Table of Contents 1.1 Introduction to GFI MailSecurity 1.1 Introduction to GFI MailSecurity 1.2 Key features of GFI MailSecurity Virus checking using multiple virus engines Email attachment checking/filtering Trojan and Executable Scanner HTML Sanitizer Decompression filter 1.3 GFI MailSecurity components GFI MailSecurity scan engine GFI MailSecurity configuration 1.4 GFI MailSecurity from a user's perspective 1.5 Add-ons - GFI MailEssentials 2 Installing GFI MailSecurity 2.1 Introduction 2.2 Typical deployment scenarios Installing GFI MailSecurity on your mail server Installing GFI MailSecurity on a mail relay server Installing GFI MailSecurity in front of your firewall Installing GFI MailSecurity on an Active/Passive Cluster Installing GFI MailSecurity on an Active/Active Cluster 2.3 Which installation mode should I use? Active Directory mode SMTP mode 2.4 Hardware requirements 2.5 Software requirements 2.5.1 Supported Operating Systems 2.5.2 Supported Mail Servers 2.5.3 Other components 2.6 Important installation notes Windows XP Windows Server 2008 Microsoft Exchange Server 2007/2010 Windows Small Business Server Other installation configurations 2.7 Preparing to install GFI MailSecurity on an IIS mail relay server About Windows 2000/2003 IIS SMTP & World Wide Web services Step 1: Verify installation of IIS SMTP and WWW services Step 2: Specify mail relay server name and assign an IP Step 3: Configure the SMTP service to relay mail to your mail server Step 4: Secure your mail relay server Step 5: Configure your mail server to relay email via the Gateway server If you have Microsoft Exchange Server 4/5/5.5: If you have Microsoft Exchange Server 2000/2003: If you have Lotus Notes: If you have an SMTP/POP3 mail server: Step 6: The MX record of your domain must point to the mail relay server Verify the MX record of your DNS server as follows: Step 7: Test your new mail relay server 2.8 Preparing to install GFI MailSecurity on your mail server 2.9 Installing GFI MailSecurity 2.10 GFI MailSecurity Post-Installation Wizard 2.11 Adding GFI MailSecurity to the Windows DEP Exception List 2.12 Securing access to the GFI MailSecurity configuration/quarantine Adding local host to the trusted sites list 2.13 Securing access to the GFI MailSecurity Quarantine RSS feeds 2.14 Accessing the GFI MailSecurity Configuration and Quarantine Store Accessing the configuration from the GFI MailSecurity machine Accessing the configuration from a remote machine 2.15 Upgrading from GFI MailSecurity 8 to GFI MailSecurity 10.1 2.16 Upgrading from GFI MailSecurity 9 to GFI MailSecurity 10.1 2.17 Quarantine Upgrade tool 2.17.1 Using the quarantine upgrade tool 3 General settings 3.1 Introduction to settings 3.2 Define the administrator’s email address 3.3 Configuring proxy server settings for automatic updates 3.4 Adding Local Domains 3.5 SMTP server bindings 3.6 Managing local users in SMTP mode To add a new local user follow these steps: To remove a local user follow these steps: 4 Configuring virus checking 4.1 Configuring Virus Scanning Engines 4.2 AVG configuration AVG web site 4.3 Kaspersky configuration Kaspersky web site 4.4 BitDefender configuration BitDefender website 4.5 McAfee configuration McAfee website 4.6 Norman configuration Norman website 4.7 Virus scanner actions 4.8 Virus scanner updates Triggering the virus update manually 4.9 Setting the Virus Scanning Engines scan priority 4.10 Configuring Virus Scanning optimizations 4.11 Configuring Information Store Scanning 5 Configuring Content Filtering 5.1 Introduction 5.2 Creating a Content Filtering rule 5.3 Enabling/disabling rules 5.4 Removing content filtering rules 5.5 Modifying an existing rule 5.6 Changing the rule priority 6 Configuring Attachment Filtering 6.1 Introduction to Attachment Filtering 6.2 Creating an Attachment Filtering rule 6.3 Removing attachment rules 6.4 Make changes to an existing rule 6.5 Enabling/disabling rules 6.6 Changing the rule priority 7 Decompression engine 7.1 Introduction to the Decompression engine 7.2 Configuring the decompression engine filters Check password protected archives Check corrupted archives Check for recursive archives Check size of uncompressed files in archives Check for amount of files in archives Scan within archives 7.3 Configuring decompression filter actions 7.4 Enable/disable decompression filters 8 The Trojan & Executable Scanner 8.1 Introduction to the Trojan & Executable Scanner What is a Trojan horse? Difference between Trojans and viruses How does the Trojan & Executable Scanner work? 8.2 Configuring the Trojan & Executable Scanner Configuring the security level Configuring actions 8.3 Trojan & Executable Scanner updates Triggering the Trojan & Executable Scanner update manually 9 The Email Exploit Engine 9.1 Introduction to e-mail exploits What is an exploit? What is an e-mail exploit? Difference between Anti-Virus software & Email Exploit Detection software 9.2 Configuring the Email Exploit Engine Enable/Disable email exploits Configuring the Email Exploit Engine properties 9.3 Email Exploit Engine updates Triggering the Email Exploit Engine update manually 10 The HTML Sanitizer 10.1 Introduction to the HTML Sanitizer Why remove HTML scripts? 10.2 Configuring the HTML Sanitizer 11 Patch Checking 11.1 Introduction to Patch Checking 11.2 Downloading and installing software patches 12 Quarantine 12.1 Introduction to the Quarantine Store 12.2 The Quarantine Store Searching for emails in the Quarantine Store 12.3 Search Folders What is a search folder? Why are search folders useful? Grouping quarantined emails in Search Folders Changing Search Folder properties Deleting Search Folders 12.4 Approving emails from the Quarantine Store 12.5 Deleting emails from the Quarantine Store 12.6 Rescanning emails from the Quarantine Store 12.7 View the full security threat report of an email 12.8 Enable email approval via HTML approval forms How to approve or delete quarantined emails from an email client 12.9 Quarantined mail from the user point of view 12.10 Enable quarantine RSS feeds What is RSS? How does GFI MailSecurity use RSS? How do I configure RSS on a quarantine folder? How do I subscribe to a quarantine search folder RSS feed? 12.11 Enable the Directory Harvesting filter on quarantined emails 13 Reporting 13.1 Introduction to GFI MailSecurity Reporting 13.1.1 Configuring the statistical information database 13.1.2 Configuring a Microsoft Access database backend 13.1.3 Configuring a Microsoft SQL Server database backend Creating a new database on Microsoft SQL Server 2000 Creating a new database in Microsoft SQL Server 2008 14 Realtime Monitor 14.1 About the Realtime Monitor 14.2 Monitoring email activity 15 Miscellaneous 15.1 Version Information 16 Advanced topics 16.1 Customizing the notification templates Variables used in XSL-based notification templates 16.2 Setting Virus Scanning API Performance Monitor Counters 16.2.1 Performance counter in Windows 2003 Server 16.2.2 Performance counter in Windows 2008 Server 16.2.3 Performance monitor counters 17 Troubleshooting 17.1 Introduction 17.2 Knowledge Base 17.3 Web Forum 17.4 Request technical support 17.5 Build notifications
