Congratulations on deploying Netmail Secure! Now what? With all the features Netmail Secure has to offer, you may not know where or how to configure the various settings in the Netmail Administration Console. This quickstart guide addresses the most common topics or questions you may have as you get started with Netmail Secure.
Note: For more information about Netmail Secure, refer to the Netmail Secure Administration Guide.
1. System Status
You can verify the status of your Netmail Secure system at any time, either through the Netmail Administration Console or a command line.
Netmail Administration Console:
- Refer to the Diagnostics tab for Netmail Platform (and mail system) status information.
- Consult the Node Dashboard tab for information about your Netmail Secure node, including system information, mail traffic, and filtered messages. Navigate to Secure > Clusters > YourCluster > Nodes > YourNode to access the Node Dashboard tab. Click Details or Live Logs for more detailed information.
A command line can be used to help determine whether or not messages are flowing through your Netmail Secure system. Open a command prompt, and run the following command:
to /opt/ma/netmail/bin/stats -r=10
Numbers indicate that messages are flowing. If you do not see any numbers, there may be an issue with message flow.
2. Agent Configuration
To view which Netmail Secure agents have been enabled or what custom agent configurations you have applied, navigate to Secure > Clusters > YourCluster > Agents. Click on an individual agent to view or modify its settings.
3. Policy Application
Netmail Secure policies can be applied at the system, domain, group, or user level. You can view which policies have been applied to which domain, groups, and/or users at any time through the Netmail Administration Console. Here is how you can view your settings:
- System Level: To see which policies have been applied to all domains within your system, navigate to Secure > Domains.
- Domain Level: To see which policies have been applied to individual domains, navigate to Secure > Domains > YourDomain1.com (or YourDomain2.com, YourDomain3.com, etc.).
- Group Level: To see which policies have been applied to individual groups, navigate to Secure > Domains > YourDomain.com > YourGroup1.com (or YourGroup2.com, YourGroup3.com, etc.).
- User Level: To see which policies have been applied to individual users, navigate to Secure > Domains > YourDomain.com > Users.
4. Policy Types
To view the types of polices you can create with Netmail Secure, navigate to Secure > Policies. A large number of default policies and templates are available, which can be used out-of-the-box or modified to suit your organization's needs. It is also possible (and recommended) to create new polices from scratch to ensure that all your security needs are met.
Netmail Secure offers the following types of polices:
- Anti-Spam, Anti-Virus, Attachment Blocking, Content Filter (if licensed): These policies function as their names suggest and can be applied at the system, domain, group, and user levels.
- Executive reports: These reports can be assigned to administrators at both the group and individual user levels.
- Lists: This policy allows you to create lists of email addresses, domain names, or IP addresses that will always be blocked or allowed by Netmail Secure. The policy is applied to messages after the initial SMTP transaction, so names can be included in the lists. This policy is applied at the system (all domains) or individual domain (YourDomain) level.
- Mail Route: This policy authenticates your users to calculate the license count. Inbound mail is delivered via the Delivery Route. Additional mail routes may be configured, for example, to route mail via a mail encryption system.
- Notifications: This policy can be applied to other Netmail Secure policies (e.g., Attachment Blocking) to notify recipients, senders, or administrators when blocked content has been detected by Netmail Secure.
- Outbound Limits: This policy can prevent your organization from being blacklisted in the event a machine or user account is compromised. Care must be taken when configuring an Outbound Limits policy so as not to impact legitimate mail.
- Quarantine: There are 3 main types of Quarantine policies: Actions, Management, and Reports. The Actions policy allows you to configure what actions users can take with their quarantined mail. The Management policy allows you to manage when items are deleted from quarantine, The Reports policy allows you to configure quarantine reports which can be delivered as administrator-sent email messages. Quarantine Reports policies are applied in the same way other policies are applied (system, domain, group, or user level).
5. SMTP Modules
The SMTP modules define what actions are taken on messages at the SMTP level. At this level, allow and block actions are taken based on IP addresses only. Commonly used SMTP modules include DBL, RBL and SPF. Many SMTP modules have both upsides and downsides, and may cause legitimate mail to be blocked.
6. Message Tracking
To track messages in Netmail Secure, navigate to the Secure > Message Tracking tab. If you want, enter search criteria to narrow your message search. In the list of search results, click View next to individual messages to see how they were processed by the various agents and components of Netmail Secure.
Quarantined messages can be viewed through the Netmail Administration Console (administrators) or a web browser (end users).
Quarantine in the Netmail Administration Console
As a Netmail administrator, it is possible to view quarantined messages for your domain(s) from within the Netmail Administration Console by navigating to the Secure > Quarantine tab. You can narrow your search by user and/or filter. You can also safely view individual messages and examine their message headers before releasing or deleting the messages.
End users can view their personal quarantined messages through a web browser. To do so, they need to enter the hostname or IP address of the Netmail Secure server in their browser and then log in with their network credentials. The actions they can take on their quarantined messages depend on the settings in the Quarantine > Quarantine Actions policy.
8. Restarting Services
If you need to restart services for Netmail Secure, you can do so either through the Netmail Administration Console or via a command line.
Netmail Administration Console:
Navigate to the Secure > Clusters > YourCluster > Physical Hosts tab. Click Restart next to the node(s) for which you want to restart services.
To restart services with a command line, open a command prompt, and run the following command:
service netmail restart
9. Network Time Protocol (NTP)
Netmail Secure uses NTP servers to synchronize the clocks of nodes belonging to the same cluster. If there is a mismatch in time synchronization between any of the nodes, mail flow may be interrupted. As such, it is important to check the time on a Netmail Secure server and to synchronize the clock to a public NTP server. Refer to the following knowledge base article for information on how to do so: Mail Flow is Interrupted in Multi-Node Netmail Secure Deployments due to a Server Time Synchronization Mismatch.
It is recommended that CFS auto-discovery is disabled for Netmail Secure nodes, and that the IP addresses of the nodes are included in the cfsd.conf file.
10. Reporting False Positives and/or False Negatives
If you receive a false positive and/or false negative spam message, forward the message to email@example.com, and notify support at firstname.lastname@example.org. Please forward the message as an attachment to ensure that the message header remains intact.