manualshive.com logo in svg

3Com 3CR3MFA-92, User Manual

The 3Com 3CR3MFA-92 user manual is available for free download on our website. This comprehensive manual provides step-by-step instructions on setting up and using the product, ensuring a seamless user experience. Simply visit manualshive.com to access the manual and unlock the full potential of your 3Com 3CR3MFA-92 device.

Share
Download
background image

http://www.3com.com/

Part No. DUA-MFA100-AAA01
Published January 2005

Email Firewall

User Guide

User Guide for the 3Com

®

 Email Firewall

Summary of Contents for 3CR3MFA-92

Page 1: ...http www 3com com Part No DUA MFA100 AAA01 Published January 2005 Email Firewall User Guide User Guide for the 3Com Email Firewall ...

Page 2: ...FAR 252 227 7015 Nov 1995 or FAR 52 227 14 June 1987 whichever is applicable You agree not to remove or deface any portion of any legend provided on any licensed program or documentation contained in or delivered to you in conjunction with this User Guide Unless otherwise indicated 3Com registered trademarks are registered in the United States and may or may not be registered in other countries 3C...

Page 3: ...i Virus Scanning 14 Malformed Email Checks 14 Attachment Control 15 Email Security 15 Reporting 15 System Administration 16 Main Menu 17 2 CONFIGURING MAIL DELIVERY Mail Routing 19 Additional Mail Route Rules 21 Delivery Settings 23 Delivery Settings 23 Gateway Features 23 Default Mail Relay 23 BCC All Mail 24 Annotations 24 Advanced Delivery Settings 25 Mail Mappings 26 Uploading Mapping List 27 ...

Page 4: ...8 Pattern Based Message Filtering 39 Message Restrictions 39 SMTP Authenticated Relay 40 SMTP Banner 40 SMTP Security 41 Incoming Mail 42 Mail Delivery 42 Malformed Email 44 4 ANTI SPAM CONFIGURATION Anti Spam Features 47 DCC 49 STA 50 Spam Action 52 Maybe Spam Action 52 Diagnostics 53 STA Training 54 Pattern Based Message Filtering 54 Message Part 55 Match Option 58 Pattern 58 Priority 58 Action ...

Page 5: ...ne 66 Quarantine and Trusted Senders List Users 67 Upload and Download User Lists 68 Enabling User Access on a Network Interface 68 Advanced Anti Spam Options 69 RBL Realtime Blackhole List 69 Mail Access Filtering 70 Anti Spam Header 70 5 REPORTING Generating Reports 71 Report Configuration 72 Report Generation 73 Report Fields 74 System Logs 77 Viewing Log Details 78 Configuring a Syslog Server ...

Page 6: ...Licensing 93 Installed License 93 License Agreements 94 License Renewal or Upgrade 94 SSL Certificates 94 Software Updates 96 Uploading a Software Update 96 Security Connection 97 7 SYSTEM MANAGEMENT Status and Utility 99 Utility Functions 100 Current Admin and Spam Quarantine Users 104 Configuration Information 104 Mail Queues 104 Quarantine 105 Expiry Settings 105 Daily Tasks 106 Backup and Rest...

Page 7: ...oblems 116 Email Firewall Status 117 System Alarms 118 Licensing 118 BorderWare Mail Security Services 118 Network Settings 118 Report Problems 119 Troubleshooting Mail Delivery Problems 120 Examining Log Files 121 Troubleshooting Content Issues 123 Email History 123 A CUSTOMIZING SYSTEM MESSAGES B RESET TO FACTORY DEFAULT SETTINGS FROM CONSOLE C THIRD PARTY COPYRIGHT AND LICENSE AGREEMENTS GLOSSA...

Page 8: ......

Page 9: ...king knowledge of TCP IP network and email communications protocols For more detailed information on 3Com Email Firewall installation please see the accompanying Installation Guide If release notes are shipped with your product and the information there differs from the information in this guide follow the instructions in the release notes Most user guides and release notes are available in Adobe ...

Page 10: ...eholders that appear in angle brackets Example To change your password use the following syntax system password password In this example you must supply a password for password Commands The word command means that you must enter the command exactly as shown and then press Return or Enter Commands appear in bold The words enter and type When you see the word enter in this guide you must type someth...

Page 11: ... are very important to us They will help make our documentation more useful to you Please send comments about this document to 3Com via the following URL http www 3com com corpinfo en_US contactus index html Please include the following information when contacting us Document title Document part number on the title page Page number if appropriate Example 3Com Email Firewall User Guide Part number ...

Page 12: ...12 ABOUT THIS GUIDE ...

Page 13: ...re no direct SMTP Simple Mail Transport Protocol connections between external and internal servers The 3Com Email Firewall is installed behind the existing firewall on the Internal network Inbound mail will be forwarded from the Firewall or Router to the 3Com Email Firewall where it will be scanned processed and then sent to your internal mail server for delivery Outbound mail will be sent from yo...

Page 14: ...vides a built in virus scanning service When enabled all messages inbound and outbound passing through the 3Com Email Firewall are scanned for viruses Viruses can be selectively blocked depending on whether they are found in inbound or outbound messages Message attachments are recursively disassembled to help ensure that viruses cannot be concealed Malformed Email Checks Many viruses try to elude ...

Page 15: ... normally sent in clear text can be protected from interception and eavesdropping via TLS Transport Layer Security encryption Reporting The 3Com Email Firewall s reporting features allow you to create customized reports on mail and system activity including the following Traffic Summary System Health Top Mailbox Disk Users Spam Statistics Virus Reports Email History System Events History The repor...

Page 16: ... 1 0 or greater Safari 1 2 3 or greater Your web browser must have cookies enabled to be able to connect and login to the 3Com Email Firewall Launch a web browser on your computer and enter the IP address or hostname into the location bar such as https 192 168 1 253 or https mail example com The login screen will then be displayed Enter the user name admin and the corresponding password The Activi...

Page 17: ...number of messages in the mail queue the number of different types of messages received and sent and current message activity Status The Status page displays a list of system services and their current status Network and system tests can also be performed Mail Delivery This menu allows you to configure mail delivery features such as Anti Spam Anti Virus Attachment Control Mail Routing Delivery Set...

Page 18: ... view and modify system configuration settings such as The Setup Wizard Admin Account System Users Network Settings Web Proxy Static Routes Licensing SSL Certificates Software Updates System Management This menu is used for system management features such as Status and Utility menu for troubleshooting Mail Queues Quarantine Backup and Restore Reboot and Shutdown Returning the system to factory set...

Page 19: ...ains you will be accepting mail for and where locally to deliver the mail such as an internal Microsoft Exchange mail server The Mail Domain you configured at installation time using the Setup Wizard will automatically be created Select Mail Delivery Mail Routing from the menu to define additional mail routes Sub Select this check box to accept and relay subdomains for the specified domain Domain ...

Page 20: ...ill not be removed from the active queue until delivery is attempted even if the preceding mail failed or was deferred This setting ensures that local mail servers receive high priority The KeepOpen option should only be used for domains that are usually very reliable If the domain is unavailable it may cause system performance problems due to excessive error conditions and deferred mail A list of...

Page 21: ... These procedures are not required for the default mail route you configured at installation time with the Setup Wizard Adding a Specific Access Pattern 1 Select Mail Delivery Mail Access Filtering from the menu Your primary mail route defined during installation will already be configured 2 Click Add Pattern to add a new pattern for the additional mail route 3 Enter the IP address of the mail ser...

Page 22: ...Pattern Based Message Filter 1 Select Mail Delivery Mail Access Filtering from the menu Select Pattern Based Message Filtering 2 Click Add to add a new filter rule 3 Select Client IP as the Message Part and set the address of the mail server for the mail route as the pattern 4 Set the Action to Trust and click Update to add the new rule ...

Page 23: ...tification that mail is delayed Time to retain undelivered MAILER DAEMON mail The number of hours to keep undelivered mail addressed to MAILER DAEMON the internal mail server process Gateway Features Masquerade Addresses Masquerades internal hostnames by rewriting headers to only include the address of the 3Com Email Firewall Strip Received Headers Strip all Received headers from outgoing messages...

Page 24: ... copy BCC of each message that passes through the 3Com Email Firewall to the specified address This address can be local or on any other system Once copied the mail can be effectively managed and archived from this account Copy all mail to Enter an email address to copy mail to Errors to Specify an address that will receive error messages if there are problems delivering the BCC mail Annotations I...

Page 25: ...dditional media types in email messages Some mail servers may not support ESMTP and you may have to disable this feature if you are experiencing problems SMTP Notification Advanced Select the type of notifications that are sent to the postmaster account Resource Mail not delivered due to resource problems such as queue file write errors Software Mail not delivered due to software problems Bounce S...

Page 26: ...ings Mail Mappings are used to map an external address to a different internal address and vice versa This is useful for hiding internal mail server addresses from external users For mail originating externally the mail mapping translates the address in the To and CC mail header field into a corresponding internal address to be delivered to a specific internal mailbox For example mail addressed to...

Page 27: ...for outgoing mail Extra internal addresses Enter any additional internal mappings that will be included in the outgoing mail conversion Click Update when finished Uploading Mapping List A list of mappings can also be uploaded in one text file The file must contain comma or tab separated entries in the form sender or recipient map_in map_out value on or off For example sender user example com user ...

Page 28: ... it to example2 com This allows the 3Com Email Firewall to distribute mail to multiple internal servers based on the Recipient address of the incoming mail Virtual Mappings are useful for acting as a wildcard mail mapping such as mail for example com is sent to exchange example com Select Mail Delivery Virtual Mappings to configure your mappings Click the Add Virtual Mapping button to add a new ma...

Page 29: ...rm map_in map_out For example user example com user user example com user example2 com example com example2 com The file virtmap csv should be created in csv file format using Excel Notepad or other Windows text editor It is recommended that you download the virtual mapping file first by clicking Download File editing it as required and uploading it using the Upload File button ...

Page 30: ...30 CHAPTER 2 CONFIGURING MAIL DELIVERY ...

Page 31: ...essages inbound and outbound passing through the 3Com Email Firewall are scanned for viruses Viruses can be selectively blocked depending on whether they are found in inbound or outbound messages Message attachments are recursively disassembled to help ensure that viruses cannot be concealed When a virus infected message is received it can be deleted quarantined or the event can be logged Quaranti...

Page 32: ... from being passed through the system This option will only take effect if the Anti Virus action is set to Quarantine Mail Action Configure the action for both inbound and outbound mail Possible actions include Just log Log the event and take no further action Reject mail The message is rejected with notification to the sending system Quarantine mail The message is placed into quarantine Discard m...

Page 33: ...stem Messages on page 125 for a full list of variables that can be used Pattern Files Virus pattern files must be continuously updated to ensure that you are protected from new virus threats The frequency of virus pattern file updates can be configured in the Virus Pattern Files section Select the time interval to check for pattern file updates Options include 15 30 and 60 minutes Click the Get Pa...

Page 34: ... Delivery Attachment Control from the menu to configure your attachment types and actions Default action Set the default attachment control action for items not specifically listed in the Attachment Types list The default is Pass which allows all attachments Any file types defined in the Attachment Types list will override the default setting Enable Attachment Control Select the check box to enabl...

Page 35: ...d messages can be enabled for all recipients the sender and the administrator Customize the content for the Inbound and Outbound notification in the corresponding text boxes See Appendix A Customizing System Messages on page 125 for a full list of variables that can be used ...

Page 36: ...OCK or Pass the attachment Select the DS Disable Content Scan check box if you want to disable content scanning for attachments with the specified extension The attachment will still be checked for viruses if the Disable Content Scan option is selected Click the Add Extension button to add a file extension or MIME type to the list and then click Update The following example adds a MIME type of ima...

Page 37: ...cepted from the incoming SMTP connection In the Mail Access Mail Filtering settings you can specify patterns to match for on incoming connections and configure an appropriate action The maximum number of recipients and the maximum size of a message can also be configured Select Mail Delivery Mail Access Filtering to configure access patterns and mail filters ...

Page 38: ...roperties The other parameters however are useful for whitelisting HELO Access This parameter requires either a domain or hostname pattern It is not reliable as spammers can fake this property Envelope From Access This parameter requires a valid email address pattern It is not reliable as spammers can fake this property Envelope To Access This parameter requires a valid email address pattern It is...

Page 39: ...ng parameters allow you to reject messages based on the number of recipients the message size or free queue space available Maximum recipients per message Set the maximum number of recipients accepted per message This helps prevent delivery of spam messages that typically contain a large number of recipients Maximum message size Set the maximum message size in bytes that will be accepted by the 3C...

Page 40: ... this 3Com Email Firewall for the feature to work It is recommended that you accept SSL TLS for incoming mail connections so that account details cannot be intercepted when the relay is enabled See SMTP Security on page 41 for more detailed information on setting up SSL TLS encryption SMTP Banner Click the Advanced button to reveal an option for the SMTP banner The SMTP banner is exchanged during ...

Page 41: ...s to be sent confidentiality from desktop to desktop but without the difficulties of implementing other encryption schemes Encryption can be enforced between particular systems such as setting up an email VPN between two 3Com Email Firewalls at remote sites Encryption can also be set as optional so that users who are concerned about the confidentiality of their messages on the internal network can...

Page 42: ...sed to require SSL TLS when accepting mail for authenticated relay See the SMTP Authenticated Relay section on page 40 for more detailed information Mail Delivery By Default Offer TLS Enable this option to offer remote mail servers the option of using SSL TLS when sending mail Enforce TLS Enabling this option will require the validation of a CA signed certificate when delivering mail to a remote m...

Page 43: ...box and click the Update button The exempted mail server will be listed under the Specific Site Policy TLS options include the following Don t Use TLS TLS Mail Delivery is never used with the specified system May Use TLS Use TLS if the specified system supports it Enforce TLS Deliver to the specified system only if a TLS connection with a valid CA signed certificate can be established Loose TLS Si...

Page 44: ...ed to attack mail servers directly These types of messages are often used in denial of service DoS attacks The 3Com Email Firewall analyzes each message with very extensive integrity checks Malformed messages are quarantined if they cannot be processed Select Mail Delivery Malformed Email from the menu to configure malformed email checks Enable malformed scanning Select this option to enable scann...

Page 45: ...antine mail The message is placed into quarantine Discard mail The message is discarded without notification to the sending system Notifications Notifications for inbound and outbound messages can be enabled for all recipients the sender and the administrator and the notification message can be customized See Appendix A Customizing System Messages on page 125 for a full list of variables that can ...

Page 46: ...46 CHAPTER 3 CONFIGURING MAIL SECURITY ...

Page 47: ...rs List Users Advanced Anti Spam Options Anti Spam Features The 3Com Email Firewall contains a variety of powerful features to prevent spam messages including the following Server based tools such as DCC Distributed Checksum Clearinghouse STA Statistical Token Analysis Objectionable Content Filtering and Pattern Based Message Filtering that prevent spam messages from being delivered to an end user...

Page 48: ...h the text SPAM Set Action to User Quarantine Mail User Spam Quarantine Anti Spam features are enabled Messages determined to be spam will be redirected to the User Spam Quarantine The Action for each feature will be set to Redirect To and the Action data set to the address of this 3Com Email Firewall for quarantine CAUTION If you set the global Anti Spam action to User Quarantine Mail you must en...

Page 49: ...sition of a message A DCC server receives no mail address headers or any similar information but only the cryptographically secure checksums of such information A DCC server cannot determine the text or other information that corresponds to the checksums it receives It only acts as a clearinghouse of counts of checksums computed by clients You must allow a connection on UDP port 6277 on your netwo...

Page 50: ...or phrase can have many meanings depending on the context STA provides a way to accurately measure how likely any particular message is to be spam without having to specify every word and phrase STA achieves this by deriving a measure of a word or phrase contributing to the likelihood of a message being spam This is based on the relative frequency of words and phrases in a large number of spam mes...

Page 51: ...reases STA s aggressiveness to ensure more spam is caught but also increases the possibility of false positives The STA upper threshold is set to 80 and the lower threshold to 50 Any message with a metric 80 or above will be considered spam A metric between 80 and 50 will be considered Maybe Spam and will trigger an action if you have the Maybe Spam option enabled A metric lower than 50 is conside...

Page 52: ...t Header The specified text will be inserted into the subject line such as SPAM Add header A message header will be added with the specified text such as SPAM Redirect to Send the message to a mailbox such as spam example com Maybe Spam Action This features allows you to take action on messages that STA identifies as maybe spam which indicates it could be spam but may also be legitimate mail A mes...

Page 53: ...with the specified text such as SPAM Redirect to Send the message to a mailbox such as spam example com Diagnostics Enable X STA Headers This setting inserts X STA headers into all messages These are not visible to the user although they can be filtered in most mail clients but can be used to gather information on why mail is processed in a particular way The following headers will be inserted X S...

Page 54: ...u can use this button to immediately rebuild the STA database Click the Delete Training button to delete all training material if your 3Com Email Firewall has been misconfigured and starts to treat legitimate mail as spam or vice versa Pattern Based Message Filtering Pattern Based Message Filtering is the primary tool for whitelisting and blacklisting messages An administrator can specify that mai...

Page 55: ...tering 55 Some default PBMF rules are provided and more can be added by clicking the Add button Message Part Select a Message Part from the dropdown list The following diagram and sections explain each part of the mail message ...

Page 56: ...ient Host This field will be accurately reported and may be reliably used for both blacklisting and whitelisting Example mail example com The following envelope parameters Envelope Addr Envelope To and Envelope From may be visible if your client supports reading the message source They can also be found in the transport logs Other header fields may be visible as supported by the mail client Envelo...

Page 57: ...meters Raw Mail Body This parameter allows for a match on any part of the encoded message body This encoded content includes Base64 MIME and HTML Since messages are not decoded a simple text match may not work Use Mail Content for text matching on the decoded content Mail Content This parameter allows for a match on the visible decoded message body STA Token STA tokens can also be selected for pat...

Page 58: ...entire message is read before making the decision If a message matches multiple filters the filter with the highest priority will be used If more than one matched filter has the highest priority the filter with the strongest action will be used in order from highest priority to lowest Spam Reject Trust Relay Valid Accept If more than one matched rule has the highest priority and highest action the...

Page 59: ...ies in the form Section type pattern action priority seq rulenumber For example to contains user example com reject medium 1 The file pbmf csv should be created in csv file format using Excel Notepad or other Windows text editor It is recommended that you download the PBMF file first by clicking Download File edit it as required and upload it using the Upload File button PBMF Preferences Click the...

Page 60: ... the connecting mail server is forced to return it BCC Send a blind carbon copy mail to the mail address specified in Action Data Action data Depending on the specified action Modify Subject Header The specified text will be inserted into the subject line such as SPAM Add header A message header will be added with the specified text such as SPAM Redirect to Send the message to a mailbox such as sp...

Page 61: ...tent Filtering from the Mail Delivery Anti Spam menu to configure the filter Actions You can set actions for both inbound and outbound messages The following actions can be set Just log Log the event and take no further action Reject mail The message is rejected with notification to the sending system Quarantine mail The message is placed into quarantine Discard mail The message is discarded witho...

Page 62: ...nders List The Trusted Senders List allows users to define specific email addresses that are considered trusted and bypass the 3Com Email Firewall s Anti Spam controls DCC STA RBL and PBMF Spam If the action for an Anti Spam feature is set to Reject it cannot be bypassed by the Trusted Senders List Additionally the Trusted Senders List only applies to PBMF Spam messages with a low priority Local 3...

Page 63: ...add their own addresses using the same interface as they use for checking the Spam Quarantine See Quarantine and Trusted Senders List Users on page 67 for details on how to add local users to the system Log in to the 3Com Email Firewall and select Trusted Senders in the left menu Enter an email address and then click the Add button The specified address will bypass the 3Com Email Firewall s Anti S...

Page 64: ...where it will be placed in a folder for that particular user Users can log in to the 3Com Email Firewall and manage their quarantined spam Messages can be viewed returned to the inbox or deleted Select Spam Quarantine from the Mail Delivery Anti Spam menu Spam Quarantine Configuration Enable Spam Quarantine Select the check box to enable the spam quarantine Expiry Period Select an expiry period fo...

Page 65: ...d senders list Allow reading messages When enabled a link is inserted into the spam summary message to allow the user to read the original message Mail Subject Enter a subject for the notification email Mail Content Preamble Customize the preamble that will appear in the message Set Redirect Action for Anti Spam Features For each Anti Spam feature DCC STA and so on that you want to use the user Sp...

Page 66: ...tem Config Network Settings and go to the Network Interface section Select the User Access check box to allow access to the Spam Quarantine via this interface Click Apply to save the network settings Examining the Quarantine Local Email Firewall users can log in and examine the messages in their Spam Quarantine Messages in the quarantine can be released back into the user s Inbox by clicking the N...

Page 67: ...ility for users to view the Spam Quarantine or configure their Trusted Senders Lists Select System Config Users from the menu Click the Add a New User button to add a new user to the system Enter a user ID and a password If this user will be an additional administrator for this Email Firewall select the Full Admin option in the Administrator Privileges section ...

Page 68: ...xcel Notepad or other Windows text editor It is recommended that you download the user list file first by clicking File Download editing it as required and then uploading it using the File Upload button Enabling User Access on a Network Interface You must enable User Access on the network interface to allow users to log in via that interface Select System Config Network Settings and go to the Netw...

Page 69: ...request times out This may affect performance and requires monitoring for timed out connections If a message that you want to receive is blocked by an RBL add an item to the Pattern Based Message Filtering list to Trust to train for STA or Accept not train for STA this message Enable RBLs Select this check box to enable RBLs Check Relays The Check Relays setting deals with spammers who are relayin...

Page 70: ...ified text such as RBL Redirect to Send the message to a mailbox such as spam example com RBL Servers Click the Edit button to edit your RBL server addresses Mail Access Filtering In the Mail Access Mail Filtering settings you can specify patterns to match for on incoming connections and configure an appropriate action The maximum number of recipients and the maximum size of a message can also be ...

Page 71: ...ts including the following Traffic Summary System Health Top Mailbox Disk Users Spam Statistics Virus Reports Email History System Events History The reports are derived from information written to the various systems logs and then stored in the database Reports are stored on the system for online viewing and can also be emailed automatically to specified users Reports can be generated on demand a...

Page 72: ...igure reports To view a previously generated report click on the report name To configure a report click the Configure button Click Generate Now to immediately generate a report Report Configuration Click the Configure button to set up a new report Report Title Title to display at the top of the report Email To HTML PDF Specify an email address such as admin example com Use a comma separated list ...

Page 73: ... the timespan covered for this report Timespan Ends at Select the end of the timespan It is recommended to set the timespan end time a few hours prior to report generation to allow all deferred mail to be finalized Timespan Offset Days Ago Select the number of days to offset the timespan This amount of time is subtracted before setting the timespan Click the Generate Now button to generate a repor...

Page 74: ...ield Descriptions Field Description System name The system host name such as mail example com Date time Date and time of report generation Version Software version Timespan Period covered by report Uptime How long the system has been running since the last reboot Filter summary A summary of the filters applied to this report Head comment Freeform comment that you may enter Traffic blocking A table...

Page 75: ...list List of the most recent viruses found Top PBMFs List of the top pattern based message filters Top forbidden attachments List of the top forbidden attachments caught by attachment control Recent forbidden attachments List of the most recent forbidden attachments caught by attachment control Disk usage Shows disk usage by partition Disk load Graph of average disk load MB s over the reporting pe...

Page 76: ...string after the first comma The limit parameter in the report configuration sets the maximum number listed Top recipients The top recipients during the report timespan sorted by number of messages The sum of the message sizes is also listed If the title contains one or more comma characters the list will be restricted to those recipients which include any string after the first comma The limit pa...

Page 77: ...irewall Other logs include Authentication Contains messages from Spam Quarantine logins Web Server Access A log of access to the web server Web Server Errors Contains error messages from the web server Web Server Encryption Engine Contains messages for the web server encryption engine Web Server Encrypted Accesses A log of SSL web server access Messages Contains system messages including file uplo...

Page 78: ...iew search and download its detailed entry information Configuring a Syslog Server Logs can also be forwarded to a syslog server which is a host that collects and stores log files from many sources You can define a syslog host in the System Config Network Settings screen ...

Page 79: ...processed including a detailed journal identifying the results of the mail processing Select Reporting Email History from the menu to view the message history You can quickly search the email history by entering a specific field to search on and a pattern Click on an individual message Queue ID to display the details for the message and how it was processed ...

Page 80: ...ing table describes the event types that can appear in the System History database Table 4 System Events Event Type Description Parameters Admin Actions Shows administrative functions that have been performed AV Updates The time of the last update its success or failure and the name of the new pattern file CPU Load The load average for the past 1 5 and 15 minutes Number of processes waiting for CP...

Page 81: ...ed out sessions UserID and IP address Login failure Login failure UserID and IP address Network IO Amount of data in and out of network card Paging This shows the swap paging activity pages in out over 5 seconds Queue Sizes Number of messages in active and deferred queues Active queue size in bytes deferred queue size in bytes RBL Responses Average round time to RBL server with minimum and maximum...

Page 82: ...ore disk space and cause backups to take much longer to complete if they include the reporting data Select Reporting Configure History from the menu to modify your reporting history settings Limit Total Number of Email to Select the total number of emails to keep in the email history Limit Number of System Events per event type Select the limit for the number of system events to keep Report Expiry...

Page 83: ...s Licensing SSL Certificates Software Updates Setup Wizard The Setup Wizard can quickly guide you through the steps to change your networking or system mail setup information For additional information regarding the Setup Wizard refer to the Installation Guide that you received with your 3Com Email Firewall Using the Setup Wizard you can change the following settings Admin Password Time Zone Netwo...

Page 84: ...ous step Change Password Enter your old password and set a new password if required Click Apply if you have made any changes If you do not want to modify your current password leave all fields blank and click Next to continue Time Zone Modify your time zone if required Click Apply if you have made any changes If you do not want to modify your time zone information click Next to continue ...

Page 85: ... have made any changes If you do not want to modify your networking information click Next to continue Mail Configuration Modify your mail configuration and proxy settings if required and click Apply if you have made any changes If you do not want to modify your mail configuration settings click Finish ...

Page 86: ...rd you will have to reinstall the system Please choose your password carefully and store it in a safe place See Appendix B on page 127 for information on resetting the system if you have forgotten your admin password Click Add Admin User to create a new user with admin privileges System Users You must add local users to the 3Com Email Firewall if you require the ability to view the user Spam Quara...

Page 87: ...d Creating an Admin User If this user will be an additional administrator for this 3Com Email Firewall select the Full Admin option in the Administrator Privileges section When a Full Admin user logs into the 3Com Email Firewall they must click the Administration link on the left menu to open up the admin menu ...

Page 88: ...cel Notepad or other Windows text editor It is recommended that you download the user list file first by clicking File Download editing it as required and then uploading it using the File Upload button Enabling User Access on a Network Interface You must enable User Access on the network interface to allow users to log in via that interface Select System Config Network Settings and go to the Netwo...

Page 89: ...ame Enter the hostname not the full domain name of the 3Com Email Firewall such as mail in the domain name mail example com Domain Enter the domain name such as example com Gateway Enter the default gateway for this 3Com Email Firewall This is typically your network router Syslog host Enter an optional syslog host to forward logs to A syslog server collects and stores log files from many sources N...

Page 90: ...select for automatic configuration User Access Enables local access to the Spam Quarantine and Trusted Senders List on this interface Advanced Parameters The following advanced network parameters are enabled by default and should only be modified if you are experiencing connection problems with certain mail delivery hosts Enable RFC 1323 These are TCP extensions to improve performance and to provi...

Page 91: ...i Virus Anti Spam and Licensing services to retrieve updates Select System Config Web Proxy from the menu Use Secure Web Proxy Select the check box to enable use of the secure web proxy Server Address Enter the proxy server address in the format https hostname port such as https proxy example com 8080 User Name Enter a username to log into the secure web proxy server Password Enter a corresponding...

Page 92: ...ich mail must be relayed are located on another network such as behind an internal firewall or accessed via a VPN Select System Config Static Routes from the menu to define any static routes To add a new static route enter the network address netmask and gateway for the route and then click New Route ...

Page 93: ...icense Select System Config Licensing from the menu to view and manage your license information Installed License The Installed License section displays your current license information If your license expires the system will not accept incoming mail connections You can switch to Degraded mode by selecting the corresponding check box which will allow you to accept mail but the Anti Spam and Anti V...

Page 94: ...al certificate You can use self signed certificates generated by the 3Com Email Firewall or import certificates purchased from commercial Certificate Authorities CA such as Verisign The disadvantage of self signed certificates is that web browsers will display warnings that the company in this case the 3Com Email Firewall issuing the certificate is untrusted When you purchase a commercial certific...

Page 95: ... installed certificate button to display the certificate and an accompanying certificate request 5 Forward the request portion of the certificate to a commercial Certificate Authority CA for signing 6 When received install the commercial certificate by clicking the Load a site certificate button Copy and paste the SSL Certificate and private key portions into the indicated fields and then click Co...

Page 96: ...The Update Software screen shows updates that are Available Updates loaded onto the 3Com Email Firewall but not applied and Installed Updates applied and active You can install an available update or uninstall a previously installed update Select System Config Software Updates from the menu to install new updates Uploading a Software Update When these software update files are downloaded to your l...

Page 97: ... s support servers for new updates security alerts and other important information When new information and updates are received an email can be sent to the administrator Click the Security Connection link in the System Config Software Updates screen Send Email Enable this option to send an email to the address specified in the Send Emails To field when an Email Firewall update is available Send E...

Page 98: ...98 CHAPTER 6 SYSTEM CONFIGURATION ...

Page 99: ...s Status and Utility Mail Queues Quarantine Daily Tasks Backup and Restore Reboot and Shutdown Reset to Factory Settings Status and Utility Select System Mgmt Status and Utility from the menu to view a number of system statistics such as the total system uptime load average the amount of used swap and disk partition space and NTP server status ...

Page 100: ...ail Receiving Use this button to disable and enable mail receiving only Mail Sending Use this button to disable and enable mail sending only Flush Mail Queue The Flush Mail Queue button is used reprocess any queued mail in the system Only click this button once If the mail queue does not process you may be experiencing other types of delivery problems and reprocessing the mail queue will only add ...

Page 101: ...uld come back with a response SMTP Server Enter the domain name of the destination SMTP server that you want to test Envelope from MAIL FROM The MAIL FROM part of the email message identifies the sender Enter an email address indicating the sender of the message Envelope to RCPT TO The RCPT TO part of the email message identifies the recipient of the email Enter an email address indicating the int...

Page 102: ...e Ping Utility The ping utility sends ICMP packets to a host and listens for a return packet This ensures that you have network connectivity to the destination server If you do not receive a response the destination host may not be available or it may indicate that your 3Com Email Firewall does not have network connectivity Try to ping other hosts internal and external to your network If you canno...

Page 103: ...eroute utility will show each network hop as it passes through each router to its destination If you are experiencing routing issues you will be able to see in the trace response where exactly the communication is failing Hostname Lookups Use the hostname lookup utility to ensure your DNS services are working properly Enter a hostname and the type of record you are looking up such as an A record C...

Page 104: ...n shows you important system information such as the current version of the system software the time it was installed and CPU and RAM information Mail Queues Select System Mgmt Mail Queues to view and manage queued mail The Mail Queues screen contains information on mail waiting to be delivered You can search for a specific mail message using the search function Messages that appear to be undelive...

Page 105: ...n also be forwarded to their original destination by clicking the Forward to Original Recipient button Use the search field to look for specific messages within the quarantine For example you could search for the name of a specific virus so that any quarantined messages infected with that virus will be displayed Expiry Settings Click the Set Expiry Settings button to configure the quarantine expir...

Page 106: ...l disk usage that can be used by the quarantine Click Update to enable the settings for new quarantined messages Click Update and Expire Now to apply the settings to all messages in the quarantine area Daily Tasks The Daily Tasks feature allows you to set up daily recurring FTP and Email backups The FTP backup and Email backup features must be configured separately in the System Mgmt Backup Restor...

Page 107: ...cked up before performing any type of software upgrade or update Starting a Backup You can perform backups on demand or you can schedule a tape or FTP backup once per day via the Daily Tasks option from the System Mgmt Daily Tasks screen The Email Firewall supports three backup methods FTP server Local Disk Email to admin Configuration only Select the type of backup and click the Next button Local...

Page 108: ...erver including a valid login and password Encrypt backup Select this option to encrypt the backup file Remote FTP server name or IP Enter the hostname or IP address of the destination FTP server Username on FTP server Enter the username to log in to this FTP server Password on FTP server Enter a corresponding password for the username entered Directory on FTP server for backup files Enter the des...

Page 109: ... Create scheduled backup to go to the Daily Tasks menu to create a recurring FTP backup Administrator Backup Email Options If you select the Email backup type the configuration will be saved and sent via email attachment to the 3Com Email Firewall administrator It is recommended that you save the email attachment to your local disk System mail and data cannot be backed up using this method Only th...

Page 110: ...PTER 7 SYSTEM MANAGEMENT Confirm the listed options and then click Create backup now to begin Alternately you can click Create scheduled backup to go to the Daily Tasks menu to create a recurring Email backup ...

Page 111: ...Local Disk To perform a restore from a file on a local disk click the Browse button to find the backup file If you are restoring from an email backup you must save the email attachment to the local disk first before performing the restore Click Next to continue When the file has been successfully uploaded confirm the items to restore and click Restore now ...

Page 112: ... this FTP server Password on FTP server Enter a corresponding password for the username entered Directory on FTP server for backup files Enter the destination directory on the FTP server to store your backup files Use PASV mode PASV Passive mode may be required for some types of FTP servers Choose this option if you are having problems with connecting to your FTP server Click Next to continue Conf...

Page 113: ...back to its factory default settings CAUTION All existing configuration settings and data will be lost if you reset to factory default settings Ensure that you perform a backup of your system if you wish to restore your configuration and data Also ensure that your system is connected to a UPS Uninterruptable Power Supply to prevent damage in the event of a power failure duing this procedure Click ...

Page 114: ...114 CHAPTER 7 SYSTEM MANAGEMENT ...

Page 115: ...Processing Activity Email Firewall Status Monitoring Mail Processing Activity Select Activity from the main menu to view the 3Com Email Firewall s Activity screen The Activity screen provides you with a variety of information on mail processing activity such as the number of messages in the mail queue the number of different types of messages received and sent and current message activity ...

Page 116: ...messages that have passed through the system Mail Received Recently The Mail Received Recently portion of the Activity screen displays the most recent messages processed by the system including their current status You can click on an individual message ID to see its details Troubleshooting Mail Queue Problems When troubleshooting mail problems examine the following items on the Activity screen Ex...

Page 117: ...Status Select Status from the main menu to determine if all services and servers are functioning properly For each service a status icon will indicate if the service is running properly if there is a warning or the service is unable to connect ...

Page 118: ... and the last time an update was retrieved Anti Spam Server Indicates the status of the Anti Spam server Anti Virus Server Indicates the status of your Anti Virus services including the time of the last pattern file update Network Settings Internal Mail Server Indicates the status of your internal mail server If it is inaccessible check the internal mail server to ensure that it is running Perform...

Page 119: ...s back to 3Com for analysis if you experiencing problems with your 3Com Email Firewall Send to This is the email address for 3Com support Version information Include the version information in the problem report Mail Log Include the Mail Log in the problem report Mail Configuration Include the Mail Configuration in the problem report Mail Queue Stats Include the Mail Queue Stats in the problem rep...

Page 120: ...orwarded to your 3Com Email Firewall or you will not be able to lookup external mail sites Check the DNS service itself to see if it is running and check your DNS records for any misconfiguration for your mail services Firewall Router If you are having issues with your firewall or router or if they have been misconfigured this may inadvertently block mail access to and from the 3Com Email Firewall...

Page 121: ... provides a detailed description of each message that passes through the system The start of a single message log entry begins with an smtpd connect message and ends with the disconnect message To ensure that you are looking at the entries for a specific message check the message ID such as 6D3872B1D8 A summary of the actions for this message are included in the log In the following example the me...

Page 122: ...mote SMTP server This allows you to verify that a certain SMTP server is responding to connection requests and returning a valid response If you are having trouble delivering mail to a specific server test your SMTP connection using this utility Ping and Traceroute Use the Ping and Traceroute utilities to ensure network connectivity with another host From the 3Com Email Firewall try to ping hosts ...

Page 123: ...es are being blocked when they should not be check the following Is there a Specific Access Pattern or Pattern Based Message Filter rule that applies to the message Is the attachment type filtered via Attachment Control Are the spam controls blocking the message Is the message over the maximum size limit Email History Every message that passes through the 3Com Email Firewall generates a database e...

Page 124: ...124 CHAPTER 8 MONITORING ACTIVITY AND STATUS Click on a specific message to see the details of its processing and final disposition ...

Page 125: ...cal settings for the variables at the time the message is sent For example in the following Delivery Failure Notification message from Mail Delivery Delivery Settings the HOSTNAME variable will be replaced with the hostname of your 3Com Email Firewall The following variables can be used Table 5 System Message Variables Variable Value Example PROGRAM or PRODUCT 3Com Email Firewall ...

Page 126: ...ettings Maximum Time in Mail Queue 5 days S_YOU or SENDER Mail address of sender sender example com R_YOU or RECIPIENT Mail address of recipient recipient example com SPAM_FOLDER The name of the spam folder for the user spam quarantine spam_quarantine SPAM_EXPIRY The number of days before quarantined spam is expired 30 SPAM_MESSAGES The information for a spam message Date From Subject 05 27 04 use...

Page 127: ...nd data will be lost and you cannot perform a restore from a previous configuration Use the following procedure to return the 3Com Email Firewall to factory default settings if you cannot connect using the web admin interface 1 Shutdown the system using the power button 2 Connect a USB keyboard and a monitor to the 3Com Email Firewall 3 Turn on the system 4 As the system restarts wait for the mess...

Page 128: ...RESET TO FACTORY DEFAULT SETTINGS FROM CONSOLE 8 You will need to reinstall and license the system using the Setup Wizard and License Wizard See the Installation Guide for details on installing the 3Com Email Firewall ...

Page 129: ...edia types Work shall mean the work of authorship whether in Source or Object form made available under the License as indicated by a copyright notice that is included in or attached to the work an example is provided in the Appendix below Derivative Works shall mean any work whether in Source or Object form that is based on or derived from the Work and for which the editorial revisions annotation...

Page 130: ...r documentation if provided along with the Derivative Works or within a display generated by the Derivative Works if and wherever such third party notices normally appear The contents of the NOTICE file are for informational purposes only and do not modify the License You may add Your own attribution notices within Derivative Works that You distribute alongside or as an addendum to the NOTICE text...

Page 131: ...ising or otherwise to promote the sale use or other dealings in this Software without prior written authorization of the copyright holder Cyrus SASL CMU libsasl Tim Martin Rob Earhart Copyright c 2000 Carnegie Mellon University All rights reserved Redistribution and use in source and binary forms with or without modification are permitted provided that the following conditions are met 1 Redistribu...

Page 132: ...tion are permitted provided that the following conditions are met 1 Redistributions of source code must retain the above copyright notice immediately at the beginning of the file without modification this list of conditions and the following disclaimer 2 Redistributions in binary form must reproduce the above copyright notice this list of conditions and the following disclaimer in the documentatio...

Page 133: ...ot be interpreted as representing official policies either expressed or implied of the FreeBSD Project FreeType The FreeType Project LICENSE 2000 Feb 08 Copyright 1996 2000 by David Turner Robert Wilhelm and Werner Lemberg Introduction The FreeType Project is distributed in several archive packages some of them may contain in addition to the FreeType font engine various tools and contributions whi...

Page 134: ... of distribute and sublicense the FreeType Project in both source and object code forms and derivative works thereof for any purpose and to authorize others to exercise some or all of the rights granted herein subject to the following conditions Redistribution of source code must retain this license file LICENSE TXT unaltered any additions deletions or changes to the original files must be clearly...

Page 135: ...01 2002 2003 2004 Doug Becker and copyright C 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 Thomas G Lane This software is based in part on the work of the Independent JPEG Group See the file README JPEG TXT for more information Portions relating to GIF compression copyright 1989 by Jef Poskanzer and David Rowley with modifications for thread safety by Thomas Boutell Portions relating to ...

Page 136: ...or company name in advertising or publicity relating to this software or products derived from it This software may be referred to only as the Independent JPEG Group s software We specifically permit and encourage the use of this software as the basis of commercial products provided that all warranty or liability claims are assumed by the product vendor Libspf The libspf Software License Version 1...

Page 137: ...CONTRIBUTORS BE LIABLE FOR ANY DIRECT INDIRECT INCIDENTAL SPECIAL EXEMPLARY OR CONSEQUENTIAL DAMAGES INCLUDING BUT NOT LIMITED TO PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES LOSS OF USE DATA OR PROFITS OR BUSINESS INTERRUPTION HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY WHETHER IN CONTRACT STRICT LIABILITY OR TORT INCLUDING NEGLIGENCE OR OTHERWISE ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWA...

Page 138: ...LDAP Foundation may revise this license from time to time Each revision is distinguished by a version number You may use this Software under terms of this license revision or under the terms of any subsequent revision of the license THIS SOFTWARE IS PROVIDED BY THE OPENLDAP FOUNDATION AND ITS CONTRIBUTORS AS IS AND ANY EXPRESSED OR IMPLIED WARRANTIES INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRAN...

Page 139: ...OTHER PARTIES PROVIDE THE PROGRAM AS IS WITHOUT WARRANTY OF ANY KIND EITHER EXPRESSED OR IMPLIED INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU SHOULD THE PROGRAM PROVE DEFECTIVE YOU ASSUME THE COST OF ALL NECESSARY SERVICING REPAIR OR CORRECTION IN NO EVENT UNL...

Page 140: ...ons are met 1 Redistributions of source code must retain the above copyright notice this list of conditions and the following disclaimer 2 Redistributions in binary form must reproduce the above copyright notice this list of conditions and the following disclaimer in the documentation and or other materials provided with the distribution 3 Neither the name of the University nor the names of its co...

Page 141: ...s mentioning features or use of this software must display the following acknowledgment This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit http www openssl org 4 The names OpenSSL Toolkit and OpenSSL Project must not be use to endorse or promote products derived from this software without prior written permission For written permission please contact ope...

Page 142: ...f source code must retain the above copyright notice this list of conditions and the following disclaimer 2 Redistributions in binary form must reproduce the above copyright notice this list of conditions and the following disclaimer in the documentation and or other materials provided with the distribution 3 The name PHP must not be used to endorse or promote products derived from this software w...

Page 143: ...conditions 2 Redistributions in binary form compiled executables must reproduce the above copyright notice definition disclaimer and this list of conditions in documentation and or other materials provided with the distribution The sole exception to this condition is redistribution of a standard UnZipSFX binary including SFXWiz as part of a self extracting archive that is permitted without inclusi...

Page 144: ...144 APPENDIX C THIRD PARTY COPYRIGHT AND LICENSE AGREEMENTS ...

Page 145: ... mail DNS Domain Name System This system maps a numerical Internet Protocol IP address to a more meaningful and easy to remember name When you need to access another device on your network you enter the name of the device instead of its IP address ESMTP Extended SMTP A set of extensions for the SMTP Simple Mail Transport Protocol for better multimedia message handling FTP File Transfer Protocol A ...

Page 146: ...iver the email Malformed Email An email message not structured according to standards Malformed email can be used to cause denial of service attacks and buffer overruns MIME Multipurpose Internet Mail Extension A standard for identifying the type of data contained in a file based on its extension MX Mail Exchanger A type of DNS record indicating the address of the email server NIC Network Interfac...

Page 147: ...rnet STA Statistical Token Analysis A method of identifying spam messages based on statistical analysis of email content Static route A routing entry ensuring connectivity to systems on other networks Subnet mask A subnet mask is used to divide the device part of the IP address into two further parts The first part identifies the subnet number The second part identifies the device on that subnet S...

Page 148: ...Traceroute A utility used to verify the routing path from one network host to another Trusted Senders List A list of users who can bypass email security controls when mailing local users Virtual Mapping Redirects email for a specified email address to another one without modifying the To or From headers of the email ...

Page 149: ...up and Restore 107 BCC Blind Carbon Copy 24 Blacklisting 39 54 BorderWare Mail Security Services 118 Bounce 25 Bulk 51 C Certificate Authority CA 41 95 Certificates 41 Check Relays 69 Configuration Information 104 Conventions notice icons About This Guide 10 text About This Guide 10 CPU Load 80 Current Admin and Spam Quarantine Users 104 D Daily Tasks 106 Default Anti Spam Action 48 Degraded mode ...

Page 150: ...nvelope From 38 Envelope To 38 ESMTP Extended SMTP 25 Examining Log Files 121 F Factory default settings 113 127 Flush Mail Queue 100 122 Forgotten admin password 127 FTP backup 106 107 108 G Gateway 89 Gateway status 118 Glossary 145 H HELO 38 40 101 Hostname Lookups 103 122 I Ignore MX 24 K KeepOpen 20 Kernel log 77 L License Agreements 94 License key 93 Licensed Users 118 Licensing 93 ...

Page 151: ...il 44 Masquerade Addresses 23 Maximum message size 39 Maximum recipients per message 39 Maybe Spam 52 Message Part 55 Message Restrictions 39 Messages log 77 MIME type 36 Minimum Free Queue Space 39 MX record 20 N Name Server 89 Network Configuration 85 Network Interfaces 90 Network Settings 89 Notifications Anti Virus 33 Attachment Control 33 35 Malformed Mail 45 Objectionable Content Filter 62 N...

Page 152: ...TP 112 Restore from Local Disk 111 RFC 1323 90 RFC 1644 90 S Secure Web Proxy 91 Security Connection 96 97 Security Server status 118 Self signed certificate 95 Setup Wizard 83 SMTP AUTH 42 SMTP Authenticated Relay 40 SMTP banner 40 SMTP Notification 25 SMTP Pipelining 25 SMTP Probe 101 122 SMTP Security 41 Software updates 96 Spam Quarantine 63 64 77 104 Expiry 105 Users 67 Specific Access Patter...

Page 153: ...ubleshooting Content Issues 123 Troubleshooting Mail Delivery Problems 120 Troubleshooting Mail Queue Problems 116 Trusted Senders List 62 U Unopenable attachments 32 Users 86 V Variables 125 Virtual Mappings 28 Virus pattern files 33 W Web browser compatibility 16 Web Proxy 91 Web Server Access log 77 Web Server Encrypted Accesses log 77 Web Server Encryption Engine log 77 Web Server Errors log 7...

Page 154: ...rranty or representation that its software products will meet Customer s requirements or work in combination with any hardware or software products provided by third parties that the operation of the software products will be uninterrupted or error free or that all defects in the software products will be corrected For any third party products listed in the 3Com software product documentation or s...

Reviews:

No comments

Related manuals for 3CR3MFA-92

Bosch DIVAR IP 7000 1U Installation Manual preview
DIVAR IP 7000 1U
Brand: Bosch Pages: 42
ZyXEL Communications ZyWALL 110 Series User Manual preview
ZyWALL 110 Series
Brand: ZyXEL Communications Pages: 562
Fortinet FortiBridge 1000 Configuration preview
FortiBridge 1000
Brand: Fortinet Pages: 286
SonicWALL TZ 170 Getting Started Manual preview
TZ 170
Brand: SonicWALL Pages: 30
EBLOCKER eBlocker Quick Start Manuals preview
eBlocker
Brand: EBLOCKER Pages: 6
H3C SecPath M9006 Manual preview
SecPath M9006
Brand: H3C Pages: 90
Fortinet FortiMail-5001A Quick Start Manual preview
FortiMail-5001A
Brand: Fortinet Pages: 2
Fortinet FortiManager-100 Quick Start Manual preview
FortiManager-100
Brand: Fortinet Pages: 2
Fortinet FortiGate FortiGate-5002FB2 Quick Start Manual preview
FortiGate FortiGate-5002FB2
Brand: Fortinet Pages: 2
Fortinet FortiGate ASM-FX2 Quick Start Manual preview
FortiGate ASM-FX2
Brand: Fortinet Pages: 1
Draytek Vigor2860 Series Quick Start Manual preview
Vigor2860 Series
Brand: Draytek Pages: 76

Brands by name

Popular brands

Load more brands