a proxy certificate for each user and export these.

Import the remote site�s certificates using the Import button in the MailMarshalCertificate Manager.

Checking Imported CertificatesA certificate contains the encryption key for the related addresses. If thewrong certificate is installed, encryption may not function correctly and securitymay be broken.

To check that the correct certificate is installed, compare the �thumbprint� ofthe certificate against the thumbprint of the certificate installed at the othersite. In the MailMarshal Certificate Manager, select the certificate to be checkedthen click View Details. Two versions of the thumbprint, SHA1 and MD5, aregiven if available. Confirm the thumbprint string with the administrator or userat the other site. Perform this action for both sites� certificates.

Basic Security RulesMailMarshal controls S/MIME encryption and signing using Rules which aremaintained in the same way as content checking rules. When MailMarshalSecure is installed and enabled, creation of Security rules is enabled in the RuleWizard.

Please refer to the chapter Rulesets and Rules for basic information on creatingand editing Rules.

The following Ruleset entitled �Encryption with OtherCompany� contains abasic set of rules required to ensure that all email between the two sites isencrypted, signed, and verified. More complex rules are possible, but this setshould be regarded as a minimum for secure communications.

The Ruleset is created with no common User Matching entries.


1. The first two rules specify that outgoing messages are to be encryptedand signed, and state what should happen if encryption cannot becompleted:

When a message arrivesWhere addressed to othercompany.comSign message with an opaque domain certificate

and encrypt message with the domain certificate

When a message arrivesWhere addressed to othercompany.comWhere message cannot be encrypted for one or more recipientsSend a Can’t Encrypt notification message

and move the message to Encrypt Problems

2. The next two rules check that incoming messages are validly encryptedand signed, and warn the user (or other appropriate person) if they arenot. Warning could be by stamping or by email notification.

NoteA more restrictive option would be to quarantine such messages in a Folder.

When a message arrivesWhere addressed from othercompany.comWhere message is not encryptedSend a Not Encrypted notification message

and pass the message to the next rule for processing

When a message arrivesWhere addressed from othercompany.comWhere message signature is Not Verified; Not FoundStamp message with Message NOT signed


3. The next rule blocks any email that MailMarshal can�t decrypt. IfMailMarshal cannot decrypt the message it will be unable to check thecontents.

When a message arrivesWhere addressed from othercompany.comWhere message is encrypted and cannot be decryptedSend a Can’t Decrypt notification message



Rule Conditions–Security RulesThis section includes detailed information on the Rule Conditions availablewithin Security rules. User Matching conditions are the same as those availablein Standard Rules.

Where message is encrypted and cannot be decrypted

By default, MailMarshal attempts to decrypt all encrypted messages. Use thiscondition to detect and block messages that MailMarshal cannot decrypt andcheck. This condition triggers when both of the following are true:

� firstly, a message has been encrypted by someone else. In the case of anincoming message that �someone else� may be another MailMarshal server.In the case of an outgoing message it may be a user within your company,possibly using the encryption features in an email client such as MicrosoftOutlook.

� secondly, MailMarshal cannot decrypt the message (this occurs when themessage was encrypted using a certificate for which MailMarshal does nothold the Private Key). Typically, MailMarshal has private decryption keys onlyfor the site�s server certificates.

NoteIf MailMarshal cannot decrypt a message, then it cannot scan it to check itscontent. Most companies will want to block email that cannot be decryptedby the MailMarshal server.

Where message is encrypted and can be decrypted

This condition can be used in conjunction with the previous condition (eg.when the site wants to stamp incoming encrypted email to indicate its securestatus). The condition will trigger when

� a message has been encrypted using the S/MIME protocol, and

� MailMarshal has a private key for the message and can read it.

Where message is not encrypted

This condition is often used to double-check that all email from another site issecure. For example, the administrator should be informed if another siteaccidentally stops encrypting the email that it is sending.

The condition will trigger when a message is plain text without encryption.


Where message signature is

This condition will trigger when the signature in the message matches theoptions set in the Signature dialog box (see Figure 19.9).

Figure 19.9: The Signature dialog

A number of sub-conditions are available within this condition. More than oneRule could be implemented to inform administrators and recipients about thevarious outcomes.

Message was signed and verified: The message has a valid signature. Thisoption might be used to stamp validly signed messages to assure the user ofthis fact.

Not signed: The message has no signature. This option is used to check thatemail is signed.

Signing certificate has expired: The message has no valid signature�eitherthe signing certificate, or a certificate in the chain of trust, has expired.

Signing certificate is not trusted: The certificate, or a certificate in the chainof trust, has been marked as distrusted by the administrator (using theMailMarshal Certificate Manager).

Signing certificate could not be verified: MailMarshal has been unable tocheck the trust of the certificate (eg. the certificate or its root are not in thedatabase, or the email address for the sender does not match the address set upfor the certificate).


Signing certificate has been revoked: The certificate issuer has revoked thecertificate (included it in a Certificate Revocation List). This means that thecertificate is not to be used because (eg.) it has been lost or stolen.

Message has been altered: The content of the message has been changedsince it was signed. (This may have occurred intentionally or accidentally.)

Where message cannot be encrypted for one or more recipients:

This condition triggers when

� the rules state that the message should be encrypted, and

� MailMarshal cannot find a certificate to use for encryption.

In this case, MailMarshal would have to encrypt the message for somerecipients, but send a plain readable message to the others. This wouldcompromise the security of the message. The recommended action in this caseis to move the message to a folder and notify the sender and/or administrator.

NoteThe Rule containing this Condition should be evaluated after any otherencryption Rules. This condition overrides MailMarshal�s default behaviorwhich is to move the message to the Encryption DeadLetter folder and notifythe administrator.

Rule Actions–Security Rules

Sign message with certificate

Domain Certificate: Uses the certificate for the domain from which themessage originates.

NoteMailMarshal follows the latest Internet protocols but many applications(Microsoft Outlook, for example) will not work correctly with domainsignatures. These applications will read and display the email, but erroneouslywarn the user that the signature is invalid. If sending signed email which willbe verified by a desktop client, use Proxy certificates.

Proxy Certificate: Use this option when communicating with applications thatdo not accept domain signatures. Proxy certificates contain the sameinformation as domain certificates but have an email address for an individualuser.


MailMarshal creates these certificates automatically on the fly. For example, ifthe rules tell MailMarshal to sign a message from �[email protected]�with a proxy certificate, MailMarshal will generate a new certificate for the userand will keep it in the database for later use. It is not necessary to give thecertificate to the end user.

Figure 19.10: The Sign Message dialog

Attach signature as follows: if set to �Opaque,� the signature will becombined with the message in one block of data so that the format is unlikelyto be changed accidentally when being transmitted via the Internet.

If set to �Detached,� the signature will be saved into the message separatelyfrom the content. Therefore anyone can read the message�even if their emailsystem does not support S/MIME. (Use this option if there are compatibilityproblems with another site.)

Calculate the signature with the following algorithm: Select the algorithmto use from the drop down box. Two algorithms are in common use, SHA1and MD5. Both provide adequate security protection but SHA1 may bepreferred. (Use this option if there are compatibility problems with anothersite.)

Annotate the message as domain signed: This option adds a flag to thesignature. When email is received from another site the flag is used to tellwhether the signature was created by the server software or by the end user.(Uncheck this option only if compatibility problems are reported, which isunlikely.)


Encrypt message with certificate

Use this action to encrypt messages so that they can only be read by theintended recipient. There are several encryption options (see Figure 19.11).

Figure 19.11: The Encrypt Message dialog

Encrypt using the recipient�s certificate: This option is used when arecipient is using S/MIME at desktop level. MailMarshal will look in thedatabase for a certificate with an address that matches the �To:� address. It willnot use a domain certificate.

Encrypt using the recipient�s domain certificate: This option is used whena recipient�s site is using Email Gateway software such as MailMarshal.MailMarshal will look in the database for a domain certificate set up for anyonein that domain.


Encryption for recipient and domain: This option is a combination of thetwo previous options. MailMarshal will encrypt using both certificates. Boththe recipient�s Email Gateway software and the recipient will be able to decryptand read the message.

This option would be used if message protection is required to the recipientlevel but the recipient�s company email gateway software blocks messages that itcannot read.

None of the above: MailMarshal will not encrypt with either the recipient�sindividual certificate or their domain certificate, it will only use the escrowcertificate.

Additional email addresses (for escrow): MailMarshal will use a certificatethat matches the email addresses specified in this box. This option is used insituations where a third party may decrypt and read the messages (eg. securearchive, proof of sending, auditing).

Encrypt with sender�s certificate: MailMarshal will also encrypt using thecertificate for the sender so that the sender can reopen sent email.

Encryption algorithm: MailMarshal can encrypt using several algorithms. It isrecommended that you use the strongest, Triple DES. However, anothersetting may be used to allow for recipients who are running incompatiblesoftware.

Search for certs on these LDAP servers: If no valid certificate is found inMailMarshal�s Certificate Store, MailMarshal can try to retrieve a certificatefrom the LDAP servers specified in the list. LDAP can only be used forindividual recipient certificates (domain certificates do not have a commonlyused format).

Click the Add button beside the LDAP servers list. Select an LDAP connectionto be added to the list. If more than one connection is specified, MailMarshalwill query the servers in order from top to bottom. To configure LDAPconnections for certificates, see the chapter LDAP Connections.

NoteUse this feature only as a backup, or where certificates are known to beavailable for the addresses affected�for example, where a company storescertificates for all employees on the LDAP server. If a certificate is notavailable, the email message will be deadlettered (unless a Rule overrides thisbehavior�see the condition Where message cannot be encrypted).


Do not decrypt message

MailMarshal decrypts all messages received (for which it holds an appropriateCertificate) so that content Rules may be applied before delivery. If this actionis specified MailMarshal will deliver the original encrypted version to therecipient. This action is used when email must be protected all the way to adesktop.


Case Studies 20-1

20. Case Studies

When using MailMarshal in an organization, the various features must beconfigured to work effectively with each other and with the networkenvironment. This chapter provides several simple examples and suggestionsof how to put MailMarshal to work:

� Implementing an Acceptable Use Policy (SmartCo).

� Safeguarding a company�s name change.

� Encrypting email.

� Blocking SPAM.

� Implementing email aliasing.

SmartCoSmartCo is a merchandise marketing company with about 200 employees.These employees use email for a number of different business-related purposes.

SmartCo has deployed MailMarshal to support its Acceptable Email Use Policy.The Policy has several goals:

1. to protect the company�s systems against virus infection.

2. to ensure the efficient use of network resources (bandwidth and filestorage).

3. to ensure that internet email is used in ways appropriate to employees�responsibilities.

4. to address legal liability and intellectual property issues.

To implement its Acceptable Use Policy, SmartCo has implemented several ofthe Rulesets which are provided with MailMarshal. Most of the elements havesimply been �turned on�, although some have been customized slightly. Policycompliance is monitored using MailMarshal Reports to report on triggeredrules.

All of the Rules discussed below are found in three MailMarshal Rulesets which

are turned on by default: Inbound Messages, Outbound Messages, and Bothways.Many of these Rules also use default notification templates and write loggingclassifications to the reports database.

Protecting Against VirusesProtection against virus infection (inbound and outbound) is provided in threeways.

� Traditional virus scanning is implemented using the Block Virus Rule. Beforethis Rule can be turned on, a virus scanner must be installed and configured(see Figure 20.1).

Figure 20.1: SmartCo’s Virus Scanners setup

� Script-based viruses and viruses associated with known message text areblocked using using three Rules: Block VBScript, Block JavaScript, and BlockKnown Worms. These Rules invoke TextCensor scripts to scan the content ofthe messages and attachments.

� Viruses and other malicious code are further limited by two additional Rules,Block Dangerous Attachments and Block Executable Files. These rules check theactual file extensions and the internal file types of attached files. Because the

20-2 Case Studies

Information Technology department commonly receives executable files byemail, these rules have been modified to allow receipt of the required files(see Figure 20.2).

Figure 20.2: Block Attachments Rule Exception

Conserving Network ResourcesThe goal of conserving network resources is achieved in several ways.

� Oversized messages are stopped by two rules in the Bothways ruleset. TheReceiver rule Globally deny over 30MB refuses delivery of very large messageswhere ESMTP information is available. The Standard rule Globally quarantineover 30MB stops large messages when ESMTP is not available. Together theserules stop very large messages from being delivered.

� Hoaxes and chain letters are limited by the Block Hoax Messages Rule, whichinvokes a TextCensor script. The TextCensor script has been modified to testfor an additional hoax message (see figure 20.3).

Case Studies 20-3

Figure 20.3: Custom TextCensor item

� Messages from known junk mail sites are blocked using the Block Junk MailersRule. To support this Rule, a list of problem addresses has been added to theuser group JunkMailers.

� Outbound mass mailings are deferred until after business hours using the Parklarge files Rule. This helps to maximize the network bandwidth availableduring the day.

Ensuring Appropriate Usage�Appropriate usage� is defined in terms of the content of email messages.

� Appropriate textual content of messages is checked with the Block UnacceptableLanguage rules in the Inbound and Outbound Rulesets. A TextCensor scriptchecks the body and attachments of messages.

� The blocking of executable attachments also contributes to this goal as userscannot receive or send joke executables.

Reducing Legal LiabilityLegal liability issues can arise due to inappropriate content of messages, andalso due to questions about the ownership of messages.

� Intellectual Property and liability issues are addressed with a custom messagestamp which asserts SmartCo�s ownership of messages (see Figure 20.4).

� The Unacceptable Language filter also helps to address liability issues bylimiting problematic content.

20-4 Case Studies

Figure 20.4: SmartCo’s Custom Message Stamp

ReportsSmartCo tracks compliance with its Acceptable Use Policy using theMailMarshal Reports. The primary report used is the detailed report LoggingRule by Local Domain. This report shows the number and size of messageswhich triggered each Rule, by user name.

The graphical bandwidth usage report is also used for planning purposes.

Company Name ChangeIn an actual case, MailMarshal was configured to prevent premature release of acompany�s name change. This application required the addition of a Rule foroutgoing email, which invoked a TextCensor script to monitor messages for thenew company name. Offending messages were blocked, and the sender andadministrator were notified.

The following Rule and TextCensor script could be used, in conjunction withstandard templates and classifications, to implement this function.

Standard Rule: Name Change Secret Forbids sending of the new company name outside the companyWhen a message arrives

Case Studies 20-5

Where message is outgoingWhere message triggers text censor script(s) Name ChangeSend a Sensitive Mail to Internet notification message

And write log message(s) with Message Sensitive MaterialAnd move the message to Suspect

Figure 20.5: Custom TextCensor Script–Name Change

Encrypted EmailThe Basic Security Rules section in the chapter MailMarshal Secure contains a set ofrules which implements encrypted email from gateway to gateway.

Two enhancements to this ruleset are suggested to cover additional cases:multiple gateway-to-gateway partners, and gateway-to-desktop encryption for

20-6 Case Studies

external recipients who use a desktop encryption client such as MicrosoftOutlook.

NoteIn all cases described here, users within the MailMarshal site do not need totake any special action to encrypt email. They simply send messages, andMailMarshal does the rest.

Multiple Gateway-to-Gateway Encryption PartnersCreate a User Group called Gateway Encryption Partners. Change the ruleconditions Where addressed to: and Where addressed from: so that they refer to thisUser Group rather than a particular domain.

To implement message encryption to an additional domain, first import theappropriate Certificate for the domain into MailMarshal�s Certificate Store; thenadd the domain name to the User Group Gateway Encryption Partners.

Gateway-to-Desktop Encryption Partners

Create a User Group called Desktop Encryption Partners. Use this group tocollect all individual email addresses for which gateway-to-desktop encryption isenabled.

To implement message encryption to an address, first import the remote user�sCertificate into MailMarshal�s Certificate Store; then add the SMTP address tothe User Group Desktop Encryption Partners.

A ruleset implementing these features will appear as follows:

1. The first three rules specify that outgoing messages are to be encryptedand signed, and state what should happen if encryption cannot becompleted. Gateway and Desktop recipients are treated separately:

When a message arrivesWhere addressed to Gateway Encryption PartnersSign message with an opaque domain certificate

and encrypt message with the domain certificate

When a message arrivesWhere addressed to Desktop Encryption PartnersSign message with a detached proxy certificate

and encrypt message with the recipient certificate

When a message arrives

Case Studies 20-7

Where addressed to Gateway Encryption Partners; Desktop Encryption Partners

Where message cannot be encrypted for one or more recipientsSend a Can’t Encrypt notification message


2. The next two rules check that incoming messages are validly encryptedand signed, and warn the user (or other appropriate person) if they arenot. Warning could be by stamping or by email notification.

When a message arrivesWhere addressed from Gateway Encryption Partners; Desktop

Encryption PartnersWhere message is not encryptedSend a Not Encrypted notification message



Encryption PartnersWhere message signature is Not Verified; Not FoundStamp message with Message NOT signed


3. The next rule blocks any email that MailMarshal can�t decrypt. IfMailMarshal cannot decrypt the message it will be unable to check thecontents.


Encryption PartnersWhere message is encrypted and cannot be decryptedSend a Can’t Decrypt notification message


Blocking SpamMailMarshal provides several resources for blocking Unsolicited CommercialEmail and other forms of Spam.

Two anti-Spam Rules are present in the default Inbound ruleset and should beenabled.

� Block Junk Mailers checks for email addresses associated with unwantedemail. The addresses are contained in the User Group Junk Mailers, which

20-8 Case Studies

must be edited by hand.

� Spam Filter uses a TextCensor script to check message contents.

Additional anti-Spam measures may be taken in Server Properties, using thefeatures found on the Host Validation and Blocked Hosts tabs. These featuresallow messages from particular sources to be rejected absolutely before deliveryis completed. See the appropriate sections of the chapter Server Properties fordetails.

NoteThe host blocking features do not log their actions to the MailMarshal logs(only to the Windows NT application log). Further, they cannot be adjustedas finely as MailMarshal�s Rules.

They should be used with caution.

Email AliasingMailMarshal�s Header Rewrite facility can be used to allow email aliases for anorganization. Aliasing may be useful where internal email is addressed to manyservers but outside users use a single domain name for all recipients.

An example of rewriting of outbound message headers (to control the visibilityof internal servers and addresses) is provided in the Header Rewrite section ofthe chapter Server Properties.

An example of rewriting of incoming message envelope details (to direct eachrecipient�s messages to the appropriate internal server) may be found in theKnowledge Base on the Marshal Software website.

Case Studies 20-9

A number of problems may arise when using email systems that can interferewith MailMarshal operation. Therefore, if a problem occurs it may be thatMailMarshal is reflecting an external or internal email or network problem.

When analyzing problems, the following resources may be useful.

MailMarshal ConsoleCheck to see that the MailMarshal services are running. The Alert Historyshows stop and start information for each service. If necessary, restart theservices using the Configurator.

NoteIf the MailMarshal Controller service is stopped, the other services cannotcontinue and the Console and Configurator will indicate �Failed to Connect�.Restart the MailMarshal Controller using the Windows Control Panel Servicesapplet.

Check the Console Services screen to see whether email is being processed.Check the Mail History screen to see whether email has being sent, and anyerrors that the Sender may have encountered. If there are many �Failed toconnect� or �Unable to resolve domain� messages this usually indicates adownstream network, SMTP, or DNS problem.

Windows NT Event ViewerIf there are difficulties when starting any of the MailMarshal services, or thereare any pop-up error messages, start the Windows NT Event Viewer and checkthe application log.

MailMarshal Working DirectoriesCheck the MailMarshal sub-directories to see where email messages are trapped.

The normal flow of email is as follows: The MailMarshal Receiver acceptsSMTP connections for all email (both inbound and outbound). Receiver Rules

Troubleshooting 21-1

21. Troubleshooting

control the rejection of messages at this point. The Receiver places eachaccepted message in a file in the Incoming directory. The Engine then retrieveseach message file from the Incoming directory, unpacks it and processes itaccording to the Standard Rules. A message which is not blocked or moved by aRule is placed into the ProcessedOK directory. The Sender then takes the messagefile from that directory and places it in the Sending directory for delivery.

NoteIf MailMarshal Secure is installed and Security Rules are in use, files from theIncoming folder are processed by the MMDecrypt service which places thefiles in the Decryption folder for the Engine. Messages to be sent are placed inthe Encryption folder for processing by MMEncrypt.

Email queued in the Incoming directory indicates a problem with the Engineservice�either the engine has stopped or the rules are incorrectly configured.Email queued in the Sending directory points to a problem with the senderservice.

MailMarshal Message NamesMailMarshal assigns a name to each message it processes or generates. Thesenames are used as the file names for message files and the associated log files;they are also used to identify the messages in log files.

Message names beginning with �B� are SMTP messages which MailMarshalreceives and processes. Notifications generated by the MailMarshal Sender havenames beginning with �C�. Notifications generated by the MailMarshal Enginehave names beginning with �D�. Notifications generated by the MailMarshalController have names beginning with �E�.

In addition to MailMarshal�s message names, the SMTP Message ID of eachmessage is retained throughout processing and recorded in the processing logs.

MailMarshal Log FilesEach MailMarshal service creates its own daily log file. Routine processing andproblems encountered are all recorded in these log files. The most recentinformation is at the end of the log file. The files are found in the MailMarshalLogging Directory. By default the last 5 days of log files are kept.

21-2 Troubleshooting

Running MailMarshal in Debug ModeMailMarshal services can also be run in debug mode from a command prompt.Using this facility, the user can see the results of the system logging in realtime�which is particularly useful for resolving problems, testing new rules, ordetermining why a service fails to start.

To use this facility, ensure that the service(s) to be debugged are stopped. Thengo to the MailMarshal directory and enter one or more of the following:

mmengine -debugmmreceiver -debugmmsender -debug

For example, to test the passage of a particular email message, run the Receiverand Engine services in debug mode. Use an email client (such as OutlookExpress) to send email and monitor its progress through the Receiver andEngine.

Some Common Issues

Error 2140This message is a generic Windows NT error message meaning that one ormore of the services were unable to start. The error may be related to invalidTextCensor scripts or other setting problems.

To determine the specific cause of the error, first check the Windows NT eventviewer (application log), or the MailMarshal logs. If necessary start theMailMarshal services in debug mode.

Unable to Determine the DomainThe following message may appear in the NT Event Log: �Unable to determinethe domain this machine belongs to. Check the TCP/IP protocol propertiesfor a valid domain name.�

MailMarshal requires a domain to be specified. The Primary DNS suffix of thecomputer should be set to the email domain name of the MailMarshal Server(eg. ourcompany.com)

In Windows 2000, this information should be entered as a Primary DNS setting

Troubleshooting 21-3

(in the Control Panel under System|Network Identification|Properties|More).

In Windows NT, this information should be entered as a Domain (in theControl Panel under Network|Protocols|TCP/IP Protocol properties, DNStab).

Moving MailMarshal to a New ServerWhen moving the MailMarshal Server to a new computer, the following stepsare required:

1. Export the MailMarshal configuration from the old server (using theAdvanced tab of Server Properties)

2. Import the configuration to the new server.

3. Copy the file UserGroups.txt and the contents of the subdirectoryValidFingerprints from the old MailMarshal install directory to the newone.

4. To continue logging to the existing MailMarshal database, copy the fileSequenceFile from the old MailMarshal install directory to the new one.Failure to do this will corrupt the database.

5. Ensure that email routing is adjusted to use the new server (bothinbound and outbound).

For additional information on MailMarshal Server and database migrationplease see Marshal Software Knowledge Base article KB71.

Further HelpFor any problems not listed here, please see the FAQs, Knowledge Base andForum on the Marshal Software website. If these resources do not resolve theissue please contact your Marshal Software Distributor or Marshal�s supportdesk.

Web Home Page: http://www.marshalsoftware.com

Email: [email protected]

21-4 Troubleshooting

http://www.marshalsoftware.com/


The MailMarshal Configurator and Console are implemented as snap-ins to theMicrosoft Management Console (MMC). Users of other MMC applications(such as WebMarshal 2.x Console and Microsoft SQL Server) will be familiarwith this interface.

By default, the MMC features a tool bar, a menu, and two main panes. The leftpane contains a menu tree, while detailed information appears in the right pane.

� To expand an element (branch) of the menu tree, click on the associated +symbol. This will show the elements contained within this branch.

� To select an item in either pane, click on it to highlight it.

� Selecting an item in the left pane will display the associated detail informationin the right pane.

� To collapse an expanded menu element click on the associated - symbol.

� If the left pane is not visible, click the Show/Hide Console Tree icon in thetoolbar. It should appear �pushed in.�

NoteThe tool bar and menu bar of MMC are context dependent. The availableicons and choices depend on which item is selected in the main panes. If anicon referred to is not visible, ensure that the appropriate item is selected.For instance, the arrow icons, which allow rules to be moved up or down inorder of evaluation, are only visible when a rule is selected in the right pane.

While this manual usually refers to choices from the tool bar, in many cases theMMC also provides equivalent choices from pop-up context menus, which aremade available by right-clicking on the selected item.

Configurator and Console in the Same MMCWhere more than one MMC snap-in (such as the MailMarshal Configurator,MailMarshal Console, and WebMarshal Console) is to be used from the same

MailMarshal and the MMC 22-1

22. MailMarshal andthe MMC

machine, a new MMC Console can be created which contains all the requiredsnap-ins.

To create a custom MMC Console, run mmc.exe from a command prompt.Choose Console|Add/Remove Snap-in from the main menu. In the Add/RemoveSnap-in dialog, click Add to see a list of available snap-ins. Double-click eachdesired snap-in to add it to the list. When done, click Close, then OK.

To save the custom Console, choose Console|Save from the main menu. Select alocation for the .msc file.

Double-click this file to run the custom console.

Note Only one instance of the MailMarshal Configurator may be active perMailMarshal Server. Attempting to start a second Configurator results in thenotice �MailMarshal settings are locked.�

22-2 MailMarshal and the MMC

Typically MailMarshal receives inbound email, processes it, then relays it to theorganization�s internal email server as specified in the Local Domains list.Outbound email is passed from the internal email server to MailMarshal forprocessing and external delivery. See the chapters Pre-Installation and Installation.

Once MailMarshal has been installed, the internal email server software must beconfigured to send outgoing email to MailMarshal for processing and delivery.

Where MailMarshal is installed on the same computer as the existing emailserver software, the two applications must use different �ports� to receive emailIn this case, the following steps are typically necessary:

� As the MailMarshal receiver is now accepting SMTP traffic on port 25, changethe SMTP port that the other email server uses for SMTP (port 97 is usuallyavailable, although any free TCP port will do).

� Configure the other email server software to forward all Internet email to thelocal machine (use the �localhost� IP address 127.0.0.1, port 25).

� Check that MailMarshal is configured, via its Local Domains information, toforward all inbound email to the local machine on the alternative port (again,use the localhost IP address and port, eg. 127.0.0.1:97). Specific details forconfiguring Microsoft Exchange 5.5, Lotus Notes 4, and Lotus Domino R5are given below. For more detailed information, and to configure other emailserver software, please refer to the product documentation for the othersoftware. The Marshal Software Knowledge Base also contains someadditional setup information.

NoteThe following integration examples assume SMTP connectivity has been setup and is running properly�all that is required here is the introduction ofMailMarshal to an already operating environment.

Appendix A: Other Email Servers A-1

Appendix A: Other Email Servers

Configuring Microsoft Exchange 5.5

Exchange 5.5 and MailMarshal on Separate MachinesOn the Microsoft Exchange Server, run Microsoft Exchange Administrator. Underthe Configuration container, select Connections, then select Internet Mail Service (seeFigure A.1).

Under the Connections tab, change the Message Delivery option from DNS toForward all messages to host, and enter the MailMarshal server IP address, eg.�10.1.1.1�. This will ensure that outgoing messages are passed to theMailMarshal machine. Click on OK.

Figure A.1: MS Exchange 5.5 Internet Mail Service properties

Stop and start the Microsoft Exchange Internet Mail Service from the ServicesControl Panel applet.

A-2 Appendix A: Other Email Servers

Exchange 5.5 and MailMarshal on the Same MachineOn the Microsoft Exchange Server, run the Microsoft Exchange Administrator.Under Configuration, select Connections, then select Internet Mail Service (see FigureA.1).

Under the Connections tab, change the Message Delivery option from DNS toForward all messages to host, and enter �127.0.0.1� to identify the local machine.This will ensure that out-going messages are passed to MailMarshal on thesame machine as MS Exchange.

Because MailMarshal is installed on the same machine, Microsoft Exchangemust be configured to listen for SMTP traffic on a different port to the SMTPdefault of 25.

Microsoft Exchange uses the Windows NT services file to determine whichport to listen on for inbound SMTP messages. It is necessary to edit theservices file to change the default SMTP port for Microsoft Exchange to a newvalue, for example 97.

The Windows NT services file is located in the folder

%systemroot%\system32\drivers\etc (where %systemroot% is usually C:\WINNT)

In this folder, edit the file named Services using Notepad. Add an explanationand the new port details.

Locate the text

smtp 25/tcp mail

Comment out the line by prefixing it with the �#� character, and add the newmaterial:

# smtp 25/tcp mail# Change default smtp port to 97 to allow both Microsoft# Exchange and MailMarshal to exist on same machinesmtp 97/tcp mail

Save the Services file and close Notepad. Stop and start the Microsoft ExchangeInternet Mail Service from the Services Control Panel applet.

NoteThis example uses port 97, but any available port number may be chosen aslong as it does not conflict with any other service on the same machine.


Configuring Lotus Notes 4

Lotus Notes 4 and MailMarshal on Separate MachinesOn the Lotus Notes Server, shut down SMTPMTA from the Notes console.Open the Public Address Book. Expand the Server section, and select theConnections view. Open the Internet Hosts Document (see Figure A.2).

Figure A.2: The Lotus Notes 4 Internet Hosts Document

Change the Relay host field to the IP address of the MailMarshal machine, eg.�192.168.2.218�. This will ensure that out-going messages are passed to theMailMarshal machine.

Restart the SMTPMTA.


Lotus Notes 4 and MailMarshal on the Same MachineOn the Lotus Notes Server, shutdown SMTPMTA from the Notes console.Open the Public Address Book, expand the Server section, and select theConnections view. Open the Internet Hosts Document (see Figure A.2).

Change the Relay Host field to �127.0.0.1� to identify the local machine. Thiswill ensure that out-going messages are passed to MailMarshal on the samemachine as Lotus Notes.

Because MailMarshal is installed on the same machine as Lotus Notes, theSMTP component must be configured to listen to a different port to the SMTPdefault of 25.

Lotus Notes uses the Notes.INI file to determine which port to listen to forinbound SMTP messages. The file must be edited to change the default SMTPport for Lotus Notes, eg. �97�.

The Notes.INI file is located in the WINNT folder (eg. C:\Winnt).

Using Notepad, edit the Notes.INI file and add the following item at the end ofthe file.

SMTPMTA_IPPORT=

Then specify the port number on which MailMarshal was configured and towhich internal email is to be forwarded, eg.

; Changed default smtp port to 97 to allow both; Lotus Notes and MailMarshal to exist on same; machineSMTPMTA_IPPORT=97

Restart the SMTPMTA.


Configuring Lotus Domino R5All changes must be made through Domino Server Administrator, and not byediting files or using the Notes Client.

Lotus Domino R5 and MailMarshal on Separate Machines

Configure Domino to forward outgoing SMTP traffic to MailMarshal

1. Select the Domino Server for which the mail relay setting must bechanged.

2. Click on the Configuration Tab.3. Select Messaging, Messaging Settings.4. On the Basics Tab find the entry for Relay hosts leaving the local

Internet Domain; enter the IP address of the MailMarshal server, eg.10.2.1.7.

From the server console or a remote session from the Domino Administratortype the following

>Tell SMTP quit

Once the message that the SMTP service has stopped has appeared on screentype the following

>load SMTP

The new settings should now be active. The SMTP listening ports can bechecked by typing

>sh tasks

Lotus Domino R5 and MailMarshal on the Same Machine

Change the SMTP Inbound port from port 25 to port 97

As MailMarshal will take over the role of listening for SMTP traffic on port 25,the port that Domino listens on must be changed. You can use any unusedport (Port 97 is usually free).

1. Select the Domino Server for which the SMTP listening port must bechanged.

2. Click on the Configuration Tab.3. Select Server, Current Server Document.


4. Click on the Ports Tab, then Internet Ports Tab, then Mail Tab.5. Change the Mail SMTP Inbound setting from 25 to 97.

Configure Domino to forward outgoing SMTP traffic to MailMarshal

1. Select the Domino Server for which the mail relay setting must bechanged.

2. Click on the Configuration Tab.3. Select Messaging, Messaging Settings.4. On the Basics Tab find the entry for Relay hosts leaving the local

Internet Domain; enter 127.0.0.1.

From the server console or a remote session from the Domino Administratortype the following

>Tell SMTP quit

Once the message that the SMTP service has stopped has appeared on screentype the following

>load SMTP

The new settings should now be active. The SMTP listening ports can bechecked by typing

>sh tasks


Index I-1

AAcceptable Use Policy, 1-1, 20-1, 20-5Accounts (POP3), 7-1, 16-7, 16-9Actions, see Rule ActionsActive Directory Server, 15-2, 15-3Administrator email addresses, 3-5,

16-2Advanced Options, 16-17 to 16-20Aliases, email, 16-24, 20-9Alert History, 18-12Anti-Relaying, 16-12 to 16-13Archiving, 5-1, 10-2, 10-3, 18-6, 18-7Attachment details, logging, 3-8, 5-17Attachment fingerprints, 5-12, 5-17,

16-18, 18-8Attachment parent, 5-11Attachments, 5-10 to 5-13, 12-3

Stripping, 5-17

BBacking up

Configuration, 16-18S/MIME Certificates, 19-12

Batching (email delivery), 3-7, 16-5Best Practices, 5-1, 8-2Block Receipt, 5-19Blocked Hosts, 16-20

CCertificate Manager (S/MIME), 19-4

to 19-12Certificates (S/MIME), 19-4 to 19-13Classifications, see Logging

ClassificationsConditions, see Rule ConditionsConfiguration, import and export,

12-5, 12-6, 16-18

Configurator, 4-1 to 4-5Console, 18-1 to 18-12, 21-1Contact Information, vController, MailMarshal, 3-14, 15-4,

15-5, 21-1, 21-2CRLs, 19-5, 19-11 to 19-12

DDatabase

Certificate, 19-3, 19-4, 19-12Logging, 3-8, 3-9, 17-1 to 17-3

Dead Letter, 8-4, 9-2, 10-1, 18-7, 19-7Debug mode, 21-3Decryption, S/MIME, 19-15, 19-21,

20-6 to 20-8Delivery, email, 2-2 to 2-4, 3-6, 16-3,

16-6Desktop-to Desktop encryption, 19-2,

19-9, 19-17, 19-19, 19-21Dial-Up, 3-7, 16-4DMZ, 2-7, 18-2DNS, 2-3, 3-2, 3-6, 3-14, 16-3, 16-23,

16-24DSN, 17-1Domains, 2-3, 2-8, 3-13, 16-3

See also Local Domains

EEmail servers, 3-11, A-1 to A-7Email Templates, see TemplatesEncryption, S/MIME, 19-1, 19-15,

19-18, 20-6 to 20-8Engine, MailMarshal, 1-2, 5-6, 21-1,

21-2Error 2140, 21-3ESMTP, 5-6, 5-19, 20-3ETRN, 16-7

Index

Exchange, see Microsoft ExchangeExporting configuration, 12-6, 16-18External Commands, 5-14, 5-16, 9-1

FFiltering, 1-2, 5-3, 16-26Fingerprints, see Valid FingerprintsFirewall, 2-3, 2-4, 2-8, 3-6, 3-13, 3-14,

16-3, 16-11, 17-2Folder Actions, Console, 18-7Folders, 10-1 to 10-4, 16-17, 18-6 to

18-7Archive, 18-7DeadLetter, 8-4, 9-2Parking, 10-2Standard, 10-2

GGateway-to-Gateway encryption, 19-2,

19-4, 19-20, 20-6Goto action, 5-5, 5-18

HHardware requirements, 2-1Header Rewrite, 16-24 to 16-31Help, 1-4History, see Alert History, Mail HistoryHost Validation, 16-21 to 16-24

IImporting configuration, 12-5, 16-18Importing Certificates, 19-7, 19-9Installation, 3-1 to 3-15, 17-1, 19-2Internet Explorer, 2-2, 19-12ISP, 2-3 to 2-5, 3-6, 16-3, 16-7

KKeys, MailMarshal license, 3-2, 3-4,

16-15, 16-16, 19-2S/MIME enabled, 16-16, 19-2

Keys, PKI, 19-1 to 19-15Knowledge Base, 1-4

LLDAP, 6-1, 15-1 to 15-5, 19-19License Key, see KeysLicensing, 16-14 to 16-17Licensing Agreement, iLocal Domains, 2-3, 3-2 to 3-5, 3-11,

5-9, 5-20, 16-8 to 16-10Localhost, 2-4, 3-11, A-1Logging, 3-8, 4-2, 16-11, 17-2, 18-11,

21-2Logging Classifications, 13-1, 13-2Logs (message), 18-8 to 18-10Lotus Notes, A-4 to A-7

MMail, see also Email

Batching, 3-7, 16-5 to 16-8History, 3-8, 18-11, 21-1

MAPS, 16-22, 16-23Message Folders, see FoldersMessage log, 12-7, 18-9 to 18-11Message names, 18-7, 21-2Message parking, 10-2, 5-18, 18-6Message Stamp, 5-17, 14-1, 14-2,

16-20, 19-2Microsoft Active Directory Server,

15-2, 15-3Microsoft Management Console

(MMC), 22-1Microsoft Exchange, A-1 to A-3Microsoft Proxy Server 2.0, 3-11Moving MailMarshal, 21-4MSDE, 2-2, 3-2, 19-2MX record, 2-4, 3-2, 3-14, 16-8, 18-6

NNews and Support, 4-5Notes, see Lotus NotesNotifications, 3-5, 5-17, 8-4, 9-2, 11-1,

16-2, 21-2

OODBC, 17-1Online Help, 1-4

I-2 Index

Order of Evaluation, 5-5, 5-18, 12-1,16-10, 16-26

PPass message to rule, 5-5, 5-18Permanent Key, 16-14 to 16-16POP3, 2-3, 3-3, 7-1, 16-7, 16-9Ports, see TCP portsPrerequisites, 2-1, 16-20, 17-1, 19-2Process message, 18-8Proxy Certificate, 19-2, 19-9, 19-13,

19-17Proxy server, 3-11Proxy settings, HTTP, 19-12

QQuarantine folders, see FoldersQuarantined messages, 10-2, 18-2,

18-8Queued Domains, 18-2, 18-5, 18-6Queues, message, 18-5, 18-6, 21-2

RRAS, 16-4Receiver, MailMarshal, 1-2, 3-11, 5-6,

16-19, 18-4, 21-1, 21-3Regular Expressions, 16-24 to 16-31Relay Domains, 3-3, 16-9Relaying, 2-3, 5-20, 7-2, 16-12

See also Anti-RelayingPOP3 Authentication, 7-2

Release message, 18-8Reload Rules, 4-2Reports, 3-8, 16-11, 17-1 to 17-3Restoring configuration, 12-5, 16-18Routing, email, 2-2, 2-3, 21-4RTF message stamping, 14-1, 16-20Rule Actions

Receiver, 5-19, 5-20Security, 19-17 to 19-21Standard, 5-15 to 5-19

Rule ConditionsReceiver, 5-19Security, 19-15 to 19-17Standard, 5-10 to 5-15

Rule User Matching, 5-8 to 5-10Rules, 5-5 to 5-19, 19-13 to 19-21

Header Rewrite, 16-24 to 16-31Rulesets, 5-1 to 5-6

Enabling, 5-4Printing, 5-2

SScanners, see Virus scannersSchedules, 5-18, 6-2, 10-3, 15-4, 16-6,

18-3Security issues, 10-4, 15-5, 16-16, 18-2Sender, MailMarshal, 1-2, 16-19, 18-5,

21-1 to 21-3Server Array, 16-20Server Properties, 16-1 to 16-31Server Threads, 16-19Service Alerts, 18-3, 18-12Services, MailMarshal, 1-2, 4-2, 16-7,

18-4, 21-1Signing, message, 19-1, 19-15, 19-17S/MIME, 19-1SMTP, 2-2, 2-4, 3-11Software requirements, 2-1, 2-2, 16-20,

17-1, 19-2Spam, 5-15, 16-12, 16-21, 20-8SQL Server 7.0, 2-2, 16-11, 17-2Subject line, 12-3, 12-5Support, 21-4

TTCP ports

110, 2-61433, 2-7, 16-11, 16-16, 17-219001, 2-7, 18-1, 18-225, 2-4 to 2-7, 3-11, A-197, 2-4, 2-6, 3-11, A-1

Templates (email notification), 5-17,11-1 to 11-3

TextCensor Scripts, 12-1 to 12-7Troubleshooting, 21-1 to 21-4

UUninstalling MailMarshal, 3-14

Index I-3

User Groups, 5-3, 6-1 to 6-3, 15-1,16-8

User Matching, see Rule User Matching

VValid fingerprints, 5-2, 5-17, 16-18,

18-9, 21-4Virus Scanners, 5-14, 8-1 to 8-6, 9-2

WWebsite, Marshal Software, 1-4Wildcards, 16-10, 16-11Working directories, 21-2

I-4 Index

Date post:	04-Apr-2015
Category:	Documents
Upload:	meshack-mutua
View:	761 times
Download:	0 times

Mail Marshal 42

Documents