GFI MailEssentials 14 User Manual
Contents
1. Checks if the email received is from senders that are listed on a public DNS blacklist of known spammers Stops emails which contain links to domains listed on public Spam URI Blocklists such as sc surbl org A module which analyses the individual fields in a header by referencing the SMTP and MIME fields Spam messages are identified based on blocked keywords in the email title or body Emails that have been received from senders to whom emails have never been sent before An anti spam technique where a statistical probability index based on training from users is used to identify spam x v Enabled by default x Not enabled by default Table 15 Anti spam filters enabled by default By default email classified as spam will be tagged i e will include the prefix SPAM in the subject field see Screenshot 74 above Although enabled by default email tagging is NOT the only anti spam filter action that can be triggered on detection of email spam Table 16 Anti spam filter actions below Other actions include re routing of spam emails to specific folders and deletion of spam emails Anti spam filter actions email address user mailbox folder Move to subfolder in Move to junk mail Forward to specific O N NN ON OAE EAO SpamRazer y v v v v Directory Harvesting v v v v v PURBL v v v v y SPF v v v v y Whitelists O O O O O Getting Started Guide 5Binstallation for SMTP Servers e 115 Custom Blackl2. NOTE You can also use Telnet to manually send the test email and obtained more troubleshooting information For more information refer to http support microsoft com support kb articles Q153 1 19 asp 4 5 2 Upgrades from earlier version If you are currently using a previous version of GFI MailEssentials versions 9 10 11 and 12 you can upgrade your current installation while at the same time retain all your existing configuration settings Important notes e Upgrades cannot be undone i e you cannot downgrade to an earlier version once you have installed the latest version 74 e 3Binstallation for Microsoft Exchange 2007 Getting Started Guide e On upgrading an existing installation licensing reverts to trial version and a new fully purchased license key for the GFI MailEssentials 14 is required For more information on new license keys refer to http customers gfi com e You cannot change the installation path during GFI MailEssentials upgrades e When upgrading from GFI MailEssentials 9 the current Bayesian weights file will be upgraded to the new format used in GFI MailEssentials 10 or later The new format is more compact and uses less memory NO DATA WILL BE LOST 4 5 3 Upgrade procedure 1 Launch GFI MailEssentials installation on the server where your earlier version of GFI MailEssentials is installed GFI MailEssentials p GFI MailEssentials version 12 0 2007 1203 is already installed You must uninsta
3. 1 On establishing a connection the incoming emails recipient email address is checked and if it is not found the connection is immediately terminated This is done through the directory harvesting filter If the recipient email address is found email goes to next stage 2 Next the email is checked to see if it is addressed to a list server If this is the case the email is forwarded to the list server else it goes to the next stage 3 The incoming email is filtered using all the spam filters Any email that fails a spam filter check is sent to the anti spam email actions If an email goes through all the filters and is not identified as spam it then goes to the next stage 4 If configured email is next archived to the reporting database The mail goes to the next stage 5 If configured auto replies are next sent to the sender Email goes to next stage 6 If configured email monitoring is next executed and the appropriate actions taken Email goes to the next stage 7 The new senders filter is now executed Email goes to the next stage 8 Email is sent to the user s mailbox Getting Started Guide Recipient check connection dropped O List Server Antispam email actions Archive Reporting Database Auto reply message Mail Monitoring User Mailbox 1BHow does GFI MailEssentials work e 7 2 1 1 Inbound email domains A very important concept with
4. e Microsoft Windows 2000 Server Advanced Server SP1 or higher e Microsoft Small Business Server 2000 SP2 2003 SP1 Mail Servers e Lotus Domino 6 or later Other components e Microsoft NET Framework 2 0 e Microsoft Data Access Components MDAC 2 8 This component is used by GFI MailEssentials mail archiving feature to communicate with databases Download this component from http www microsoft com Downloads details aspx familyid 6C050 FE3 C795 4B7D B037 185D0506396C amp displaylang en e Internet Information Services IIS x32 or x64 SMTP service and WWW service This is required to enable communications between GFI MailEssentials and Lotus Domino e Microsoft XML core services This is required by the GFI MailEssentials reporter to enable anti soam report generation For UK US English OS this is installed automatically by GFI MailEssentials For other languages this can be downloaded from Getting Started Guide 4Binstallation for Lotus Domino e 85 http www microsoft com downloads details aspx Familyld 3144 B72B B4F2 46DA B4B6 C5D7485F2B42 amp displaylang en e OPTIONAL Microsoft Message Queuing Services This is required ONLY if list servers are used MSMQ is used by GFI MailEssentials to ensure the reliable running of distributions lists on list servers For more information on list servers refer to List servers section in the Administration and Configuration manual 5 2 2 System requiremen
5. Bayesian Analysis v Action supported x Action not possible O Not applicable Table 4 Anti spam filter actions Configuration of anti spam filters and actions is possible via the GFI MailEssentials Configuration console Additionally through this console you can also run reports and customize other product features such as enable daily spam digest For guidelines on how to configure GFI MailEssentials functions and features refer to the GFI MailEssentials Administration and Configuration manual 3 6 Installing on Microsoft Exchange 2000 2003 cluster Introduction A cluster is a group of servers technically known as nodes working collectively as a single server Such environment provides high availability and fail over mechanisms to ensure constant availability of resources and applications including email infrastructures If one of 34 e 2Binstallation for Microsoft Exchange 2000 amp 2003 Getting Started Guide the nodes in the cluster fails is not available resources and applications switch to another cluster node A Microsoft Exchange cluster can be set up in one of 2 modes active active or active passive GFI MailEssentials supports ONLY active passive clusters In an active passive cluster a failover mechanism ensures that whenever an active cluster fails one of the available passive nodes becomes active i e takes over the role of the failed node In view of the way clusters work GFI MailEssentials must
6. Checking the MX record of your domain Step 7 Test your new mail relay server Before proceeding to install GFI MailEssentials verify that your new mail relay server is working correctly by doing as follows Test IIS SMTP inbound connection via test email 1 Send an email from an external account e g internet email account to an internal email address user 2 Ensure that intended recipient received the test email in the respective email client Test IIS SMTP outbound connection via test email 1 Send an email from an internal email account to an external account e g internet email 2 Ensure that the intended recipient external user received the test email NOTE You can also use Telnet to manually send the test email and obtained more troubleshooting information For more information refer to http support microsoft com support kb articles Q153 1 19 asp 6 4 2 Upgrade from earlier version If you are currently using a previous version of GFI MailEssentials versions 9 10 11 and 12 you can upgrade your current installation while at the same time retain all your existing configuration settings Important notes e Upgrades cannot be undone i e you cannot downgrade to an earlier version once you have installed the latest version e On upgrading an existing installation licensing reverts to trial version and a new fully purchased license key for the GFI Getting Started Guide 5Binstallation
7. For more information on list servers refer to List servers section in the Administration and Configuration manual 4 2 2 System requirements Hardware Processor e Minimum Intel Pentium or compatible 1 GHz 32 bit processor e Recommended x64 architecture based server with Intel 64 architecture or AMD64 platform Memory e Minimum 1GB RAM e Recommended 2GB RAM Physical Storage e Minimum 500MB for installation 2GB for execution e Recommended 500MB for installation 4GB for execution 4 3 Important settings 4 3 1 Antivirus and backup software Antivirus and backup software may cause GFI MailEssentials to malfunction This occurs when such software denies access to certain files required by GFI MailEssentials Disable third party antivirus and backup software from scanning the following folders 62 e 3Binstallation for Microsoft Exchange 2007 Getting Started Guide x86 installations 32 bit X64 installations 64 bit lt Program Files lt Program Files GFI MailEssentials gt x86 GFI MailEssentials gt lt Program Files x86 Common lt Program Files Common Files GFl gt Files GFI gt lt Inetpub mailroot gt If installed on a gateway machine lt Program Files Exchsrvr Mailroot gt If installed on the same machine as Microsoft Exchange 2007 4 3 2 Firewall port settings Configure your firewall to allow the following port connections These ports are used by GFI MailEssentials t
8. i e distributions lists select Yes to install MSMQ 40 e 2Binstallation for Microsoft Exchange 2000 amp 2003 Getting Started Guide E GFI MailEssentials for Exchange SMTP Setup Confirm inbound email domains or y gt Click Next to begin installation H a4 The following inbound email domains were found A GFI MailE ssentials can only process emails addressed to the domains listed above Therefore if SPAM email is sent to a domain not listed above it will not be blocked To further configure the above domains open the GFI MailE ssentials configuration right click on the General node and select Properties GFI MailE ssentials lt Back Cancel Screenshot 27 Configure your inbound email domain 11 Setup will now display the list of inbound email domains detected Verify that all inbound email domains to be protected against spam are listed Take note of any changes required for post installation and click Next NOTE You can modify the list of inbound email domains ONLY post install For more information refer to the Confirm domains to defend against spam section starting on page 43 in this manual 12 Click Finish to finalize your installation On completion setup will e Ask you to restart the SMTP service Failing to restart the SMTP service will negatively affect anti spam filtering and email flow e Check whether Microsoft XML engine is installed This is automatically installed if not f
9. 2007 61 4 1 Introduction 61 4 2 System requirements 61 4 3 Important settings 62 4 4 Installing on Microsoft Exchange or SBS server 63 4 5 Installing on an email gateway or relay perimeter server 72 4 6 Installing on Microsoft Exchange Server 2007 clusters 83 5 Installation for Lotus Domino 85 5 1 Introduction 85 5 2 System requirements 85 5 3 Important settings 86 5 4 Installing on gateway servers for Lotus Domino 87 6 Installation for SMTP Servers 101 6 1 Introduction 101 6 2 System requirements 101 6 3 Important settings 102 6 4 Installing on gateway servers for SMTP Servers 103 7 Uninstalling GFI MailEssentials 117 7 14 Introduction 117 8 Troubleshooting and support 118 8 1 Introduction 118 8 2 Troubleshooting Installation issues 118 8 3 Troubleshooting Spam management issues 120 Getting Started Guide OBIntroduction e 3 Troubleshooting Anti spam filters amp actions Knowledge Base Web Forum Request technical support Build notifications Documentation 9 Glossary 10 Index 4 e OBIntroduction 121 121 121 121 122 122 123 127 Getting Started Guide 1 Introduction 1 1 About this manual The scope of this Getting Started Guide is to help you install and run GFI MailEssentials on your network with minimum configuration effort It describes 1 The various environments and email infrastructures supported by this product 2 Guides you through the respective installation procedure 3 Walks you
10. 5 Expand the Default SMTP Virtual Server node 6 Right click Domains and select New gt Domain 7 Select the Remote option and click Next 8 Specify domain name e g test gfi com and click Finish Step 3 Enable email relaying to your Microsoft Exchange server 1 Right click on the new domain e g test gfiiccom and select Properties 2 Select the Allow the Incoming Mail to be Relayed to this Domain checkbox Getting Started Guide domain com Properties 24x General Advanced pans domain com Select the appropriate settings for your remote domain IV Allow incoming mail to be relayed to this domain I Send HELO instead of EHLO Outbound Security Route domain Use DNS to route to this domain Forward all mail to smart host o 932 168 0 2 Cancel Apply Help Screenshot 65 Configure the domain 3 Select the Forward all mail to smart host option and specify the IP address of the server managing emails in this domain IP address must be enclosed in square brackets e g 123 123 123 123 so to exclude them from all DNS lookup attempts 4 Click OK to finalize your configuration Step 4 Secure your SMTP email relay server If unsecured your mail relay server can be exploited and used as an open relay for spam To avoid this from happening it is recommended that you specifically define which mail servers can route emails through this mail relay server i e allow onl
11. All 1j Send Receive _ 2pFind LUEI t D alFrom Subject Received L3 Inbox in Mailbox L Unread Mail in Mailbox E Date Today LA For Follow Up in Mailbox John Doe SPAM ttention Read Carefully Fri 27 02 09 2 03 PM L3 Sent Items in Mailbox All Mail Folders 5 E Personal Folders 3 Deleted Items UA Drafts ttention Read Carefully D L3 Inbox L Junk E mail 5 3 Outbox Sent Items From ADMINISTRATION mailto security federalreservebank us 3 LA Search Folders Sent Tuesday February 24 2009 12 48 PM re For Follow Up 18 Subject Attention Read Carefully LA Large Mail LA Unread Mail a 83 Archive Folders FEDERAL RESERVE BANK Important You re getting this letter in connection with new directions Department The directions concern U S Federal Wire and ACH online payments On February 17 2009 a large scaled phishing attack started and has been still lasting A great number of banks and credit unions is affected by this attack and quantity of illegal bank transfers has reached an extremely high level U S Treasury Department Federal Reserve America Bankers Association ABA and Federal Deposit Insurance Corporation FDIC y Screenshot 45 Email tagged as SPAM e Accessing the inbox of the email account to which the test email was sent and confirm that email subject includes SPAM in the subject field 4 4 4 GFI MailEssentials Configuration At this stage your GFI MailEssenti
12. America Bankers Association ABA and Federal Deposit Insurance Corporation FDIC y Screenshot 74 Email tagged as SPAM e Accessing the inbox of the email account to which the test email was sent and confirm that email subject includes SPAM in the subject field 6 4 5 GFI MailEssentials Configuration At this stage your GFI MailEssentials anti spam system is up and running All inbound email will be scanned by the anti spam filters enabled by default See Table 15 Anti spam filters enabled by default below Description Enabled by Default An anti spam engine that determines if an email is spam by using email reputation j message fingerprinting and content analysis Stops email which is randomly generated towards a server mostly addressed to non existent users SpamRazer Directory Harvesting Blocks emails that contain links in the message bodies pointing to known phishing 7 sites or if they contain typical phishing keywords PURBL Stops email which is received from Ss domains not authorized in SPF records Addresses that an email is sent to are Ret automatically excluded from being blocked 114 e 5Binstallation for SMTP Servers Getting Started Guide Whitelists Custom blacklist DNS blacklists SURBL Header checking Keyword checking New Senders Bayesian analysis A custom list of safe email addresses A custom list of blocked email users or domains
13. Directory Harvesting gt Properties 2 Select Enable directory harvesting protection 3 Select the lookups method to be used e Use native Active Directory lookups option Select this option if during installation you selected to get the list of email users from Active Directory see Installation Procedure section above step 9 e Use LDAP lookups Select this option if during installation you selected to get the list of email users from SMTP server using LDAP see Installation Procedure section above step 9 In addition o Unselect the Anonymous bind option if your LDAP server requires authentication o Enter the authentication details using Domain User format Click Test button to test your LDAP configuration settings Step 5 Configure whitelists This filter allows you to specify lists of friendly email domains email addresses or IP addresses WARNING USE THIS FEATURE WITH CAUTION Entries in this list will not be scanned for spam and will bypass all anti spam filtering 1 Right click Anti spam node and select Whitelist gt Properties 2 Click on the Whitelist tab 3 Click Add and specify domains email addresses or IP addresses to whitelist 4 Click OK to finalize your configuration Step 6 Test your anti spam system GFI MailEssentials is now ready to start managing spam To verify that anti spam is working properly 1 Navigate to Start gt All Programs gt GFI MailEssentials g
14. GFI MailEssentials p GFI MailEssentials version 12 0 2007 1203 is already installed You must uninstall the existing version before installing GFI lt 7 MailEssentials version 12 0 2008 0324 IMPORTANT The new build requires the Microsoft NET Framework 2 0 installed on this machine Do you want to uninstall the existing version of GFI MailEssentials Screenshot 1 Confirm the upgrade 2 Click Yes to start the upgrade process and follow on screen instructions For assistance refer to New installations section below 3 4 2 New installations Pre install actions No pre install actions or configurations are required Important notes 1 At the end of the installation process GFI MailEssentials will restart Microsoft Exchange Server services This is required to allow GFI MailEssentials components to be registered and started Failing to restart the SMTP service will negatively affect anti spam filtering and email flow 2 Before starting installation close any running Windows applications Installation procedure 1 Logon your Microsoft Exchange Server machine using administrator credentials 2 Double click mailessentials14 exe 32 bit install or mailessentials14_x64 exe 64 bit install accordingly 3 Select install language and click Next 12 e 2Binstallation for Microsoft Exchange 2000 amp 2003 Getting Started Guide 4 Select whether to check for newer versions builds of GFI MailEssentials and click Next
15. blocked email users or domains Checks if the email received is from senders that are listed on a public DNS blacklist of known spammers Stops emails which contain links to domains listed on public Spam URI Blocklists such as sc surbl org A module which analyses the individual fields in a header by referencing the SMTP and MIME fields Spam messages are identified based on blocked keywords in the email title or body Emails that have been received from senders to whom emails have never been sent before An anti spam technique where a statistical probability index based on training from users is used to identify spam x v Enabled by default x Not enabled by default Table 11 Anti spam filters enabled by default By default email classified as spam will be tagged i e will include the prefix SPAM in the subject field see Screenshot 52 above Although enabled by default email tagging is NOT the only anti spam filter action that can be triggered on detection of email spam see Table 12 Anti spam filter actions below Other actions include re routing of spam emails to specific folders and deletion of spam emails Anti spam filter actions email address user mailbox folder Move to subfolder in Move to junk mail Forward to specific O N NN ON OAE EAO SpamRazer y v v v v Directory Harvesting v v v v v PURBL v v v v y SPF v v v v y Whitelists O O O O O 82 e 3Binstallation for Microsoft Exc
16. display the list of inbound email domains detected Verify that all inbound email domains to be protected against spam are listed Take note of any changes required for post installation and click Next NOTE You can modify the list of inbound email domains ONLY post install For more information refer to the Confirm domains to defend against spam section starting on page in this manual 12 Click Finish to finalize your installation On completion setup will e Ask you to restart the SMTP service Failing to restart the SMTP service will negatively affect anti soam filtering and email flow e Check whether Microsoft XML engine is installed This is automatically installed if not found on UK US English OS For other OS languages this has to be manually downloaded and installed Microsoft XML engine can be downloaded from http Awww microsoft com downloads details aspx Familyld 3144 B72B B4F2 46DA B4B6 C5D7485F 2B42 amp displaylang en e Prompt you to launch the Quick Start Guide This is a set of instructions that will guide you through the GFI MailEssentials configuration settings required post install for first use Step 3 Add specific GFI MailEssentials services to IIS Server cluster resource group When installing GFI MailEssentials in a clustered windows environment the product services described below are not automatically included in a cluster resource group Consequently if Getting Started Guide 2Binstallation for Micro
17. e 79 2 Click on the Whitelist tab 3 Click Add and specify domains email addresses or IP addresses to whitelist 4 Click OK to finalize your configuration Step 6 Test your anti spam system GFI MailEssentials is now ready to start managing spam To verify that anti spam is working properly 1 Clicking Start gt All Programs gt GFI MailEssentials gt GFI MailEssentials Dashboard 2 Using an external email account for example webmail hotmail or Gmail create a new email and key in 100 free as the subject 3 Send the email to one of your internal email accounts GFI MailEssentials will tag this email as spam by adding the tag SPAM to the email subject field 4 Allow some time for email delivery and confirm that email spam tagging is working by EJ GFI MailEssentials Dashboard Ol x File Options Help Statistics P2E Logging M Status of key services GFI MailEssentials Managed Attendant Service is Running GFI List Server is Running GFI MailE ssentials Legacy Attendant Service is Running GFI MailE ssentials POP2Exchange Service is Running GFI MailEssentials Enterprise Transfer Agent is Running IIS Admin Service is Running MTA Logging Fiter Level Sender Recipients Subject 2 26 2009 3 00 24PM Full Email John Doe lt johndoe hotmail com gt johndoe domain com 100 Free Screenshot 51 Testing your anti spam system e Checking the GFI MailE
18. ftp gfisoftware com and retrieve latest product version information e HTTP Port 80 Used by GFI MailEssentials to download product patch and anti spam filter updates i e SpamRazer Anti Phishing and Bayesian anti spam filters from the following locations o http update gfi com o http update gfisoftware com o http support gfi com O http db11 spamcatcher net GFI MailEssentials 14 or earlier o http sn92 mailshell net GFI MailEssentials 14 SR1 or later e Remoting Ports 8021 Used in the latest builds of GFI MailEssentials for inter process communication No firewall configuration is required to allow connections to or from the remoting ports since all the GFI MailEssentials processes run on the same server NOTE Ensure that no other applications except GFI MailEssentials are listening on port 8021 e LDAP Port 389 Used by GFI MailEssentials to get email addresses from Lotus Domino server 5 4 Installing on gateway servers for Lotus Domino 5 4 1 Pre install actions GFI MailEssentials uses the IIS SMTP service as its SMTP Server and therefore the IIS SMTP service must be configured to act as a mail relay server This is achieved as follows Step 1 Enable IIS SMTP Service 1 Go to Start gt Control Panel gt Add or Remove Programs gt Add Remove Windows Components 2 Select Internet Information Services IIS and click Details 3 Select the SMTP Service option an
19. guidelines on how to configure GFI MailEssentials functions and features refer to the GFI MailEssentials Administration and Configuration manual 3 5 Installing on an email gateway or relay perimeter server Introduction GFI MailEssentials can be installed e Ona perimeter server e g in a DMZ Getting Started Guide 2Binstallation for Microsoft Exchange 2000 amp 2003 19 e As a mail relay server between the perimeter gateway SMTP server and the recipients inboxes Both setups enable you to reduce unnecessary email traffic by using your Active Directory resources at a perimeter gateway server level to drop connections for non existent email recipients in incoming email This helps counter spamming techniques such as Directory Harvest Attacks a brute force type of attack used by spammers to find valid existent e mail addresses at a domain This structure stops the majority of Spam from arriving at your Microsoft Exchange server ee SMTP Server x i s a id S ES DMZ J J E Firewall Mail Server GFI MailEssentials Internet Figure 1 A typical Perimeter SMTP Relay Server setup 3 5 1 Upgrades from earlier version If you are currently using a previous version of GFI MailEssentials versions 9 10 11 and 12 you can upgrade your current installation while at the same time retain all your existing configuration settings Important notes e Upgrades cannot be un
20. have never been x sent before Bavesian An anti spam technique where a statistical i probability index based on training from x v Enabled by default x Not enabled by default Table 7 Anti spam filters enabled by default By default email classified as spam will be tagged i e will include the prefix SPAM in the subject field see Screenshot 38 above Although enabled by default email tagging is NOT the only anti spam 58 e 2Binstallation for Microsoft Exchange 2000 amp 2003 Getting Started Guide filter action that can be triggered on detection of email spam see Table 8 Anti spam filter actions below Other actions include re routing of spam emails to specific folders and deletion of spam emails Anti spam filter actions o Z t 3 Oo D x 2 ao 38 z 2 TY te c e 32 38 8 5 2 o o z5 25 2 D e e gt LL 2 SpamRazer v y v v v v Directory Harvesting y v v v v v PURBL v s v v v v SPF y v v v y v Whitelists O O O O O O Custom Blacklist v v y v y v DNS blacklists v v v v y v SURBL v y v v v vA Header Checking v v v v y v Keyword Checking v v v v v v New Senders v y v s x Vv v v v v v v Bayesian Analysis v Action supported x Action not possible O Not applicable Table 8 Anti spam filter actions Configuration of anti spam filters and actions is possible via the GFI MailEssentials Configuration console Additionally through this console you can also run repo
21. installation can install MSMO for you To complete this process you will require the Windows 2000 xP or 2003 CD We recommend to install the MSMO at this point however you can also install it at a later stage Please note that you cannot use the List Server without MSMO Do you want to install the MSMO service now C No GFI MailEssentials Screenshot 32 Installing Microsoft Message Queuing Service 10 If Microsoft Message Queuing Services MSMQ is not installed then the dialog in the above screenshot will open To be able to use list servers i e distributions lists select Yes to install MSMQ 50 e 2Binstallation for Microsoft Exchange 2000 amp 2003 Getting Started Guide E GFI MailEssentials for Exchange SMTP Setup e x Confirm inbound email domains er gt Click Next to begin installation gt a4 The following inbound email domains were found A GFI MailE ssentials can only process emails addressed to the domains listed above Therefore if SPAM email is sent to a domain not listed above it will not be blocked To further configure the above domains open the GFI MailE ssentials configuration right click on the General node and select Properties GFI MailE ssentials lt Back Cancel Screenshot 33 Configure your inbound email domain 11 Setup will now display the list of inbound email domains detected Verify that all inbound email domains to be protected against s
22. is automatically installed if not found on UK US English OS For other OS languages this has to be manually downloaded and installed Microsoft XML engine can be downloaded from http www microsoft com downloads details aspx Familyld 3144 B72B B4F2 46DA B4B6 C5D7485F2B42 amp displaylang en e Prompt you to launch the Quick Start Guide This is a set of instructions that will guide you through the configuration settings required post install for first use Recommended 14 At this stage GFI MailEssentials is installed You must now configure GFI MailEssentials for first use For instructions refer to the Post install actions section below 6 4 4 Post install actions To ensure that your GFI MailEssentials anti spam system is effectively up and running you must perform the following post install actions Step 1 Launch GFI MailEssentials Configuration console Click on Start gt All Programs gt GFI MailEssentials GFI MailEssentials Configuration Step 2 Verify current DNS Server settings 1 Right click Anti spam node and select Properties 2 Click on the DNS Server tab Verify the DNS server details automatically detected during install 3 To specify a different DNS Server select Use the following DNS server and specify details 4 Click Test to check your newly added DNS server settings 5 Click OK to finalize your configuration Step 3 Confirm domains to defend against spam NOTE ONLY the inbound email do
23. is possible via the GFI MailEssentials Configuration console Additionally through this console you can also run reports and customize other product features such as enable daily spam digest For guidelines on how to configure GFI MailEssentials functions and features refer to the GFI MailEssentials Administration and Configuration manual 4 5 Installing on an email gateway or relay perimeter server Introduction GFI MailEssentials can be installed e Ona perimeter server e g DMZ with Microsoft Exchange Server 2007 in Edge Server role e As a mail relay server between the perimeter gateway SMTP server and the recipients inboxes with Microsoft Exchange Server 2007 in Hub Transport role Both setups enable you to reduce unnecessary email traffic by using your Active Directory resources at a perimeter gateway server level to drop connections of non existent email recipients in incoming email This greatly helps against common spamming techniques such as Directory Harvest Attacks a brute force type of attack used by spammers to find valid existent e mail addresses at a domain This structure eliminates most spam from arriving at your Microsoft Exchange server 72 e 3Binstallation for Microsoft Exchange 2007 Getting Started Guide Perimeter Gateway SMTP Server DMZ Firewall Mail Server GFI MailEssentials Internet Figure 2 A typical Perimeter SMTP Relay Server setup 4 5 1 Pre in
24. of inbound email domains detected Verify that all inbound email domains to be protected against spam are listed Take note of any changes required for post installation and click Next 14 e 2Binstallation for Microsoft Exchange 2000 amp 2003 Getting Started Guide NOTE You can modify the list of inbound email domains ONLY post installation For more information refer to the Confirm domains to defend against spam section starting on page 15 in this manual 12 Click Finish to finalize your installation On completion setup will e Ask you to restart the SMTP service IMPORTANT Failing to restart the SMTP service will negatively affect anti spam filtering and email flow e Check whether Microsoft XML engine is installed This is automatically installed if not found on UK US English OS For other OS languages this has to be manually downloaded and installed Microsoft XML engine can be downloaded from http www microsoft com downloads details aspx Familyld 3144 B72B B4F2 46DA B4B6 C5D7485F 2B42 amp displaylang en e Prompt you to launch the Quick Start Guide This is a set of instructions that will guide you through the configuration settings required post install for first use Recommended 13 At this stage GFI MailEssentials is installed You must now configure GFI MailEssentials for first use For instructions refer to the next section titled Post install actions 3 4 3 Post install actions To ensure that your GFI Mail
25. of spam emails Anti spam filter actions email address user mailbox folder Move to subfolder in Move to junk mail Forward to specific O N NN ON OAE EAO SpamRazer y v v v v Directory Harvesting v v v v v PURBL v v v v y SPF v v v v y Whitelists O O O O O Getting Started Guide 4Binstallation for Lotus Domino e 99 Custom Blacklist y v vy v v v DNS blacklists v v v v v v SURBL v v v y v y Header Checking v v v v v v Keyword Checking v v v v v s New Senders v y v v x wa v y v v y v Bayesian Analysis v Action supported x Action not possible O Not applicable Table 14 Anti spam filter actions Configuration of anti spam filters and actions is possible via the GFI MailEssentials Configuration console Additionally through this console you can also run reports and customize other product features such as enable daily spam digest For guidelines on how to configure GFI MailEssentials functions and features refer to the GFI MailEssentials Administration and Configuration manual 100 4Binstallation for Lotus Domino Getting Started Guide 6 Installation for SMTP Servers 6 1 Introduction Installing GFI MailEssentials with other SMTP enables you to scan all inbound emails received from outside i e the internet for spam before reaching your SMTP Server Outbound emails relayed to GFI MailEssentials are also processed e g adding of disclaimers and auto whitelisting before these are sent
26. server roles is achieved through a combination of server redundancy Network Load Balancing NLB hardware load balancing Domain Name System DNS round robin as well as proactive server service and infrastructure management In this case GFI MailEssentials will need to be installed on all servers running the Hub Transport roles or all servers running the Edge Transport roles Instructions on how to install GFI MailEssentials are provided in the previous sections Getting Started Guide 3Binstallation for Microsoft Exchange 2007 e 83 5 Installation for Lotus Domino 5 1 Introduction Installing GFI MailEssentials with Lotus Domino enables you to scan all inbound emails received from outside i e the internet for spam before reaching your Lotus Domino server Outbound emails relayed to GFI MailEssentials are also processed e g adding of disclaimers and auto whitelisting before these are sent via internet To install GFI MailEssentials with Lotus Domino the server where GFI MailEssentials is installed must be configured as an email gateway server also known as Smart host or Mail relay server for all your email All inbound and outbound email must pass through this server for scanning before being relayed to the mail server for distribution 5 2 System requirements 5 2 1 Software Supported operating systems e Microsoft Windows Server 2008 x86 or x64 e Microsoft Windows Server 2003 Standard Enterprise x86 or x64
27. technet microsoft com en us library bb124318 EXCHG 65 aspx e OPTIONAL Microsoft Message Queuing Services This is required ONLY if list servers are used MSMQ is used by GFI MailEssentials to ensure the reliable running of distributions lists on list servers For more information on list servers refer to List servers section in the Administration and Configuration manual 3 2 2 System requirements Hardware Processor e Minimum Intel Pentium or compatible 1 GHz 32 bit processor e Recommended x64 architecture based server with Intel 64 architecture or AMD64 platform Memory e Minimum 1GB e Recommended 2GB RAM Physical Storage e Minimum 500MB for installation 2GB for execution e Recommended 500MB for installation 4GB for execution 3 3 Important settings 3 3 1 Antivirus and backup software Antivirus and backup software may cause GFI MailEssentials to malfunction This occurs when such software denies access to certain files required by GFI MailEssentials Disable third party antivirus and backup software from scanning the following folders 10 e 2Binstallation for Microsoft Exchange 2000 amp 2003 Getting Started Guide x86 installations 32 bit X64 installations 64 bit lt Program Files lt Program Files GFl MailEssentials gt x86 GFI MailEssentials gt lt Program Files x86 Common lt Program Files Common Files GFl gt Files GFI gt lt Inetpub mailroot gt If i
28. the following post install actions Step 1 Launch GFI MailEssentials Configuration console Click on Start gt All Programs gt GFI MailEssentials GFI MailEssentials Configuration Step 2 Verify current DNS Server settings 1 Right click Anti spam node and select Properties 2 Click on the DNS Server tab Verify the DNS server details automatically detected during install 3 To specify a different DNS Server select Use the following DNS server and specify details 4 Click Test to check your newly added DNS server settings 5 Click OK to finalize your configuration Getting Started Guide 3Binstallation for Microsoft Exchange 2007 e 67 Step 3 Confirm domains to defend against spam NOTE ONLY the inbound email domains configured in GFI MailEssentials will be protected against spam 1 Right click General node and select Properties 2 Click on the Inbound Email Domains tab and ensure that all required inbound domains are listed in the Inbound domains field 3 To specify additional domains click Add and enter inbound email domain details 4 Click OK button to finalize your configuration Step 4 Enable Directory Harvesting This filter uses Active directory or LDAP lookups to verify whether inbound emails are addressed to legitimate internal email accounts To enable this filter 1 Right click Anti spam node and select Directory Harvesting gt Properties 2 Select Enable directory harvest
29. the left hand side of the Cluster Administrator console expand the cluster root node and then the Groups node 54 e 2Binstallation for Microsoft Exchange 2000 amp 2003 Getting Started Guide 3 Right click on the IIS Cluster group resource to bring up the pop up menu 4 Scroll down to the New menu item to expand it and select Resource to bring up the New Resource wizard 5 Enter the service display name in the Name and Description fields Select Generic Service as Resource Type and select the Exchange Virtual Server cluster group resource as the group to which the new resource will be added Click Next 6 In the Possible Owners dialog add the nodes of the Exchange cluster to the list of preferred owners Click Next 7 Select the resource dependencies in the Dependencies dialog Click Next 8 In the Generic Service Parameters dialog enter the service name and leave the start parameters text box empty Click Next 9 Click Finish to finalize your configuration Do not add any keys in the Registry Replication dialog 10 Repeat from step 3 to 8 above for each service mentioned above 11 Right click on the newly added resource s and select Bring Online to enable services These resources are visible in the list of cluster resources of the Exchange Virtual Server cluster 3 7 3 Post install actions At this stage GFI MailEssentials is installed You must now configure GFI MailEssenti
30. through the key steps needed to get the product running on default settings Manual structure The sections in this manual are self contained and are designed to guide you through the sequence of steps needed to 1 Identify product prerequisites applicable to your network 2 Prepare your environment for product installation 3 Install upgrade GFI MailEssentials 4 Configure test and run the product The sections in this manual are structured as follows Chapter 1 Introduces this manual Chapter 2 Provides a high level overview of how GFI MailEssentials works Chapter 3 Gives detailed information on how to install GFI MailEssentials on Windows Server environments running Microsoft Exchange 2000 or 2003 Chapter 4 Provides detailed information on how to install GFI MailEssentials on Windows Server environments running Exchange 2007 Chapter 5 Provides detailed instructions on how to install GFI MailEssentials for Lotus Domino email servers Chapter 6 Gives detailed information regarding the installation of GFI MailEssentials for other SMTP Servers Chapter 7 Provides guidelines on how to troubleshoot common issues Glossary Includes a collection of specific technical terms used in this manual Follow the instructions for your type of network using the appropriate section in this manual Where applicable each section contains information related to installing GFI MailEssentials on the same server Getting Start
31. to 8 above for each service mentioned above 11 Right click on the newly added resource s and select Bring Online to enable services These resources are visible in the list of cluster resources of the Exchange Virtual Server cluster 42 2Binstallation for Microsoft Exchange 2000 amp 2003 Getting Started Guide 3 6 3 Post install actions At this stage GFI MailEssentials is installed You must now configure GFI MailEssentials for first use To ensure that your GFI MailEssentials anti spam system is effectively up and running do as follows Step 1 Launch GFI MailEssentials Configuration console Click on Start gt All Programs gt GFI MailEssentials GFI MailEssentials Configuration Step 2 Verify current DNS Server settings 1 Right click Anti spam node and select Properties 2 Click on the DNS Server tab Verify the DNS server details automatically detected during install 3 To specify a different DNS Server select Use the following DNS server and specify details 4 Click Test to check your newly added DNS server settings 5 Click OK to finalize your configuration Step 3 Confirm domains to defend against spam NOTE ONLY the inbound email domains configured in GFI MailEssentials will be protected against spam 1 Right click General node and select Properties 2 Click on the Inbound Email Domains tab and ensure that all required inbound domains are listed in the Inbound domains field 3 To spec
32. 003 Getting Started Guide Step 4 Enable Directory Harvesting This filter uses Active directory or LDAP lookups to verify whether inbound emails are addressed to legitimate internal email accounts To enable this filter 1 Right click Anti spam node and select Directory Harvesting gt Properties 2 Select Enable directory harvesting protection 3 Select the lookups method to be used e Use native Active Directory lookups option Select this option if during installation you selected to get the list of email users from Active Directory see Installation Procedure section above step 9 e Use LDAP lookups Select this option if during installation you selected to get the list of email users from SMTP server using LDAP see Installation Procedure section above step 9 In addition o Unselect the Anonymous bind option if your LDAP server requires authentication o Enter the authentication details using Domain User format Click Test button to test your LDAP configuration settings Step 5 Configure whitelists Whitelists enable you to specify lists of friendly email domains email addresses or IP addresses WARNING USE THIS FEATURE WITH CAUTION Entries in this list will not be scanned for spam and will bypass all anti spam filtering 1 Right click Anti spam node and select Whitelist gt Properties 2 Click on the Whitelist tab 3 Click Add and specify domains email addresses or IP addresses
33. 2 Double click mailessentials14 exe 32 bit install or mailessentials14_x64 exe 64 bit install accordingly 3 Select preferred install language and click Next 4 Select whether to check for newer versions builds of GFI MailEssentials and click Next 5 Read licensing agreement To proceed with this installation select I accept the license agreement and click Next 6 Click Next to install in default location or click Browse to change path 7 Specify user details and enter license key Click Next to continue 8 Specify the email address where notifications e g failed anti spam filters spam digests are to be sent i gt GFI MailEssentials Setup OX Active Directory Access to Active Directory users Does this server have access to all the email users in Active Directory o Yes all email users are available on Active Directory rules will be based on Active Directory users No do not have Active Directory or my network does not have access to Active Directory DMZ rules will be based on SMTP email addresses GFI MailEssentials Screenshot 16 Selecting SMTP mode or Active Directory mode 9 Specify whether GFI MailEssentials will get the list of email users required for user based configuration rules e g disclaimers from Active Directory or SMTP server Click Next to continue 28 e 2Binstallation for Microsoft Exchange 2000 amp 2003 Getting Started Guide fis GFI MailEssentials Setup 1
34. 5 Read licensing agreement To proceed with the installation select I accept the license agreement and click Next 6 Click Next to install in default location or click Browse to change path 7 Specify user details and enter license key Click Next to continue 8 Specify the email address where notifications e g failed anti spam filters spam digests are sent i GFI MailEssentials Setup lel Es Active Directory Access to Active Directory users Does this server have access to all the email users in Active Directory o Yes all email users are available on Active Directory rules will be based on Active Directory users No do not have Active Directory or my network does not have access to Active Directory DMZ rules will be based on SMTP email addresses GFI MailEssentials Screenshot 2 Selecting SMTP mode or Active Directory mode 9 Specify whether GFI MailEssentials will get the list of email users required for user based configuration rules e g disclaimers from Active Directory or SMTP server Click Next to continue Getting Started Guide 2Binstallation for Microsoft Exchange 2000 amp 2003 e 13 fis GFI MailEssentials Setup 1 x Microsoft Message Queuing Service The GFI MailEssentials List Server requires the Microsoft Message Queuing Service MSMO The Messaging Queuing Service is a scalable system service developed by Microsoft to enable high volume event processing This service is i
35. 985 2666 Microsoft Corp C Documents and Settings administrator GHOST gt ns lookup Default Server server qa Address 192 168 0 1 gt set type mx gt qatest com Server server qa Address 192 168 0 1 qatest com MK preference qatest com internet address 16 mail exchanger qatest com 192 168 080 153 Screenshot 15 Checking the MX record of your domain Step 7 Test your new mail relay server Before proceeding to install GFI MailEssentials verify that your new mail relay server is working correctly by doing as follows Test IIS SMTP inbound connection via test email 1 Send an email from an external account e g internet email account to an internal email address user 2 Ensure that intended recipient received the test email in the respective email client Test IIS SMTP outbound connection via test email 1 Send an email from an internal email account to an external account e g internet email 2 Ensure that the intended recipient external user received the test email NOTE You can also use Telnet to manually send the test email and obtained more troubleshooting information For more information refer to http support microsoft com support kb articles Q153 1 19 asp Getting Started Guide 2Binstallation for Microsoft Exchange 2000 amp 2003 e 27 GFI MailEssentials installation procedure 1 Logon your Microsoft Exchange Server machine using administrator credentials
36. AM in the subject field 3 5 4 GFI MailEssentials Configuration At this stage your GFI MailEssentials anti spam system is up and running All inbound email will be scanned by the anti spam filters 32 e 2Binstallation for Microsoft Exchange 2000 amp 2003 Getting Started Guide enabled by default see Table 3 Anti spam filters enabled by default below Filter Description Enabled by Default SpamRazer Directory Harvesting PURBL SPF Auto Whitelist Whitelists Custom blacklist DNS blacklists SURBL Header checking Keyword checking New Senders Bayesian analysis An anti spam engine that determines if an email is spam by using email reputation message fingerprinting and content analysis Stops email which is randomly generated towards a server mostly addressed to non existent users Blocks emails that contain links in the message bodies pointing to known phishing sites or if they contain typical phishing keywords Stops email which is received from domains not authorized in SPF records Addresses that an email is sent to are automatically excluded from being blocked A custom list of safe email addresses A custom list of blocked email users or domains Checks if the email received is from senders that are listed on a public DNS blacklist of known spammers Stops emails which contain links to domains listed on public Spam URI Blocklists such as sc surbl org A modul
37. Essentials gt GFI MailEssentials Dashboard 2 Using an external email account for example webmail hotmail or Gmail create a new email and key in 100 free as the subject 3 Send the email to one of your internal email accounts GFI MailEssentials will tag this email as spam by adding the tag SPAM to the email subject field 56 e 2Binstallation for Microsoft Exchange 2000 amp 2003 Getting Started Guide 4 Allow some time for email delivery and confirm that email spam tagging is working by EJ GFI MailEssentials Dashboard OL x File Options Help i Statistics P2E Logging M Status of key services GFI MailEssentials Managed Attendant Service is Running GFI List Server is Running GFI MailE ssentials Legacy Attendant Service is Running GFI MailE ssentials POP2E xchange Service is Running GFI MailEssentials Enterprise Transfer Agent is Running IIS Admin Service is Running MTA Logging Fiter Level Sender Recipients Subject 2 26 2009 3 00 24 PM FullEmail John Doe lt johndoe hotmail com gt johndoe domain com 100 Free oil Screenshot 37 Testing your anti spam system e Checking the GFI MailEssentials Dashboard Use the Status tab to view the status of key GFI MailEssentials services and email processing activity Receipt and processing status of this email is logged in the MTA logging window Inbox Microsoft Outlook 3 Inbox in Mailbox L Unread Ma
38. Essentials anti spam system is effectively up and running you must perform the following post install actions Step 1 Launch GFI MailEssentials Configuration console Click on Start gt All Programs GFI MailEssentials GFI MailEssentials Configuration Step 2 Verify current DNS Server settings 1 Right click Anti spam node and select Properties 2 Click on the DNS Server tab Verify the DNS server details automatically detected during install 3 To specify a different DNS Server select Use the following DNS server and specify details 4 Click Test to check your newly added DNS server settings 5 Click OK to finalize your configuration Step 3 Confirm domains to defend against spam NOTE ONLY the inbound email domains configured in GFI MailEssentials will be protected against spam 1 Right click General node and select Properties 2 Click on the Inbound Email Domains and ensure that all required inbound domains are listed in the Inbound Domains field 3 To specify additional domains click Add and enter inbound email domain details 4 Click OK button to finalize your configuration Getting Started Guide 2Binstallation for Microsoft Exchange 2000 amp 2003 15 Step 4 Enable Directory Harvesting This filter uses Active directory or LDAP lookups to verify whether inbound emails are addressed to legitimate internal email accounts To enable this filter 1 Right click Anti spam node and select
39. Exchange or SBS server 4 4 1 Upgrade from earlier version If you are currently using a previous version of GFI MailEssentials version 12 you can upgrade your current installation while at the same time retain all your existing configuration settings Getting Started Guide 3Binstallation for Microsoft Exchange 2007 e 63 Important notes e Upgrades cannot be undone i e you cannot downgrade to an earlier version once you have installed the latest version e On upgrading an existing installation licensing reverts to trial version and a new fully purchased license key for the GFI MailEssentials 14 is required For more information on new license keys refer to http customers gfi com e You cannot change the installation path during GFI MailEssentials upgrades Upgrade procedure 1 Launch GFI MailEssentials installation on the server where your earlier version of GFI MailEssentials is installed GFI MailEssentials p GFI MailEssentials version 12 0 2007 1203 is already installed You must uninstall the existing version before installing GFI se MailEssentials version 12 0 2008 0324 IMPORTANT The new build requires the Microsoft NET Framework 2 0 installed on this machine Do you want to uninstall the existing version of GFI MailEssentials Screenshot 39 Confirm the upgrade 2 Click Yes to start the upgrade process and follow on screen instructions For assistance refer to New installations section below 4 4 2 New
40. FI MailEssentials restarts Microsoft Exchange Server services This is required to allow GFI MailEssentials components to be registered and started 2 Before starting installation close any running Windows applications 3 When installing GFI MailEssentials on a DMZ we recommend you use LDAP lookups to get the list of email users required for user based configuration rules e g disclaimers from your SMTP server The AD of a DMZ usually will NOT include all the network users email recipients Pre install actions GFI MailEssentials uses the IIS SMTP service as its SMTP Server and therefore the IIS SMTP service must be configured to act as a mail relay server This is achieved as follows Step 1 Enable IIS SMTP Service 1 Go to Start gt Control Panel gt Add or Remove Programs gt Add Remove Windows Components 2 Select Internet Information Services IIS and click Details 3 Select the SMTP Service option and click OK 4 Click Next to finalize your configuration Step 2 Create SMTP domain s for email relaying 1 Go to Start gt Control Panel gt Administrative Tools 2 Click on Internet Information Services IIS Manager Getting Started Guide 2Binstallation for Microsoft Exchange 2000 amp 2003 e 21 22 e 2Binstallation for Microsoft Exchange 2000 amp 2003 gt Internet Information Services File Action view Help e f m x 2 ce Internet Information Services Local computer jsmith gfi co
41. GFI MailEssentials 14 Getting Started Guide By GFI Software Ltd http www gfi com Email info gfi com Information in this document is subject to change without notice Companies names and data used in examples herein are fictitious unless otherwise noted No part of this document may be reproduced or transmitted in any form or by any means electronic or mechanical for any purpose without the express written permission of GFI Software Ltd GFI MailEssentials was developed by GFI Software Ltd GFI MailEssentials is copyright of GFI Software Ltd 1998 2009 GFI Software Ltd All rights reserved GFI MailEssentials is a registered trademark and GFI Software Ltd and the GFI logo are trademarks of GFI Software Ltd in the Europe the United States and other countries Version 14 Last updated March 26 2009 ii e OBIntroduction Getting Started Guide Contents 1 Introduction 5 1 1 About this manual 5 1 2 Terms used in this manual 6 1 3 Licensing 6 2 How does GFI MailEssentials work 7 2 1 Inbound mail filtering 7 2 2 Outbound mail filtering 8 3 Installation for Microsoft Exchange 2000 amp 2003 9 3 1 Introduction 9 3 2 System requirements 9 3 3 Important settings 10 3 4 Installing on Microsoft Exchange Server 2000 2003 11 3 5 Installing on an email gateway or relay perimeter server 19 3 6 Installing on Microsoft Exchange 2000 2003 cluster 34 3 7 Installing on IIS cluster 47 4 Installation for Microsoft Exchange
42. GFI MailEssentials 9 the current Bayesian weights file will be upgraded to the new format used in GFI MailEssentials 10 or later The new format is more compact and uses less memory NO DATA WILL BE LOST e When upgrading in a Microsoft Exchange cluster environment all instances of GFI MailEssentials must be upgraded i e GFI MailEssentials must be upgraded on all cluster nodes servers making part of the cluster Getting Started Guide 2Binstallation for Microsoft Exchange 2000 amp 2003 35 Upgrade procedure 1 Launch GFI MailEssentials installation on the server where your earlier version of GFI MailEssentials is installed GFI MailEssentials 9 GFI MailEssentials version 12 0 2007 1203 is already installed You must uninstall the existing version before installing GFI 2 MailEssentials version 12 0 2008 0324 IMPORTANT The new build requires the Microsoft NET Framework 2 0 installed on this machine Do you want to uninstall the existing version of GFI MailEssentials Screenshot 21 Confirm the upgrade 2 Click Yes to start the upgrade process and follow on screen instructions For assistance refer to the Installation procedure chapter in the section below 3 6 2 New installations Important notes 1 Only active passive cluster setups are supported 2 Before starting installation close any running Windows applications 3 Before starting installation Microsoft Exchange Server 2000 2003 needs to be installed in
43. I MailEssentials Setup 1 x Microsoft Message Queuing Service The GFI MailEssentials List Server requires the Microsoft Message Queuing Service MSMO The Messaging Queuing Service is a scalable system service developed by Microsoft to enable high volume event processing This service is included with every Windows 2000 XP and 2003 versions although not always installed by default The GFI MailEssentials installation can install MSMO for you To complete this process you will require the Windows 2000 xP or 2003 CD We recommend to install the MSMO at this point however you can also install it at a later stage Please note that you cannot use the List Server without MSMO Do you want to install the MSMO service now Yes C No GFI MailEssentials lt Back Cancel Screenshot 23 Installing Microsoft Message Queuing Service 10 If Microsoft Message Queuing Services MSMQ is not installed then the dialog in the above screenshot will open To be able to use list servers i e distributions lists select Yes to install MSMQ fe GFI MailEssentials for Exchange SMTP Setup Bile Ei Confirm inbound email domains Click Next to begin installation The following inbound email domains were found ofi co uk afi com gfimalta com localhost A GFI MailEssentials can only process emails addressed to the domains listed above Therefore if SPAM email is sent to a domain not listed above it will not b
44. MailEssentials versions 9 10 11 and 12 you can upgrade your current installation while at the same time retain all your existing configuration settings Important notes e Upgrades cannot be undone i e you cannot downgrade to an earlier version once you have installed the latest version e On upgrading an existing installation licensing reverts to trial version and a new fully purchased license key for the GFI MailEssentials 14 is required For more information on new license keys refer to http customers gfi com e You cannot change the installation path during GFI MailEssentials upgrades e When upgrading from GFI MailEssentials 9 the current Bayesian weights file will be upgraded to the new format used in GFI MailEssentials 10 or later The new format is more compact and uses less memory NO DATA WILL BE LOST Upgrade procedure 1 Launch GFI MailEssentials installation on the server where your earlier version of GFI MailEssentials is installed GFI MailEssentials GFI MailEssentials version 12 0 2007 1203 is already installed You must uninstall the existing version before installing GFI s MailEssentials version 12 0 2008 0324 IMPORTANT The new build requires the Microsoft NET Framework 2 0 installed on this machine Do you want to uninstall the existing version of GFI MailEssentials Screenshot 57 Confirm the upgrade 2 Click Yes to start the upgrade process and follow on screen instructions For assistanc
45. MailEssentials Legacy Attendant e Start Parameters None e Registry Replication None Service Name GFIMETRXSVC e Display Name GFI MailEssentials Enterprise Transfer Service e Dependencies GFI MailEssentials Legacy Attendant e Start Parameters None e Registry Replication None To add these services 1 Go to Control Panel gt Administrative Tools gt Cluster Administrator 2 In the tree view on the left hand side of the Cluster Administrator console expand the cluster root node and then the Groups node 3 Right click on the Exchange Virtual Server cluster group resource to bring up the pop up menu 4 Scroll down to the New menu item to expand it and select Resource to bring up the New Resource wizard 5 Enter the service display name in the Name and Description fields Select Generic Service as Resource Type and select the Exchange Virtual Server cluster group resource as the group to which the new resource will be added Click Next 6 In the Possible Owners dialog add the nodes of the Exchange cluster to the list of preferred owners Click Next 7 Select the resource dependencies in the Dependencies dialog Click Next 8 In the Generic Service Parameters dialog enter the service name and leave the start parameters text box empty Click Next 9 Click Finish to finalize your configuration Do not add any keys in the Registry Replication dialog 10 Repeat from step 3
46. Started Guide 3Binstallation for Microsoft Exchange 2007 e 75 Active Directory ie GFI MailEssentials Setup Iof x Access to Active Directory users Does this server have access to all the email users in Active Directory o Yes all email users are available on Active Directory rules will be based on Active Directory users No do not have Active Directory or my network does not have access to Active Directory DMZ rules will be based on SMTP email addresses GFI MailEssentials lt Back Cancel Screenshot 47 Selecting SMTP mode or Active Directory mode 9 Specify whether GFI MailEssentials will get the list of email users required for user based configuration rules e g disclaimers from Active Directory or SMTP server Click Next to continue fis GFI MailEssentials Setup ii x Microsoft Message Queuing Service The GFI MailEssentials List Server requires the Microsoft Message Queuing Service MSMO The Messaging Queuing Service is a scalable system service developed by Microsoft to enable high volume event processing This service is included with every Windows 2000 XP and 2003 versions although not always installed by default The GFI MailEssentials installation can install MSMO for you To complete this process you will require the Windows 2000 xP or 2003 CD We recommend to install the MSMO at this point however you can also install it at a later stage Please note that you cannot us
47. Use the Status tab to view the status of key GFI MailEssentials services and email processing activity Receipt and processing status of this email is logged in the MTA logging window Getting Started Guide 5Binstallation for SMTP Servers e 113 Inbox Microsoft Outlook i File Edit View Go Tools Actions Help baaNew g AL X Reply Reply to All 1j Send Receive _ 2pFind LUEI t D alFrom Subject Received L3 Inbox in Mailbox L Unread Mail in Mailbox E Date Today LA For Follow Up in Mailbox John Doe SPAM ttention Read Carefully Fri 27 02 09 2 03 PM L3 Sent Items in Mailbox All Mail Folders 5 E Personal Folders 3 Deleted Items UA Drafts ttention Read Carefully D L3 Inbox L Junk E mail 5 3 Outbox Sent Items From ADMINISTRATION mailto security federalreservebank us 3 LA Search Folders Sent Tuesday February 24 2009 12 48 PM re For Follow Up 18 Subject Attention Read Carefully LA Large Mail LA Unread Mail a 83 Archive Folders FEDERAL RESERVE BANK Important You re getting this letter in connection with new directions Department The directions concern U S Federal Wire and ACH online payments On February 17 2009 a large scaled phishing attack started and has been still lasting A great number of banks and credit unions is affected by this attack and quantity of illegal bank transfers has reached an extremely high level U S Treasury Department Federal Reserve
48. administrator credentials 2 Double click mailessentials14 exe 32 bit install or mailessentials14_x64 exe 64 bit install accordingly 3 Select install language and click Next 4 Select whether to check for newer versions builds of GFI MailEssentials and click Next 5 Read licensing agreement To proceed with the installation select I accept the license agreement and click Next 6 Click Next to install in default location or click Browse to change path 7 Specify user details and enter license key Click Next to continue 108 5Binstallation for SMTP Servers Getting Started Guide i GFI MailEssentials Setup Be x Mail Server Mail Server Information Specify the IP address of the machine running the mail server and specify your local domain i e mycompany com IP Address fi 92 168 0 34 on port 25 Local domain Dominotest local GFI MailE ssentials lt Back Cancel Screenshot 69 Specify mail server details 8 Specify IP address and listening port of your SMTP server and the external domain name used Click Next to continue 9 Specify the email address where notifications e g failed anti spam filters spam digests are sent i GFI MailEssentials Setup lel Es Active Directory Access to Active Directory users Does this server have access to all the email users in Active Directory Yes all email users are available on Active Directory rules will be based on Active Dir
49. all IP addresses within that domain that try to route emails through this relay server Step 5 Configure your SMTP server for GFI MailEssentials Refer to the SMTP server documentation on forwarding email to the GFI MailEssentials server Step 6 Update your domain MX record to point to mail relay server Update the MX record of your domain to point to the IP of the new mail relay server If your DNS server is managed by your ISP ask your ISP to update the MX record for you If the MX record is not updated all emails will be routed directly to your email server hence by pass GFI MailEssentials anti spam filters Verify that MX record has been successfully updated 106 5Binstallation for SMTP Servers Getting Started Guide To verify whether MX record is updated do as follows 1 Click Start Run and type in Command 2 From the command prompt type in nslookup 3 Type in set type mx 4 Specify your mail domain name The MX record should return a single IP address This should be the mail relay server P address INNT System32 cmd exe nslookup rosoft Windows 2666 Version 5 00 2195 lt C Copyright 1985 2666 Microsoft Corp C Documents and Settings administrator GHOST gt ns lookup Default Server server qa Address 192 168 0 1 gt set type mx con server qa 192 168 0 1 qatest com MK preference 10 mail exchanger qatest com qatest com internet address 192 168 6 153 gt Screenshot 67
50. all anti spam filtering 1 Right click Anti spam node and select Whitelist gt Properties 2 Click on the Whitelist tab 3 Click Add and specify domains email addresses or IP addresses to whitelist 4 Click OK to finalize your configuration Step 6 Test your anti spam system GFI MailEssentials is now ready to start managing spam To verify that anti spam is working properly 1 Clicking Start gt All Programs GFI MailEssentials gt GFI MailEssentials Dashboard 2 Using an external email account for example webmail hotmail or Gmail create a new email and key in 100 free as the subject 3 Send the email to one of your internal email accounts GFI MailEssentials will tag this email as spam by adding the tag SPAM to the email subject field 4 Allow some time for email delivery and confirm that email spam tagging is working by EQ GFI MailEssentials Dashboard Miel x File Options Help Statistics P2E Logging ik Status of key services GFI MailEssentials Managed Attendant Service is Running P GFI List Server is Running GFI MailE ssentials Legacy Attendant Service is Running GFI MailEssentials POP2E xchange Service is Running GFI MailEssentials Enterprise Transfer Agent is Running IIS Admin Service is Running MTA Logging Fiter Level 2 26 2009 3 00 24 PM Full Email John Doe lt johndoe hotmail com gt johndoe domain com 100 Free Screenshot 28 Testing y
51. als anti spam system is up and running All inbound email will be scanned by the anti spam filters enabled by default see Table 9 Anti spam filters enabled by default below a aa Enabled by Description Default An anti spam engine that determines if an SpamRazer email is spam by using email reputation j message fingerprinting and content analysis orero Stops email which is randomly generated y towards a server mostly addressed to non v Harvesting existent users Blocks emails which contain links in the PURBL message bodies pointing to known phishing 7 sites or if they contain typical phishing keywords SPF Stops email which is received from x domains not authorized in SPF records eee Addresses that an email is sent to are Aue et automatically excluded from being blocked d 70 e 3Binstallation for Microsoft Exchange 2007 Getting Started Guide Whitelists Custom blacklist DNS blacklists SURBL Header checking Keyword checking New Senders Bayesian analysis A custom list of safe email addresses A custom list of blocked email users or domains Checks if the email received is from senders that are listed on a public DNS blacklist of known spammers Stops emails which contain links to domains listed on public Spam URI Blocklists such as sc surbl org A module which analyses the individual fields in a header by referencing the SMTP and MIME fields Spam messages are identified
52. als for first use To ensure that your GFI MailEssentials anti spam system is effectively up and running do as follows Step 1 Launch GFI MailEssentials Configuration console Click on Start gt All Programs gt GFI MailEssentials GFI MailEssentials Configuration Step 2 Verify current DNS Server settings 1 Right click Anti spam node and select Properties 2 Click on the DNS Server tab Verify the DNS server details automatically detected during install 3 To specify a different DNS Server select Use the following DNS server and specify details 4 Click Test to check your newly added DNS server settings 5 Click OK to finalize your configuration Step 3 Confirm domains to defend against spam NOTE ONLY the inbound email domains configured in GFI MailEssentials will be protected against spam 1 Right click General node and select Properties 2 Click on the Inbound Email Domains tab and ensure that all required inbound domains are listed in the Inbound domains field Getting Started Guide 2Binstallation for Microsoft Exchange 2000 amp 2003 55 3 To specify additional domains click Add and enter inbound email domain details 4 Click OK button to finalize your configuration Step 4 Enable Directory Harvesting This filter uses Active directory or LDAP lookups to verify whether inbound emails are addressed to legitimate internal email accounts To enable this filter 1 Right click Anti
53. annot change the installation path during GFI MailEssentials upgrades e When upgrading in a Microsoft Exchange cluster environment all instances of GFI MailEssentials must be upgraded i e GFI MailEssentials must be upgraded on all cluster nodes servers making part of the cluster Upgrade procedure 1 Launch GFI MailEssentials installation on the server where your earlier version of GFI MailEssentials is installed GFI MailEssentials 9 GFI MailEssentials version 12 0 2007 1203 is already installed You must uninstall the existing version before installing GFI 7 MailEssentials version 12 0 2008 0324 IMPORTANT The new build requires the Microsoft NET Framework 2 0 installed on this machine Do you want to uninstall the existing version of GFI MailEssentials Screenshot 30 Confirm the upgrade 2 Click Yes to start the upgrade process and follow on screen instructions For assistance refer to Installation procedure chapter in the section below 3 7 2 New installations Important notes 1 Only active passive cluster setups are supported 2 Before starting installation close any running Windows applications 3 Before starting installation Microsoft Exchange Server 2000 2003 needs to be installed in clustered mode 4 Before starting installation ensure that you have a Generic Service cluster group resource for the SMTP Service and a physical disc cluster resource available 48 e 2Binstallation for Microsoft Exchan
54. ard 17 32 44 57 70 80 97 113 121 Directory Harvesting 16 31 43 55 56 68 79 96 112 DMZ 123 DNS blacklists 19 34 47 59 72 83 100 116 DNS Server Configuration 15 30 43 55 68 79 96 111 E Email monitoring 123 Exchange 2000 2003 9 10 11 12 34 35 62 63 H Header checking 19 34 47 59 72 83 100 116 l IIS SMTP 121 IMAP 124 inbound email domains 8 15 30 43 55 68 79 96 111 Inbound mail filtering 7 Getting Started Guide K Keyword checking 19 34 47 59 72 83 100 116 L Licensing 6 list server 8 List servers 124 M MAPI 124 Microsoft Exchange 2007 73 74 Microsoft IIS 21 87 103 MSMQ 124 O Outbound mail filtering 8 P perimeter server 19 72 POP3 124 PURBL 19 34 46 59 72 82 99 115 R Remote commands 125 Reports 15 30 43 55 68 78 96 111 S SPF 19 34 46 59 72 82 99 115 SURBL 19 34 47 59 72 83 100 116 U upgrade 119 8BGlossary e 127 W Whitelist 16 31 44 56 69 79 80 96 112 125 WebDAV 125 128 8BGlossary Getting Started Guide
55. ate new send connector NOTE On completion the GFI MailEssentials connector will be available in the Send Connectors tab and should be set to Enabled by default 2 Add a Receive Connector to Microsoft Exchange 2007 server to accept emails from the GFI MailEssentials Machine e From the Exchange Management Shell and key in the following command Change the RemotelPRanges property with the IP address for the GFI MailEssentials machine new receiveconnector name GFI MailEssentials Bindings 0 2 0 0 0225 7 RemoteIPRanges MailEssentials IP Address AuthMechanism ExternalAuthoritative PermissionGroups ExchangeServers Example new receiveconnector name GFI MailEssentials Bindings O00 04250 7 RemoteIPRanges 192 168 0 1 AuthMechanism ExternalAuthoritative PermissionGroups RxchangeServers Step 2 Test your new mail relay server Before installing GFI MailEssentials verify that your new mail relay server is working correctly Test IIS SMTP inbound connection via test email 1 Send an email from an external account e g internet email account to an internal email address user 2 Ensure that intended recipient received the test email in the respective email client Test IIS SMTP outbound connection via test email 1 Send an email from an internal email account to an external account e g internet email 2 Ensure that the intended recipient external user received the test email
56. attack and quantity of illegal bank transfers has reached an extremely high level U S Treasury Department Federal Reserve America Bankers Association ABA and Federal Deposit Insurance Corporation FDIC y Screenshot 29 Email tagged as SPAM e Accessing the inbox of the email account to which the test email was sent and confirm that email subject includes SPAM in the subject field 3 6 4 GFI MailEssentials Configuration At this stage your GFI MailEssentials anti spam system is up and running All inbound email will be scanned by the anti spam filters enabled by default see Table 5 Anti spam filters enabled by default below Description Enabled by Default An anti spam engine that determines if an SpamRazer email is spam by using email reputation J message fingerprinting and content analysis Director Stops email which is randomly generated H y towards a server mostly addressed to non v arvesting A existent users Blocks emails that contain links in the PURBL message bodies pointing to known phishing sites or if they contain typical phishing keywords SPF Stops email which is received from x domains not authorized in SPF records Pe Addresses that an email is sent to are uto Wvnitelist automatically excluded from being blocked Getting Started Guide 2Binstallation for Microsoft Exchange 2000 amp 2003 45 Whitelists Custom blacklist DNS blacklists SURBL Heade
57. based on blocked keywords in the email title or body Emails that have been received from senders to whom emails have never been sent before An anti spam technique where a statistical probability index based on training from users is used to identify spam x v Enabled by default x Not enabled by default Table 9 Anti spam filters enabled by default By default email classified as spam will be tagged i e will include the prefix SPAM in the subject field see Screenshot 45 above Although enabled by default email tagging is NOT the only anti spam filter action that can be triggered on detection of email spam see Table 10 Anti spam filter actions below Other actions include re routing of spam emails to specific folders and deletion of spam emails Anti spam filter actions email address user mailbox folder Move to subfolder in Move to junk mail Forward to specific O N NN ON OAE EAO SpamRazer y v v v v Directory Harvesting v v v v v PURBL v v v v y SPF v v v v y Whitelists O O O O O Getting Started Guide 3Binstallation for Microsoft Exchange 2007 e 71 Custom Blacklist y v vy v v v DNS blacklists v v v v v v SURBL v v v y v y Header Checking v v v v v v Keyword Checking v v v v v s New Senders v v y v x 4 v y v v y v Bayesian Analysis v Action supported x Action not possible O Not applicable Table 10 Anti spam filter actions Configuration of anti spam filters and actions
58. be installed on all servers cluster nodes in order to ensure uninterrupted email spam management GFI MailEssentials installation in a Microsoft Exchange 2000 2003 cluster is a 4 tier process e Process 1 Install GFI MailEssentials on the Active cluster node e Process 2 Stop the GFI MailEssentials Legacy Attendant and the GFI POP2Exchange cluster resources and move the Exchange Virtual Server cluster group resource to a passive other node e Process 3 Install GFI MailEssentials on another cluster node e Process 4 Add specific GFI MailEssentials services to the Exchange Virtual Server cluster resource group Repeat Processes 2 3 and 4 above for the remaining passive node s in the cluster 3 6 1 Upgrade from earlier version If you are currently using a previous version of GFI MailEssentials versions 9 10 11 and 12 you can upgrade your current installation while at the same time retain all your existing configuration settings Pre upgrade actions None Important notes e Upgrades cannot be undone i e you cannot downgrade to an earlier version once you have installed the latest version e On upgrading an existing installation licensing reverts to trial version and a new fully purchased license key for the GFI MailEssentials 14 is required For more information on new license keys refer to http customers gfi com e You cannot change the installation path during GFI MailEssentials upgrades e When upgrading from
59. clustered mode 4 Before starting installation ensure that you have a Microsoft Virtual Server cluster group resource with a physical disc cluster available Pre install actions Create Microsoft Virtual Server cluster group resource Before you can create an Exchange Virtual Server in a Windows Server cluster you must first create a cluster resource group This is the unit of failover in a Windows Server cluster When Exchange Server is running in a Windows Server cluster the cluster resource group that contains the Exchange cluster resources is referred to as an Exchange Virtual Server To create a resource group for an Exchange Virtual Server in a Windows Server cluster do as follows 1 Start Cluster Administrator On prompt specify cluster details e g name or click the browse button to select cluster in which you want to create an Exchange Virtual Server 2 In the console tree right click Groups and select New Group 3 In the New Group Wizard that starts automatically specify a name for the new cluster group and click Next 4 Click Finish to finalize your configuration This new group object is displayed under Groups in Cluster Administrator 36 e 2Binstallation for Microsoft Exchange 2000 amp 2003 Getting Started Guide Installation procedure Step 1 Install GFI MailEssentials in the shared hard drive on active server 1 Logon on the active node of your Microsoft Exchange cluster using administrator cre
60. d click OK 4 Click Next to finalize your configuration Step 2 Create SMTP domain s for email relaying 1 Go to Start gt Control Panel gt Administrative Tools 2 Click on Internet Information Services IIS Manager Getting Started Guide 4Binstallation for Lotus Domino e 87 88 e 4Binstallation for Lotus Domino gt Internet Information Services File Action view Help e f m x 2 ce Internet Information Services Local computer jsmith gfi com Local Default Web Sites bo Test gfi com Remote Default web Site Default SMTP Virtual Server Domains Current Sessions Screenshot 53 Internet Information Services IIS Manager 3 In the left pane expand the respective server node Right click on Default SMTP Virtual Server and select Properties 4 Select the IP address currently assigned to your SMTP server and click OK 5 Expand the Default SMTP Virtual Server node 6 Right click Domains and select New gt Domain 7 Select the Remote option and click Next 8 Specify domain name e g test gfi com and click Finish Step 3 Enable email relaying to your Microsoft Exchange server 1 Right click on the new domain e g test gfiiccom and select Properties 2 Select the Allow the Incoming Mail to be Relayed to this Domain checkbox Getting Started Guide domain com Properties 24x General Advanced pans domain com Select the appropriate settings for y
61. d shows no email being processed Or Only inbound or outbound emails are being processed 120 e 7BTroubleshooting and support This problem occurs for emails that use one character set for the message header and a different character set for the message body When such emails are processed by Microsoft Exchange 2003 the emails will be show garbled in Microsoft Outlook and GFI MailArchiver Microsoft has released a hotfix to resolve this issue More information on the problem and the hotfix can be found at http kbase gfi com showarticle asp id KBID003459 and http support microsoft com kb 916299 1 Ensure that GFI MailEssentials is not disabled from scanning emails Refer to Disabling Enabling email scanning section in the configuration manual for more information on how to start scanning 2 Check for multiple Microsoft IIS SMTP virtual servers and ensure the GFI MailEssentials is bound to the correct virtual server 3 MX record for domain not configured correctly Ensure that the MX record points to the IP address of the server running GFI MailEssentials 4 If inbound emails are passing through another gateway ensure that that the mail server running on the other gateway forwards inbound emails through GFI MailEssentials 5 Ensure that outbound emails are configured to route through GFI MailEssentials Refer to installation manual for more details 6 Verify that the SMTP virtual server used by Microsoft Exchange Serv
62. dentials 2 Double click mailessentials14 exe 32 bit install or mailessentials14_x64 exe 64 bit install accordingly 3 Select install language and click Next 4 Select whether to check for newer versions builds of GFI MailEssentials and click Next 5 Read licensing agreement To proceed with the installation select I accept the license agreement and click Next 6 Click Next to install in default location or click Browse to change path 7 Specify user details and enter license key Click Next to continue 8 Specify the email address where notifications e g failed anti spam filters spam digests are sent ff GFI MailEssentials Setup Ble Es gt Active Directory Access to Active Directory users Does this server have access to all the email users in Active Directory io Yes all email users are available on Active Directory rules will be based on Active Directory users No do not have Active Directory or my network does not have access to Active Directory DMZ rules will be based on SMTP email addresses GFI MailEssentials lt Back Cancel Screenshot 22 Selecting SMTP mode or Active Directory mode 9 Specify whether GFI MailEssentials will get the list of email users required for user based configuration rules e g disclaimers from Active Directory or SMTP server Click Next to continue Getting Started Guide 2Binstallation for Microsoft Exchange 2000 amp 2003 e 37 fis GF
63. done i e you cannot downgrade to an earlier version once you have installed the latest version e On upgrading an existing installation licensing reverts to trial version and a new fully purchased license key for the GFI MailEssentials 14 is required For more information on new license keys refer to http customers gfi com e You cannot change the installation path during GFI MailEssentials upgrades e When upgrading from GFI MailEssentials 9 the current Bayesian weights file will be upgraded to the new format used in GFI MailEssentials 10 or later The new format is more compact and uses less memory NO DATA WILL BE LOST 20 2Binstallation for Microsoft Exchange 2000 amp 2003 Getting Started Guide Upgrade procedure 1 Launch GFI MailEssentials installation on the server where your earlier version of GFI MailEssentials is installed GFI MailEssentials GFI MailEssentials version 12 0 2007 1203 is already installed You must uninstall the existing version before installing GFI we MailEssentials version 12 0 2008 0324 IMPORTANT The new build requires the Microsoft NET Framework 2 0 installed on this machine Do you want to uninstall the existing version of GFI MailEssentials Screenshot 7 Confirm the upgrade 2 Click Yes to start the upgrade process and follow on screen instructions For assistance refer to New installations section below 3 5 2 New installations Important notes 1 During installation G
64. e distributions lists select Yes to install MSMQ fe GFI MailEssentials for Exchange SMTP Setup Bile Ei Confirm inbound email domains Click Next to begin installation The following inbound email domains were found ofi co uk afi com gfimalta com localhost A GFI MailEssentials can only process emails addressed to the domains listed above Therefore if SPAM email is sent to a domain not listed above it will not be blocked To further configure the above domains open the GFI MailE ssentials configuration right click on the General node and select Properties GFI MailEssentials lt Back Cancel Screenshot 72 Configure your inbound email domain 12 Setup will now display the list of inbound email domains detected Verify that all inbound email domains to be protected against spam are listed Take note of any changes required for post installation and click Next 110 5Binstallation for SMTP Servers Getting Started Guide NOTE You can modify the list of inbound email domains ONLY post install For more information refer to the Confirm domains to defend against spam section starting on page 111 in this manual 13 Click Finish to finalize your installation On completion setup will e Ask you to restart the SMTP service IMPORTANT Failing to restart the SMTP service will negatively affect anti spam filtering and email flow e Check whether Microsoft XML engine is installed This
65. e blocked To further configure the above domains open the GFI MailE ssentials configuration right click on the General node and select Properties GFI MailEssentials lt Back Cancel Screenshot 24 Configure your inbound email domain 11 Setup will now display the list of inbound email domains detected Verify that all inbound email domains to be protected against spam are listed Take note of any changes required for post installation and click Next 38 e 2Binstallation for Microsoft Exchange 2000 amp 2003 Getting Started Guide NOTE You can modify the list of inbound email domains ONLY post install For more information refer to the Confirm domains to defend against spam section in this manual 12 Click Finish to finalize your installation On completion setup will e Ask you to restart the SMTP service Failing to restart the SMTP service will negatively affect anti spam filtering and email flow e Check whether Microsoft XML engine is installed This is automatically installed if not found on UK US English OS For other OS languages this has to be manually downloaded and installed Microsoft XML engine can be downloaded from http www microsoft com downloads details aspx Familyld 3144 B72B B4F2 46DA B4B6 C5D7485F 2B42 amp displaylang en e Prompt you to launch the Quick Start Guide This is a set of instructions that will guide you through the GFI MailEssentials configuration settings required
66. e brackets e g 123 123 123 123 so to exclude them from all DNS lookup attempts 4 Click OK to finalize your configuration Step 4 Secure your SMTP email relay server If unsecured your mail relay server can be exploited and used as an open relay for spam To avoid this from happening it is recommended that you specifically define which mail servers can route emails through this mail relay server i e allow only specific servers to use this email relaying setup To achieve this 1 Go to Start gt Control Panel gt Administrative Tools 2 Click on Internet Information Services IIS Manager 3 In the left pane expand the respective server node Right click on Default SMTP Virtual Server and select Properties 4 Click on the Access tab and select Relay Getting Started Guide 2Binstallation for Microsoft Exchange 2000 amp 2003 e 23 Relay Restrictions Ed Select which computer may relay through this virtual server Only the list below C All except the list below Computers IP Address Mask 4 Domain Name Add REMOVE V Allow all computers which successfully authenticate to relay regardless of the list above Cancel Help Screenshot 10 Relay options 5 Select the Only the list below option and click Add 6 Specify IP s of the mail server s that are allowed to route emails through your mail relay server You can specify e Single computer i e Authorize one specific machin
67. e content to edit Select Relay host for messages leaving the local internet domain option and key in the IP address of the mail gateway server where GFI MailEssentials is installed 90 4Binstallation for Lotus Domino Getting Started Guide 5 Click Save and Close to save configuration b Configure Lotus Domino LDAP settings 1 From the Directory Assistance database click on Add directory assistance to create a new Assistance document 2 Select the LDAP Clients checkbox from the Make this domain available to option 3 From the server configuration edit the credentials under the configuration Enable Anonymous authentication to allow GFI MailEssentials to access Lotus Domino LDAP Step 6 Update your domain MX record to point to mail relay server Update the MX record of your domain to point to the IP of the new mail relay server If your DNS server is managed by your ISP ask your ISP to update the MX record for you If MX record is not updated all emails will be routed directly to your email server hence by pass GFI MailEssentials anti spam filters Verify that MX record has been successfully updated To verify whether MX record is updated 1 Click Start gt Run and type Command 2 From the command prompt type in nslookup 3 Type in set type mx 4 Specify your mail domain name The MX record should return a single IP address This should be the mail relay server l P address 1 C WINNT Syste
68. e refer to New installations section below 5 4 3 New installations Important notes 1 During installation GFI MailEssentials restarts IIS services This is required to allow GFI MailEssentials components to be registered and started 2 Before starting installation close any running Windows applications 92 e 4Binstallation for Lotus Domino Getting Started Guide Installation procedure 1 Logon the email gateway server where GFI MailEssentials will be installed using administrator credentials 2 Double click mailessentials14 exe 32 bit install or mailessentials14_x64 exe 64 bit install accordingly 3 Select install language and click Next 4 Select whether to check for newer versions builds of GFI MailEssentials and click Next 5 Read licensing agreement To proceed with the installation select I accept the license agreement and click Next 6 Click Next to install in default location or click Browse to change path 7 Specify user details and enter license key Click Next to continue i GFI MailEssentials Setup Iof x Mail Server er gt Mail Server Information S a4 Specify the IP address of the machine running the mail server and specify your local domain i e mycompany com IP Address fi 92 168 0 34 on port 25 Local domain Dominotest local GFI MailEssentials lt Back Cancel Screenshot 58 Specify mail server details 8 Specify IP address and listening port of Lotus Domi
69. e that the following Microsoft Windows technologies are installed correctly and not corrupt e Microsoft Windows Management Instrumentation WMI e Microsoft Windows Installer e Microsoft Net Framework e Microsoft Data Access Components MDAC 6 Ensure that the following system libraries located at lt Windows System32 gt are correctly registered e urlmon dil e Oleaut32 dll e ole32 dll e Actxprxy dll e Shell32 dll e Shdocvw dil e Mshtml dil e Browseui dll e Scrrun dll To register system libraries perform the following steps a Click Start and select Run b Key in cmd exe c Key in regsvr32 lt path amp filename of dll gt Example regsvr32 c windows system32 urlmon dll 7 Place the installation file in a temporary directory on the server where you are installing the GFI product and retry installing GFI MailEssentials 8 Check Distributed Component Object Model DCOM permissions as explained in http support microsoft com default aspx s cid kb en us 295278 NOTE For more information on how to resolve common Windows Installer problems refer to http support microsoft com default aspx s cid kb en us 555175 Getting Started Guide 7BTroubleshooting and support e 119 8 3 Troubleshooting Spam management issues After installing GFI MailEssentials some emails show a garbled message body when viewed in Microsoft Outlook or MailArchiver Dashboar
70. e the List Server without MSMO Do you want to install the MSMO service now GFI MailEssentials Screenshot 48 Installing Microsoft Message Queuing Service 10 If Microsoft Message Queuing Services MSMQ is not installed then the dialog in the above screenshot will open To be able to use list servers i e distributions lists select Yes to install MSMQ 11 Click Finish to finalize your installation On completion setup will e Ask you to restart the SMTP service 76 e 3Binstallation for Microsoft Exchange 2007 Getting Started Guide IMPORTANT Failing to restart the SMTP service will negatively affect anti spam filtering and email flow e Check whether Microsoft XML engine is installed This is automatically installed if not found on UK US English OS For other OS languages this has to be manually downloaded and installed Microsoft XML engine can be downloaded from http www microsoft com downloads details aspx Familyld 3144 B72B B4F2 46DA B4B6 C5D7485F 2B42 amp displaylang en e Prompt you to launch the Quick Start Guide This is a set of instructions that will guide you through the configuration settings required post install for first use Recommended e Launch the post installation wizard that registers GFI MailEssentials with the local installation of Microsoft Exchange 2007 Post installation wizard 1 Click Next in the welcome page cM GFI MailEssentials Post Installation Wizard ioj x Inbo
71. e to relay email through this server Use the DNS Lookup button to lookup an IP address for a specific host e Group of computers i e Authorize specific computer s to relay emails through this server e Domain Allow all computers in a specific domain to relay emails through this server NOTE The Domain option adds a processing overhead that can degrade SMTP service performance This is due to the reverse DNS lookup processes triggered on all IP addresses within that domain that try to route emails through this relay server 24 e 2Binstallation for Microsoft Exchange 2000 amp 2003 Getting Started Guide Step 5 Enable your Microsoft Exchange Server to route emails via mail relay server GFI MailEssentials ge Exchange System Manager There are no items to show in this view Screenshot 11 Forwarding email to GFI MailEssentials machine 1 Launch Exchange System Manager 2 Right click Connectors node and select New gt SMTP Connector GFI MailEssentials Properties TESTMCH P1 Default SMTP Virtual Server HENGYE Screenshot 12 Specifying IP of GFI MailEssentials machine 3 Select the Forward all mail through this connector to the following smart host option and specify the IP of your mail relay server within square brackets i e the IP of the machine on which GFI MailEssentials is installed e g 123 123 1 123 Getting Started Guide 2Binstallation for Microsoft Exchange 2000 a
72. e which analyses the individual fields in a header by referencing the SMTP and MIME fields Spam messages are identified based on blocked keywords in the email title or body Emails that have been received from senders to whom emails have never been sent before An anti spam technique where a statistical probability index based on training from users is used to identify spam x v Enabled by default x Not enabled by default Table 3 Anti spam filters enabled by default By default email classified as spam will be tagged i e will include the prefix SPAM in the subject field see Screenshot 20 above Although enabled by default email tagging is NOT the only anti spam filter action that can be triggered on detection of email spam see Table 4 Anti spam filter actions below Other actions include re routing of spam emails to specific folders and deletion of spam emails Getting Started Guide 2Binstallation for Microsoft Exchange 2000 amp 2003 e 33 Anti spam filter actions o Ee t Bo D x Re 28 38 z g te c 2s 32 28 8 ge i a 2 7p rf 19 Q lt b o o z5 3 T o e gt LL gt 2 SpamRazer y v v v v s Directory Harvesting v v v v y v PURBL v s v v v v SPF y y v v v y Whitelists O O O O O O Custom Blacklist v y v v v v DNS blacklists v v v v v v SURBL v s v v v v Header Checking y v v y v y Keyword Checking v v v v v v New Senders v s v v x v v v v y v v
73. ectory users No do not have Active Directory or my network does not have access to Active Directory DMZ rules will be based on SMTP email addresses GFI MailEssentials lt Back Cancel Screenshot 25 Selecting SMTP mode or Active Directory mode 9 Specify whether GFI MailEssentials will get the list of email users required for user based configuration rules e g disclaimers from Active Directory or SMTP server Click Next to continue fis GFI MailEssentials Setup ii x Microsoft Message Queuing Service The GFI MailEssentials List Server requires the Microsoft Message Queuing Service MSMO The Messaging Queuing Service is a scalable system service developed by Microsoft to enable high volume event processing This service is included with every Windows 2000 XP and 2003 versions although not always installed by default The GFI MailEssentials installation can install MSMO for you To complete this process you will require the Windows 2000 xP or 2003 CD We recommend to install the MSMO at this point however you can also install it at a later stage Please note that you cannot use the List Server without MSMO Do you want to install the MSMO service now C No GFI MailEssentials Screenshot 26 Installing Microsoft Message Queuing Service 10 If Microsoft Message Queuing Services MSMQ is not installed then the dialog in the above screenshot will open To be able to use list servers
74. ectory users a No do not have Active Directory or my network does not have access to Active Directory DMZ rules will be based on SMTP email addresses GFI MailEssentials Cancel Screenshot 70 Selecting SMTP mode 10 Select No do not have Active Directory option to use SMTP server to get the list of email users Click Next to continue Getting Started Guide 5Binstallation for SMTP Servers e 109 fis GFI MailEssentials Setup 1 x Microsoft Message Queuing Service The GFI MailEssentials List Server requires the Microsoft Message Queuing Service MSMO The Messaging Queuing Service is a scalable system service developed by Microsoft to enable high volume event processing This service is included with every Windows 2000 XP and 2003 versions although not always installed by default The GFI MailEssentials installation can install MSMO for you To complete this process you will require the Windows 2000 xP or 2003 CD We recommend to install the MSMO at this point however you can also install it at a later stage Please note that you cannot use the List Server without MSMO Do you want to install the MSMO service now Yes C No GFI MailEssentials lt Back Cancel Screenshot 71 Installing Microsoft Message Queuing Service 11 If Microsoft Message Queuing Services MSMQ is not installed then the dialog in the above screenshot will open To be able to use list servers i
75. ed Guide OBIntroduction e 5 as your mail server on a mail gateway or relay perimeter server or in a clustered environment Administration and configuration manual Detailed administration and configuration guidelines are provided in a separate manual called GFI MailEssentials administration and configuration manual which is installed with the product or separately downloadable from the GFI web site http www gfi com mes mes14acmanual pdf This Administration and Configuration manual complements this Getting Started Guide by providing more detailed information on how to use and customize the features provided in GFI MailEssentials e g tweaking of anti spam filters 1 2 Terms used in this manual The following terms are used in this manual e NOTE o This provides additional information and references essential to GFI MailEssentials operation e IMPORTANT o This provides important information such as warnings and cautions that advise of potential issues commonly encountered For any technical terms and their definitions as used in this manual refer to the Glossary chapter 1 3 Licensing Information on licensing is available on http www gfi com products gfi mailessentials pricing licensing 6 e OBintroduction Getting Started Guide 2 How does GFI MailEssentials work 2 1 Inbound mail filtering Inbound mail filtering is the process through which incoming email are filtered before delivery to users
76. er 3 Getting Started Guide Post Office Protocol ver 3 Public folder RBL Realtime Blocklist Remote commands Secure Sockets Layer Simple Mail Transport Protocol SMTP Spam actions SSL WebDAV Whitelist Zombie Getting Started Guide A protocol used by local email clients to retrieve emails from mailboxes over a TCP IP connection A common folder shared between Microsoft Exchange users which enables information See Realtime Blocklist Online databases of spam IP addresses Incoming emails are compared to these lists to determine if they are originating from blacklisted users Instructions that facilitate the possibility of executing tasks remotely A protocol to ensure an integral and secure communication between networks An internet standard used for email transmission across IP networks See Simple Mail Transport Protocol Actions taken on spam emails received e g delete email or send to Junk email folder See Secure Sockets Layer A HTTP extensions database that enables users to manage files remotely and interactively Used for managing emails in the mailbox and in the public folder in Microsoft Exchange A list of email addresses and domains from which emails are always received See Botnet 8BGlossary e 125 10 Index A antivirus software 120 B Bayesian 19 34 47 59 72 83 100 116 121 123 Blacklist 123 C cluster 35 39 42 47 54 D Dashbo
77. er for outbound emails is the same SMTP server GFI MailEssentials is bound to For more information on this issue refer to http kbase gfi com showarticle asp id KBID003286 Getting Started Guide 8 4 Troubleshooting Anti spam filters amp actions Issue encountered Solution 1 SPAM is delivered to users Follow the checklist below to solve this issue mailbox 1 Ensure that GFI MailEssentials is not disabled from scanning emails Refer to Disabling Enabling email scanning section in the configuration manual for more information on how to start scanning 2 Check if all required anti spam filters are enabled 3 Check if local domains are configured correctly 4 Check if emails are passing through GFI MailEssentials or if GFI MailEssentials is bound to the correct IIS SMTP Virtual Server 5 Check if TEMP location which by default is the C Windows Temp folder contains a lot of files 6 Check if the number of users using GFI MailEssentials exceeds the number of purchased licenses 7 Check if whitelist is configured correctly 8 Check if actions are configured correctly 9 Check if Bayesian filter is configured correctly Refer to http kbase gfi com showarticle asp id KBID003256 for more detailed instructions on how to solve this issue 8 5 Knowledge Base GFI maintains a comprehensive Knowledge Base repository which includes answers to the most common installation problems In case that the information in th
78. ever you can also install it at a later stage Please note that you cannot use the List Server without MSMO Do you want to install the MSMO service now Yes C No GFI MailEssentials lt Back Cancel Screenshot 60 Installing Microsoft Message Queuing Service 11 If Microsoft Message Queuing Services MSMQ is not installed then the dialog in the above screenshot will open To be able to use list servers i e distributions lists select Yes to install MSMQ 94 e 4Binstallation for Lotus Domino Getting Started Guide E GFI MailEssentials for Exchange SMTP Setup lei X Confirm inbound email domains NE gt Click Next to begin installation gt a4 The following inbound email domains were found A GFI MailE ssentials can only process emails addressed to the domains listed above Therefore if SPAM email is sent to a domain not listed above it will not be blocked To further configure the above domains open the GFI MailE ssentials configuration right click on the General node and select Properties GFI MailE ssentials lt Back Cancel Screenshot 61 Configure your inbound email domain 12 Setup will now display the list of inbound email domains detected Verify that all inbound email domains to be protected against spam are listed Take note of any changes required for post installation and click Next NOTE You can modify the list of inbound email domains ONLY post in
79. figure the above domains open the GFI MailE ssentials configuration right click on the General node and select Properties GFI MailEssentials lt Back Cancel Screenshot 18 Configure your inbound email domain 11 Setup will now display the list of inbound email domains detected Verify that all inbound email domains to be protected against spam are listed Take note of any changes required for post installation and click Next Getting Started Guide 2Binstallation for Microsoft Exchange 2000 amp 2003 e 29 NOTE You can modify the list of inbound email domains ONLY post install For more information refer to the Confirm domains to defend against spam section starting on page 30 in this manual 12 Click Finish to finalize your installation On completion setup will e Ask you to restart the SMTP service IMPORTANT Failing to restart the SMTP service will negatively affect anti spam filtering and email flow e Check whether Microsoft XML engine is installed This is automatically installed if not found on UK US English OS For other OS languages this has to be manually downloaded and installed Microsoft XML engine can be downloaded from http Awww microsoft com downloads details aspx Familyld 3144 B72B B4F2 46DA B4B6 C5D7485F 2B42 amp displaylang en e Prompt you to launch the Quick Start Guide This is a set of instructions that will guide you through the configuration settings required post install f
80. for SMTP Servers e 107 MailEssentials 14 is required For more information on new license keys refer to http customers gfi com e You cannot change the installation path during GFI MailEssentials upgrades e When upgrading from GFI MailEssentials 9 the current Bayesian weights file will be upgraded to the new format used in GFI MailEssentials 10 or later The new format is more compact and uses less memory NO DATA WILL BE LOST Upgrade procedure 1 Launch GFI MailEssentials installation on the server where your earlier version of GFI MailEssentials is installed GFI MailEssentials p GFI MailEssentials version 12 0 2007 1203 is already installed You must uninstall the existing version before installing GFI MailEssentials version 12 0 2008 0324 IMPORTANT The new build requires the Microsoft NET Framework 2 0 installed on this machine Do you want to uninstall the existing version of GFI MailEssentials Screenshot 68 Confirm the upgrade 2 Click Yes to start the upgrade process and follow on screen instructions For assistance refer to New installations section below 6 4 3 New installations Important notes 1 During installation GFI MailEssentials restarts IIS services This is required to allow GFI MailEssentials components to be registered and started 2 Before starting installation close any running Windows applications Installation procedure 1 Logon your Microsoft Exchange Server machine using
81. g All inbound email will be scanned by the anti spam filters enabled by default see Table 7 Anti spam filters enabled by default users is used to identify spam below Description Enabled by Default An anti spam engine that determines if an SpamRazer email is spam by using email reputation V message fingerprinting and content analysis Director Stops email which is randomly generated y towards a server mostly addressed to non v Harvesting i existent users Blocks emails that contain links in the PURBL message bodies pointing to known phishing J sites or if they contain typical phishing keywords SPF Stops email which is received from x domains not authorized in SPF records aps Addresses that an email is sent to are pene Whaitelict automatically excluded from being blocked d Whitelists A custom list of safe email addresses v Custom A custom list of blocked email users or blacklist domains Checks if the email received is from DNS blacklists senders that are listed on a public DNS v blacklist of known spammers Stops emails which contain links to SURBL domains listed on public Spam URI y Blocklists such as sc surbl org Header A module which analyses the individual checkin fields in a header by referencing the SMTP v g and MIME fields Keyword Spam messages are identified based on x checking blocked keywords in the email title or body Emails that have been received from New Senders senders to whom emails
82. g Started Guide 3Binstallation for Microsoft Exchange 2007 e 65 11 Click Finish to finalize your installation On completion setup will e Ask you to restart the SMTP service IMPORTANT Failing to restart the SMTP service will negatively affect anti spam filtering and email flow e Check whether Microsoft XML engine is installed This is automatically installed if not found on UK US English OS For other OS languages this has to be manually downloaded and installed Microsoft XML engine can be downloaded from http Awww microsoft com downloads details aspx Familyld 3144 B72B B4F2 46DA B4B6 C5D7485F 2B428 amp displaylang en e Prompt you to launch the Quick Start Guide This is a set of instructions that will guide you through the configuration settings required post install for first use Recommended e Launch the post installation wizard that registers GFI MailEssentials with the local installation of Microsoft Exchange 2007 Post installation wizard 1 Click Next in the welcome page GFI MailEssentials Post Installation Wizard iol xj Inbound email domains Specify the email domains GFI MailEssentials should treat as inbound Domains with an asterisk next to them form part of the accepted domain list in Exchange The inbound email domains you add here affect the GFI MailEssentials configuration only The Microsoft Exchange accepted domain list is not modified Cancel lt Back Screenshot 42 Inbou
83. ge 2000 amp 2003 Getting Started Guide Pre install actions Create a new resource 1 Open Cluster Administrator 2 In the console tree double click Groups folder 3 In the details pane click the group to which you want the resource to belong 4 On the File menu select to New and then click Resource 5 In the New Resource Wizard type the appropriate information in Name and Description click the appropriate information in Resource type and Group and click Next 6 Add or remove possible owners of the resource and click Next 7 To add dependencies under Available resources click a resource and then click Add Or to remove dependencies under Resource dependencies click a resource and then click Remove 8 Repeat step 7 for any other resource dependencies and click Next 9 Set resource properties in the Parameters dialog box Installation procedure Step 1 Install GFI MailEssentials in the shared hard drive on active server 1 Logon on the active node of your IIS cluster using administrator credentials 2 Double click mailessentials14 exe 32 bit install or mailessentials14_x64 exe 64 bit install accordingly 3 Select install language and click Next 4 Select whether to check for newer versions builds of GFI MailEssentials and click Next 5 Read licensing agreement To proceed with the installation select I accept the license agreement and click Next 6 Click Next to install in default
84. ge 2000 amp 2003 e 17 Filter Description enabled by default See Table 1 Anti spam filters enabled by default below Enabled by Default An anti spam engine that determines if an email is spam by using email reputation Spariazer message fingerprinting and content ie analysis Director Stops email which is randomly generated y towards a server mostly addressed to non v Harvesting A existent users Blocks emails that contain links in the PURBL message bodies pointing to known phishing V sites or if they contain typical phishing keywords SPF Stops email which is received from x domains not authorized in SPF records ar Addresses that an email is sent to are Ateet automatically excluded from being blocked Whitelists A custom list of safe email addresses v Custom A custom list of blocked email users or z blacklist domains Checks if the email received is from DNS blacklists senders that are listed on a public DNS v blacklist of known spammers Stops emails which contain links to SURBL domains listed on public Spam URI y Blocklists such as sc surbl org Header A module which analyses the individual hekin fields in a header by referencing the SMTP v g and MIME fields Keyword Spam messages are identified based on x checking blocked keywords in the email title or body Emails that have been received from New Senders senders to whom emails have never been x sent before Bayesian An anti spam technique where a statistica
85. hange 2007 Getting Started Guide Custom Blacklist y v vy v v v DNS blacklists v v v v v v SURBL v v v y v y Header Checking v v v v v v Keyword Checking v v v v v s New Senders v v y v x 4 v y v v y v Bayesian Analysis v Action supported x Action not possible O Not applicable Table 12 Anti spam filter actions Configuration of anti spam filters and actions is possible via the GFI MailEssentials Configuration console Additionally through this console you can also run reports and customize other product features such as enable daily spam digest For guidelines on how to configure GFI MailEssentials functions and features refer to the GFI MailEssentials Administration and Configuration manual 4 6 Installing on Microsoft Exchange Server 2007 clusters On Microsoft Exchange 2007 servers only servers with the Mailbox Role can be part of a cluster Any other roles are required to be installed on separate servers To install GFI MailEssentials as part of a Microsoft Exchange 2007 cluster install GFI MailEssentials on a server running the Hub Transport or the Edge Transport Role Alternatively you install GFI MailEssentials on a separate machine in gateway perimeter server mode e On Microsoft Exchange 2007 server clusters without the Mailbox role the option to move SPAM to subfolders of the users mailbox is disabled e High availability for the Hub Transport Edge Transport Client Access and Unified Messaging
86. hange Service is Running GFI MailEssentials Enterprise Transfer Agent is Running IIS Admin Service is Running MTA Logging Fite Level Senda ep a 2 26 2009 3 00 24PM FullEmail John Doe lt johndoe hotmail com gt johndoe domain com 100 Free wi Screenshot 62 Testing your anti spam system e Checking the GFI MailEssentials Dashboard Use the Status tab to view the status of key GFI MailEssentials services and email processing activity Receipt and processing status of this email is logged in the MTA logging window Getting Started Guide 4Binstallation for Lotus Domino e 97 Inbox Microsoft Outlook i File Edit View Go Tools Actions Help baaNew g AL X Reply Reply to All 1j Send Receive _ 2pFind LUEI t D alFrom Subject Received L3 Inbox in Mailbox L Unread Mail in Mailbox E Date Today LA For Follow Up in Mailbox John Doe SPAM ttention Read Carefully Fri 27 02 09 2 03 PM L3 Sent Items in Mailbox All Mail Folders 5 E Personal Folders 3 Deleted Items UA Drafts ttention Read Carefully D L3 Inbox L Junk E mail 5 3 Outbox Sent Items From ADMINISTRATION mailto security federalreservebank us 3 LA Search Folders Sent Tuesday February 24 2009 12 48 PM re For Follow Up 18 Subject Attention Read Carefully LA Large Mail LA Unread Mail a 83 Archive Folders FEDERAL RESERVE BANK Important You re getting this letter in connection with new direc
87. hitelists This filter allows you to specify lists of friendly email domains email addresses or IP addresses WARNING USE THIS FEATURE WITH CAUTION Entries in this list will not be scanned for spam and will bypass all anti spam filtering 1 Right click Anti spam node and select Whitelist gt Properties 2 Click on the Whitelist tab 3 Click Add and specify domains email addresses or IP addresses to whitelist 96 4Binstallation for Lotus Domino Getting Started Guide 4 Click OK to finalize your configuration Step 6 Test your anti spam system GFI MailEssentials is now ready to start managing spam To verify that anti spam is working properly 1 Clicking Start gt All Programs GFI MailEssentials gt GFI MailEssentials Dashboard 2 Using an external email account for example webmail hotmail or Gmail create a new email and key in 100 free as the subject 3 Send the email to one of your internal email accounts GFI MailEssentials will tag this email as spam by adding the tag SPAM to the email subject field 4 Allow some time for email delivery and confirm that email spam tagging is working by EJ GFI MailEssentials Dashboard Ol x Eile Options Help Statistics P2E Logging Status of key services GFI MailEssentials Managed Attendant Service is Running o GFI List Server is Running GFI MailE ssentials Legacy Attendant Service is Running GFI MailE ssentials POP2Exc
88. ify additional domains click Add and enter inbound email domain details 4 Click OK button to finalize your configuration Step 4 Enable Directory Harvesting This filter uses Active directory or LDAP lookups to verify whether inbound emails are addressed to legitimate internal email accounts To enable this filter 1 Right click Anti spam node and select Directory Harvesting gt Properties 2 Select Enable directory harvesting protection 3 Select the lookups method to be used e Use native Active Directory lookups option Select this option if during installation you selected to get the list of email users from Active Directory see Installation Procedure section above step 9 e Use LDAP lookups Select this option if during installation you selected to get the list of email users from SMTP server using LDAP see Installation Procedure section above step 9 In addition o Unselect the Anonymous bind option if your LDAP server requires authentication Getting Started Guide 2Binstallation for Microsoft Exchange 2000 amp 2003 e 43 o Enter the authentication details using Domain User format o Click Test button to test your LDAP configuration settings Step 5 Configure whitelists This filter allows you to specify lists of friendly email domains email addresses or IP addresses WARNING USE THIS FEATURE WITH CAUTION Entries in this list will not be scanned for spam and will bypass
89. il in Mailbox a For Follow Up in Mailbox John Doe SPAM ttention Read Carefully Fri 27 02 09 2 03 PM Sj Sent Items in Mailbox All Mail Folders a eg Personal Folders Deleted Items CA Drafts a LA Inbox Junk E mail 6 3 Outbox o S E N a B Sent Items From ADMINISTRATION mailto security federalreservebank us 3 CA Search Folders 7 Sent Tuesday February 24 2009 12 48 PM LA For Follow Up 18 Subject Attention Read Carefully QQ Large Mail QQ Unread Mail S Archive Folders FEDERAL RESERVE BANK Important You re getting this letter in connection with new directions issued by U S Treasury Department The directions concern U S Federal Wire and ACH online payments On February 17 2009 a large scaled phishing attack started and has been still lasting A great number of banks and credit unions is affected by this attack and quantity of illegal bank transfers has reached an extremely high level U S Treasury Department Federal Reserve America Bankers Association ABA and Federal Deposit Insurance Corporation FDIC Screenshot 38 Email tagged as SPAM e Accessing the inbox of the email account to which the test email was sent and confirm that email subject includes SPAM in the subject field Getting Started Guide 2Binstallation for Microsoft Exchange 2000 amp 2003 e 57 3 7 4 GFI MailEssentials Configuration At this stage your GFI MailEssentials anti spam system is up and runnin
90. ilEssentials Dashboard 2 Using an external email account for example webmail hotmail or Gmail create a new email and key in 100 free as the subject 3 Send the email to one of your internal email accounts GFI MailEssentials will tag this email as spam by adding the tag SPAM to the email subject field 4 Allow some time for email delivery and confirm that email spam tagging is working by EJ GFI MailEssentials Dashboard Ol x File Options Help Statistics P2E Logging Status of key services GFI MailE ssentials Managed Attendant Service is Running GFI List Server is Running GFI MailE ssentials Legacy Attendant Service is Running GFI MailE ssentials POP2Exchange Service is Running GFI MailEssentials Enterprise Transfer Agent is Running IIS Admin Service is Running MTA Logging Fiter Level Sender Recipients Subject 2 26 2009 3 00 24PM FullEmail John Doe lt johndoe hotmail com gt johndoe domain com 100 Free oid Screenshot 44 Testing your anti spam system e Checking the GFI MailEssentials Dashboard Use the Status tab to view the status of key GFI MailEssentials services and email processing activity Receipt and processing status of this email is logged in the MTA logging window Getting Started Guide 3Binstallation for Microsoft Exchange 2007 e 69 Inbox Microsoft Outlook i File Edit View Go Tools Actions Help baaNew g AL X Reply Reply to
91. ils 4 Click OK button to finalize your configuration Step 4 Enable Directory Harvesting This filter uses Active directory or LDAP lookups to verify whether inbound emails are addressed to legitimate internal email accounts To enable this filter 1 Right click Anti spam node and select Directory Harvesting gt Properties 2 Select Enable directory harvesting protection 3 Select the lookups method to be used e Use native Active Directory lookups option Select this option if during installation you selected to get the list of email users from Active Directory see Installation Procedure section above step 9 e Use LDAP lookups Select this option if during installation you selected to get the list of email users from SMTP server using LDAP see Installation Procedure section above step 9 In addition o Unselect the Anonymous bind option if your LDAP server requires authentication o Enter the authentication details using Domain User format Click Test button to test your LDAP configuration settings Step 5 Configure whitelists This filter allows you to specify lists of friendly email domains email addresses or IP addresses WARNING USE THIS FEATURE WITH CAUTION Entries in this list will not be scanned for spam and will bypass all anti spam filtering 1 Right click Anti spam node and select Whitelist gt Properties Getting Started Guide 3Binstallation for Microsoft Exchange 2007
92. in GFI MailEssentials is that of inbound email domains During its configuration GFI MailEssentials will automatically detect the domains on which you receive emails This enables it to distinguish between inbound and outbound emails and therefore protect your network against spam Inbound email domains are also configurable after installation through the GFI MailEssentials Configuration console For more information refer to the GFI MailEssentials Administration and Configuration manual 2 2 Outbound mail filtering Outbound mail filtering is the process through which email sent by users within a company is processed before it is sent out 1 User creates and sends email hp A 2 Remote commands check executes any remote commands in email if any are found If none are found email goes to the next stage User Mailbox 3 Email is next checked to see if it should be archived If archiving is enabled email is saved in the reporting database In all cases email goes to the next stage Roping Database 4 If configured the applicable disclaimer is next added to the email Once this is done the email goes to the next stage 5 Email is checked for any mail monitoring which may apply and action is taken according to any rules configured Email goes to the next stage Mail Monitoring Auto Whitelist 6 If enabled the auto whitelist check adds the email recipient email address Ga S1 to the whitelist This a
93. ing protection 3 Select the lookups method to be used e Use native Active Directory lookups option Select this option if during installation you selected to get the list of email users from Active Directory see Installation Procedure section above step 9 e Use LDAP lookups Select this option if during installation you selected to get the list of email users from SMTP server using LDAP see Installation Procedure section above step 9 In addition o Unselect the Anonymous bind option if your LDAP server requires authentication o Enter the authentication details using Domain User format Click Test button to test your LDAP configuration settings Step 5 Configure whitelists This filter allows you to specify lists of friendly email domains email addresses or IP addresses WARNING USE THIS FEATURE WITH CAUTION Entries in this list will not be scanned for spam and will bypass all anti spam filtering 1 Right click Anti spam node and select Whitelist gt Properties 2 Click on the Whitelist tab 3 Click Add and specify domains email addresses or IP addresses to whitelist 4 Click OK to finalize your configuration Step 6 Test your anti spam system GFI MailEssentials is now ready to start managing spam To verify that anti spam is working properly 68 e 3Binstallation for Microsoft Exchange 2007 Getting Started Guide 1 Clicking Start gt All Programs gt GFI MailEssentials gt GFI Ma
94. installations Important notes 1 During installation GFI MailEssentials restarts Microsoft Exchange Server services This is required to allow GFI MailEssentials components to be registered and started 2 Before starting installation close any running Windows applications 3 Since Microsoft Exchange Server 2007 can only be installed on Windows Server 2008 64 bit GFI MailEssentials 64 bit version is required Installation procedure 1 Logon your Microsoft Exchange Server machine using administrator credentials 2 Double click mailessentials14_x64 exe 3 Select install language and click Next 4 Select whether to check for newer versions builds of GFI MailEssentials and click Next 5 Read licensing agreement To proceed with the installation select I accept the license agreement and click Next 6 Click Next to install in default location or click Browse to change path 7 Specify user details and enter license key Click Next to continue 64 e 3Binstallation for Microsoft Exchange 2007 Getting Started Guide 8 Specify the email address where notifications e g failed anti spam filters spam digests are sent ff GFI MailEssentials Setup lel Es Active Directory Access to Active Directory users Does this server have access to all the email users in Active Directory a Yes all email users are available on Active Directory rules will be based on Active Directory users No do not have Active Direc
95. is manual does not solve your installation problems next refer to the Knowledge Base The Knowledge Base always has the most up to date listing of technical support questions and patches Access the Knowledge Base by visiting http kbase qfi com 8 6 Web Forum User to user technical support is available via the GFI web forum Access the web forum by visiting http forums qfi com 8 7 Request technical support If none of the resources listed above enable you to solve your issues contact the GFI Technical Support team by filling in an online support request form or by phone e Online Fill out the support request form and follow the instructions on this page closely to submit your support request on http support gfi com supportrequestform asp e Phone To obtain the correct technical support phone number for your region please visit http www gfi com company contact htm NOTE Before you contact our Technical Support team please have your Customer ID available Your Customer ID is the online account Getting Started Guide 7BTroubleshooting and support e 121 number that is assigned to you when you first register your license keys in our Customer Area at http customers qfi com We will answer your query within 24 hours or less depending on your time zone 8 8 Build notifications We strongly suggest that you subscribe to our build notifications list This way you will be immediately notified about new prod
96. ist y v vy v v v DNS blacklists v v v v v v SURBL v v v y v y Header Checking v v v v v v Keyword Checking v v v v v s New Senders v y v v x wa v y v v y v Bayesian Analysis v Action supported x Action not possible O Not applicable Table 16 Anti spam filter actions Configuration of anti spam filters and actions is possible via the GFI MailEssentials Configuration console Additionally through this console you can also run reports and customize other product features such as enable daily spam digest For guidelines on how to configure GFI MailEssentials functions and features refer to the GFI MailEssentials Administration and Configuration manual 116 5Binstallation for SMTP Servers Getting Started Guide 7 Uninstalling GFI MailEssentials 7 1 Introduction This chapter describes how to uninstall GFI MailEssentials for all supported operating systems NOTE 1 If you are planning to uninstall and reinstall GFI MailEssentials to fix problems you may be having during installation you should first read the Troubleshooting and Support chapter in this manual NOTE 2 Third party components which are required by GFI MailEssentials such as Microsoft NET Framework or Microsoft XML core services will not be uninstalled 7 1 1 Uninstall GFI MailEssentials 1 Exit GFI MailEssentials 2 From the Control Panel select e Add or Remove Programs Windows Server 2000 or 2003 Windows SBS 2000 or 2003 Programs a
97. l Serie probability index based on training from x users is used to identify spam v Enabled by default x Not enabled by default Table 1 Anti spam filters enabled by default By default email classified as spam will be tagged i e will include the prefix SPAM in the subject field see Screenshot 6 above Although enabled by default email tagging is NOT the only anti spam filter action that can be triggered on detection of email spam Other actions include re routing of spam emails to specific folders and deletion of spam emails 18 e 2Binstallation for Microsoft Exchange 2000 amp 2003 Getting Started Guide Anti spam filter actions 2 2 D n D x 2 88 385z e ko E Coi 75 2 3E 23 8 v oO Q fd o fe 25 215 6 S I 2 3 SpamRazer v v v v y v Directory 7 A a LE WE Va Harvesting PURBL v v v v y v SPF v y v v y v Whitelists O O O O O O Custom Blacklist v v v v s v DNS blacklists vY v4 v4 v v s SURBL v v v v y v Header Checking vA v v v y v Keyword Checking v y v v y v New Senders wa v s v x v Bayesian Analysis s y v sy v y v Action supported x Action not possible O Not applicable Table 2 Anti spam filter actions Configuration of anti spam filters and actions is possible via the GFI MailEssentials Configuration console Additionally through this console you can also run reports and customize other product features such as enable daily spam digest For
98. les Common Files GFl gt Files GFI gt lt Inetopub mailroot gt If installed on a gateway machine 102 5Binstallation for SMTP Servers Getting Started Guide 6 3 2 Firewall port settings Configure your firewall to allow the following port connections These ports are used by GFI MailEssentials to connect to GFI servers e DNS Port 53 Used by anti spam filters DNS blacklist Sender Policy Framework Header Checking to identify the domain from where received emails originated e FTP Ports 20 and 21 Used by GFI MailEssentials to connect to ftp gfisoftware com and retrieve latest product version information e HTTP Port 80 Used by GFI MailEssentials to download product patch and anti spam filter updates i e SpamRazer Anti Phishing and Bayesian anti spam filters from the following locations o http update gfi com o http update gfisoftware com o http support gfi com o http db11 spamcatcher net GFI MailEssentials 14 or earlier o http sn92 mailshell net GFI MailEssentials 14 SR1 or later e Remoting Ports 8021 Used in the latest builds of GFI MailEssentials for inter process communication No firewall configuration is required to allow connections to or from the remoting ports since all the GFI MailEssentials processes run on the same server NOTE Ensure that no other applications except GFI MailEssentials are listening on port 8021 e LDAP Port 389 U
99. ll the existing version before installing GFI sy MailEssentials version 12 0 2008 0324 IMPORTANT The new build requires the Microsoft NET Framework 2 0 installed on this machine Do you want to uninstall the existing version of GFI MailEssentials Screenshot 46 Confirm the upgrade 2 Click Yes to start the upgrade process and follow on screen instructions For assistance refer to New installations section below 4 5 4 New installations Important notes 1 During installation GFI MailEssentials restarts Microsoft Exchange Server services This is required to allow GFI MailEssentials components to be registered and started 2 Before starting installation close any running Windows applications Installation procedure 1 Logon your Microsoft Exchange Server machine using administrator credentials 2 Double click mailessentials14 exe 32 bit install or mailessentials14_x64 exe 64 bit install accordingly 3 Select install language and click Next 4 Select whether to check for newer versions builds of GFI MailEssentials and click Next 5 Read licensing agreement To proceed with the installation select I accept the license agreement and click Next 6 Click Next to install in default location or click Browse to change path 7 Specify user details and enter license key Click Next to continue 8 Specify the email address where notifications e g failed anti spam filters spam digests are sent Getting
100. location or click Browse to change path 7 Specify user details and enter license key Click Next to continue 8 Specify the email address where notifications e g failed anti spam filters spam digests are sent Getting Started Guide 2Binstallation for Microsoft Exchange 2000 amp 2003 49 GFI MailEssentials Setup a OX gt Active Directory Access to Active Directory users Does this server have access to all the email users in Active Directory o Yes all email users are available on Active Directory rules will be based on Active Directory users No do not have Active Directory or my network does not have access to Active Directory DMZ rules will be based on SMTP email addresses GFI MailEssentials lt Back Cancel Screenshot 31 Selecting SMTP mode or Active Directory mode 9 Specify whether GFI MailEssentials will get the list of email users required for user based configuration rules e g disclaimers from Active Directory or SMTP server Click Next to continue fis GFI MailEssentials Setup ii x Microsoft Message Queuing Service The GFI MailEssentials List Server requires the Microsoft Message Queuing Service MSMO The Messaging Queuing Service is a scalable system service developed by Microsoft to enable high volume event processing This service is included with every Windows 2000 XP and 2003 versions although not always installed by default The GFI MailEssentials
101. m Local Default Web Sites bo Test gfi com Remote Default web Site Default SMTP Virtual Server Domains Current Sessions Screenshot 8 Internet Information Services IIS Manager 3 In the left pane expand the respective server node Right click on Default SMTP Virtual Server and select Properties 4 Select the IP address currently assigned to your SMTP server and click OK 5 Expand the Default SMTP Virtual Server node 6 Right click Domains and select New gt Domain 7 Select the Remote option and click Next 8 Specify domain name e g test gfi com and click Finish Step 3 Enable email relaying to your Microsoft Exchange server 1 Right click on the new domain e g test gfiiccom and select Properties 2 Select the Allow the Incoming Mail to be Relayed to this Domain checkbox Getting Started Guide domain com Properties 24x General Advanced pans domain com Select the appropriate settings for your remote domain IV Allow incoming mail to be relayed to this domain I Send HELO instead of EHLO Outbound Security Route domain Use DNS to route to this domain Forward all mail to smart host o 932 168 0 2 a Cancel Apply Help Screenshot 9 Configure the domain 3 Select the Forward all mail to smart host option and specify the IP address of the server managing emails in this domain IP address must be enclosed in squar
102. m32 cmd exe nslookup rosoft Windows 2666 Version 5 08 2195 Copyright 1985 2666 Microsoft Corp C Documents and Settings administrator GHOST gt ns lookup Default Server server qa Address 192 168 0 1 gt set type mx server qa Address 192 168 0 1 qatest com MK preference 10 mail exchanger qatest com qatest com internet address 192 168 6 153 gt Screenshot 56 Checking the MX record of your domain Step 7 Test your new mail relay server Before proceeding to install GFI MailEssentials verify that your new mail relay server is working correctly by doing as follows Test IIS SMTP inbound connection via test email 1 Send an email from an external account e g internet email account to an internal email address user 2 Ensure that intended recipient received the test email in the respective email client Test IIS SMTP outbound connection via test email 1 Send an email from an internal email account to an external account e g internet email Getting Started Guide 4Binstallation for Lotus Domino e 91 2 Ensure that the intended recipient external user received the test email NOTE You can also use Telnet to manually send the test email and obtained more troubleshooting information For more information refer to http support microsoft com support kb articles Q153 1 19 asp 5 4 2 Upgrade from earlier version If you are currently using a previous version of GFI
103. mains configured in GFI MailEssentials will be protected against spam 1 Right click General node and select Properties 2 Click on the Inbound Email Domains tab and ensure that all required inbound domains are listed in the Inbound domains field 3 To specify additional domains click Add and enter inbound email domain details 4 Click OK button to finalize your configuration Getting Started Guide 5Binstallation for SMTP Servers e 111 Step 4 Enable Directory Harvesting This filter uses Active directory or LDAP lookups to verify whether inbound emails are addressed to legitimate internal email accounts To enable this filter 1 Right click Anti spam node and select Directory Harvesting gt Properties 2 Select Enable directory harvesting protection 3 Select the Use LDAP lookups and a Unselect the Anonymous bind option if your LDAP server requires authentication b Enter the authentication details using Domain User format c Click Test button to test your LDAP configuration settings Step 5 Configure whitelists This filter allows you to specify lists of friendly email domains email addresses or IP addresses WARNING USE THIS FEATURE WITH CAUTION Entries in this list will not be scanned for spam and will bypass all anti spam filtering 1 Right click Anti spam node and select Whitelist gt Properties 2 Click on the Whitelist tab 3 Click Add and specify domains email addresses o
104. mp 2003 25 fadd Bridgehead TESTMCH P1 Screenshot 13 Adding a bridgehead 4 Click Add and select the virtual SMTP Server i e the email relay server on which GFI MailEssentials is running GFI MailEssentials Properties flee pi HENGE Screenshot 14 Adding SMTP as address space 5 Click on the Address Space tab then click Add 6 Select SMTP and click OK 26 e 2Binstallation for Microsoft Exchange 2000 amp 2003 Getting Started Guide 7 Click OK to finalize your configuration All emails will now be forwarded to the GFI MailEssentials server Step 6 Update your domain MX record to point to mail relay server Update the MX record of your domain to point to the IP of the new mail relay server If your DNS server is managed by your ISP ask your ISP to update the MX record for you If MX record is not updated all emails will be routed directly to your email server hence by pass GFI MailEssentials anti spam filters Verify that MX record has been successfully updated To verify whether MX record is updated do as follows 1 Click Start gt Run and type Command 2 From the command prompt type in nslookup 3 Type in set type mx 4 Specify your mail domain name The MX record should return a single IP address This should be the mail relay server P address A C WINNT System32 cmd exe nslookup rosoft Windows 2000 Version 5 00 2195 lt C Copyright 1
105. ncluded with every Windows 2000 XP and 2003 versions although not always installed by default The GFI MailEssentials installation can install MSMO for you To complete this process you will require the Windows 2000 xP or 2003 CD We recommend to install the MSMO at this point however you can also install it at a later stage Please note that you cannot use the List Server without MSMO Do you want to install the MSMO service now Yes C No GFI MailEssentials lt Back Cancel Screenshot 3 Installing Microsoft Message Queuing Service 10 If Microsoft Message Queuing Services MSMQ is not installed then the dialog in the above screenshot will open To be able to use list servers i e distributions lists select Yes to install MSMQ fe GFI MailEssentials for Exchange SMTP Setup Bile Ei Confirm inbound email domains Click Next to begin installation The following inbound email domains were found ofi co uk afi com gfimalta com localhost A GFI MailEssentials can only process emails addressed to the domains listed above Therefore if SPAM email is sent to a domain not listed above it will not be blocked To further configure the above domains open the GFI MailE ssentials configuration right click on the General node and select Properties GFI MailEssentials lt Back Cancel Screenshot 4 Configure your inbound email domain 11 Setup will now display the list
106. nd Features Windows Server 2008 Windows SBS 2008 3 From the list of installed software select GFI MailEssentials for Exchange SMTP and click Remove or Uninstall 4 Follow on screen instructions to uninstall GFI MailEssentials Getting Started Guide 6BUninstalling GFI MailEssentials e 117 8 Troubleshooting and support 8 1 Introduction This chapter explains how to resolve any GFI MailEssentials issues encountered during installation The main sources of information available to solve these issues are e This manual most issues can be solved through the information in this manual section e GFI Knowledge Base articles e Web forums e Contacting GFI Technical Support 8 2 Troubleshooting Installation issues Issue Possible solution License key for the previous version is not accepted and the upgraded version is in evaluation mode When upgrading to a new version of GFI MailEssentials you are required to upgrade your license key For more information on how to upgrade your key refer to http kbase gfi com showarticle asp id KB ID003408 During installation some errors may be received causing the product not to be installed properly or not to be installed at all e Event Type Warning e Event ID 0 e Event Source GFI MailEssentials Legacy Attendant Service e Event Description The GFI MailEssentials Legacy Attendant Service sub process 8 auantiphish2 has termina
107. nd email domains list 2 In the accepted domain list e Review local domains found NOTE Asterisks next to inbound email domains indicate domains detected by Microsoft Exchange e Key in inbound domain details in the Inbound email domains box and click Add e Select domains and clicking Remove to remove domains Click Next to continue setup 66 e 3Binstallation for Microsoft Exchange 2007 Getting Started Guide ff GFI MailEssentials Post Installation Wizard Installation Summary The following GFI MailEssentials components will be installed The wizard detected the following Exchange Server 2007 roles Mailbox Hub Transport Client Access The following GFI MailEssentials components will be installed Submitted Agent Routing Transport Agent SMTP Transport Agent Click Next to install Screenshot 43 Server roles detected and list of components to install 3 A list of the Microsoft Exchange Server 2007 server roles detected and GFI MailEssentials components required is displayed Click Next to install the required GFI MailEssentials components 4 Click Finish to finalize the installation 5 At this stage GFI MailEssentials is installed You must now configure GFI MailEssentials for first use For instructions refer to the next section titled Post install actions 4 4 3 Post install actions To ensure that your GFI MailEssentials anti spam system is effectively up and running you must perform
108. net Its purpose typically is to act as a gateway between internal networks and the internet A statement intended to identify or limit the range of rights and obligations for email recipients A database used by TCP IP networks that enables the translation of hostnames into IP numbers and to provide other domain related information See Demilitarized Zone See Domain Name System See Mail Exchange Rules which enable the replication of emails between email addresses An incorrect result that identifies an email as spam when in fact it is not Legitimate e mail See Internet Information Services A set of Internet based services created by Microsoft Corporation for internet servers 8BGlossary 123 IMAP Internet Message Access Protocol LDAP Lightweight Directory Access Protocol List servers Mail Exchange MAPI MDAC Messaging Application Programming Interface Microsoft Message Queuing Services Microsoft Data Access Components MIME MSMQ Multipurpose Internet Mail Extensions NDR Non Delivery Report Perimeter server gateway phishing POP2Exchange POP3 124 e 8BGlossary See Internet Message Access Protocol One of the two most commonly used Internet standard protocols for e mail retrieval the other being POP3 See Lightweight Directory Access Protocol An application protocol used to query and modify directory services running over TCP IP A special use of e mail system
109. no Server and the external domain name used Click Next to continue 9 Specify the email address where notifications e g failed anti spam filters spam digests are sent Getting Started Guide 4Binstallation for Lotus Domino e 93 i GFI MailEssentials Setup lel Es gt Active Directory Access to Active Directory users Does this server have access to all the email users in Active Directory Yes all email users are available on Active Directory rules will be based on Active Directory users a No do not have Active Directory or my network does not have access to Active Directory DMZ rules will be based on SMTP email addresses GFI MailEssentials Cancel Screenshot 59 Selecting SMTP mode 10 Select No do not have Active Directory option to use SMTP server to get the list of email users Click Next to continue fis GFI MailEssentials Setup ile x Microsoft Message Queuing Service The GFI MailEssentials List Server requires the Microsoft Message Queuing Service MSMO The Messaging Queuing Service is a scalable system service developed by Microsoft to enable high volume event processing This service is included with every Windows 2000 XP and 2003 versions although not always installed by default The GFI MailEssentials installation can install MSMO for you To complete this process you will require the Windows 2000 xP or 2003 CD We recommend to install the MSMO at this point how
110. nstalled on a gateway machine lt Program Files Exchsrvr Mailroot gt If installed on the same machine as Microsoft Exchange 2000 2003 3 3 2 Firewall port settings Configure your firewall to allow the following port connections These ports are used by GFI MailEssentials to connect to GFI servers e DNS Port 53 Used by anti spam filters DNS blacklist Sender Policy Framework Header Checking to identify the domain from where received emails originated e FTP Ports 20 and 21 Used by GFI MailEssentials to connect to ftp gfisoftware com and retrieve latest product version information e HTTP Port 80 Used by GFI MailEssentials to download product patch and anti spam filter updates i e SpamRazer Anti Phishing and Bayesian anti spam filters from the following locations o http update gfi com o http update gfisoftware com o http support gfi com o http db11 spamcatcher net GFI MailEssentials 14 or earlier o http sn92 mailshell net GFI MailEssentials 14 SR1 or later e Remoting Ports 8021 Used in the latest builds of GFI MailEssentials for inter process communication No firewall configuration is required to allow connections to or from the remoting ports since all the GFI MailEssentials processes run on the same server e NOTE Ensure that no other applications except GFI MailEssentials are listening on port 8021 e OPTIONAL LDAP Port 389 Used by GFI MailE
111. o connect to GFI servers e DNS Port 53 Used by anti spam filters DNS blacklist Sender Policy Framework Header Checking to identify the domain from where received emails originated e FTP Ports 20 and 21 Used by GFI MailEssentials to connect to ftp gfisoftware com and retrieve latest product version information e HTTP Port 80 Used by GFI MailEssentials to download product patch and anti spam filter updates i e SpamRazer Anti Phishing and Bayesian anti spam filters from the following locations o http update gfi com o http update gfisoftware com o http support gfi com o http db11 spamcatcher net GFI MailEssentials 14 or earlier o http sn92 mailshell net GFI MailEssentials 14 SR1 or later e Remoting Ports 8021 Used in the latest builds of GFI MailEssentials for inter process communication No firewall configuration is required to allow connections to or from the remoting ports since all the GFI MailEssentials processes run on the same server NOTE Ensure that no other applications except GFI MailEssentials are listening on port 8021 e OPTIONAL LDAP Port 389 Used by GFI MailEssentials to get email addresses from SMTP server ONLY required if the server running GFI MailEssentials does not have access cannot get list of users from Active Directory e g in a DMZ environment or other environment which does not use Active Directory 4 4 Installing on Microsoft
112. or first use Recommended 13 At this stage GFI MailEssentials is installed You must now configure GFI MailEssentials for first use For instructions refer to the next section titled Post install actions 3 5 3 Post install actions To ensure that your GFI MailEssentials anti spam system is effectively up and running you must perform the following post install actions Step 1 Launch GFI MailEssentials Configuration console Click on Start gt All Programs GFI MailEssentials GFI MailEssentials Configuration Step 2 Verify current DNS Server settings 1 Right click Anti spam node and select Properties 2 Click on the DNS Server tab Verify the DNS server details automatically detected during install 3 To specify a different DNS Server select Use the following DNS server and specify details 4 Click Test to check your newly added DNS server settings 5 Click OK to finalize your configuration Step 3 Confirm domains to defend against spam NOTE ONLY the inbound email domains configured in GFI MailEssentials will be protected against spam 1 Right click General node and select Properties 2 Click on the Inbound Email Domains tab and ensure that all required inbound domains are listed in the Inbound domains field 3 To specify additional domains click Add and enter inbound email domain details 4 Click OK button to finalize your configuration 30 e 2Binstallation for Microsoft Exchange 2000 amp 2
113. ound on UK US English OS For other OS languages this has to be manually downloaded and installed Microsoft XML engine can be downloaded from http www microsoft com downloads details aspx Familyld 3144 B72B B4F2 46DA B4B6 C5D7485F 2B42 amp displaylang en e Prompt you to launch the Quick Start Guide This is a set of instructions that will guide you through the GFI MailEssentials configuration settings required post install for first use Step 4 Add specific GFI MailEssentials services to the Exchange Virtual Server cluster resource group When installing GFI MailEssentials in a clustered windows environment the product services described below are not automatically included in a cluster resource group Consequently if the cluster node on which GFI MailEssentials is running fails these product services are not moved to another cluster node along with the resource group and they will not be restarted on the new node As a result GFI MailEssentials will not start up properly after a failover in a cluster environment Getting Started Guide 2Binstallation for Microsoft Exchange 2000 amp 2003 41 The services to be added to the Exchange Virtual Server cluster resource group are Service Name gfiasmlhost Display name GFI MailEssentials Managed Attendant Service Dependencies None Start Parameters None Registry Replication None Service Name listserv e Display Name GFI MailEssentials List Server e Dependencies GFI
114. our anti spam system e Checking the GFI MailEssentials Dashboard Use the Status tab to view the status of key GFI MailEssentials services and email processing activity Receipt and processing status of this email is logged in the MTA logging window 44 e 2Binstallation for Microsoft Exchange 2000 amp 2003 Getting Started Guide Inbox Microsoft Outlook Bile Edit View Go Tools Actions Help i SiNew gt 3 A X Reply Reply to All Aj Send Receive _ So Find Lud Favorite Folders t D From Subject Received 3 Inbox in Mailbox L Unread Mail in Mailbox Date Today LA For Follow Up in Mailbox JohnDoe SPAM ttention Read Carefully Fri 27 02 09 2 03 PM L3 Sent Items in Mailbox All Mail Folders al 5 24 Personal Folders Deleted Items LA Drafts ttention Read Carefully B LA Inbox L Junk E mail 6 LA Outbox 3 Sent Items From ADMINISTRATION mailto security federalreservebank us ai Search Folders Sent Tuesday February 24 20 12 48 PM aA For Follow Up 18 Subject Attention Read Carefully LA Large Mail L Unread Mail S Archive Folders FEDERAL RESERVE BANK Important You re getting this letter in connection with new directions issued by U S Treasury Department The directions concern U S Federal Wire and ACH online payments On February 17 2009 a large scaled phishing attack started and has been still lasting A great number of banks and credit unions is affected by this
115. our remote domain IV Allow incoming mail to be relayed to this domain I Send HELO instead of EHLO Outbound Security Route domain Use DNS to route to this domain Forward all mail to smart host o 932 168 0 2 Cancel Apply Help Screenshot 54 Configure the domain 3 Select the Forward all mail to smart host option and specify the IP address of the server managing emails in this domain IP address must be enclosed in square brackets e g 123 123 123 123 so to exclude them from all DNS lookup attempts 4 Click OK to finalize your configuration Step 4 Secure your SMTP email relay server If unsecured your mail relay server can be exploited and used as an open relay for spam To avoid this from happening it is recommended that you specifically define which mail servers can route emails through this mail relay server i e allow only specific servers to use this email relaying setup To achieve this 1 Go to Start gt Control Panel gt Administrative Tools 2 Click on Internet Information Services IIS Manager 3 In the left pane expand the respective server node Right click on Default SMTP Virtual Server and select Properties 4 Click on the Access tab and select Relay Getting Started Guide 4Binstallation for Lotus Domino e 89 Relay Restrictions Ed Select which computer may relay through this virtual server Only the list below C All except the list below Com
116. ox John Doe SPAM ttention Read Carefully Fri 27 02 09 2 03 PM H Sent Items in Mailbox All Mail Folders eg Personal Folders Deleted Items A Drafts a Inbox L Junk E mail 6 ie Outbox a E Banan _ Sent Items From ADMINISTRATION mailto security federalreservebank us 3 A Search Folders Sent Tuesday February 24 2009 12 48 PM LA For Follow Up 18 Subject Attention Read Carefully LA Large Mail E Unread Mail B archive Folders FEDERAL RESERVE BANK Important You re getting this letter in connection with new directions issued by U S Treasury Department The directions concern U S Federal Wire and ACH online payments On February 17 2009 a large scaled phishing attack started and has been still lasting A great number of banks and credit unions is affected by this attack and quantity of illegal bank transfers has reached an extremely high level U S Treasury Department Federal Reserve America Bankers Association ABA and Federal Deposit Insurance Corporation FDIC Screenshot 6 Email tagged as SPAM e Accessing the inbox of the email account to which the test email was sent and confirm that email subject includes SPAM in the subject field 3 4 4 GFI MailEssentials Configuration At this stage your GFI MailEssentials anti spam system is up and running All inbound email will be scanned by the anti spam filters Getting Started Guide 2Binstallation for Microsoft Exchan
117. pam are listed Take note of any changes required for post installation and click Next NOTE You can modify the list of inbound email domains ONLY post install For more information refer to the Confirm domains to defend against spam section starting on page 55 in this manual 12 Click Finish to finalize your installation On completion setup will e Ask you to restart the SMTP service Failing to restart the SMTP service will negatively affect anti spam filtering and email flow e Check whether Microsoft XML engine is installed This is automatically installed if not found on UK US English OS For other OS languages this has to be manually downloaded and installed Microsoft XML engine can be downloaded from http www microsoft com downloads details aspx Familyld 3144 B72B B4F2 46DA B4B6 C5D7485F 2B42 amp displaylang en e Prompt you to launch the Quick Start Guide This is a set of instructions that will guide you through the GFI MailEssentials configuration settings required post install for first use Step 2 Install GFI MailEssentials on a passive server 1 Logon on the passive node of your Microsoft Exchange cluster using administrator credentials 2 Double click mailessentials14 exe 32 bit install or mailessentials14_x64 exe 64 bit install accordingly 3 Select install language and click Next 4 Select whether to check for newer versions builds of GFI MailEssentials and click Next Getting Started Guide 2Bins
118. post install for first use Step 2 Move the Exchange Virtual Server cluster group 1 Go to Control Panel gt Administrative Tools Cluster Administrator 2 Stop the GFI MailEssentials Legacy Attendant and the GFI POP2Exchange cluster resources 3 Move the Exchange Virtual Server cluster group resource to another node Step 3 Install GFI MailEssentials on a passive server 1 Logon on the passive node of your Microsoft Exchange cluster using administrator credentials 2 Double click mailessentials14 exe 32 bit install or mailessentials14_x64 exe 64 bit install accordingly 3 Select install language and click Next 4 Select whether to check for newer versions builds of GFI MailEssentials and click Next 5 Read licensing agreement To proceed with the installation select I accept the license agreement and click Next 6 Click Next to install in default location or click Browse to change path 7 Specify user details and enter license key Click Next to continue 8 Specify the email address where notifications e g failed anti spam filters spam digests are sent Getting Started Guide 2Binstallation for Microsoft Exchange 2000 amp 2003 e 39 GFI MailEssentials Setup a OX gt Active Directory Access to Active Directory users Does this server have access to all the email users in Active Directory o Yes all email users are available on Active Directory rules will be based on Active Dir
119. puters IP Address Mask 4 Domain Name Add Remove IV Allow all computers which successfully authenticate to relay regardless of the list above Cancel Help Screenshot 55 Relay options 5 Select the Only the list below option and click Add 6 Specify IP s of the mail server s that are allowed to route emails through your mail relay server You can specify e Single computer i e Authorize one specific machine to relay email through this server Use the DNS Lookup button to lookup an IP address for a specific host e Group of computers i e Authorize specific computer s to relay emails through this server e Domain Allow all computers in a specific domain to relay emails through this server NOTE The Domain option adds a processing overhead that can degrade SMTP service performance This is due to the reverse DNS lookup processes triggered on all IP addresses within that domain that try to route emails through this relay server Step 5 Configure Lotus Domino for GFI MailEssentials a Configure Lotus Domino to send outbound emails through GFI MailEssentials 1 From the Lotus Domino Administrator click Configuration tab and select configurations item under the server node 2 From the Configurations main window select the server to use with GFI MailEssentials and click edit configuration 3 Select Router SMTP tab and ensure Basics is selected 4 Double click on th
120. r checking Keyword checking New Senders Bayesian analysis A custom list of safe email addresses A custom list of blocked email users or domains Checks if the email received is from senders that are listed on a public DNS blacklist of known spammers Stops emails which contain links to domains listed on public Spam URI Blocklists such as sc surbl org A module which analyses the individual fields in a header by referencing the SMTP and MIME fields Spam messages are identified based on blocked keywords in the email title or body Emails that have been received from senders to whom emails have never been sent before An anti spam technique where a statistical probability index based on training from users is used to identify spam x v Enabled by default x Not enabled by default Table 5 Anti spam filters enabled by default By default email classified as spam will be tagged i e will include the prefix SPAM in the subject field see Screenshot 29 above Although enabled by default email tagging is NOT the only anti spam filter action that can be triggered on detection of email spam see Table 6 Anti spam filter actions below Other actions include re routing of spam emails to specific folders and deletion of spam emails Anti spam filter actions email address user mailbox folder Move to subfolder in Move to junk mail Forward to specific O N NN ON OAE EAO SpamRazer y v v v
121. r IP addresses to whitelist 4 Click OK to finalize your configuration 112 5Binstallation for SMTP Servers Getting Started Guide Step 6 Test your anti spam system GFI MailEssentials is now ready to start managing spam To verify that anti spam is working properly 1 Clicking Start gt All Programs gt GFI MailEssentials gt GFI MailEssentials Dashboard 2 Using an external email account for example webmail hotmail or Gmail create a new email and key in 100 free as the subject 3 Send the email to one of your internal email accounts GFI MailEssentials will tag this email as spam by adding the tag SPAM to the email subject field 4 Allow some time for email delivery and confirm that email spam tagging is working by EJ GFI MailEssentials Dashboard Ol xi File Options Help Statistics P2E Logging Status of key services GFI MailE ssentials Managed Attendant Service is Running GFI List Server is Running GFI MailE ssentials Legacy Attendant Service is Running GFI MailE ssentials POP2Exchange Service is Running GFI MailEssentials Enterprise Transfer Agent is Running IIS Admin Service is Running MTA Logging Fiter Level Sender Recipients Subject 2 26 2009 3 00 24 PM Full Email John Doe lt johndoe hotmail com gt johndoe domain com 100 Free wil Screenshot 73 Testing your anti spam system e Checking the GFI MailEssentials Dashboard
122. rent DNS Server settings 1 Right click Anti spam node and select Properties 2 Click on the DNS Server tab Verify the DNS server details automatically detected during install 3 To specify a different DNS Server select Use the following DNS server and specify details 4 Click Test to check your newly added DNS server settings 5 Click OK to finalize your configuration Step 3 Confirm domains to defend against spam NOTE ONLY the inbound email domains configured in GFI MailEssentials will be protected against spam 1 Right click General node and select Properties 2 Click on the Inbound Email Domains tab and ensure that all required inbound domains are listed in the Inbound domains field 3 To specify additional domains click Add and enter inbound email domain details 4 Click OK button to finalize your configuration Step 4 Enable Directory Harvesting This filter uses Active directory or LDAP lookups to verify whether inbound emails are addressed to legitimate internal email accounts To enable this filter 1 Right click Anti spam node and select Directory Harvesting gt Properties 2 Select Enable directory harvesting protection 3 Select the Use LDAP lookups and a Unselect the Anonymous bind option if your LDAP server requires authentication b Enter the authentication details using Domain User format c Click Test button to test your LDAP configuration settings Step 5 Configure w
123. rts and customize other product features such as enable daily spam digest For guidelines on how to configure GFI MailEssentials functions and features refer to the GFI MailEssentials Administration and Configuration manual Getting Started Guide 2Binstallation for Microsoft Exchange 2000 amp 2003 59 4 Installation for Microsoft Exchange 2007 4 1 Introduction GFI MailEssentials installation depends on your network infrastructure i e Microsoft Exchange 2007 or SBS 2008 setup You can install this product on e Same server running Microsoft Exchange or SBS This setup is typically used to filter email spam on Microsoft Exchange or SBS servers set to receive emails directly from outside i e the internet e Mail gateway or relay perimeter server This type of installation is commonly used to filter spam in distributed email infrastructures especially those running a DMZ In this environment a dedicated machine is set to relay emails to another server running Microsoft Exchange Here GFI MailEssentials is typically installed on the mail relay server so that email spam is filtered before reaching your Microsoft Exchange server This setup reduces network traffic email storage and processing requirements on your email infrastructure e Microsoft Exchange Server 2007 clusters This type of installation is commonly used to filter spam within environments where clusters are used as disaster prevention and recovery mechani
124. ry Windows 2000 XP and 2003 versions although not always installed by default The GFI MailEssentials installation can install MSMO for you To complete this process you will require the Windows 2000 xP or 2003 CD We recommend to install the MSMO at this point however you can also install it at a later stage Please note that you cannot use the List Server without MSMO Do you want to install the MSMO service now GFI MailEssentials lt Back Cancel 52 e 2Binstallation for Microsoft Exchange 2000 amp 2003 Getting Started Guide Screenshot 35 Installing Microsoft Message Queuing Service 10 If Microsoft Message Queuing Services MSMQ is not installed then the dialog in the above screenshot will open To be able to use list servers i e distributions lists select Yes to install MSMQ ie GFI MailEssentials for Exchange SMTP Setup 9 x Confirm inbound email domains irks Click Next to begin installation S a4 The following inbound email domains were found A GFI MailEssentials can only process emails addressed to the domains listed above Therefore if SPAM email is sent to a domain not listed above it will not be blocked To further configure the above domains open the GFI MailE ssentials configuration right click on the General node and select Properties GFI MailEssentials lt Back Cancel Screenshot 36 Configure your inbound email domain 11 Setup will now
125. ry Department Federal Reserve America Bankers Association ABA and Federal Deposit Insurance Corporation FDIC y Screenshot 52 Email tagged as SPAM e Accessing the inbox of the email account to which the test email was sent and confirm that email subject includes SPAM in the subject field 4 5 6 GFI MailEssentials Configuration At this stage your GFI MailEssentials anti spam system is up and running All inbound email will be scanned by the anti spam filters enabled by default see Table 11 Anti spam filters enabled by default below Pa Enabled by Description Default An anti spam engine that determines if an SpamRazer email is spam by using email reputation j message fingerprinting and content analysis orero Stops email which is randomly generated y towards a server mostly addressed to non v Harvesting existent users Blocks emails that contain links in the PURBL message bodies pointing to known phishing 7 sites or if they contain typical phishing keywords SPF Stops email which is received from x domains not authorized in SPF records eee Addresses that an email is sent to are ee automatically excluded from being blocked d Getting Started Guide 3Binstallation for Microsoft Exchange 2007 e 81 Whitelists Custom blacklist DNS blacklists SURBL Header checking Keyword checking New Senders Bayesian analysis A custom list of safe email addresses A custom list of
126. s installed on the gateway perimeter server so that email spam is filtered before reaching the mail server This setup reduces network traffic email storage and processing requirements on your mail server e Microsoft Exchange Server amp IIS Clusters This type of installation is commonly used to filter spam within environments where clusters are used as disaster prevention and recovery 3 2 System requirements 3 2 1 Software Supported operating systems e Microsoft Windows Server 2008 x64 e Microsoft Windows Server 2003 Standard Enterprise x86 or x64 e Microsoft Windows 2000 Server Advanced Server SP1 or higher e Microsoft Small Business Server 2000 SP2 2003 SP1 Mail Servers e Microsoft Exchange Server 2000 SP1 2003 SP2 Other components e Microsoft NET Framework 2 0 Getting Started Guide 2Binstallation for Microsoft Exchange 2000 amp 2003 9 e Microsoft XML core services This is required by the GFI MailEssentials reporter to enable anti soam report generation For UK US English OS this is installed automatically by GFI MailEssentials For other languages this can be downloaded from http www microsoft com downloads details aspx Familyld 3144 B72B B4F2 46DA B4B6 C5D7485F 2B428 amp displaylang en e Microsoft Virtual Server cluster group resource with a physical disc cluster This is required ONLY for environments running Microsoft Exchange 2000 2003 clusters For more information refer to http
127. s is installed automatically by GFI MailEssentials For other languages this can be downloaded from http www microsoft com downloads details aspx Familyld 3144 B72B B4F2 46DA B4B6 C5D7485F 2B42 amp displaylang en e OPTIONAL Microsoft Message Queuing Services This is required ONLY if list servers are used MSMQ is used by GFI MailEssentials to ensure the reliable running of distributions lists on list servers For more information on list servers refer to List servers section in the Administration and Configuration manual 6 2 2 System requirements Hardware Processor e Minimum Intel Pentium or compatible 1 GHz 32 bit processor e Recommended x64 architecture based server with Intel 64 architecture or AMD64 platform Memory e Minimum 1GB e Recommended 2GB RAM Physical Storage e Minimum 500MB for installation 2GB for execution e Recommended 500MB for installation 4GB for execution 6 3 Important settings 6 3 1 Antivirus and backup software Antivirus and backup software may cause GFI MailEssentials to malfunction This occurs when such software denies access to certain files required by GFI MailEssentials Disable third party antivirus and backup software from scanning the following folders x86 installations 32 bit X64 installations 64 bit lt Program Files lt Program Files GFI MailEssentials gt x86 GFI MailEssentials gt lt Program Files x86 Common lt Program Fi
128. s that allows for widespread distribution of emails to multiple email users through discussion lists or newsletters A record used by DNS to provide the names of other entities to which the mail should be sent See Messaging Application Programming Interface See Microsoft Data Access Components A messaging architecture and a Component Object Model based API for Microsoft Windows A message queue implementation for Windows Server operating systems A Microsoft technology that gives developers a homogeneous and consistent way of developing software that can access almost any data store See Multipurpose Internet Mail Extensions See Microsoft Message Queuing Services A standard that extends the format of e mail to support text other than ASCII non text attachments message bodies with multiple parts and header information in non ASCII character sets See Non Delivery Report An automated electronic mail message the sender on an email delivery problem The computer server in a LAN that is directly connected to an external network In GFI MailEssentials perimeter gateway refers to the email servers within the company that first receive email from external domains The process of acquiring sensitive personal information with the aim of defrauding individuals typically through the use of fake communications A system that collects email messages from POP3 mailboxes and routes them to mail server See Post Office Protocol v
129. se the Status tab to view the status of key GFI MailEssentials services and email processing activity Receipt and processing status of this email is logged in the MTA logging window 3 Inbox in Mailbox L Unread Mail in Mailbox a For Follow Up in Mailbox John Doe SPAM ttention Read Carefully Fri 27 02 09 2 03 PM H Sent Items in Mailbox All Mail Folders eg Personal Folders Deleted Items A Drafts a Inbox L Junk E mail 6 ie Outbox a E Banan _ Sent Items From ADMINISTRATION mailto security federalreservebank us 3 A Search Folders Sent Tuesday February 24 2009 12 48 PM LA For Follow Up 18 Subject Attention Read Carefully LA Large Mail E Unread Mail B archive Folders FEDERAL RESERVE BANK Important You re getting this letter in connection with new directions issued by U S Treasury Department The directions concern U S Federal Wire and ACH online payments On February 17 2009 a large scaled phishing attack started and has been still lasting A great number of banks and credit unions is affected by this attack and quantity of illegal bank transfers has reached an extremely high level U S Treasury Department Federal Reserve America Bankers Association ABA and Federal Deposit Insurance Corporation FDIC Screenshot 20 Email tagged as SPAM e Accessing the inbox of the email account to which the test email was sent and confirm that email subject includes SP
130. sed by GFI MailEssentials to get email addresses from SMTP server 6 4 Installing on gateway servers for SMTP Servers 6 4 1 Pre install actions GFI MailEssentials uses the IIS SMTP service as its SMTP Server and therefore the IIS SMTP service must be configured to act as a mail relay server This is achieved as follows Step 1 Enable IIS SMTP Service 1 Go to Start gt Control Panel gt Add or Remove Programs gt Add Remove Windows Components 2 Select Internet Information Services IIS and click Details 3 Select the SMTP Service option and click OK 4 Click Next to finalize your configuration Step 2 Create SMTP domain s for email relaying 1 Go to Start gt Control Panel gt Administrative Tools 2 Click on Internet Information Services IIS Manager Getting Started Guide 5Binstallation for SMTP Servers e 103 104 e 5Binstallation for SMTP Servers gt Internet Information Services File Action view Help e f m x 2 ce Internet Information Services Local computer jsmith gfi com Local Default Web Sites bo Test gfi com Remote Default web Site Default SMTP Virtual Server Domains Current Sessions Screenshot 64 Internet Information Services IIS Manager 3 In the left pane expand the respective server node Right click on Default SMTP Virtual Server and select Properties 4 Select the IP address currently assigned to your SMTP server and click OK
131. sms 4 2 System requirements 4 2 1 Software Supported operating systems e Microsoft Windows Server 2008 x64 e Microsoft Windows Server 2008 x32 Installations on gateway perimeter server only e Microsoft Small Business Server SBS 2008 Standard Mail Servers e Microsoft Exchange Server 2007 or Microsoft Exchange Server 2007 SP1 with the following roles o Edge Server role o Hub Transport role o Hub Transport role and Mailbox server role Getting Started Guide 3Binstallation for Microsoft Exchange 2007 e 61 NOTE Mailbox Server role alone is not supported Other components e Microsoft NET Framework 2 0 e Microsoft XML core services This is required by the GFI MailEssentials reporter to enable anti soam report generation For UK US English OS this is installed automatically by GFI MailEssentials For other languages this can be downloaded from http www microsoft com downloads details aspx Familyld 3144 B72B B4F2 46DA B4B6 C5D7485F 2B428 amp displaylang en e Microsoft Virtual Server cluster group resource with a physical disc cluster This is required ONLY for environments running Microsoft Exchange 2000 2003 clusters For more information refer to http technet microsoft com en us library bb1243 18 EXCHG 65 aspx e OPTIONAL Microsoft Message Queuing Services This is required ONLY if list servers are used MSMQ is used by GFI MailEssentials to ensure the reliable running of distributions lists on list servers
132. soft Exchange 2000 amp 2003 e 53 the cluster node on which GFI MailEssentials is running fails these product services are not moved to another cluster node along with the resource group and they will not be restarted on the new node As a result GFI MailEssentials will not start up properly after a failover in a cluster environment The services to be added to the Exchange Virtual Server cluster resource group are Display Name GFI MailEssentials Legacy Attendant Service e Dependencies None e Service Name GFI MailEssentials Legacy Attendant Service e Start Parameters None e Registry Replication None Service Name gfiasmlhost Display name GFI MailEssentials Managed Attendant Service Dependencies None Start Parameters None Registry Replication None Service Name listserv Display Name GFI MailEssentials List Server e Dependencies GFI MailEssentials Legacy Attendant e Start Parameters None Registry Replication None Service Name GFI POP2Exchange e Display Name GFI POP2Exchange e Dependencies GFI MailEssentials Legacy Attendant e Start Parameters None e Registry Replication None Service Name GFIMETRXSVC e Display Name GFI MailEssentials Enterprise Transfer Service e Dependencies GFI MailEssentials Legacy Attendant e Start Parameters None e Registry Replication None To add these services 1 Go to Control Panel gt Administrative Tools Cluster Administrator 2 In the tree view on
133. spam node and select Directory Harvesting gt Properties 2 Select Enable directory harvesting protection 3 Select the lookups method to be used e Use native Active Directory lookups option Select this option if during installation you selected to get the list of email users from Active Directory see Installation Procedure section above step 9 e Use LDAP lookups Select this option if during installation you selected to get the list of email users from SMTP server using LDAP see Installation Procedure section above step 9 In addition o Unselect the Anonymous bind option if your LDAP server requires authentication o Enter the authentication details using Domain User format Click Test button to test your LDAP configuration settings Step 5 Configure whitelists This filter allows you to specify lists of friendly email domains email addresses or IP addresses WARNING USE THIS FEATURE WITH CAUTION Entries in this list will not be scanned for spam and will bypass all anti spam filtering 1 Right click Anti spam node and select Whitelist gt Properties 2 Click on the Whitelist tab 3 Click Add and specify domains email addresses or IP addresses to whitelist 4 Click OK to finalize your configuration Step 6 Test your anti spam system GFI MailEssentials is now ready to start managing spam To verify that anti spam is working properly 1 Clicking Start gt All Programs GFI Mail
134. ssentials Dashboard Use the Status tab to view the status of key GFI MailEssentials services and email processing activity Receipt and processing status of this email is logged in the MTA logging window 80 e 3Binstallation for Microsoft Exchange 2007 Getting Started Guide Inbox Microsoft Outlook i File Edit View Go Tools Actions Help baaNew g AL X Reply Reply to All 1j Send Receive _ 2pFind LUEI t D alFrom Subject Received L3 Inbox in Mailbox L Unread Mail in Mailbox E Date Today LA For Follow Up in Mailbox John Doe SPAM ttention Read Carefully Fri 27 02 09 2 03 PM L3 Sent Items in Mailbox All Mail Folders 5 E Personal Folders 3 Deleted Items UA Drafts ttention Read Carefully D L3 Inbox L Junk E mail 5 3 Outbox Sent Items From ADMINISTRATION mailto security federalreservebank us 3 LA Search Folders Sent Tuesday February 24 2009 12 48 PM re For Follow Up 18 Subject Attention Read Carefully LA Large Mail LA Unread Mail a 83 Archive Folders FEDERAL RESERVE BANK Important You re getting this letter in connection with new directions Department The directions concern U S Federal Wire and ACH online payments On February 17 2009 a large scaled phishing attack started and has been still lasting A great number of banks and credit unions is affected by this attack and quantity of illegal bank transfers has reached an extremely high level U S Treasu
135. ssentials components 4 Click Finish to finalize the installation 5 At this stage GFI MailEssentials is installed You must now configure GFI MailEssentials for first use For instructions refer to the next section titled Post install actions 4 5 5 Post install actions To ensure that your GFI MailEssentials anti spam system is effectively up and running you must perform the following post install actions Step 1 Launch GFI MailEssentials Configuration console Click on Start gt All Programs GFI MailEssentials GFI MailEssentials Configuration 78 e 3Binstallation for Microsoft Exchange 2007 Getting Started Guide Step 2 Verify current DNS Server settings 1 Right click Anti spam node and select Properties 2 Click on the DNS Server tab Verify the DNS server details automatically detected during install 3 To specify a different DNS Server select Use the following DNS server and specify details 4 Click Test to check your newly added DNS server settings 5 Click OK to finalize your configuration Step 3 Confirm domains to defend against spam NOTE ONLY the inbound email domains configured in GFI MailEssentials will be protected against spam 1 Right click General node and select Properties 2 Click on the Inbound Email Domains tab and ensure that all required inbound domains are listed in the Inbound domains field 3 To specify additional domains click Add and enter inbound email domain deta
136. ssentials to get email addresses from SMTP server Only required if the server running GFI MailEssentials does not have access cannot get list of users from Active Directory e g in a DMZ environment or other environment which does not use Active Directory 3 4 Installing on Microsoft Exchange Server 2000 2003 3 4 1 Upgrade from earlier version If you are currently using a previous version of GFI MailEssentials versions 9 10 11 and 12 you can upgrade your current installation while at the same time retain all your existing configuration settings Getting Started Guide 2Binstallation for Microsoft Exchange 2000 amp 2003 e 11 Important notes e Upgrades cannot be undone i e you cannot downgrade to an earlier version once you have installed the latest version e On upgrading an existing installation licensing reverts to trial version and a new fully purchased license key for the GFI MailEssentials 14 is required For more information on new license keys refer to http customers gfi com e You cannot change the installation path during GFI MailEssentials upgrades e When upgrading from GFI MailEssentials 9 the current Bayesian weights file will be upgraded to the new format used in GFI MailEssentials 10 or later The new format is more compact and uses less memory NO DATA WILL BE LOST Upgrade procedure 1 Launch GFI MailEssentials installation on the server where your earlier version of GFI MailEssentials is installed
137. stall For more information refer to the Confirm domains to defend against spam section starting on page 96 below in this manual 13 Click Finish to finalize your installation On completion setup will e Ask you to restart the SMTP service IMPORTANT Failing to restart the SMTP service will negatively affect anti spam filtering and email flow e Check whether Microsoft XML engine is installed This is automatically installed if not found on UK US English OS For other OS languages this has to be manually downloaded and installed Microsoft XML engine can be downloaded from http www microsoft com downloads details aspx Familyld 3144 B72B B4F2 46DA B4B6 C5D7485F 2B42 amp displaylang en e Prompt you to launch the Quick Start Guide This is a set of instructions that will guide you through the configuration settings required post install for first use Recommended 14 At this stage GFI MailEssentials is installed You must now configure GFI MailEssentials for first use For instructions refer to the Post install actions section below 5 4 4 Post install actions To ensure that your GFI MailEssentials anti spam system is effectively up and running you must perform the following post install actions Getting Started Guide 4Binstallation for Lotus Domino e 95 Step 1 Launch GFI MailEssentials Configuration console Click on Start gt All Programs gt GFI MailEssentials GFI MailEssentials Configuration Step 2 Verify cur
138. stall actions Step 1 Send and Receive connector setup NOTE These connectors are not required for Microsoft Exchange Server 2007 installed with Edge Server Role Ensure that the required Send connectors and Receive connectors to and from Microsoft Exchange 2007 are created for servers installed with Hub Transport Role Where these are not yet created 1 Add a Send Connector to Microsoft Exchange 2007 server to forward all emails to the GFI MailEssentials machine e From the Microsoft Exchange Server 2007 Management Console select Organization Configuration Hub Transport gt Actions gt New Send Connector e In the New SMTP connector wizard key in the name for the connector in the introduction screen NOTE You can use GFI MailEssentials SMTP Connector e From the Select the intended use for this Send Connector drop down list box select Internet e From the Address space screen click Add and key in Click Ok gt Next e Choose Route mail through the following smart host click Add and provide the IP address of the server where GFI MailEssentials is installed Click Next to continue e Set the authentication for the GFI MailEssentials machine if required and click Next Getting Started Guide 3Binstallation for Microsoft Exchange 2007 e 73 e Select the Hub Transport server with which the connector will be associated and click Next e Verify the configuration Summary created Complete the wizard to cre
139. t GFI MailEssentials Dashboard 2 Using an external email account for example webmail hotmail or Gmail create a new email and key in 100 free as the subject 3 Send the email to one of your internal email accounts GFI MailEssentials will tag this email as spam by adding the tag SPAM to the email subject field 4 Allow some time for email delivery and confirm that email spam tagging is working by 16 e 2Binstallation for Microsoft Exchange 2000 amp 2003 Getting Started Guide EJ GFI MailEssentials Dashboard ioj Xx Eile Options Help Statistics P2E Logaina a M Status of key services GFI MailE ssentials Managed Attendant Service is Running GFI List Server is Running GFI MailE ssentials Legacy Attendant Service is Running GFI MailE ssentials POP2Exchange Service is Running GFI MailEssentials Enterprise Transfer Agent is Running IIS Admin Service is Running MTA Logging Fiter Level Sender Recipients Subject 2 26 2009 3 00 24 PM FullEmail John Doe lt johndoe hotmail com gt johndoe domain com 100 Free Screenshot 5 Testing your anti spam system e Checking the GFI MailEssentials Dashboard Use the Status tab to view the status of key GFI MailEssentials services and email processing activity Receipt and processing status of this email is logged in the MTA logging window 3 Inbox in Mailbox L Unread Mail in Mailbox a For Follow Up in Mailb
140. t to are Aue et automatically excluded from being blocked d 98 e 4Binstallation for Lotus Domino Getting Started Guide Whitelists Custom blacklist DNS blacklists SURBL Header checking Keyword checking New Senders Bayesian analysis A custom list of safe email addresses A custom list of blocked email users or domains Checks if the email received is from senders that are listed on a public DNS blacklist of known spammers Stops emails which contain links to domains listed on public Spam URI Blocklists such as sc surbl org A module which analyses the individual fields in a header by referencing the SMTP and MIME fields Spam messages are identified based on blocked keywords in the email title or body Emails that have been received from senders to whom emails have never been sent before An anti spam technique where a statistical probability index based on training from users is used to identify spam x v Enabled by default x Not enabled by default Table 13 Anti spam filters enabled by default By default email classified as spam will be tagged i e will include the prefix SPAM in the subject field see Screenshot 63 above Although enabled by default email tagging is NOT the only anti spam filter action that can be triggered on detection of email spam see Table 14 Anti spam filter actions below Other actions include re routing of spam emails to specific folders and deletion
141. tallation for Microsoft Exchange 2000 amp 2003 e 51 5 Read licensing agreement To proceed with the installation select I accept the license agreement and click Next 6 Click Next to install in default location or click Browse to change path 7 Specify user details and enter license key Click Next to continue 8 Specify the email address where notifications e g failed anti spam filters spam digests are sent ff GFI MailEssentials Setup lel Es gt Active Directory Access to Active Directory users Does this server have access to all the email users in Active Directory Yes all email users are available on Active Directory rules will be based on Active Directory users No do not have Active Directory or my network does not have access to Active Directory DMZ rules will be based on SMTP email addresses GFI MailEssentials Screenshot 34 Selecting SMTP mode or Active Directory mode 9 Specify whether GFI MailEssentials will get the list of email users required for user based configuration rules e g disclaimers from Active Directory or SMTP server Click Next to continue fi GFI MailE ssentials Setup Me x Microsoft Message Queuing Service N ie H The GFI MailEssentials List Server requires the Microsoft Message Queuing Service MSMO The Messaging Queuing Service is a scalable system service developed by Microsoft to enable high volume event processing This service is included with eve
142. ted with error code 1 The sub process will not be available until the service is restarted Please contact GFI Support if the problem persists The Microsoft Event log warnings are created due to a missing requirement for the GFI MailEssentials Legacy Attendant service This requirement is configured by the post installation wizard and therefore no warnings of the same type will be reported in the Microsoft event logs after completing the GFI MailEssentials post installation wizard During installation some errors may be received causing the product not to be installed properly or not to be installed at all e Error 1720 There is a problem with this Windows Installer package e A script required for this install to complete could not be run Contact your support personnel or package vendor e Setup failed to launch installation 1 Disable any real time scanning software such as antivirus software 2 Ensure that you do not have any software that automatically removes files from the TEMP folder 3 Log in with Domain Administrator privileges 4 Download and install the latest version of Windows Scripting Host amp Windows Installer for your Windows Operating System from 118 e 7BTroubleshooting and support Getting Started Guide engine Access is denied or Error installing Ikernel exe access is denied http www microsoft com downloads 5 Ensur
143. tions Department The directions concern U S Federal Wire and ACH online payments On February 17 2009 a large scaled phishing attack started and has been still lasting A great number of banks and credit unions is affected by this attack and quantity of illegal bank transfers has reached an extremely high level U S Treasury Department Federal Reserve America Bankers Association ABA and Federal Deposit Insurance Corporation FDIC y Screenshot 63 Email tagged as SPAM e Accessing the inbox of the email account to which the test email was sent and confirm that email subject includes SPAM in the subject field 5 4 5 GFI MailEssentials Configuration At this stage your GFI MailEssentials anti spam system is up and running All inbound email will be scanned by the anti spam filters enabled by default Table 13 Anti spam filters enabled by default below Pa Enabled by Description Default An anti spam engine which determines if SpamRazer an email is spam by using email reputation 7 message fingerprinting and content analysis orero Stops email which is randomly generated y towards a server mostly addressed to non v Harvesting existent users Blocks emails that contain links in the PURBL message bodies pointing to known phishing 7 sites or if they contain typical phishing keywords SPF Stops email which is received from x domains not authorized in SPF records eee Addresses that an email is sen
144. to whitelist 4 Click OK to finalize your configuration Step 6 Test your anti spam system GFI MailEssentials is now ready to start managing spam To verify that anti spam is working properly 1 Clicking Start gt All Programs GFI MailEssentials gt GFI MailEssentials Dashboard 2 Using an external email account for example webmail hotmail or Gmail create a new email and key in 100 free as the subject 3 Send the email to one of your internal email accounts GFI MailEssentials will tag this email as spam by adding the tag SPAM to the email subject field 4 Allow some time for email delivery and confirm that email spam tagging is working by Getting Started Guide 2Binstallation for Microsoft Exchange 2000 amp 2003 e 31 EJ GFI MailEssentials Dashboard ioj Xx Eile Options Help Statistics P2E Logaina a M Status of key services GFI MailE ssentials Managed Attendant Service is Running GFI List Server is Running GFI MailE ssentials Legacy Attendant Service is Running GFI MailE ssentials POP2Exchange Service is Running GFI MailEssentials Enterprise Transfer Agent is Running IIS Admin Service is Running MTA Logging Fiter Level Sender Recipients Subject 2 26 2009 3 00 24 PM FullEmail John Doe lt johndoe hotmail com gt johndoe domain com 100 Free wa Screenshot 19 Testing your anti spam system e Checking the GFI MailEssentials Dashboard U
145. tory or my network does not have access to Active Directory DMZ rules will be based on SMTP email addresses GFI MailEssentials Cancel Screenshot 40 Selecting SMTP mode or Active Directory mode 9 Specify whether GFI MailEssentials will get the list of email users required for user based configuration rules e g disclaimers from Active Directory or SMTP server Click Next to continue fe GFI MailEssentials Setup Aje x Microsoft Message Queuing Service The GFI MailEssentials List Server requires the Microsoft Message Queuing Service MSMO The Messaging Queuing Service is a scalable system service developed by Microsoft to enable high volume event processing This service is included with every Windows 2000 XP and 2003 versions although not always installed by default The GFI MailEssentials installation can install MSMO for you To complete this process you will require the Windows 2000 XP or 2003 CD We recommend to install the MSMO at this point however you can also install it at a later stage Please note that you cannot use the List Server without MSMO Do you want to install the MSMO service now GFI MailEssentials Screenshot 41 Installing Microsoft Message Queuing Service 10 If Microsoft Message Queuing Services MSMQ is not installed then the dialog in the above screenshot will open To be able to use list servers i e distributions lists select Yes to install MSMQ Gettin
146. ts Hardware Processor e Minimum Intel Pentium or compatible 1 GHz 32 bit processor e Recommended x64 architecture based server with Intel 64 architecture or AMD64 platform Memory e Minimum 1GB e Recommended 2GB RAM Physical Storage e Minimum 500MB for installation 2GB for execution e Recommended 500MB for installation 4GB for execution 5 3 Important settings 5 3 1 Antivirus and backup software Antivirus and backup software may cause GFI MailEssentials to malfunction This occurs when such software denies access to certain files required by GFI MailEssentials Disable third party antivirus and backup software from scanning the following folders x86 installations 32 bit X64 installations 64 bit lt Program Files lt Program Files GFI MailEssentials gt x86 GFI MailEssentials gt lt Program Files x86 Common lt Program Files Common Files GFl gt Files GFI gt lt Inetoub mailroot gt If installed on a gateway machine 5 3 2 Firewall port settings Configure your firewall to allow the following port connections These ports are used by GFI MailEssentials to connect to GFI servers e DNS Port 53 Used by anti spam filters DNS blacklist Sender Policy Framework Header Checking to identify the domain from where received emails originated 86 e 4Binstallation for Lotus Domino Getting Started Guide e FTP Ports 20 and 21 Used by GFI MailEssentials to connect to
147. uct builds To subscribe to our build notifications visit http www gfi com pages productmailing htm 8 9 Documentation If this manual does not satisfy your expectations or if you think that this documentation can be improved in any way let us know via email on documentation gafi com 122 e 7BTroubleshooting and support Getting Started Guide 9 Glossary Active Directory AD Auto reply Bayesian Filtering Background Intelligent Transfer Service BITS Blacklist Botnet Demilitarized Zone Disclaimer Domain Name System DMZ DNS DNS MX Email monitoring rules False positives Ham IIS Internet Information Services Getting Started Guide A technology that provides a variety of network services including LDAP like directory services See Active Directory An email reply that is sent automatically to incoming emails An anti spam technique where a statistical probability index based on training from users is used to identify spam A component of Microsoft Windows operating systems that facilitates transfer of files between systems using idle network bandwidth See Background Intelligent Transfer Service A list of email users or domains from whom email is not to be received by users Malicious software that runs autonomously and automatically and is controlled by a hacker cracker A section of a network that is not part of the internal network and is not directly part of the Inter
148. und email domains Specify the email domains GFI MailEssentials should treat as inbound Domains with an asterisk next to them form part of the accepted domain list in Exchange The inbound email domains you add here affect the GFI MailEssentials configuration only The Microsoft Exchange accepted domain list is not modified lt Back Screenshot 49 Inbound email domains list 2 In the accepted domain list e Review local domains found NOTE Asterisks next to inbound email domains indicate domains detected by Microsoft Exchange e Key in inbound domain details in the Inbound email domains box and click Add e Select domains and clicking Remove to remove domains Click Next to continue setup Getting Started Guide 3Binstallation for Microsoft Exchange 2007 e 77 ff GFI MailEssentials Post Installation Wizard Installation Summary The following GFI MailEssentials components will be installed The wizard detected the following Exchange Server 2007 roles Mailbox Hub Transport Client Access The following GFI MailEssentials components will be installed Submitted Agent Routing Transport Agent SMTP Transport Agent Click Next to install Screenshot 50 Server roles detected and list of components to install 3 A list of the Microsoft Exchange Server 2007 server roles detected and GFI MailEssentials components required is displayed Click Next to install the required GFI MailE
149. utomatically AS enables replies from such recipients to go to the sender without verification After this check emails are sent to the recipients Internet The outbound email sequence of events is followed by all outbound emails except for outbound email processes initiated by the list server This feature enables the creation and routing of distribution lists newsletters and discussion lists from GFI MailEssentials In this case emails are scanned for spam and automatically sent to recipients 8 e 1BHow does GFI MailEssentials work Getting Started Guide 3 Installation for Microsoft Exchange 2000 amp 2003 3 1 Introduction GFI MailEssentials installation depends on how your network is configured for Exchange 2000 2003 You can install this product on e The dedicated mail server This setup is typically used to filter email spam on the mail server running Microsoft Exchange that is configured to receive emails directly from the internet e The SBS 2000 2003 server This setup is used to filter email spam on the SBS 2000 2003 server which uses Microsoft Exchange to receive emails directly from the internet e The mail relay server This setup is commonly used to filter spam in distributed email infrastructures especially those running a DMZ In this environment a dedicated machine also known as a gateway perimeter server Us set to relay emails to another mail server running Microsoft Exchange GFI MailEssentials i
150. v Directory Harvesting v v v v v PURBL v v v v y SPF v v v v y Whitelists O O O O O 46 2Binstallation for Microsoft Exchange 2000 amp 2003 Getting Started Guide Custom Blacklist y v vy v v v DNS blacklists v v v v v v SURBL v v v y v y Header Checking v v v v v v Keyword Checking v v v v v s New Senders v v y v x 4 v y v v y v Bayesian Analysis v Action supported x Action not possible O Not applicable Table 6 Anti spam filter actions Configuration of anti spam filters and actions is possible via the GFI MailEssentials Configuration console Additionally through this console you can also run reports and customize other product features such as enable daily spam digest For guidelines on how to configure GFI MailEssentials functions and features refer to the GFI MailEssentials Administration and Configuration manual 3 7 Installing on IIS cluster Introduction A cluster is a group of servers technically known as nodes working collectively as a single server Such environment provides high availability and fail over mechanisms to ensure constant availability of resources and applications including email infrastructures If one of the nodes in the cluster fails is not available resources and applications switch to another cluster node A Microsoft Exchange cluster can be set up in one of two modes active active or active passive GFI MailEssentials supports ONLY active passive clusters In an active passi
151. ve cluster a failover mechanism ensures that whenever an active cluster fails one of the available passive nodes becomes active i e takes over the role of the failed node In view of the way clusters work GFI MailEssentials must be installed on all servers cluster nodes in order to ensure uninterrupted email spam management GFI MailEssentials installation in an IIS cluster is a 3 tier process e Process 1 Install GFI MailEssentials on the Active cluster node e Process 2 Install GFI MailEssentials on another cluster node e Process 3 Add specific GFI MailEssentials services to the Exchange Virtual Server cluster resource group Repeat Processes 2 3 and 4 above for the remaining passive node s in the cluster Getting Started Guide 2Binstallation for Microsoft Exchange 2000 amp 2003 e 47 3 7 1 Upgrade from earlier version If you are currently using a previous version of GFI MailEssentials version 12 you can upgrade your current installation while at the same time retain all your existing configuration settings Pre upgrade actions None Important notes e Upgrades cannot be undone i e you cannot downgrade to an earlier version once you have installed the latest version e On upgrading an existing installation licensing reverts to trial version and a new fully purchased license key for the GFI MailEssentials 14 is required For more information on new license keys refer to http customers gfi com e You c
152. via internet To install GFI MailEssentials with other SMTP servers the server where GFI MailEssentials is installed must be configured as an email gateway server also known as Smart host or Mail relay server for all your email All inbound and outbound email must pass through this server for scanning before being relayed to the mail server for distribution 6 2 System requirements 6 2 1 Software Supported operating systems e Microsoft Windows Server 2008 x86 or x64 e Microsoft Windows Server 2003 Standard Enterprise x86 or x64 e Microsoft Windows 2000 Server Advanced Server SP1 or higher e Microsoft Small Business Server 2000 SP2 2003 SP1 Mail Servers e Any SMTP compliant email server Other components e Microsoft NET Framework 2 0 e Microsoft Data Access Components MDAC 2 8 This component is used by GFI MailEssentials mail archiving feature to communicate with databases Download this component from http www microsoft com Downloads details aspx familyid 6C050 FE3 C795 4B7D B037 185D0506396C amp displaylang en e Internet Information Services IIS x32 or x64 SMTP service and WWW service This is required to enable communications between GFI MailEssentials and your SMTP server e Microsoft XML core services This is required by the GFI MailEssentials reporter to enable anti soam report generation For Getting Started Guide 5Binstallation for SMTP Servers e 101 UK US English OS thi
153. x Microsoft Message Queuing Service The GFI MailEssentials List Server requires the Microsoft Message Queuing Service MSMO The Messaging Queuing Service is a scalable system service developed by Microsoft to enable high volume event processing This service is included with every Windows 2000 XP and 2003 versions although not always installed by default The GFI MailEssentials installation can install MSMO for you To complete this process you will require the Windows 2000 xP or 2003 CD We recommend to install the MSMO at this point however you can also install it at a later stage Please note that you cannot use the List Server without MSMO Do you want to install the MSMO service now Yes C No GFI MailEssentials lt Back Cancel Screenshot 17 Installing Microsoft Message Queuing Service 10 If Microsoft Message Queuing Services MSMQ is not installed then the dialog in the above screenshot will open To be able to use list servers i e distributions lists select Yes to install MSMQ fe GFI MailEssentials for Exchange SMTP Setup Bile Ei Confirm inbound email domains Click Next to begin installation The following inbound email domains were found ofi co uk afi com gfimalta com localhost A GFI MailEssentials can only process emails addressed to the domains listed above Therefore if SPAM email is sent to a domain not listed above it will not be blocked To further con
154. y specific servers to use this email relaying setup To achieve this 1 Go to Start gt Control Panel gt Administrative Tools 2 Click on Internet Information Services IIS Manager 3 In the left pane expand the respective server node Right click on Default SMTP Virtual Server and select Properties 4 Click on the Access tab and select Relay Getting Started Guide 5Binstallation for SMTP Servers e 105 Relay Restrictions Ed Select which computer may relay through this virtual server Only the list below C All except the list below Computers IP Address Mask 4 Domain Name Add IV Allow all computers which successfully authenticate to relay regardless of the list above Cancel Help Screenshot 66 Relay options 5 Select the Only the list below option and click Add 6 Specify IP s of the mail server s that are allowed to route emails through your mail relay server You can specify e Single computer i e Authorize one specific machine to relay email through this server Use the DNS Lookup button to lookup an IP address for a specific host e Group of computers i e Authorize specific computer s to relay emails through this server e Domain Allow all computers in a specific domain to relay emails through this server NOTE The Domain option adds a processing overhead that can degrade SMTP service performance This is due to the reverse DNS lookup processes triggered on
Download Pdf Manuals
Related Search