MailMarshal allows you to configure a number of advanced settings. These settings default to values that are reasonable in the majority of cases. In specific cases you may need to change them. For full details of the settings, see Help for each pane on the Advanced Setting window.
9.14.1 MailMarshal Properties – Advanced
These options affect delivery and processing of email. If more than one MailMarshal server is included in an array, these options affect all servers. Some options can be overridden for each processing node (see “Customizing Settings for Nodes”).
Engine Blended Threats exclusions
Allows you to maintain a list of domains (or domain wildcard patterns) that will never be rewritten for Blended Threat scanning.
Engine Executive Name List
Allows you to maintain a list of personal names and/or email addresses that will be used to help with detection of targeted fraud email for all incoming messages managed by this server. You can also maintain separate lists for each domain, using the Local Domain settings. For more information about this facility, see the technical reference “MailMarshal BEC Fraud Detection Basics,” available from the documentation section of the Trustwave website.
Engine Advanced options
Allows you to set options for RTF stamping and unpacking depth.
Receiver Advanced options
Allows you to set behaviors of the MailMarshal Receiver, including greeting strings, advertising of ESMTP, and other items.
Sender Advanced options
Allows you to set behaviors of the MailMarshal Sender, including ESMTP sending and deadlettering options.
Allows you to configure threading for optimal performance.
Templates
Allows you to override the administrative notification messages built in to MailMarshal.
Times
Allows you to set retry and expiration timeouts for the Receiver and Sender services.
Commit Scheduling
Allows you to specify times of day when configuration changes should be committed at the MailMarshal node processing servers. This functionality is designed to allow deferred commits so as to minimize impact on systems during the business day. The commit schedule is relative to the time zone of each processing server.
Allows you to configure and enable the connection to an archiving server where MailMarshal will send copies of messages for long term archiving. See Help for details.
Product Improvement Program
Allows you to opt in or out of the Product Improvement Program. See Help for details.
To configure advanced server options:
1.In the left pane of the Management Console, click System Configuration.
2.In the right pane menu tree, navigate to the required option, found under Advanced System Properties, Engine Properties, or other Advanced items.
3.Specify the appropriate values. For more information about the options, click Help.
4.Click Save.
The Advanced Settings page of the Console (Configuration > Advanced Settings) allows you to manage additional detailed settings for the MailMarshal installation. These settings generally replace the Registry configuration items that were used in earlier versions. For more information see Help and Trustwave Knowledgebase articles.
The Console also includes an Advanced Settings page for each email processing server, found under Management > Mail Servers.
9.14.3 Setting Up Syslog Integration
MailMarshal can send advanced information about messages and message handling to a Syslog server. Information that can be sent includes:
•Message records
•Content (message attachment) information
•Rejected message (connection blocking) details
•Quarantine Audit (message release) details.
|
Note: The MailMarshal Syslog integration does not handle Windows event log messages. You can forward event log information to a Syslog server using third party tools. |
Before enabling Syslog in the Management Console, you must create a database to store the formatted information temporarily before it is sent. To configure this database, use the MailMarshal Server Tool (Array Manager > Syslog Database tab).
To configure Syslog servers and record formats:
1.In the left pane of the Management Console, click System Configuration.
2.Navigate to Array Properties > Syslog.
3.Select Enable Syslog, and then configure the information required to connect to the Syslog server. You can select:
•The server name or IP address and listening port
•The transport method (UDP, TCP, or TCP with TLS)
•If you select TCP with TLS, the certificate of the Array Manager REST API interface is used.
•The record format
•The hostname and application name to include in the Syslog records
4.In the Templates section, select the types of data to be sent, and configure templates to control the data included in each record.
For more information, click Help.
9.14.4 Setting Up Azure Information Protection Integration
MailMarshal can scan documents protected by Azure Information Protection (AIP) Rights Management.
MailMarshal provides full support for the following (including scanning, message repacking, and viewing in the Console), provided that MailMarshal has the correct rights to read the protected content:
•Restricted-permission message (RPMSG)
•Office documents in either binary format (also known as compound files), or ECMA-376 Office Open XML format.
•Generic pfiles (files unpacked from a protected message, including images, documents, zip files, and any files supported by MailMarshal).
|
Note: MailMarshal does not scan or change documents delivered by direct link (where the email client does not support AIP Rights Management and the user clicks a link that retrieves the document from Azure directly). In these cases the original content is delivered over the link, and MailMarshal does not have access to this data. |
Before enabling AIP in the Management Console, you must install the Rights Management Service (RMS) Client on all processing servers. The RMS Client installer is available from a link on the MailMarshal installer Prerequisites page.
To validate the presence of the RMS client:
1.In the left pane of the Management Console, click System Configuration.
2.Edit the properties of each server, and navigate to the Azure Information Protection tab.
To enter and validate AIP credentials:
1.In the left pane of the Management Console, click System Configuration.
2.Navigate to Array Properties > Azure Information Protection.
For more details, see Trustwave Knowledgebase article Q21029, and Help for this Management Console page.
|
Caution: If you enter and commit incorrect details for AIP, messages that require the AIP RMS functionality will be deadlettered. If AIP RMS components are detected in a message but no AIP credentials are available, this fact is logged in the Engine log. |
9.14.5 Setting Node Properties – Advanced
These options affect delivery and processing of email. If more than one MailMarshal server is included in an array, these options can be set for each server.
•Receiver Binding
•Server Host Name
•Notification Delivery
For more information about these settings, see “Customizing Settings for Nodes”.
9.14.6 Working with Array Communications
When MailMarshal is configured as an array of servers with an Array Manager and one or more other servers as email processing servers, the MailMarshal servers communicate over TCP/IP. By default, MailMarshal uses port 19001. If the Array Manager and email processing services are installed on the same server, by default the email processing services use port 19002.
You can configure these settings using the MailMarshal Server Tool, which is installed on each server. You must configure the settings on each server individually.
|
Note: Do not attempt to make changes in the MailMarshal Management Console application while using the Server Tool. |
9.14.6.1 Changing Array Port Settings
You can change the TCP ports used by the MailMarshal services. For instance, you may want to alter the default port numbers to enhance security.
To change the port settings:
1.Log on to the server using an account with Administrator permissions.
2.Run the MailMarshal Server Tool from the MailMarshal Tools group in the MailMarshal program group.
3.If the server is an email processing server (not an Array Manager or standalone server):
a.On the Node > Array page, you can change the Node Port used by the services to listen for communications from the Array Manager. When you apply this change and restart the services, MailMarshal will report the change to the Array Manager.
b.You can also change the Array Manager port used by the services to connect to the Array Manager. This entry must match the port specified at the Array Manager.
4.If the server is an Array Manager: On the Array Manager > Ports page, you can change the port used by the Array Manager to accept connections from email processing servers and the SQM component.
|
Note: If you change this value, to restore full functionality you must also change the corresponding value in the SQM website configuration if installed. |
9.14.6.2 Changing the Database Location
You can change the location of the MailMarshal database using the Server Tool on the Array Manager server. Because most configuration information is stored in the database, in general you should only use this option if you must change the Microsoft SQL Server on which the database is hosted.
When you create a new database, MailMarshal does not retain Spam Quarantine Management logins and related data.
To change the database location:
1.Back up the MailMarshal configuration.
2.Log on to the Array Manager server using an account with Administrator permissions.
3.Run the MailMarshal Server Tool from the MailMarshal Tools group in the MailMarshal program group.
4.If you want to move the existing database:
a.Stop all MailMarshal services.
b.Move the database to the new location using Microsoft SQL Server tools.
5.On the Database page, enter the new SQL Server name and database name. Click Apply. If necessary, MailMarshal will present options to use or recreate an existing database. If you have moved a database and selected it, choose Use and click OK.
6.If the Array Manager also hosts a processing node, MailMarshal will offer to rejoin the node to the array. You must complete this step either now or later.
7.MailMarshal will ask to restart services. You must complete this step either now or later.
8.Restore the MailMarshal configuration.
9.If the installation is an array with additional processing nodes, use the Server Tool on each email processing server to rejoin the servers to the array. See “Joining a Node to an Array”.
9.14.7 Changing Folder Locations
You can change the default location for MailMarshal logging, quarantine, message unpacking, and message queues on each email processing server using the MailMarshal Server Tool. For more information about the how these folders are used, see “Understanding MailMarshal Folder Locations”.
To change the locations of folders:
1.Using the MailMarshal Management Console, stop the MailMarshal services on the email processing server where you want to move folders.
2.Log on to the email processing server using an account with Administrator permissions.
3.Run the MailMarshal Server Tool from the MailMarshal Tools group in the MailMarshal program group.
4.On the Array Manager > Folders page and/or the Node > Folders page, change the locations. You can enter a full path relative to a local drive letter, or a partial path relative to the MailMarshal installation folder.
5.Click OK. The Server Tool will offer to copy files from the old locations. The Server tool will also offer to restart the MailMarshal services.
6.The Server Tool will not delete files from the old locations. You can safely do so using normal Windows procedures.
|
Note: You can change the location of an individual folder. For more information, see “Working with Folders”. |