MAILGUARD AND MICROSOFT EXCHANGE 2013

Similar documents
MailGuard Management Console. Release Management Manual

You should not have any other MX records for your domain name (subdomain MX records are OK).

Basic Configuration GuidE

Setting up Microsoft Office 365

You can find more information about the service at

How to Configure Esva for Office365

GFI MailSecurity 2011 for Exchange/SMTP. Administration & Configuration Manual

Important Information

Administration Guide

Comodo Antispam Gateway Software Version 2.12

How to Configure Office 365 for Inbound and Outbound Mail

Comodo Comodo Dome Antispam MSP Software Version 2.12


Step 4 - Choose Your Deployment

Enterprise Vault.cloud Journaling Guide

Exchange 2007 Journaling Guide

Comodo Antispam Gateway Software Version 2.11

Step 2 - Deploy Advanced Security for Exchange Server

Office 365 Integration Guide Software Version 6.7

SAFEGUARD Online Archive - Search & Retrieval

INTRODUCTION 1.1 ABOUT THIS GUIDE What is Mission Control. Business Online POP Mail Who this Guide is For What s in This Guide

Orbital provide a secure (SSL) Mailserver to protect your privacy and accounts.

Settings tab. User guide

Tenable for ServiceNow. Last Updated: March 19, 2018

Using Trustwave SEG Cloud with Exchange Online

To create a few test accounts during the evaluation period, use the Manually Add Users steps.

Microsoft. Designing and Deploying Microsoft Exchange Server 2016 (beta)

Admin Guide Defense With Continuity

Configure Exchange 2003 Server

End User Guide Hosting Administration Control Panel (CP)

Admin Guide Boundary Defense for Anti-Virus & Anti-Spam

Using Trustwave SEG Cloud with Cloud-Based Solutions

Mobile MOUSe EXCHANGE SERVER 2010 CONFIGURATION ONLINE COURSE OUTLINE

Online Reporting and Information Management System (ORIMS) Manage Financial Returns User Guide for Banks & Trust Companies

VMware AirWatch: Directory and Certificate Authority

Administrator Manual. Last Updated: 15 March 2012 Manual Version:

GFI WebMonitor 2009 ReportPack. Manual. By GFI Software Ltd.

NETWRIX WINDOWS SERVER CHANGE REPORTER

Configuring /Text Alerts in ThorPCX SUPPORT DOCUMENT

PAN 802.1x Connector Application Installation Guide

Business Communication Manager Release 5.0 Configuration Guide for Skype for SIP R1.3. Issue 1.0

Residential Voice SUBSCRIBER GUIDE

BUSINESS LINE COMMPORTAL GUIDE

Adding your IMAP Mail Account in Outlook 2013 on Windows

Settings tab. User guide

Administrator Manual. Last Updated: 15 March 2012 Manual Version:

Mail Assure. Quick Start Guide

User Guide Online Backup

INTEGRATION TO MICROSOFT EXCHANGE Installation Guide

Troubleshooting IMAP Clients and ViewMail for Outlook

Cisco Unified Communications Manager configuration for integration with IM and Presence Service

Oracle Enterprise Manager. 1 Before You Install. System Monitoring Plug-in for Oracle Unified Directory User's Guide Release 1.0

Step 1 - Set Up Essentials for Office 365

Cisco Unified Customer Voice Portal

Workshare Protect Server 3.8. Routing Agent Admin Guide

Lotus Protector Interop Guide. Mail Encryption Mail Security Version 1.4

Workspace ONE UEM Certificate Authentication for EAS with ADCS. VMware Workspace ONE UEM 1902

Mail Assure Quick Start Guide

Connect the Appliance to a Cisco Cloud Web Security Proxy

1 SIP Carriers. 1.1 LightBound Warnings Vendor Contact Vendor Web Site:

Troubleshooting Networking

Service Description Safecom Simple Mail Relay Version 3.5

Table of Contents. Section 1: DocSTAR WebView v1.0 Requirements & Installation CD... 1 Section 2: DocSTAR WebView v1.

Installing GFI MailArchiver

Tracking Messages

Workshare Risk Analytics. Installation Guide

Configuring LCS and MPS J3 for SIP

Microsoft Installing, Configuring, and Administering Microsoft Exchange 2003 Server Implementing &Managing MS Exchange Server 2003

Explore new mobile messaging capabilities with Exchange 2007

RPC Over HTTP Install Windows Server 2003 Configure your Exchange 2003 front-end server as an RPC Proxy server

e-lms Electronic Lodgement of Mailing Statements User Guide Version 4.5

EM Library Startup guide

Step 1 - Set Up Essentials for Office 365

Installing and Configuring Worldox/Web Mobile

LabTech Ignite Installation

User Guide. RACER Date 09/29/17

Trend Micro Business Support Portal

Omtool Server Monitor Administrator Guide


ForeScout CounterACT. Controller Plugin. Configuration Guide. Version 1.0


Description. Problem: Scan to process is not completed when Microsoft Exchange Server 2007 is used as mail server.

Endpoint Security Manager

BEIMSWeb Administrator Training Manual

Cyberoam Virtual Security Appliance - Installation Guide for VMware Player. Version 10

Christensen Software Exchange Server Configuration Guide

etendering PORTAL User Manual Product Version 7-0-4

Tips for imail Setting

PROMISE ARRAY MANAGEMENT ( PAM) FOR FastTrak S150 TX2plus, S150 TX4 and TX4000. User Manual. Version 1.3

Tracking Messages. Message Tracking Overview. Enabling Message Tracking. This chapter contains the following sections:

WORKSHARE PROTECT SERVER 3.6 ROUTING AGENT ADMIN GUIDE

3.1. Administrator s Guide TNT SOFTWARE. ELM Log Manager. Version

Managing Spam. To access the spam settings in admin panel: 1. Login to the admin panel by entering valid login credentials.

Archiving Service Administrator Guide

Integrate Microsoft Office 365. EventTracker v8.x and above

Microsoft Exchange Online

Workshare Risk Analytics. Installation Guide

1 Introduction How fax receiving works How fax sending works 7

Office 365 Standalone Security

Installation Guide. Mobile Print for Business version 1.0. July 2014 Issue 1.0

Transcription:

MAILGUARD AND MICROSOFT EXCHANGE 2013 MailGuard Secure Email Filtering MailGuard: support@mailguard.com.au Phone: 1300 30 65 10 www.mailguard.com.au

TABLE OF CONTENTS Introduction 3 Document and Naming Conventions 4 Getting started 5 Outbound email protection 6 Inbound email protection 11 Contact MailGuard 17 2

INTRODUCTION Viruses are becoming more prevalent and sophisticated every day, often causing productivity and financial loss, and at times leading to catastrophic events within corporate networks. To effectively mitigate the risks associated with infection, businesses rely on stringent, proven security solutions. Microsoft Exchange, when used in conjunction with MailGuard, can offer full protection from email-borne viruses even before they ve been officially recognised and anti-virus software is capable of detecting them. This document is a step by step guide to configuring Microsoft Exchange Server 2013 for MailGuard email filtering. The sections in this document outline the procedures for setting up your Exchange server to send and receive email via the MailGuard service, ensuring virus emails cannot reach nor originate from your organisation. 3

DOCUMENT AND NAMING CONVENTIONS Document Conventions In order to achieve full understanding of the instructions given in this guide, note that the following standards will be followed: The names of sections and pages are referred to in Bold Italic letters. For example, the recipients page or the Address space page section. The names of interactive components (i.e. Buttons, menus, text boxes, etc.), in-page sections (i.e. Information separated into sections), and column headers are referred to in Bold letters. For example, the General menu or the Next button. The values of fields (i.e. data entered by the user in a window s given fields) are referred to in Italic letters. For example, Yes or No as options in a dropdown box. Actions that link to other sections in the document are referred to in Underlined letters. For example, the Outbound email protection section. Flags are used where additional notes are included in this document, for example, when decisions may need to be made which are outside of the scope of this document. Alerts are used to highlight important information such as warnings. Naming Conventions Left-pane Referred to by Microsoft as the Feature pane, the left-pane is the left hand side of a page in the Exchange Admin Centre, separated from the rest of the page by a border. The left-pane typically contains a list of selectable Exchange grouped features, each one changing the content of the remainder of the Admin Centre when selected. Centre-pane This is the centre of a page in the Exchange Admin Centre, separated from the rest of the page by borders. Included in the centre-pane are page elements referred to by Microsoft as follows: Tabs a list of features grouped under the feature area selected in the left-pane Toolbar a selection of tools (e.g. new, edit, delete) available for the selected tab, for management of objects under a selected feature List View a list of the defined objects under a selected feature Right-pane Referred to by Microsoft as the Details pane, the right-pane is the right hand side of a page in the Exchange Admin Centre, separated from the rest of the page by a border. The right-pane typically contains details about a defined object in the list view in the centre-pane, as well as tools available for the selected tab. 4

GETTING STARTED In Exchange 2013, the graphical management interface has changed. Whereas this interface has traditionally been in the form of the Exchange Management Console MMC snap-in, it is now the Exchange Admin Centre (a web interface, similar visually and in functionality to the Hotmail / Office365 interfaces). The Exchange Admin Centre is typically accessible at https://servername/ecp - where servername is the dns alias that resolves to your Exchange Edge Transport Server s local IP address. In order to complete the changes outlined in this document, you will need to have this interface open and will need to be logged in with an administrator account that has sufficient permissions to manage the mail flow settings of the server. 5

OUTBOUND EMAIL PROTECTION To begin, open the Exchange Admin Centre and log in. Select mail flow from the left-pane. Create a new Send Connector 6

1. Select send connectors in the centre-pane, and click the + button to add a new Send Connector. 2. Enter a meaningful Name for the Send Connector, for example MailGuard Outbound. Ensure the Send Connector Type is set to Custom. Click next. 3. On the next page in the Network settings section, select the Route mail through smart hosts option. Press the + button. 4. In the add smart host window, enter the MailGuard smart host provided to you in your welcome pack, e.g. filter.custmr-1.mailguard.com.au. Click save. 7

5. Leave Use the External DNS Lookup settings on servers with transport roles checkbox unchecked. Click next. 6. On the next window under the Smart host authentication section, select the Basic authentication option, and for the User name and Password settings, enter the SMTP Username and SMTP Password credentials for your MailGuard smart host, included in your welcome pack. Click next. If you no longer have a record of your smart host or the SMTP authentication credentials, please log in to the MailGuard Console and navigate to the Domains page, then click the > button to the right of your domain and select Configuration - your smart host will be listed in the Outbound Configuration section along with your SMTP authentication credentials. 8

7. On the next window, click the + button in the Address space section to configure the Address space for the Send Connector. The add domain window will appear. 8. Leave the Type as SMTP and enter * as the Full Qualified Domain Name (FQDN). 9. Leave the Cost as 1. This will ensure that the new Send Connector will route all outbound mail to MailGuard, with the exception of mail to domains that match the Full Qualified Domain Name (FQDN) value of other Send Connectors configured on your Exchange server. Click the save button when finished, then next to complete the Address space configuration. Under most typical configurations, the Scoped Send connector checkbox will remain unchecked. Consult your Administrator if you are unsure whether this Connector should be made available to all Hub and/or Edge Transport servers in your Exchange Organization. Click Next to continue. 10. On the next window in the Source server section, click the + button to configure the Source server(s) for the Send Connector. Be sure to include all the Exchange Servers in your organisation that will be using this Send Connector and that have Edge subscriptions or perform one of the Transport Roles. If you are unsure of the correct options to select, please consult your Administrator. 11. Click finish to complete the creation of your Send Connector. OPTIONAL. Now that you have created the Send Connector required to route your outbound mail via MailGuard, a few additional configuration changes can be made to ensure an optimal setup. 9

12. In the list of send connectors in the centre-pane, select your new Send Connector and click on the pencil button to open the Send Connector properties. 13. It is recommended that you enter a brief description in the Comment section under General, which describes the purpose of the Send Connector, for example: This send connector is used to route all outbound mail via MailGuard for filtering. It is recommended that the Protocol logging level be left at None for now Microsoft recommends using logging in a minimal fashion, as it can lead to rapid storage space utilisation. Should you encounter any issues with routing your outbound email via MailGuard, we recommend that you revisit this setting so that your Exchange server can record SMTP protocol logs for you to review and provide to MailGuard s Service Desk for troubleshooting if required. 14. Set the Maximum send message size (MB) to 50 (50MB), as this is the maximum message size that MailGuard will accept. You may need to set the Maximum send message size to a lower value if you have experienced issues with SMTP data transfer in the past. Consult your administrator if you are unsure. 15. From the left-pane, select the scoping option. Scroll to the bottom of the window and enter a Fully-Qualified Domain Name (FQDN) for your server to send to MailGuard along with the SMTP HELO/EHLO command. The FQDN should be publicly resolvable and should in most cases be your domain name (e.g. customer.com.au). Click save to apply these configuration changes. 10

INBOUND EMAIL PROTECTION Updating your Receive Connector configurations By default, Exchange 2013 comes with Receive Connectors relevant to the Role(s) your Exchange Server performs (e.g.client Access and/or Mailbox). For a brief explanation of Receive Connectors in Exchange 2013, please refer to the following: http://technet.microsoft.com/en-au/library/aa996395%28v=exchg.150%29.aspx To ensure that you are fully protecting your Exchange server from threats originating from inbound SMTP traffic, you will need a full understanding of the configuration of your Receive Connector(s) you do not want to have locked down one Receive Connector with access control only to find another Receive Connector s configuration allows bypass of the access control. Please consult with your Administrator if you are unsure about the scope(s) of your current Receive Connector(s). 11

This guide presumes that you are configuring MailGuard settings on an Exchange Server at your network perimeter (i.e. Client Access Role), and that you therefore have the following default Receive Connectors: Client Frontend Default Frontend Outbound Proxy Frontend Given this, the guide suggests changes are made to the Default Frontend Receive Connector. Regarding the remaining default Receive Connectors: The Outbound Proxy Frontend Receive Connector should be locked down to only accept connections from internal IP addresses, given it is intended to only accept connections from internal sources. Of course, consult with your administrator if you are unsure of the correct scoping requirements. The Client Frontend Receive Connector is designed for email clients to use for submitting mail to your Exchange Server. As email clients can be located anywhere, you cannot lock down this Receive Connector with our recommended access control configuration. Instead, we recommend that you ensure that only the Exchange users option is selected under permission groups in the security section of this Receive Connector s properties. This will ensure that only users whom provide correct Exchange account credentials will be allowed to deliver mail to your server via the Mail Submission Agent service. This configuration should go hand in hand with a rigid password policy to ensure passwords cannot be easily guessed and therefore used by unauthorised third parties with the intent of using your server as an SMTP proxy. Changing the configuration of the Default Frontend Receive Connector The Default Frontend Receive Connector is designed to receive all incoming SMTP connections from third parties. To ensure that the only third party connecting to your Exchange server is MailGuard, you will need to configure an Access Control List based on the public IP addresses of our perimeter. MailGuard maintains a dedicated subset of servers in our network for relaying inbound mail to customers, to ensure Access Control Lists require minimal maintenance. The current list of IP addresses assigned to these servers is available from our website, at the following address: http://www.mailguard.com.au/landing/acl/ Please retrieve an up-to-date list of the IP addresses from this location before proceeding with the next steps. 12

1. In the list of receive connectors in the centre-pane, select the Default Frontend Receive Connector and click on the pencil button to open the Receive Connector properties. 13

2. In the security section, under permission groups, ensure that Anonymous users option is checked. 14

3. In the scoping section, under Remote network settings, remove the current settings and enter the IP addresses retrieved from http://www.mailguard.com.au/landing/acl. OPTIONAL. Set the Maximum receive message size (MB) under the general section to 50 (50MB). You may need to set the Maximum send message size to a lower value if you have experienced issues with SMTP data transfer in the past. Consult your administrator if you are unsure. 15

Global Message Size Limits This configuration step is also optional, but is recommended if you have already made message size limit changes whilst following this guide. You can change the global message size limits for your Exchange server to match the changes you have made to the Maximum send message size and Maximum receive message size based on the steps in the Outbound email protection and Inbound email protection sections of this document. To do this, with mail flow still selected in the left-pane, select the button in the centre-pane. Change the default size limits to the same limits set for the send and receive connectors. This will ensure your global message size limits are in line with the limits of your connectors. 16

CONTACT MAILGUARD For any queries, comments or suggestions regarding this guide, please feel free to contact the MailGuard Service Desk on 1300 30 65 10 or via email at: support@mailguard.com.au MailGuard Pty Ltd 68-72 York Street, South Melbourne Victoria, 3205 Australia Support: 1300 30 65 10 Phone: +61 3 9694 4444 from overseas Fax: +61 3 9011 6110 Visit www.mailguard.com.au to request a free trial of MailGuard solutions. 17

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback