This article applies to:
- MailMarshal SPE 4.3.4 and above
- Syslog Configuration
Question:
- What are the required actions to allow use of Syslog TCP with TLS?
Procedure:
SPE 4.3.4 introduced the ability to use TCP transport with TLS.
This feature has the following prerequisites and setup requirements:
Syslog Server Certificate
The client certificate configured in the Syslog server must be a CA signed certificate. Self signed certificates are not accepted.
MailMarshal Syslog setup
Certificate configuration depends on the version of the software.
MailMarshal SPE 5.X/MailMarshal SMTP 11.X and above
In these releases, Syslog uses the certificate configured for the MailMarshal REST API on each Array Manager. Use the MailMarshal Server Tool to configure this certificate.
All other configuration of Syslog is through the SPE Management Interface.
MailMarshal SPE 4.X/MailMarshal SMTP 8.3.X
You must import a certificate in the MailMarshal Configurator (Trustwave SEG Properties > Syslog).
To make this page accessible you must first add Registry keys that are not generated in SPE installations:
- On the Array Manager, open Regedit.
- Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Trustwave\Secure Email Gateway\Default\Syslog
- Add the following keys (not values):
- Message
- Content
- RejectedMessage
- QuarantineAudit
- You can now view this dialog and use the certificate wizard to upload a certificate.
Once this information is entered and committed, use the SPE Management Interface to configure Syslog global and customer settings.