2 Installing GFI MailSecurity : 2.12 Securing access to the GFI MailSecurity configuration/quarantine
1. Click the GFI MailSecurity SwitchBoard shortcut found under Start ► Programs ► GFI MailSecurity.
2. The GFI MailSecurity SwitchBoard application is loaded. You now need to select whether you want to allow only local access to the Configuration and Quarantine Store or else both local and remote. To allow only local access, click Local mode, so that the Configuration and Quarantine Store can only be accessed when working directly on the server machine where GFI MailSecurity is installed. On the other hand, to allow both local and remote access, click IIS mode, so that authorized users, both from the local machine and other remote machines, can access the GFI MailSecurity Configuration and Quarantine Store.
3. If you selected Local mode, you do not need to configure anything else. If you selected IIS mode you now need to configure the Active Directory accounts or groups that have access to the Configuration and Quarantine Store, and you can change the virtual directory name where the GFI MailSecurity pages are stored.
NOTE: If you select Local mode you need to add ‘http://127.0.0.1’ to the list of trusted sites in Internet Explorer. For further information, refer to Adding local host to the trusted sites list section below.
4. To configure access security, click Security… next to the Virtual Directory box.
5. In the IIS mode access control list dialog box you can configure who gets access to the configuration pages and the quarantine store in separate access control lists.
6. To configure the accounts that get access to the configuration pages, use the Add and Remove buttons underneath the Configuration URL Access Control List. If you want to deny access to a listed account without removing it from the list, select the check box under the Deny column.
7. To configure the accounts that get access to the quarantine store, use the Add and Remove buttons underneath the Quarantine URL Access Control List. If you want to deny access to a listed account without removing it from the list, select the check box under the Deny column.
NOTE: To avoid reselecting the same accounts twice, once for each list, you can easily drag and drop accounts and groups between the two lists.
10. Click OK to save your changes. A progress bar shows you the progress while applying the new settings.
1. Click the Control Panel shortcut under the Start menu.
2. From the Control Panel open the Internet Options applet.
3. In the Internet Properties dialog box click the Security tab and then click the Trusted sites icon from the Web content zone list.
4. Click Sites.
5. In the Trusted sites dialog box specify ‘http://127.0.0.1’ in the Add this Web site to the zone box.
6. Click Add. The local host address is added to the Web sites list.
7. Click Close.
8. Click OK in the Internet Properties dialog box to close it and save the new settings.