Symantec 11105111 - SYM MAIL SEC SMTP 5.0 SMS PORT MEDIA CD EN Page 156 User Manual Download | Manualshive

Page: 156 / 170

background image

156 Integrating Symantec Mail Security for SMTP with SESA

Configuring logging to SESA

on computers that are managed by Symantec security products. The event
categories and classes include antivirus, content filtering, network security, and
systems management. The range of events varies depending on the Symantec
applications that are installed and managed by SESA.

You can monitor and manage these security-related events through the SESA
Console. The SESA Console is the common user interface that provides
manageable integration of security technologies (Symantec or otherwise),
Symantec Security Services, and Symantec Security Response. You can query,
filter, and sort data to reduce the security-related events that you see through
the SESA Console, which allows you to focus on threats that require your
attention. You can configure alert notifications in response to events, and
generate, save, and print tabular and graphical reports of event status, based on
filtered views that you have created.

SESA must be installed and working properly before you can configure
Symantec Mail Security for SMTP to log events to SESA.

For more information, see the SESA documentation.

Configuring logging to SESA

The logging of events to SESA is in addition to the standard local logging
features for Symantec Mail Security for SMTP. Logging to SESA is activated
independently of standard local logging. If you have purchased SESA, you can
send a subset of the events that are logged by Symantec Mail Security for SMTP
to SESA.

See

“Interpreting Symantec Mail Security for SMTP events in SESA”

on

page 164.

To configure logging to SESA, you must complete the following steps:

■

Configure SESA to recognize Symantec Mail Security for SMTP. In order for
SESA to receive events from Symantec Mail Security for SMTP, you must
run the SESA Integration Wizard that is specific to Symantec Mail Security
for SMTP on each computer that is running the SESA Manager. The SESA
Integration Wizard installs the appropriate integration components for
identifying the individual security product (in this case, Symantec Mail
Security for SMTP) to SESA.
See

“Configuring SESA to recognize Symantec Mail Security for SMTP”

on

page 157.

«
...
154
155
156
157
158
...
»

Summary of Contents for 11105111 - SYM MAIL SEC SMTP 5.0 SMS PORT MEDIA CD EN

Page 1: ...Symantec Mail Security for SMTP...

Page 2: ...d Symantec Security Response and Symantec pcAnywhere are trademarks of Symantec Corporation and its subsidiaries Sun Sun Microsystems the Sun logo and Solaris are trademarks or registered trademarks o...

Page 3: ...hest level of protection Global support from Symantec Security Response experts which is available 24 hours a day 7 days a week worldwide in a variety of languages for those customers enrolled in the...

Page 4: ...er Service online go to www symantec com select the appropriate Global Site for your country then choose Service and Support Customer Service is available to assist with the following types of issues...

Page 5: ...rposes or copy the Software onto the hard disk of Your computer and retain the original for archival purposes C use the Software on a network provided that You have a licensed copy of the Software for...

Page 6: ...imitations set forth above will apply regardless of whether or not You accept the Software 5 U S Government Restricted Rights RESTRICTED RIGHTS LEGEND All Symantec products and documentation are comme...

Page 7: ...ly 1 You may use the Software in the quantity licensed to You by Symantec under a License Module until the end date indicated on the License Module the End Date solely on computing devices owned by yo...

Page 8: ...8...

Page 9: ...stall 23 Installing and configuring the operating system 24 Upgrading from previous versions 24 Preserving configuration settings from previous versions that use high ASCII or DBCS directories 25 Conf...

Page 10: ...ocation 56 Processing messages in the hold queue 58 Configuring scan options 60 Configuring routing options 62 Configuring default routing 62 Configuring local routing 64 Configuring alerts 67 Configu...

Page 11: ...guring alerts 108 Configuring LDAP settings 108 Editing the notification templates 114 Accessing the spam quarantine 119 Blocking by custom spam rules 122 Chapter 6 Setting your filtering policy About...

Page 12: ...or SMTP 157 Installing the local SESA Agent using the SESA Agent Installer 158 Installing the SESA Agent manually by command line 162 Configuring Symantec Mail Security for SMTP to log events to SESA...

Page 13: ...il before sending it to a local mail server for delivery It can be configured to protect your network in the following ways Block unwanted email messages Scan and repair infected email attachments fil...

Page 14: ...To use this feature you must deploy the optional plug in for Microsoft Outlook to the desktop computers on your network URL filtering Symantec builds its known spammer list based on URLs that appear...

Page 15: ...s For more information see the LiveUpdate Administrator s Guide on the product CD Symantec Central Quarantine You can configure Symantec Mail Security for SMTP to automatically forward infected attach...

Page 16: ...ent from an Internet or internal network source it decodes and decompresses the message It sends the message to the fast queue a logical Microsoft Outlook Plug in As a part of the premium antispam ser...

Page 17: ...e attachment it deletes the attachment by default With container files Symantec Mail Security for SMTP removes the infected files from the containers and attempts to repair the files If a virus is det...

Page 18: ...P so that users on the network become aware of its operation only if a virus or content violation is detected You can also configure Symantec Mail Security for SMTP to send alerts to administrators in...

Page 19: ...ddress Real time blacklist antispam lists Heuristic detection Spam rules Respond to viruses Your antivirus policy is determined by how you configure Symantec Mail Security for SMTP to handle email mes...

Page 20: ...achments that are not repaired or deleted Option Description Drop message Email messages that contain unrepairable infected attachments that were not deleted are dropped Log only A record of the incid...

Page 21: ...you have configured your relay settings See Configuring routing options on page 62 By establishing anti relay settings Symantec Mail Security for SMTP prevents the relaying of spam by an external hos...

Page 22: ...22 Introducing Symantec Mail Security for SMTP What you can do with Symantec Mail Security for SMTP...

Page 23: ...Spam Folder Agent Post installation tasks Uninstalling Symantec Mail Security for SMTP Before you install You must perform the following pre installation tasks when appropriate Install and configure t...

Page 24: ...evious versions To upgrade from Symantec AntiVirus for SMTP Gateways 3 0 or 3 1 or Symantec Mail Security for SMTP 4 0 you should install Symantec Mail Security for SMTP 4 1 over the existing software...

Page 25: ...stallation There is usually one directory in Windows There may be multiple directories in Solaris 5 Create a directory for the backed up queues logs and local folders where the new version will be ins...

Page 26: ...ty for SMTP is installed You must stop these conflicting services before installing Symantec Mail Security for SMTP Note When you install Symantec Mail Security for SMTP on a Solaris server the instal...

Page 27: ...ing its scanning process Note If you are running a desktop antivirus product on the server on which you install Symantec Mail Security for SMTP you must configure the desktop product not to scan the Q...

Page 28: ...patible Memory 512 MB RAM 1 GB or more recommended for optimal performance Disk space to install 100 MB Available disk space after installation for email processing 500 MB minimum Network configuratio...

Page 29: ...ecurity for SMTP automatically attempts to disable it A record that the process has been disabled is placed in the log directory If another process is disabled because it is running on port 25 there i...

Page 30: ...n the DNS server addresses list The host name is the Computer name that is entered in System Properties on the Network Identification tab Contact your administrator or Internet service provider ISP if...

Page 31: ...install Symantec Mail Security for SMTP Run the installation script or setup program The Symantec Mail Security for SMTP files are included on the installation CD For Solaris you must be logged on as...

Page 32: ...ocation Table 2 1 shows the default installation directory locations for Solaris Table 2 1 Installation directories for Solaris Directory Description Default location InstallDir Contains the Symantec...

Page 33: ...r premium antispam antivirus and heuristic antispam files opt SMSSMTP csapi Table 2 2 Installation directories for Windows Directory Description Default location Install Contains the Symantec Mail Sec...

Page 34: ...mbers exclusive to Symantec Mail Security for SMTP and not already in use by any other program or service Because the built in HTTP server is not a general purpose Web server do not use port number 80...

Page 35: ...specify must be different from the HTTP and SMTP port numbers exclusive to Symantec Mail Security for SMTP and not already in use by any other program or service The default HTTPS port number is 8043...

Page 36: ...antec Mail Security is installed To install the Symantec Spam Folder Agent 1 On the product CD click Install Spam Folder Agent 2 Read the license agreement click I accept the terms of this license agr...

Page 37: ...roduct and content license See Activating product and content licenses on page 38 Route scanned email for delivery See Routing scanned messages for delivery on page 40 Stop and restart Symantec Mail S...

Page 38: ...s The product license is required to activate Symantec Mail Security for SMTP scanning operations The content license is required to receive the latest virus and heuristics spam definitions updates To...

Page 39: ...rus and spam definitions that are needed to keep protection current are not downloaded If you have questions about licensing contact Symantec Customer Service at 800 721 3934 or your reseller to check...

Page 40: ...tec Mail Security for SMTP server is not the last hop before the Internet you might need to use default routing See Configuring default routing on page 62 To route scanned messages for delivery 1 Open...

Page 41: ...Symantec Mail Security for SMTP on Windows 2000 2003 Server stop and restart the service in the Services Control Panel To stop Symantec Mail Security for SMTP on Solaris Type the following command etc...

Page 42: ...ectories Uninstall Symantec Mail Security for SMTP from Windows 2000 2003 Server There may be files and registry entries that are not removed when you uninstall Symantec Mail Security for SMTP You mus...

Page 43: ...ws taskbar click Start Run 2 In the Run window type regedit 3 Click OK 4 In the Registry Editor window under My Computer double click HKEY_LOCAL_MACHINE 5 Double click SOFTWARE 6 Right click the Syman...

Page 44: ...44 Installing Symantec Mail Security for SMTP Uninstalling Symantec Mail Security for SMTP...

Page 45: ...nfiguring administrator settings Configuring connection and delivery options Processing messages in the hold queue Configuring scan options Configuring routing options Configuring alerts Configuring n...

Page 46: ...able 3 1 describes the administrator settings that you can configure through the administrative interface Table 3 1 Administrator settings Setting Description Administrator password The administrator...

Page 47: ...to set a password through the administrative interface unless you want to change the password that you set during installation 3 In the Confirm box type the password again 4 Click Change Password To...

Page 48: ...gs in the Administrator timeout box type the number of minutes that should elapse without activity before a new logon is required Five minutes is the default The administrator timeout applies to both...

Page 49: ...on page 56 Temporary directory location See Changing the temporary files directory location on page 56 Configuring SMTP options The port numbers for SMTP HTTP or HTTPS must be unique To change more t...

Page 50: ...compelling reason to do otherwise accept the default Additional connections are queued when the system is already processing the maximum number of connections that are allowed Multiprocessor computers...

Page 51: ...Save Changes To reject incoming messages 1 On the Symantec Mail Security for SMTP administrative interface in the left pane click Configuration 2 On the Setup tab under Delivery check Reject incoming...

Page 52: ...Symantec Mail Security for SMTP administrative interface in the left pane click Configuration 2 On the Setup tab under HTTP HTTPS in the HTTP port number box type the port number on which the built in...

Page 53: ...urity for SMTP administrative interface in the left pane click Configuration 2 On the Setup tab in the HTTPS port number box type the port number of the HTTPS server The default port number is 8043 Th...

Page 54: ...ow copy the entire request including the header and footer to your clipboard or to a text file 2 Click OK 3 Submit the clipboard contents or the copied text file to a recognized Certificate Authority...

Page 55: ...ble to act as your own Certificate Authority you need only install a signed certificate that is created from the request that is generated by Symantec Mail Security for SMTP and enable SSL encryption...

Page 56: ...the local time zone 1 On the Symantec Mail Security for SMTP administrative interface in the left pane click Configuration 2 On the Setup tab under Local time zone in the Region drop down list select...

Page 57: ...ec Mail Security for SMTP Configuring connection and delivery options To change the temporary files directory location 1 On the Symantec Mail Security for SMTP administrative interface in the left pan...

Page 58: ...started for the new directory setting to take effect Processing messages in the hold queue Messages are placed in the hold queue in one of the following ways If a message causes a system crash three t...

Page 59: ...ssed To drop messages that are in the hold queue 1 On the Symantec Mail Security for SMTP administrative interface in the left pane click Configuration 2 On the Hold Queue tab click Drop Messages 3 In...

Page 60: ...ever processing efficiency may be increased by identifying specific file types to scan You can specify in the Include list those file types that are commonly at risk of infection If the Include list i...

Page 61: ...b select one of the following All files regardless of extension Only those with extensions in Include list All except those with extensions in Exclude list 3 If Only those with extensions in Include l...

Page 62: ...ng configurations are as follows Default routing See Configuring default routing on page 62 Local routing See Configuring local routing on page 64 Configuring default routing Setting default routing i...

Page 63: ...ration 2 On the Routing tab under Default Routing in the Host box type the fully qualified host name or IP address of your mail server 3 In the Port box type the port number of your mail server The de...

Page 64: ...essed to that host name domain or IP address as local It does a DNS lookup for the address and delivers it to the address that is specified in the MX record An entry host name domain or IP address fol...

Page 65: ...trative interface in the left pane click Configuration 2 On the Routing tab under Local Routing List click Add 3 Under Routing list entry type the host name IP address or domain of a mail server to wh...

Page 66: ...host or domain will be relayed using the host that is designated in the Host box under Destination relay 5 In the Port box type the port number for the mail server The default port number is 25 6 Clic...

Page 67: ...ress is specified See To set administrator email addresses for notifications and alerts on page 48 Note Sending alerts increases the load of the server On a heavily used mail server you should limit t...

Page 68: ...stop The service has stopped Subject Service Stop Body The service has been stopped Low disk space The disk space in the logging email scanning or mail queuing directory is less than 10 percent Subje...

Page 69: ...as detected by the server Frequent failed logon attempts Three unsuccessful logon attempts have been made An alert is sent on the third attempt and one is sent for every unsuccessful attempt thereafte...

Page 70: ...for notifications and alerts on page 48 Understanding notifications Violation notifications have the following text Subject SMSSMTP Policy Violation Message The following message sent by this account...

Page 71: ...SPOSITION Tag in Policy Violation notification to administrator Contains information about how the message was handled The message was dropped CONTENTINFO Tag in Policy Violation notification to admin...

Page 72: ...fault Subject and Body text or delete the default text and type your own 4 If you selected to notify the sender under Message for sender either accept the default Subject and Body text or delete the d...

Page 73: ...igure logging options 1 On the Symantec Mail Security for SMTP administrative interface in the left pane click Configuration Logon Subjects blocked Logoff Scan error Definitions updated Sender blocked...

Page 74: ...Diagnostic files are located on Windows and Solaris in the queues diagnostic files directory If you contact Symantec Technical Support for assistance you may be instructed to configure the Queue File...

Page 75: ...enerated for each inbound connection If outbound logging is enabled one log is generated for each message delivery attempt The conversation log files are saved to the diagnostic files directory that i...

Page 76: ...ermine error type triggers All SMTP errors All SMTP errors are logged Communication error Network and socket errors are logged Protocol error Failures to follow defined SMTP protocols such as a comman...

Page 77: ...definitions files Enabling virus definitions updates through Intelligent Updater Setting up your own LiveUpdate server About your antivirus policy Your antivirus policy is determined by how you config...

Page 78: ...See Enabling mass mailer cleanup on page 81 Quarantine files See Forwarding infected files to the Central Quarantine on page 82 Enabling virus scanning You must enable virus scanning and set the Bloo...

Page 79: ...irus settings To enable virus scanning 1 On the Symantec Mail Security for SMTP administrative interface in the left pane click Antivirus Policy 2 In the Antivirus Settings window under Antivirus scan...

Page 80: ...for files to be processed See Enabling virus scanning on page 78 See Configuring scan options on page 60 To handle infected files 1 On the Symantec Mail Security for SMTP administrative interface in...

Page 81: ...re detected as mass mailer worms to be dropped When the mass mailer cleanup function is enabled in the administrative interface Symantec Mail Security for SMTP searches for a match between virus name...

Page 82: ...s are submitted to Symantec Security Response for analysis If a new virus is identified updated virus definitions are returned using LiveUpdate See Updating virus and spam definitions files on page 84...

Page 83: ...n to work To configure outbreak alerts 1 On the Symantec Mail Security for SMTP administrative interface in the left pane click Antivirus Policy 2 In the Outbreak Alert window check Send an email aler...

Page 84: ...spam definitions for Symantec Mail Security for SMTP you must run LiveUpdate in the product Running LiveUpdate in other Symantec products will not update your definitions for Symantec Mail Security f...

Page 85: ...M 6 00 P M and 10 00 P M Because LiveUpdate considers midnight the end of the day it does run for the last time at 10 00 P M and does not run again until 6 00 A M which is designated as the first att...

Page 86: ...AntiVirus setup iu bat enable Symantec Mail Security for SMTP checks shared virus definitions once per minute To disable Intelligent Updater for Windows Run the following script default directory Prog...

Page 87: ...operations for your network The LiveUpdate Administration Utility is provided on the Symantec Mail Security for SMTP product CD For more information see the LiveUpdate Administrator s Guide on the Sy...

Page 88: ...88 Setting your antivirus policy Setting up your own LiveUpdate server...

Page 89: ...naging an auto generated whitelist Blocking by real time antispam blacklists Blocking by a custom blacklist Identifying spam messages using the heuristic antispam engine Identifying spam using Symante...

Page 90: ...pam whitelist exclusion when spam processing begins Symantec Mail Security for SMTP checks the antispam whitelist first and then queries the real time blacklists If the envelope sender matches a domai...

Page 91: ...ses 3 In the exclusion box type the domains one per line to be excluded from regular spam processing Domain names must begin with either or a period where a period specifies a wildcard match for any s...

Page 92: ...Symantec Mail Security for SMTP stores a maximum of 2000 entries in the auto generated whitelist When the maximum number of entries is exceeded it removes the top 50 Activate and manage an auto genera...

Page 93: ...erated tab under List management in the Exclusion list box type the domains one per line that you do not want the auto generated whitelist to track Type a period before each domain to signify a wildca...

Page 94: ...y the list operators Real time blacklisting depends on an actively maintained DNS server with a database of IP addresses that are associated with Internet mail servers that are judged to be abusive on...

Page 95: ...Type one return code provided by the blacklist provider per line to identify email as spam Identifying return codes means that only the email messages that are associated with the return codes will b...

Page 96: ...cters in the user name portion of the address Note If you configure Symantec Mail Security for SMTP to block a subdomain server company com for example it blocks only that subdomain and not the full d...

Page 97: ...m score the more probable it is that the message is spam This score in conjunction with the engine sensitivity level 1 low 5 high determines whether a message is considered spam Note The default sensi...

Page 98: ...heck Insert X bulk header to add a default header name X Bulk space spam score to the MIME headers of all messages that have been detected as spam 5 Under Handling detected spam select any of the foll...

Page 99: ...hich virtually no outgoing email is spam Suspect list A list of IP addresses from which virtually all of the outgoing email is spam Suspected spam threshold The premium antispam service calculates a s...

Page 100: ...the following types of filters URL filtering Symantec builds its known spammer list based on URLs that appear in spam This list contains over 20 000 URLs Heuristic filtering Heuristic filters scan the...

Page 101: ...mium AntiSpam To configure Symantec Premium AntiSpam 1 On the Symantec Mail Security for SMTP administrative interface in the left pane click Anti spam Policy 2 In the Premium AntiSpam window on the G...

Page 102: ...c Mail Security for SMTP administrative interface in the left pane click Anti spam Policy 2 In the Premium AntiSpam window on the General tab under Symantec Reputation Service Lists uncheck the check...

Page 103: ...E headers of all messages that have been detected as spam Mark for Spam Folder You must have the Spam Folder Agent installed on the Exchange or Domino server through which you are routing the mail An...

Page 104: ...n for Microsoft Outlook to the desktop computers on your network The plug in is available on the Symantec Mail Security for SMTP installation CD To enable language identification 1 On the Symantec Mai...

Page 105: ...ne tab under Spam Quarantine settings in the Quarantine host type the IP address of the spam quarantine server The quarantine host should be the server on which Symantec Mail Security for SMTP is inst...

Page 106: ...reating administrator information You can create one or more administrator accounts through the Brightmail spam quarantine user interface To access the Brightmail spam quarantine user interface On the...

Page 107: ...inistrator 7 Click Save To edit an administrator s information 1 On the Settings tab in the left pane under System Settings click Administrators 2 In the Administrators window select the administrator...

Page 108: ...rts 2 On the Alerts Settings window under Configture Alerts under User Notification type the email addresses of users to whom alerts will be sent Separate multiple addresses with commas with no spaces...

Page 109: ...3 In the LDAP window under LDAP Server in the Server box type the fully qualified domain name or IP address of an Active Directory domain controller such as dc example com If you have a multi domain A...

Page 110: ...rmation that you have specified and try again Do not proceed until clicking Test Login yields a success message 10 Under Windows Domain Names type the NetBIOS domain names used by Active Directory If...

Page 111: ...DAP to allow anonymous access the Anonymous bind setting does not usually have adequate authentication privileges for the spam quarantine to access the necessary LDAP information 6 In the Name box typ...

Page 112: ...cribes the problem is displayed 12 If the test query was successful but the response time is slow or if your site has multiple domains in the Query start base DN box edit the Base DN entry so that it...

Page 113: ...ve 15 Attempt to log on to the spam quarantine To configure quarantine settings 1 On the Internet go to http QuarantineServer 41080 brightmail viewLogin do User name is admin Password is brightmail 2...

Page 114: ...would like to receive quarantine notifications By default a notification process runs at 4 A M every day to determine if users have new spam messages in the quarantine If so it sends a message to use...

Page 115: ...ication digests should appear to be sent You should type an address to which users can send questions about the notification digests Specify the full email address including the domain name for exampl...

Page 116: ...HTML notification format QUARANTINE_DAYS Number of days that messages in the Quarantine will be kept After that period messages will be purged QUARANTINE_URL URL that the user clicks to display the q...

Page 117: ...ased from the quarantine and sent to the user s normal inbox If you remove the NEW_QUARANTINE_MESSAGES variable from the notification digest template the new message summary including the Release link...

Page 118: ...essible from any computer where users will log on to the spam quarantine If you leave this box empty when a user clicks Need help logging in online help from Symantec is displayed in a new window Maxi...

Page 119: ...IP address of the computer on which Symantec Mail Security for SMTP is installed Symantec Mail Security for SMTP will deliver all messages that are released to the inbox by the quarantine users send...

Page 120: ...arantine viewInbox do 2 Click the column heading on which you want to sort A triangle appears in the selected column that indicates ascending or descending sort order 3 Click the selected column headi...

Page 121: ...e reinsertion key that the spam quarantine server assigned to the one that is entered in Symantec Mail Security for SMTP If the keys match the message bypasses the antispam engines and is delivered to...

Page 122: ...pam Rules window on the Status tab select Enable message body scanning for both Spam and Content Violation Rules 3 Click Save Changes 4 On the Spam tab under Spam filtering rules click Add 5 Under Cus...

Page 123: ...rms box type the terms to be used to identify that a message is not spam If a term is in the Not field and a message is sent that has all of the blocked terms AND OR portion of rule but also has a Not...

Page 124: ...124 Setting your antispam policy Blocking by custom spam rules...

Page 125: ...policy This chapter includes the following topics About your filtering policy Blocking by content Blocking by container file limits Blocking if an encrypted container is detected Preventing relaying...

Page 126: ...ssages with specified file names may be delivered with their attachments deleted Not deleting attachments based on file names is the default although a suggested extension list is provided Container l...

Page 127: ...administrative interface in the left pane click Filtering Policy 2 In the Content window under Blocking by message size check Reject messages that are greater than megabytes The default is 50 3 In the...

Page 128: ...tive Fw and Re are added automatically by the software 4 Under Take the following action when a subject line violation occurs select one of the following Drop message Log only Forward message 5 If you...

Page 129: ...cation inf Setup information file ins Internet communication settings isp Internet communication settings js JScript file jse JScript encoded script file lnk Shortcut mdb Microsoft Access database mde...

Page 130: ...ernet shortcut Uniform Resource Locator vb VBScript file vbe VBScript encoded script file vbs VBScript script file vsd Visio drawing file vss Visual SourceSafe file vst Targa bitmap file vsw Visio wor...

Page 131: ...131 Setting your filtering policy Blocking by content To block by file name 1 On the Symantec Mail Security for SMTP administrative interface in the left pane click Filtering Policy...

Page 132: ...g format badnews doc You can use for the file name or the extension 4 To delete a default file name select and delete the file name 5 Check If an attachment is deleted add the following text to the me...

Page 133: ...administrative interface in the left pane click Filtering Policy 2 In the Container Limits window select the container limit descriptors that you want to use for determining exceeded container limits...

Page 134: ...for SMTP administrative interface in the left pane click Filtering Policy 2 In the Encrypted Container window select one of the following Delete container and deliver message Drop message Log only Fo...

Page 135: ...SMTP to remote hosts Do not allow except for listed hosts one per line Relay restrictions are enabled for external hosts Only email from explicitly named hosts and domains can be relayed to remote hos...

Page 136: ...sired type one host name IP address or domain per line for mail servers from which email will be allowed Domain name entries in this box will work only if the hosts have appropriate PTR records You ca...

Page 137: ...MTP will search for email addresses to block Do not insert spaces or commas between the entries 4 Click Save Changes Blocking by custom content rules You can create content rules to be used for proces...

Page 138: ...rules 3 Click Save Changes 4 On the Content tab under Content filtering rules click Add 5 Under Custom filtering rule definition check Enable this custom filtering rule 6 In the drop down list select...

Page 139: ...uding spaces are matched literally except for the following The maximum number of terms within a single rule is 50 The maximum number of spam and content rules combined is 100 8 Click Save 9 On the Co...

Page 140: ...140 Setting your filtering policy Blocking by custom content rules...

Page 141: ...metrics that were calculated from the time of the most recent startup At the bottom of the window you can click Refresh to update the display to reflect current real time status Note Symantec Mail Sec...

Page 142: ...s Unrepairable Files or Disabled Total number of megabytes that have been received for processing since the server was last started Message delivery mode Delivery or Pause Incoming message status Acce...

Page 143: ...owing cases attachments are not repaired or deleted subject lines are disallowed container limit has been exceeded encrypted container has been detected disallowed sender s address has been detected b...

Page 144: ...ary reports on page 145 Detail Shows detailed information about message infection and virus activity to include dates of occurrences and client IP addresses for example See Generating detail reports o...

Page 145: ...e Symantec Security Response Web site where you can view specific data about the virus Subjects Blocked Appears only when messages have been rejected due to blocked subject lines It shows the subject...

Page 146: ...rate summary reports 1 On the Symantec Mail Security for SMTP administrative interface in the left pane click Reporting 2 On the Summary Report tab in the From and To drop down lists select the date a...

Page 147: ...iolation occurs the configured message size has been exceeded Messages bounced Number of incoming messages that were bounced Messages dropped Number of incoming messages that were dropped Messages del...

Page 148: ...page 149 SMTP Associated with the transmission of mail between the server that is running Symantec Mail Security for SMTP and other mail transfer agents MTAs See About SMTP actions on page 150 Symante...

Page 149: ...pane click Reporting 2 On the Detail Report tab in the From and To drop down lists specify the date and time range for the report 3 Check the actions to include in the report 4 In the Search box you c...

Page 150: ...the Symantec Mail Security for SMTP service stopped Reordering started Shows the date and time that queue reordering started Reordering stopped Shows the date and time that queue reordering stopped t...

Page 151: ...n and the reason for the rejection Table 7 7 Premium AntiSpam actions Action Description Spam Shows heuristic spam detection events and spam detection from the premium antispam service The spam score...

Page 152: ...rmation the reason for the bounce and the SMTP ID Delivery failed Shows the date and time that a message was delivered the SMTP ID and the last response of the server Delivered Shows the date and time...

Page 153: ...was deleted From To information SMTP ID number the name of the deleted file and the reason for the file being deleted Spam list block Shows the date and time that the message was blocked how the messa...

Page 154: ...ing client From To information subject size SMTP ID and information for which the rule was triggered Spam rule violation Shows the date and time that the violation occurred the sending client From To...

Page 155: ...d a common user interface framework It integrates multiple Symantec Enterprise Security products and third party products to provide a central point of control of security within an organization It pr...

Page 156: ...SESA must be installed and working properly before you can configure Symantec Mail Security for SMTP to log events to SESA For more information see the SESA documentation Configuring logging to SESA...

Page 157: ...for SMTP on each computer that is running the SESA Manager The SESA Integration Wizard installs the appropriate integration components for identifying Symantec Mail Security for SMTP to SESA You must...

Page 158: ...e installation package for installing the Agent is located on the distribution CD for Symantec Mail Security for SMTP SESA Domain Administrator Name The name of the SESA Directory Domain Administrator...

Page 159: ...MTP 4 1 is installed See Uninstalling the local SESA Agent on page 166 To install the SESA Agent on Windows 2000 Server 1 Log on to the computer on which you have installed Symantec Mail Security for...

Page 160: ...In the Organizational unit distinguished name box type the organizational unit distinguished name to which the Agent will belong If the organizational unit is unknown or not yet configured you can lea...

Page 161: ...page click Enter 5 Indicate that you agree with the terms of the Symantec license agreement and then click Enter If you indicate No the installation is cancelled 6 On the Readme page read the readme...

Page 162: ...t should start automatically on system boot 1 The SESA Agent starts automatically on system boot 2 You must manually restart the SESA Agent after each system boot 13 Type one of the following to indic...

Page 163: ...h Symantec Mail Security for SMTP will forward events 6 Save and close the Agent settings file To install the SESA Agent by command line 1 On the computer on which Symantec Mail Security for SMTP is i...

Page 164: ...Changes Interpreting Symantec Mail Security for SMTP events in SESA SESA provides extensive event management capabilities such as common logging of normalized event data for SESA enabled security pro...

Page 165: ...dministrator and the SESA Directory SESA Domain Administrator Name The name of the SESA Directory Domain Administrator account SESA Domain Administrator Password The password for the SESA Directory Do...

Page 166: ...o uninstall the Agent from Windows through the Control Panel To uninstall the local SESA Agent from Windows through the Control Panel 1 On the Windows taskbar click Start Settings Control Panel Add or...

Page 167: ...8 HTTP 34 52 HTTPS 35 53 I installing SESA Agent 158 Symantec Mail Security for SMTP 29 31 L language identification 99 104 licensing 38 LiveUpdate 84 87 local SESA Agent installing 158 logging config...

Page 168: ...ith 26 spam blocking 90 identifying 99 preventing relay of 135 suspected 102 Spam Folder Agent 36 spam quarantine accessing 119 configuring 104 status page 141 system requirements 28 T temporary files...

Page 169: ...____________ Expires _________________________ Name on Card please print ___________________________________ Signature ___________________________________ U S Dollars Payment must be made in U S dolla...

Page 170: ...170...

Reviews:

No comments

Related manuals for 11105111 - SYM MAIL SEC SMTP 5.0 SMS PORT MEDIA CD EN

ANTI-VIRUS FOR MIMESWEEPER -

Brand: F-SECURE Pages: 44

Brand: McDATA Pages: 170

Brand: Epson Pages: 6

Stylus Color 600Q

Brand: Epson Pages: 1

Stylus Pro - Stylus Color Pro Ink Jet Printer

Brand: Epson Pages: 14

Software Film Factory

Brand: Epson Pages: 73

Stylus Pro - Stylus Color Pro Ink Jet Printer

Brand: Epson Pages: 98

Stylus Color 600Q

Brand: Epson Pages: 95

Brand: Epson Pages: 209

PowerLite D6150

Brand: Epson Pages: 196

DESKTOP VERSION 1.2

Brand: Livescribe Pages: 70

Brand: Emagic Pages: 256

CERTIFICATE 8.0 RELEASE NOTES

Brand: Red Hat Pages: 34

CERTIFICATE 7.3 RELEASE NOTES

Brand: Red Hat Pages: 24

Brand: LEI Extras Pages: 80

Jetstream CPX-1000

Brand: Paradyne Pages: 240

Digital Vintage Reverb DVR2

Brand: TC Electronic Pages: 16

ASSIMILATOR KONNEKT

Brand: TC Electronic Pages: 18

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands