|

|
From the Security Manager, click Global Settings.
|

|

|
From the pull-down menu Role, select a new default role.
|

|

|

|

|
Click OK.
|
|

|

|
In the text field Role Name, enter a name for the new role.
|

|
In the text field Description, enter a brief, clear description of the role.
|

|
From the Managed users and groups table, define the users or user groups to be managed by this role:
|
ï¡ï€®ï€ˆ
|
?
|
?
|
In the field User email addresses, enter the desired email addresses, separated by semicolons.
|
ï£ï€®ï€ˆ
|
Click OK.
|

|
In the section Administrators, click Assign Role.
|

|
Click OK.
|

|

|
In the text field SMTP greeting, enter a new start-up message.
|

|
Click OK
|

|
In the text field Administrator email address, enter the desired recipient address for notifications of system events.
|

|
In the text field Default sender email address, enter the desired sender address from which user notification messages should be sent.
|

|
Click OK.
|

|
From the pull-down menu Preferred character encoding, select a character set for encoding messages.
|

|
From the pull-down menu Administrator console language, select the language that the appliance should use.
|

|
Click OK.
|
Selection of the appliance and Delete removes the appliance from the Email Appliances page.
|

|

|
In the text field C interface IP address, enter the IP address used for communication with the Email Security module.
|

|
Click OK.
|
Changing the C interface IP address of an appliance terminates the appliance connection with the Email Security module. In order to re-establish the connection, the IP address must also be changed on the Email Security module page Settings > General > Email Appliances.
You should also change the address for the Personal Email Manager notification message (Settings > Personal Email > Notification Message).
|

|
From the page Settings > General > Email Appliances, click the hostname of an appliance.
|

|
In the text field C interface IP address, enter the new IP address.
|

|
Click OK.
|

|

|
Click Add.
|

|
Click OK.
|

|

|

|

|
Click Submit.
|
?
|

|

|
In the text field User directory name, enter a name for the user directory.
|

|
From the pull-down menu User directory type, select a type; Microsoft Active Directory, IBM LDAP Server, Generic LDAP, Recipient List, or ESMTP.
|
?
|

|

|
In the text field User directory name, enter a name for the user directory.
|

|

|
In the text field Server IP address or hostname, enter the IP address or hostname of your LDAP server.
|

|
In the text field Port, enter the port number.
|

|
(Optional) Enable secure LDAP, a nonstandard protocol also known as LDAP over SSL; mark the check box Enable secure LDAP.
|

|
In the text field Username, enter the username for this appliance.
|

|
In the text field Password, enter the password for this appliance.
|

|
In the text field Search domain, enter the LDAP server's search domain name.
|

|
Verify that the field Search filter contains a standard LDAP query that can use validation variables, for example:
|

|
?
|
The Mirror setting means that valid addresses are cached all at once by synchronizing the cache with all the addresses stored on the LDAP server. You can manually synchronize the cache with the LDAP server any time after that by clicking Synchronize for this directory on the User Directories page.
|
?
|
The Cache address setting means the cache is updated dynamically. A new, valid address is cached after it is verified with the LDAP server. Remove all addresses from the cache by clicking Clear cache.
|

|
In the text field Cache timeout, enter a value in minutes.
|

|
Click OK.
|

|

|
In the text field User directory name, enter a name for the user directory.
|

|

|
In the text field Server IP address or hostname, enter the IP address or hostname of your LDAP server.
|

|
In the text field Port, enter the port number.
|

|
(Optional) Enable secure LDAP, a nonstandard protocol also known as LDAP over SSL; mark the check box Enable secure LDAP.
|

|
In the text field Username, enter the username for this appliance.
|

|
In the text field Password, enter the password for this appliance.
|

|
?
|
The Mirror setting means that valid addresses are cached all at once by synchronizing the cache with all the addresses stored on the LDAP server. You can manually synchronize the cache with the LDAP server any time after that by clicking Synchronize for this directory on the User Directories page.
|
?
|
The Cache address setting means the cache is updated dynamically. A new, valid address is cached after it is verified with the LDAP server. Remove all addresses from the cache by clicking Clear cache.
|

|
In the text field Cache timeout, enter a value in minutes.
|

|
Click OK.
|

|

|
In the text field User directory name, enter a name for the user directory.
|

|

|
In the text field Server IP address or hostname, enter the IP address or hostname of your LDAP server.
|

|
In the text field Port, enter the port number.
|

|
(Optional) Enable secure LDAP, a nonstandard protocol also known as LDAP over SSL; mark the check box Enable secure LDAP.
|

|
In the text field Username, enter the username for this appliance.
|

|
In the text field Password, enter the password for this appliance.
|

|
In the text field Search domain, enter the LDAP server's search domain name.
|

|
Verify that the field Search filter contains a standard LDAP query that can use validation variables; for example:
|

|
In the text field Mail field, enter any optional email addresses to import.
|

|
?
|
The Mirror setting means that valid addresses are cached all at once by synchronizing the cache with all the addresses stored on the LDAP server. You can manually synchronize the cache with the LDAP server any time after that by clicking Synchronize for this directory on the User Directories page.
|
?
|
The Cache address setting means the cache is updated dynamically. A new, valid address is cached after it is verified with the LDAP server. Remove all addresses from the cache by clicking Clear cache.
|

|
In the text field Cache timeout, enter a value in minutes.
|

|
Click OK.
|

|

|
In the text field User directory name, enter a name for the user directory.
|

|

|
Enable a strong password policy; mark the check box Enforce strong password policy.
|
?
|

|
Add a predefined recipient list file; from the field Recipient information file, click Browse and navigate to the desired text file.
|

|
Manually create a recipient list; from the box Enter Recipient Information, enter an individual email address and associated password and click >.
|

|
Click OK.
|

|
View the entire recipient list; click View All.
|
?
|

|

|
In the text field User directory name, enter a name for the user directory.
|

|

|
Determine your desired email verification method; from Email verification method, select Use the return status of the VRFY command or Use the return status of the RCPT command:
|

|
In the text field Sender email address, enter an email address for the user directory.
|

|
In the text field Cache timeout, enter a value in minutes.
|

|
Click OK.
|
An open relay is created when mail from an unprotected domain is sent to an unprotected domain within your organization. As a result, all mail from any domain that is not protected may be rejected. Mail from an external trusted IP address to an unprotected domain within your organization bypasses analysis and is delivered.
|
?
|
Global Always Block List (Main > Policy Management > Always Block/Permit)
|
?
|
All message controls except message size, invalid recipient, and internal sender verification settings (Settings > Inbound/Outbound > Message Control)
|
?
|
Recipient validation (Settings > Users > User Authentication)
|
?
|
All connection controls except the connection control timeout (Settings > Inbound/Outbound > Connection Control)
|
?
|
Directory harvest attack (Settings > Inbound/Outbound > Directory Attacks)
|
?
|
Relay controls (Settings > Inbound/Outbound > Relay Control)
|

|

|
In the field Domain Group Name, enter a name for the new domain group.
|

|
In the field Description, enter a brief description of the domain group.
|

|
In the section Domain Group Details, add a predefined domain group; from the field Domain address file, click Browse and navigate to the desired text file.
|

|
Manually add domain entries; in the field Domain address, enter an individual domain address and click >.
|

|
Click OK.
|
?
|

|
From the page Settings > Users > Domain Groups, click the domain group name.
|

|

|
Click OK.
|

|

|
In the field IP Address Group Name, enter a name for the new IP address group.
|

|
In the field Description, enter a brief description of the IP address group.
|

|
In the section IP Address Group, add a predefined IP address group; from the field IP address file, click Browse and navigate to the desired text file.
|

|
Manually add IP address entries; in the field IP address, enter an individual IP address and click >.
|

|
Click OK.
|
?
|

|
From the page Settings > Inbound/Outbound > IP Groups, click the IP address group name.
|

|

|
Click OK.
|
?
|
Recipient validation, in which a message recipient is validated before a message is received.
|
?
|
SMTP authentication, in which a message sender is authenticated before a message is received.
|
?
|
Personal Email authentication, in which a user is authenticated before accessing the Personal Email Manager facility for managing blocked email. See Configuring Personal Email Manager End User Options.
|
?
|
Distribution list validation, in which individual members of an email distribution list are validated. If an individual recipient in the group is invalid, the message is rejected just for that individual. All valid recipients in the distribution list receive the message.
|
You may create multiple Personal Email Manager user authentication groups. However, any protected domain group (as defined in Settings > Users > Domain Groups) may be included in only one Personal Email Manager user authentication group.
|

|

|
In the text field Name, enter a name for this set of authentication settings.
|

|
From Authentication options, mark the check box for the type of user validation/authentication settings to apply: Recipient Validation, SMTP Authentication, Personal Email Authentication, or Distribution List Validation.
|
?
|
(Optional) If you specify recipient validation, you can mark the associated check box If User Directory is not reachable for Recipient validation, continue to next user directory.
|
?
|
If you specify SMTP authentication, you must ensure that the option Allow relays only for senders from trusted IP addresses option is selected for both outbound and internal relays on the page Settings > Inbound/Outbound > Relay Control.
|

|
From the pull-down menu Domain group, select the domain group to target with your authentication settings.
|

|

|

|
In the Recipients box, move selected user directories up or down; select the buttons Move up and Move down.
|

|

|
Click OK.
|

|
From the page Settings > Users > User Authentication, click the name of the settings.
|

|

|
Click OK.
|

|

|
Click Yes.
|

|

|
Click Search.
|

|
Clear search results; click Clear search filter.
|

|

|
On the prompt, click Yes.
|

|
Click Browse and navigate to the certificate file.
|

|
In the text field Password, enter a password.
|

|
Click OK.
|

|

|
In the text field Password, create a password for the exported file.
|

|
In the text field Confirm password, re-enter the password.
|

|
Click Yes.
|

|

|

|
Click OK.
|
?
|
?
|
?
|
Backup functionality is available on the page Settings > General > Backup/Restore. Backup and restore settings on one appliance are applied to all the appliances in your network.
|
|

|

|
Save your backup settings on the Log Database server, mark the check box Save backup configuration settings files on a remote server.
|
?
|
?
|
?
|

|

|
(Optional) On the page Settings > General > Backup/Restore, from the section Restore Settings, mark the check box Use the backup files on the remote server to restore configuration settings.
|
?
|
From File location, click Choose File and navigate to the backup files on the remote server.
|

|
Click Restore.
|

|
Click Yes.
|