Mail Assure Quick Start Guide

Similar documents
Mail Assure. Quick Start Guide

Mail Assure. User Guide - Admin, Domain and Level

Managing Spam. To access the spam settings in admin panel: 1. Login to the admin panel by entering valid login credentials.

Step 2 - Deploy Advanced Security for Exchange Server

Table of Contents Control Panel Access... 1 Incoming... 6 Outgoing Archive Protection Report Whitelist / Blacklist...

Getting Started Guide moduscloud

Important Information

Welcome to ContentCatcher 3.0! If this is your first time using ContentCatcher 3.0, here s a great way to start. We ll walk you through the essential

Important Information

SpamPanel Level Manual 1 Last update: 2015/02/03 SpamPanel

Office 365 Standalone Security

To create a few test accounts during the evaluation period, use the Manually Add Users steps.

How to Configure Office 365 for Inbound and Outbound Mail

You can find more information about the service at

Using Trustwave SEG Cloud with Exchange Online

Using Trustwave SEG Cloud with Cloud-Based Solutions

WeCloud Security. Administrator's Guide

Synology MailPlus Server Administrator's Guide. Based on MailPlus Server 1.4.0

You should not have any other MX records for your domain name (subdomain MX records are OK).

MxVault Questions and Answers

Sophos Central Partner. help

MDaemon Vs. IceWarp Unified Communications Server

Appliance Installation Guide

SMTP Scanner Creation

Dell SonicWALL Security 8.2. Administration Guide

MDaemon Vs. Kerio Connect

Comodo Dome Antispam MSP Software Version 1.0

Schema for Gmail logs in BigQuery

Office 365 Inbound and Outbound SMX configuration. 4 th January 2018

Comodo Dome Antispam MSP Software Version 2.12

MDaemon Vs. Zimbra Network Edition Professional

Comodo Antispam Gateway Software Version 2.12

Anti-Spoofing. Inbound SPF Settings

MDaemon Vs. MailEnable Enterprise Premium

MDaemon Vs. MailEnable Enterprise Premium

SolarWinds Mail Assure

Configuring Gmail (G Suite) with Cisco Cloud Security

Comodo Dome Antispam Software Version 6.0

Introduction. Logging in. WebMail User Guide

Comendo mail- & spamfence

SMTP Settings for Magento 2

How to Configure Esva for Office365

Webmail Which Webmail applications are available?

MDaemon Vs. Microsoft Exchange Server 2016 Standard

Comodo Comodo Dome Antispam MSP Software Version 2.12

MDaemon Vs. SmarterMail Enterprise Edition

Comodo Antispam Gateway Software Version 2.12

Instructions Microsoft Outlook 2010 Page 1

Instructions Eudora OSE Page 1

MDaemon Vs. Microsoft Exchange Server 2016 Standard

Comodo Dome Antispam Software Version 6.0

Vendor: Cisco. Exam Code: Exam Name: ESFE Cisco Security Field Engineer Specialist. Version: Demo

MDaemon Vs. Kerio Connect

POP3/IMAP Service. Getting Started Guide

Help for System Administrators

Instructions Microsoft Outlook 2013 Page 1

Symantec Security. Setup and Configuration Guide

Comodo Antispam Gateway Software Version 2.11

MDaemon Vs. SmarterMail Enterprise Edition

Account Customer Portal Manual

Help for System Administrators

MDaemon Vs. SmarterMail Enterprise Edition

Error Codes have 3 Digits

Version SurfControl RiskFilter - Administrator's Guide

MDaemon Vs. SmarterMail Enterprise Edition

Step 1 - Set Up Essentials for Office 365

NSE6_FML exam.14q

EVRY Security. Administrator's Guide

Lotus Protector Interop Guide. Mail Encryption Mail Security Version 1.4

Comodo Antispam Gateway Software Version 2.1

Admin Guide Defense With Continuity

anti-spam techniques beyond Bayesian filters

Best Practices. Kevin Chege

Untitled Page. Help Documentation

MX Control Console. Administrative User Manual

Introduction to Antispam Practices

Automatic Delivery Setup Guide

TrendMicro Hosted Security. Best Practice Guide

McAfee (formerly MX Logic) Quick Start User s Guide

This manual is for administrative users of NetIntelligence MailFilter. The following two sections of this guide describe:

Ciphermail Webmail Messenger Administration Guide

Kerio Connect. Step-by-Step. Kerio Technologies

The Multi Domain Administrator account can operate with Domain Administrator privileges on all associated Domain Administrator users.

Settings. Help Documentation

Instructions Microsoft Outlook 2007 Page 1

University Information Technology (UIT) Proofpoint Frequently Asked Questions (FAQ)

Troubleshooting IMAP Clients and ViewMail for Outlook

AccessEnforcer Version 4.0 Features List

Personal Dashboard User Guide

Comodo Antispam Gateway Software Version 2.2

Integrate Barracuda Spam Firewall

Workshare Protect Server 3.9 on Microsoft Azure. Admin Guide

Fireware-Essentials. Number: Fireware Essentials Passing Score: 800 Time Limit: 120 min File Version: 7.

PineApp Mail Secure 5.1 User Manual

Office 365: Secure configuration

Trustwave SEG Cloud Customer Guide

Test-king q

An Overview of Webmail

MiCloud. Copyright Mitel Communications AB

On the Surface. Security Datasheet. Security Datasheet

Transcription:

Mail Assure Quick Start Guide Version: 11/15/2017 Last Updated: Wednesday, November 15, 2017

CONTENTS Getting Started with Mail Assure 1 Firewall Settings 2 Accessing Mail Assure 3 Incoming Filtering 4 Add a Domain 4 Change Your MX Records 5 To Access the Log Search: 6 Outgoing Filtering 7 Configuring Mail Assure 7 Creating the Outgoing User 8 Configuring the Abuse Report Address 9 Configuring Your Domains 10 Setting up SPF 11 To Set up SPF 11 Setting up DKIM 12 Setting up Your SMTP Hostname 12 Configuring Your MTA 12 Additional Info 12 Connection Limits 12 Available Outgoing Ports 13 Blocking Outbound Traffic on Port 25 13 Automatic Recipient/Mailbox Detection 14 Incoming valid recipient (mailbox) count 14 Outbound Sender Count 14 ii

Mail Assure Manually Setting up Recipients/Mailboxes 15 Email Archiving 16 Reporting 17 Adding Users 19 Adding an Admin User 19 Adding a Domain User 20 Adding an Email User 20 iii

Getting Started with Mail Assure Getting Started with Mail Assure This Quick Start Guide describes how to get started with the Mail Assure application. Firewall Settings Accessing Mail Assure Incoming Filtering Outgoing Filtering Automatic Recipient/Mailbox Detection Email Archiving Reporting Adding Users For more information on the Mail Assure application see the Full Online Help. 1

Firewall Settings Firewall Settings To only accept messages from the Mail Assure filtering nodes you need to allow emails based on our delivery hostname "delivery.antispamcloud.com". This hostname contains all active delivery IP addresses. Alternatively you can allow traffic from any IP address with the PTR record *.antispamcloud.com. 2

Accessing Mail Assure Accessing Mail Assure Log into the Mail Assure Control Panel using the URL and credentials provided by your account manager. Once you are logged in you are presented with the application Control Panel: 3

Incoming Filtering Incoming Filtering Now that you have access to the Mail Assure Control Panel, the first thing you need to do is add a domain. If you do not have a specific destination server route to add from the start, the Control Panel will automatically fill in the destination route for you, with a default destination port 25. After setting the destination route, you need to add our MX Records to your domain provider's DNS Settings, in order to point to the Mail Assure Hosted Cloud routes. Add a Domain Change Your MX Records - Add MX Records to your Domain Provider's DNS Settings, in order to point to the Hosted Cloud routes. Add a Domain 1. In the Control Panel Dashboard, click on Domains - Add Domain: 2. In the Add domain page, enter your domain name and click Continue. 4

Incoming Filtering 3. After verifying that the domain name you have entered is correct, make sure that the destination server route is valid: If you do not have a specific destination server route to add from the start, the Control panel will automatically fill in a suggested destination route for you, with a default destination port 25. After setting the destination route, you need to modify your MX Records in your domain provider's DNS Settings, in order to point to the correct routes - see Change Your MX Records. Change Your MX Records To route incoming email for your domain through the Mail Assure filtering cloud you must add your MX records. Prior to changing the MX records, you should check your records' TTL value. We recommend a maximum value of '3600' in order to propagate any DNS changes faster. Higher TTLs can lead to spam not being filtered by our nodes, until the previous record expires, when the TTL is reached. 1. In your domain provider's DNS control panel add the following records: mx1.mtaroutes.com (priority 10) mx2.mtaroutes.com (priority 20) 5

Incoming Filtering mx3.mtaroutes.com (priority 30) mx4.mtaroutes.com (priority 40) 2. Remove the original MX records. Note - Some DNS control panels require you to use a trailing dot (.) after the hostname. Please check with your DNS provider if this is the case for you. Removal of old MX records is required to make sure all emails are filtered through the Mail Assure cloud, as spammers actively try different MX records (such as the highest numbered priority) to bypass spam filters. DNS changes may take some time before they are picked up by the DNS resolvers world-wide, so email may continue to deliver directly to the original MX records without filtering for 24 hours. You can check using the Log Search if the message has passed through the Mail Assure filtering nodes. To Access the Log Search: 1. Log into Mail Assure. 2. In the Domains panel, click on Overview. 3. Click on the relevant domain to display the domain's Dashboard. 4. In the Incoming panel, click on Log search. 6

Outgoing Filtering Outgoing Filtering The outgoing filtering solution operates independently from the incoming email solution and can be used to relay outgoing mail. Configuring Mail Assure Creating the Outgoing User Configuring the Abuse Report Address Configuring Your Domains Setting up SPF Setting up DKIM Setting up Your SMTP Hostname Configuring Your MTA Additional Info Connection Limits Available Outgoing Ports Blocking Outbound Traffic on Port 25 Configuring Mail Assure The first thing you need to do is to create an outgoing user. There are three authentication options: IP authentication Per domain authentication Per user authentication If you wish to filter an entire server, the IP authentication is likely to be the best and fastest way forward. Note - When you choose an IP authenticated outgoing user, then all traffic from all domains that come from this authenticated IP will be logged on the outgoing user domain that the IP is assigned to. 7

Outgoing Filtering Per domain and per username authentication works very well when you want to have logging on a per domain or user base. Using this type of authentication requires you to configure your MTA to authenticate with a user and a password for each domain. Creating the Outgoing User Configuring the Abuse Report Address Creating the Outgoing User 1. Login to the Mail Assure Control Panel. 2. Navigate to the newly created domain. 3. In the Outgoing panel on the Dashboard, click on Manage users. 4. Add the outgoing user's Username and Password in the Authenticating User tab or the IP address or range of the sending mail server in the Authenticating IP or range tab or the Domain name and Password in the Authenticating Domain tab. 8

Outgoing Filtering 5. Click on Add and configure. 6. Edit the Outgoing user settings, for example, here you can configure the limits, Identification header, and various other settings. We advise that an Identity header is set for all outgoing traffic - this makes monitoring and taking action against spammers much easier. 7. Click Save. Configuring the Abuse Report Address When using the Outbound filter, its highly recommended to set up an address to receive the abuse reports that are sent when outbound messages are blocked. 9

Outgoing Filtering 1. In the Outgoing panel, click on Settings. 2. In the Administrator's contact field, enter the email address to send the abuse reports. 3. Click Save. Note - The address that is configured should be an address that has no inbound filtering, and not a "freemail" address as these can often cause problems in receiving the reports. It's also possible to use other methods of monitoring the outbound spam, if using ARF reports is not possible. For example you may use API's, CSV reports and/or IMAP. Important - When spammers are reported in your network, either via ARF reports or other means, that these problem sources (senders, scripts, etc) are dealt with promptly. Configuring Your Domains Setting up SPF Setting up DKIM 10

Outgoing Filtering Setting up SPF SPF (Sender Policy Framework) is used to restrict which mail servers are allowed to send email for your domain name. An example of an SPF would be: example.com. TXT "v=spf1 -all" SPF records are TXT records placed into a domain's DNS settings. Note - Forwarding emails can sometimes break the SPF. If this is the case we recommend using SRS (Sender Rewriting Scheme - http://www.openspf.org/srs). To Set up SPF For clients on our hosted platform, who use our outgoing product, we recommend using the following SPF record: "v=spf1 include:spf.mtaroutes.com -all" Important - If SPF checking is turned on in a domain's Filtering Settings, this causes a hard fail of SPF records that don't match - and the message is quarantined. You can control whether SPF/DKIM/DMARC are enabled in the Filtering Settings for a domain. You can also manage a list of domains and IP addresses with disabled SPF, DKIM and DMARC. SPF checking will prevent any targeted spoofs. If required, you will need to add any intentional spoofing to your SPF records or whitelist the sender (whitelisting the sender is a last resort as this can also be spoofed). Note - If you are using other sources for outbound filtering, you need to make sure you modify the SPF record appropriately. The above is only suitable if all outbound filtering is handled by Mail Assure. 11

Outgoing Filtering Setting up DKIM If your sending domains already sign with DKIM, then this should not be changed. We will simply forward the DKIM signed messages along to the recipient. If there is no DKIM signing, you can decide to either sign this on your sending MTA, or sign with Mail Assure. Itis not compulsory to sign with DKIM, however it often helps to "authenticate" your senders as much as possible. Setting up Your SMTP Hostname SMTP Hostname: smtpout.mtaroutes.com Available Ports: 587 Configuring Your MTA Configuring your MTA (Message/Mail Transfer Agent) should be straight-forward. Some mailservers are more versatile than others, so, depending on what systems you are using, configuration options can be limited. Once your MTA is correctly configured, outbound messages should now be relayed though your Mail Assure filtering server(s). Additional Info Connection Limits Available Outgoing Ports Blocking Outbound Traffic on Port 25 Connection Limits The filtering servers by default will accept a maximum of 10 concurrent connections from your servers. This ensures optimal delivery speeds. 12

Outgoing Filtering To prevent your server from getting temporary rejects "421 Too many concurrent SMTP connections from this IP address; please try again later." and queuing the messages, please ensure you configure your MTA to open a maximum of 10 connections concurrently. This will prevent a backlog building up on your server(s). Available Outgoing Ports The default and recommended outgoing port is 587 (this supports STARTTLS which will be automatically employed if the connecting server supports it). Port 465 can be utilized, but the likelihood of needing to use this is very rare (please first check with our support team). In case you wish to use port 25 for outgoing email, you'll need to specify a secondary IP which will be configured to listen to port 25. Customers will need to update their sending servers. Blocking Outbound Traffic on Port 25 Spammers can abuse a script on your servers to send out spam directly to port 25, bypassing Mail Assure smarthost filtering. In order to prevent this, we advise forcing traffic over port 587. 13

Automatic Recipient/Mailbox Detection Automatic Recipient/Mailbox Detection With Incoming filtering, once a domain is added, the system automatically detects the mailboxes behind the domain and counts the number of recipients/mailboxes for which incoming emails are processed. The outbound checks are carried out by analyzing all user traffic from sending domains. You can view the number of inbound and outbound mailboxes/recipients in Mail Assure: Incoming valid recipient (mailbox) count 1. Log into Mail Assure. 2. In the Domains panel, click on Overview. 3. Click on the dropdown menu to the left of the domain and select Valid Recipient count. A dialog is displayed showing the number of valid recipients for that domain. Outbound Sender Count You can use the Log Search to view the number of 'From:' domains that your outgoing user is sending from: 1. Log into [[[Undefined variable MyVariables.PN]]]. 2. In the Domains panel, click on Overview. 3. Click on the outgoing authenticating domain. 4. The domain's Dashboard is displayed. In the Outgoing panel, click on Log search. 5. Enter the data range. 6. Alongside Classification, select Accepted (for accepted emails only). 7. Under Columns to be displayed, click on Customise and select From as the only column to display. 8. Select Start search to display the results at the bottom of the page. You can go on to download the report in CSV format using the Export option or Email the report using the Email me this report option. 14

Automatic Recipient/Mailbox Detection Tip - If required you can disable this automatic detection and set up your local recipients manually - see Manually Setting up Recipients/Mailboxes. Manually Setting up Recipients/Mailboxes The system automatically detects the mailboxes/recipients behind your domains (see Automatic Recipient/Mailbox Detection) but you can disable this if required, and manually set up your own local list of valid recipients. Manual Setup of Valid Mailboxes/Recipients 1. Log into Mail Assure. 2. In the Domains panel, click on Overview. 3. Click on the relevant domain to display the domain's Dashboard. 4. In the Incoming panel, click on Local recipients. 5. You can upload a CSV file with all recipients or add them one-by-one by entering each Email address individually. 6. To disable automatic detection of recipients and force the system to only accept emails for the recipients listed here, select Use local recipients in the Options section. 7. Click Save. 15

Email Archiving Email Archiving To use the Archiving features you must ensure that your domain has been added to the system and the Archive product has been enabled for your domain. To enable archiving for your domain: 1. Go to your domain Control Panel and in the Archive panel, click on Status. 2. Click Enable. The Archive is now enabled and a list of parameters and values is displayed. 16

Reporting Reporting You can report on mail traffic using the following Mail Assure reports: Outgoing Reports - Report on outgoing mail sent in the last hour, 6 hours, 12 hours, 24 hours or 7 days. Access this from the Admin or Domain level Control Panels - from the Outgoing panel - Outgoing reports. Incoming Log Search - A comprehensive search allowing you to filter on received, blocked and temporarily rejected incoming messages over the past 30 days. Available from the Domain level and User level Control Panels, from Incoming - Log Search. Outgoing Log Search - Same as the Incoming Log Search (described above) but logs all outgoing messages over the past 30 days. Available from the Domain level and User level Control Panels, from Outgoing - Log Search. Note - Mail sent via the Control Panel (My account - Compose email) is not picked up by Outgoing Reports or the Outgoing Log Search. Only mail sent via SMTP using the authenticated user/ip is picked up. Incoming/Outgoing Bandwidth Overview - View the incoming/outgoing bandwidth usage per domain from the Admin Level Control Panel - Incoming - Bandwidth Overview and Outgoing - Bandwidth Overview. Global Statistics - View incoming statistics over a specified time-frame for all the domains you manage from the Admin Level Control Panel, Incoming - Global statistics. Includes spam ratio of spam emails to all filtered emails and the following metrics: Not Spam messages; Unsure messages; Spam messages blocked; Viruses blocked; Whitelisted and Blacklisted etc. Email Scout Reports - Scheduled reports that can be configured from the Incoming and Outgoing Log Searches. Protection Reports - Message digests of incoming Spam messages that have been quarantined: 17

Reporting On-demand domain report - Allows you to send a report for the specified days to the address you specify. Periodic domain report - Sends a daily digest of all the previous day's blocked messages for all the domain's users. Periodic user report - Sends each individual domain user an overview of the previous day's messages that were quarantined for that user. You can manually add users, import a CSV file of multiple users or enable it for all recipients. Access all of these reports from the Domain Level Control Panel - from the Protection reports panel. The Periodic user report is also available from the User Level Control Panel. 18

Adding Users Adding Users Adding an Admin User To create an admin user who can access the application at the Admin level (and see the Admin Dashboard) and also access the Domain dashboards. Admin users can also use the system to view their spam and access their emails in the event their server is offline or unavailable: 1. Log into Mail Assure. 2. In the Webinterface users panel, click on Manage admins. You can add multiple users using the Upload CSV file link or add each user individually. 3. To add users individually, click on Add to open the New admin creation page. 4. Select the Username, Password and Email address for this new user. 5. Review the user's access rights, as follows: Allow Sub-Admins - Allows the user to add Sub-admins. Allow actions on outgoing spam messages - Allows the user to release outgoing spam messages, train as spam/not spam etc. Note - Even if enabled, this option is currently limited and is dependent on whether access is permitted to the Outgoing Spam Quarantine (by default access to the Outgoing Spam Quarantine is not allowed). Allow Control Panel API usage - Allows the user to execute any of the API calls listed in the Control Panel API Calls page (in the Admin Level Control Panel - Server - Control panel API Calls). Available products - Choose which products the user can access (Incoming mail, Outgoing mail, Archiving) and whether they have access to the Private label area of the application in which branding can be customized. Protection for archived messages - When Active, the user will not be able to view/export archived message content unless they authenticate at Email User level and are viewing their own messages. Sub-admins cannot over-ride this. When Inactive, the user will be able to view/export all other user's archived message content. 19

Adding Users Domains limit - this specifies how many domains this admin can add. If you want to limit the number to two domains, then you can set the limit to 2, otherwise use 0 for unlimited domains. Tip - The limit is shared with your own limit. For example, if your license is of 20 domains, you cannot set the limit to 0 for a Sub-admin. You can set it to 20, however this means that you will be unable to add domains on your Admin account and all new added domains will be attributed to the Subadmin account. Adding a Domain User To create a user who can access their own Domain Dashboard, manage their own domain specific settings and use the system to view their spam and access their emails in the event their server is offline or unavailable: 1. Log into Mail Assure. 2. In the Webinterface users panel, click on Manage domain users. You can add multiple users using the Upload CSV file link or add each user individually. 3. To add users individually, click on Add to open the New domain user creation page. 4. Select the domain you want the user to access/manage. 5. Enter the user's Password and Email address. 6. Ensure the Status is set to Active. 7. Click Save. Tip - To access the system, the Domain user must use their domain name in the Username field and the Password entered here when logging in. Note - You can only create one Domain User per domain. Adding an Email User To add an Email user who can access their own user Dashboard, manage their settings and access their emails in the event their server is offline or unavailable. 20

Adding Users 1. Log into Mail Assure. 2. In the Webinterface users panel, click on Manage email users. You can add multiple users using the Upload CSV file link or add each user individually. 3. To add users individually, click on Add to open the New email user creation page. 4. Enter the Username and Password and ensure the Status is set to Active. 5. Click on Save. 21

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback