Page 1 Email Firewall User Guide User Guide for the 3Com http://www.3com.com/ Part No. DUA-MFA100-AAA01 Published January 2005 ® Email Firewall...
Page 2 3Com Corporation and its licensors reserve the right to revise this documentation and to make changes in content from time to time without obligation on the part of 3Com Corporation or its licensors to provide notification of such revision or change.
Page 3: Table Of Contents
ONTENTS BOUT UIDE Conventions Related Documentation Documentation Comments MAIL IREWALL Deployment and Installation Installation Features Anti-Spam Anti-Virus Scanning Malformed Email Checks Attachment Control Email Security Reporting System Administration Main Menu ONFIGURING Mail Routing Additional Mail Route Rules Delivery Settings Delivery Settings Gateway Features Default Mail Relay BCC All Mail...
Page 4 Virtual Mappings Uploading Virtual Mapping List ONFIGURING Anti-Virus Notifications Pattern Files Attachment Control Notifications Editing Attachment Types Mail Access/Filtering Specific Access Patterns Pattern Based Message Filtering Message Restrictions SMTP Authenticated Relay SMTP Banner SMTP Security Incoming Mail Mail Delivery Malformed Email ONFIGURATION Anti-Spam Features Spam Action...
Page 5 Objectionable Content Filtering Actions Notifications Upload and Download Filter List Trusted Senders List Adding Trusted Senders Spam Quarantine Spam Quarantine Configuration User Notification Set Redirect Action for Anti-Spam Features Enabling User Access on a Network Interface Examining the Quarantine Quarantine and Trusted Senders List Users Upload and Download User Lists Enabling User Access on a Network Interface Advanced Anti-Spam Options...
Page 6 Time Zone Network Configuration Mail Configuration Admin Account System Users Creating an Admin User Upload and Download User Lists Enabling User Access on a Network Interface Network Settings Network Interfaces Advanced Parameters Web Proxy Static Routes Licensing Installed License License Agreements License Renewal or Upgrade SSL Certificates Software Updates...
Page 7 CTIVITY Monitoring Mail Processing Activity Mail Server Status Mail Queue (Mail Q) Mail Queue Statistics Mail Received Recently Troubleshooting Mail Queue Problems Email Firewall Status System Alarms Licensing BorderWare Mail Security Services Network Settings Report Problems Troubleshooting Mail Delivery Problems...
Page 9: About This Guide
Firewall. It assumes a working knowledge of TCP/IP network and email communications protocols. For more detailed information on 3Com Email Firewall installation, please see the accompanying Installation Guide. If release notes are shipped with your product and the information there differs from the information in this guide, follow the instructions in the release notes.
Page 10: Conventions
BOUT UIDE Conventions Table 1 Table 1 Notice Icons Table 2 Text Conventions Convention Screen displays This typeface represents information as it appears on the Syntax Commands The words “enter” and “type” Keyboard key names If you must press two or more keys simultaneously, the key Words in Table 2 list conventions that are used throughout this guide.
Page 11: Related Documentation
Related In addition to this guide, each 3Com Email Firewall documentation set Documentation includes the following: ■ ■ Documentation Your suggestions are very important to us. They will help make our Comments documentation more useful to you. Please send comments about this document to 3Com via the following URL: http://www.3com.com/corpinfo/en_US/contactus/index.html...
Page 12 BOUT UIDE...
Page 13: Om Email Firewall Overview
The 3Com Email Firewall is installed behind the existing firewall on the Internal network. Inbound mail will be forwarded from the Firewall or Router to the 3Com Email Firewall where it will be scanned, processed, and then sent to your internal mail server for delivery.
Page 14: Installation
3Com Email Firewall. Features The following sections provide an overview of the main features of the 3Com Email Firewall. Anti-Spam The 3Com Email Firewall contains a variety of powerful features to prevent spam messages, including the following: ■ ■ Anti-Virus Scanning The 3Com Email Firewall provides a built-in virus scanning service.
Page 15: Attachment Control
Communications between email gateways that are normally sent in clear text can be protected from interception and eavesdropping via TLS (Transport Layer Security) encryption. Reporting The 3Com Email Firewall's reporting features allow you to create customized reports on mail and system activity, including the following: Traffic Summary ■...
Page 16: System Administration
1: 3C HAPTER MAIL System The 3Com Email Firewall is administered via a web browser. Administration The following web browsers are supported: ■ ■ ■ ■ Your web browser must have cookies enabled to be able to connect and login to the 3Com Email Firewall.
Page 17: Main Menu
Main Menu The main menu provides quick access to the 3Com Email Firewall’s configuration and management options. The menu is divided into the following sections: Activity — The ■ information on mail processing activity, such as the number of messages in the mail queue, the number of different types of messages received and sent, and current message activity.
Page 18 IREWALL VERVIEW Reporting — This menu allows you to view and configure the reporting and system log features of the 3Com Email Firewall. System Configuration — This menu allows you to view and modify system configuration settings such as: The Setup Wizard ■...
Page 19: Configuring Mail Delivery
This chapter describes how to configure your 3Com Email Firewall to accept and deliver mail, and includes the following topics: ■ ■ ■ ■ Mail Routing Mail Routes are used to define the domains you will be accepting mail for, and where locally to deliver the mail such as an internal Microsoft Exchange mail server.
Page 20 2: C HAPTER ONFIGURING ■ ■ ■ The KeepOpen option should only be used for domains that are usually very reliable. If the domain is unavailable, it may cause system performance problems due to excessive error conditions and deferred mail. A list of domains can also be uploaded in one text file.
Page 21: Additional Mail Route Rules
Additional Mail Route When adding an additional mail route for a local email server, you must Rules add a Specific Access Pattern and a Pattern Based Message Filter to trust mail from that server for Anti-Spam training purposes. These procedures are not required for the default mail route you configured at installation time with the Setup Wizard.
Page 22 2: C HAPTER ONFIGURING 4 Select 5 Select Trust for the action if the pattern matches, and click OK. Adding a Pattern Based Message Filter 1 Select Mail Delivery -> Mail Access/Filtering from the menu. Select Pattern Based Message Filtering. 2 Click Add to add a new filter rule.
Page 23: Delivery Settings
Strip Received Headers — Strip all Received headers from outgoing messages. Relay To — (Optional) Enter an optional hostname or IP address of a mail server (not this 3Com Email Firewall) to relay mail to for all email with unspecified destinations. A recipient's email domain will be Delivery Settings...
Page 24: Bcc All Mail
This option sends a blind carbon copy (BCC) of each message that passes through the 3Com Email Firewall to the specified address. This address can be local or on any other system. Once copied, the mail can be effectively managed and archived from this account.
Page 25: Advanced Delivery Settings
Advanced Delivery Click the Advanced button to reveal options for advanced SMTP (Simple Settings Mail Transport Protocol) settings and SMTP notifications. Advanced SMTP Settings SMTP Pipelining — Pipelining allows more than one SMTP command ■ to be inserted into a network packet which reduces SMTP connection times.
Page 26: Mail Mappings
2: C HAPTER ONFIGURING ■ ■ ■ ■ Mail Mappings Mail Mappings are used to map an external address to a different internal address and vice versa. This is useful for hiding internal mail server addresses from external users. For mail originating externally, the mail mapping translates the address in the To: and CC: mail header field into a corresponding internal address to be delivered to a specific internal mailbox.
Page 27: Uploading Mapping List
Click Add to add a new mapping to your list. ■ ■ ■ Click Update when finished. Uploading Mapping List A list of mappings can also be uploaded in one text file. The file must contain comma or tab separated entries in the form: ["sender"...
Page 28: Virtual Mappings
From: headers in the mail, as virtual mappings modify the envelope-recipient address. For example, the 3Com Email Firewall can be configured to accept mail Email Firewall to distribute mail to multiple internal servers based on the Recipient: address of the incoming mail.
Page 29: Uploading Virtual Mapping List
Virtual Mappings Uploading Virtual A list of virtual mappings can also be uploaded in one text file. The file Mapping List must contain comma or tab separated entries in the form: [map_in],[map_out] For example: user@example.com,user user@example.com,user@example2.com @example.com,@example2.com virtmap.csv The file ( ) should be created in csv file format using Excel, Notepad or other Windows text editor.
Page 30 2: C HAPTER ONFIGURING ELIVERY...
Page 31: Configuring Mail Security
■ ■ Anti-Virus The 3Com Email Firewall provides a built-in virus scanning service. When enabled, all messages (inbound and outbound) passing through the 3Com Email Firewall are scanned for viruses. Viruses can be selectively blocked depending on whether they are found in inbound or outbound messages.
Page 32 HAPTER ONFIGURING ECURITY Select Mail Delivery -> Anti-Virus from the menu to enable and configure virus scanning. Enable virus scanning — Select the check box to enable virus ■ scanning. Quarantine unopenable attachments —This option is enabled by ■ default to quarantine attachments that are password-protected and flag them in the logs as "suspicious".
Page 33: Notifications
Anti-Virus Notifications Notifications for inbound and outbound messages can be enabled for all recipients, the sender, and the administrator. Customize the content for Inbound Outbound notification in the corresponding text boxes. for a full Appendix A “Customizing System Messages” page 125 list of variables that can be used.
Page 34: Attachment Control
Viruses — Attachments that can potentially contain viruses can be blocked. Offensive Content — The 3Com Email Firewall can block the transfer of images which reduces the possibility that an offensive picture will be transmitted to or from your company mail system.
Page 35: Notifications
Attachment Control Notifications Notifications for inbound and outbound messages can be enabled for all recipients, the sender, and the administrator. Customize the content for Inbound Outbound notification in the corresponding text boxes. for a full Appendix A “Customizing System Messages” page 125 list of variables that can be used.
Page 36: Editing Attachment Types
3: C HAPTER ONFIGURING ECURITY Editing Attachment Click the Edit button to edit your attachment types. You can add file .mp3 image/gif Types extensions ( ), or MIME content types ( ). For each attachment type, choose whether you want to "BLOCK" or "Pass" the attachment.
Page 37: Mail Access/Filtering
Mail Access/Filtering Mail Access/Filtering The 3Com Email Firewall provides a number of filtering options to ensure that specific mail messages are not accepted from the incoming SMTP connection. Mail Access/Mail Filtering In the settings, you can specify patterns to match for on incoming connections and configure an appropriate action.
Page 38: Specific Access Patterns
HAPTER ONFIGURING Specific Access Patterns Click the Add Pattern button to add a new specific access pattern. ■ ■ Only the Client Access parameter can be relied upon because spammers can easily forge all other message properties. The other parameters, however, are useful for whitelisting.
Page 39: Pattern Based Message Filtering
Maximum message size — Set the maximum message size (in bytes) that will be accepted by the 3Com Email Firewall. Ensure that the specified size can accommodate email attachments. Minimum Free Queue Space (Advanced)— Set the minimum free queue space available (in bytes) before the system will stop receiving mail.
Page 40: Smtp Authenticated Relay
Client systems must use a login and password to authenticate to the system before being allowed to relay mail. Authenticated relay can also allow authorized mail servers to use this 3Com Email Firewall as a relay. Users must have a local account on this 3Com Email Firewall for the feature to work.
Page 41: Smtp Security
■ Encryption can be enforced between particular systems, such as setting up an email VPN between two 3Com Email Firewalls at remote sites. Encryption can also be set as optional so that users who are concerned about the confidentiality of their messages on the internal network can specify encryption in their mail client when it communicates with the 3Com Email Firewall.
Page 42: Incoming Mail
HAPTER ONFIGURING ECURITY Select Mail Delivery -> SMTP Security from the menu to enable and configure email encryption. Incoming Mail Accept TLS — Enable this option to accept SSL/TLS for incoming mail ■ connections. Require TLS for SMTP AUTH — This value is used to require SSL/TLS ■...
Page 43 Specific Site Policy This option supports the specification of exceptions to the default settings for SSL/TLS. For example, you may need to exempt a mail server from using SSL/TLS because of lack of TLS support. To exempt a system, specify the IP Address or FQDN (Fully Qualified Domain Name) of the remote mail server in the Select Don't Use TLS from the dropdown box and click the Update button.
Page 44: Malformed Email
Other types of malformed messages are designed to attack mail servers directly. These types of messages are often used in denial-of-service (DoS) attacks. The 3Com Email Firewall analyzes each message with very extensive integrity checks. Malformed messages are quarantined if they cannot be processed.
Page 45 Actions — Select an action to be performed. Options include: ■ Just log: Log the event and take no further action. ■ Reject mail: The message is rejected with notification to the ■ sending system. Quarantine mail: The message is placed into quarantine. ■...
Page 46 3: C HAPTER ONFIGURING ECURITY...
Page 47: Anti -Spam Configuration
■ ■ ■ ■ ■ ■ ■ Anti-Spam Features The 3Com Email Firewall contains a variety of powerful features to prevent spam messages, including the following: ■ ■ ONFIGURATION Anti-Spam Features Pattern Based Message Filtering Objectionable Content Filtering Trusted Senders List...
Page 48 4: A HAPTER ONFIGURATION Select Mail Delivery -> Anti-Spam from the menu to configure the 3Com Email Firewall’s Anti-Spam features. the preselected Anti-Spam features. Possible actions include: CAUTION: If you set the global Anti-Spam action to User Quarantine Mail, you must ensure you have local Spam Quarantine users configured to accept the messages.
Page 49 The database records how many of each message is submitted. If requested, the DCC server can return a count of how many instances of a message have been received. The 3Com Email Firewall uses this count to determine the disposition of a message.
Page 50: Chapter 4: Anti -Spam
4: A HAPTER ONFIGURATION ■ STA (Statistical Token Analysis) is a sophisticated method of identifying spam based on statistical analysis of mail content. Simple text matches can lead to false positives because a word or phrase can have many meanings depending on the context. STA provides a way to accurately measure how likely any particular message is to be spam without having to specify every word and phrase.
Page 51 Mail identified as "bulk" by DCC is also analyzed to provide an ■ example of local spam. Select STA from the Mail Delivery -> Anti-Spam menu to configure STA settings. STA Mode — Use one of the following three modes for STA: ■...
Page 52: Spam Action
4: A HAPTER ONFIGURATION Spam Action Specify an action when STA flags a message as spam. ■ ■ Maybe Spam Action This features allows you to take action on messages that STA identifies as “maybe spam” which indicates it could be spam but may also be legitimate mail.
Page 53: Diagnostics
Redirect to: The message will be delivered to the mail address ■ specified in Action Data. Reject mail: The mail will not be accepted and the connecting mail ■ server is forced to return it. BCC: The message will be copied to the mail address specified in ■...
Page 54: Sta Training
STA database. Click the Delete Training button to delete all training material if your 3Com Email Firewall has been misconfigured and starts to treat legitimate mail as spam or vice versa. Pattern Based...
Page 55: Message Part
Pattern Based Message Filtering Some default PBMF rules are provided and more can be added by clicking the Add button. Message Part Message Part Select a from the dropdown list. The following diagram and sections explain each part of the mail message.
Page 56 4: A HAPTER ONFIGURATION Message Envelope Parameters These parameters will not be visible to the user. They are the “handshake” part of the SMTP protocol. You will need to look for these in the transport logs or have other knowledge of them. ■...
Page 57 Message Header Parameters Spammers will typically enter false information into these fields and, except for the Subject field, they are usually not useful in controlling spam. These fields may be useful in whitelisting certain users or legitimate source of email. <<Mail Header>>...
Page 58: Match Option
4: A HAPTER ONFIGURATION Match Option The match option looks for the specified text in each line. You can specify one of the following: ■ ■ ■ ■ ■ Pattern Enter the pattern you wish to search for. Priority Select a priority for the filter ( read before making the decision.
Page 59: Upload Or Download File
■ ■ Upload or Download You can create a list of PBMF rules and upload them together in one file. File The file must contain comma or tab separated entries in the form: [Section],[type],[pattern],[action],[priority(seq)],[rulenumber] For example: to:,contains,user@example.com,reject,medium,1 The file ( Notepad or other Windows text editor.
Page 60 4: A HAPTER ONFIGURATION ■ ■ Modify Subject Header: The text specified in Action Data will be ■ inserted into the message subject line. Add header: An "X-" mail header will be added as specified in the ■ Action Data. Redirect to: The message will be delivered to the mail address ■...
Page 61: Objectionable Content Filtering
Objectionable The Objectionable Content Filter defines a list of key words that will Content Filtering cause a message to be blocked if any of those words appear in the message. Select Objectionable Content Filtering from the Mail Delivery -> Anti-Spam menu to configure the filter. Actions You can set actions for both inbound and outbound messages.
Page 62: Notifications
Trusted Senders List. Additionally, the Trusted Senders List only applies to PBMF “Spam” messages with a low priority. Local 3Com Email Firewall users can log in and create their own list of Trusted Senders. The Trusted Senders List must first be enabled globally by the administrator by clicking on Trusted Senders List in the Mail Delivery ->...
Page 63: Adding Trusted Senders
Spam Quarantine. on how to add local users to the system. Log in to the 3Com Email Firewall and select Trusted Senders in the left menu. Enter an email address and then click the Add button. The specified address will bypass the 3Com Email Firewall’s Anti-Spam controls when...
Page 64: Spam Quarantine
This will redirect the message to the spam quarantine where it will be placed in a folder for that particular user. Users can log in to the 3Com Email Firewall and manage their quarantined spam. Messages can be viewed, returned to the inbox, or deleted.
Page 65: User Notification
For each Anti-Spam feature (DCC, STA, and so on) that you want to use Anti-Spam Features the user Spam Quarantine, you must set the Action to the Action Data to the 3Com Email Firewall address such as mail.example.com CAUTION: You must ensure you have local Spam Quarantine users configured to accept the quarantined message.
Page 66: Enabling User Access On A Network Interface
Select the User Access check box to allow access to the Spam Quarantine via this interface. Click Apply to save the network settings. Examining the Local Email Firewall users can log in and examine the messages in their Quarantine Spam Quarantine. Messages in the quarantine can be released back into...
Page 67: Quarantine And Trusted Senders List Users
Quarantine and You must add local users to the 3Com Email Firewall if you require the Trusted Senders List ability for users to view the Spam Quarantine or configure their Trusted Users Senders Lists. Select System Config -> Users from the menu.
Page 68: Upload And Download User Lists
4: A HAPTER ONFIGURATION Upload and Download You can upload lists of users using comma or tab separated text files. User Lists You can specify the login ID, password, email address, and disk quota in megabytes. Use the following format: [login],[password],[email address],[quota] For example, user,ajg7rY,user@example.com,0...
Page 69: Advanced Anti-Spam Options
The RBL mechanism is based on DNS. Every server that attempts to connect to the 3Com Email Firewall will be looked up on the specified RBL servers using DNS. If the server is blacklisted, then the server is considered an origin of known spam and the connection dropped.
Page 70: Mail Access/Filtering
Mail Access/Filtering settings. Anti-Spam Header This feature adds a header to scanned email messages displaying the results of the 3Com Email Firewall’s Anti-Spam processing. The header output is similar to the following: X-AntiSpam: sta:false/0/020,dcc:off,rbl:off,wlbl:none Add header: An "X-" mail header will be added as specified in the ■...
Page 71: Reporting
This chapter describes the reporting features of the 3Com Email Firewall, and includes the following topics: ■ ■ ■ ■ ■ Generating Reports The 3Com Email Firewall's reporting features provide a comprehensive range of informative reports including the following: ■...
Page 72: Report Configuration
5: R HAPTER EPORTING Administrators can specify which data is to be included in each report, how it is to be displayed, the order of data, and the number of entries to report, such as “Top 10 Disk Space Users”. Select Reporting from the menu to view and configure reports.
Page 73: Report Generation
Paper Size — For PDF format, select the paper size such as Letter, A4, ■ or Legal. Describe fields in report — Select this option to include a short ■ description of each field in the report. Report Generation Enable Auto Generate — Select this check box to automatically ■...
Page 74: Report Fields
5: R HAPTER EPORTING Report Fields information you wish to include in the report. You can include or exclude fields as required. Use the that field, such as listing the “Top Ten” viruses. Table 3 Report Field Descriptions Field System name Date time Version Timespan...
Page 75 Field Description Blocking pie chart A pie chart of the same data as the right hand column of Traffic Blocking (timespan). Total traffic Received Graphs of the number of messages received per hour over the reporting period (timespan). Total traffic sent Graphs of the number of messages sent per hour over the reporting period (timespan).
Page 76 5: R HAPTER EPORTING Field Top senders Top sending hosts Top recipients DCC Servers RBL Servers End comment Extra comment Description The top sender (judged by Envelope from, not Header from) during the report timespan, sorted by number of messages. If the title contains one or more comma characters, the list will be restricted to those senders which include any string after the first comma.
Page 77: System Logs
Select Reporting -> System Logs from the menu to view the log files. The Mail Transport log is the most important log to monitor because it contains a record of all mail processed by the 3Com Email Firewall. Other logs include: ■...
Page 78: Viewing Log Details
5: R HAPTER EPORTING Viewing Log Details Select a specific log to view, search, and download its detailed entry information. syslog Configuring a Syslog Logs can also be forwarded to a server which is a host that collects Server and stores log files from many sources. You can define a syslog host in the System Config ->...
Page 79: Email History
Email History Email History Every message that passes through the 3Com Email Firewall generates a database entry that records information about how it was processed, including a detailed journal identifying the results of the mail processing. Select Reporting -> Email History from the menu to view the message history.
Page 80: System History
5: R HAPTER EPORTING System History The system history is a record of system events, such as login failures, and disk space and CPU usage. Select Reporting -> System History from the menu to view the system event history. Event Types The following table describes the event types that can appear in the System History database.
Page 81 Event Type Description DCC Preferred The round trip time to preferred DCC server Disk IO MB per second transfer, KB per transfer, transfers per second for a disk Disk Usage Amount of used and total available disk space for each disk slice Logins A single web...
Page 82: Configure History Settings
5: R HAPTER EPORTING Configure History In the Settings many emails and system events to keep in the logs and how long you want to keep them. Setting higher values will use up more disk space and cause backups to take much longer to complete if they include the reporting data.
Page 83: System Configuration
This chapter describes how to view and modify the system configuration of the 3Com Email Firewall, and includes the following topics: ■ ■ ■ ■ ■ ■ ■ ■ ■ Setup Wizard The Setup Wizard can quickly guide you through the steps to change your networking or system mail setup information.
Page 84: Change Password
6: S HAPTER YSTEM ONFIGURATION Select System Config -> Setup Wizard from the menu to start the Setup Wizard. Click Finish at any time to exit the Setup Wizard. Click Back to go to the previous step. Change Password Enter your old password and set a new password if required. Click Apply if you have made any changes.
Page 85: Network Configuration
Setup Wizard Network Configuration Modify your network settings if required, and click Apply if you have made any changes. If you do not want to modify your networking information, click Next to continue. Mail Configuration Modify your mail configuration and proxy settings if required, and click Apply if you have made any changes.
Page 86: Admin Account
Click Add Admin User to create a new user with admin privileges. System Users You must add local users to the 3Com Email Firewall if you require the ability to view the user Spam Quarantine or configure the Trusted Senders Lists.
Page 87: Creating An Admin User
If this user will be an additional administrator for this 3Com Email Administrator Privileges Firewall, select the Full Admin option in the section. When a Full Admin user logs into the 3Com Email Firewall, they must click the Administration link on the left menu to open up the admin menu.
Page 88: Upload And Download User Lists
6: S HAPTER YSTEM ONFIGURATION Upload and Download You can upload lists of users using comma or tab separated text files. You User Lists can specify the login ID, password, email address, and disk quota in megabytes. Use the following format: [login],[password],[email address],[quota] For example, user,ajg7rY,user@example.com,0...
Page 89: Network Settings
Hostname — Enter the hostname (not the full domain name) of the 3Com Email Firewall, such as mail.example.com Domain — Enter the domain name, such as Gateway — Enter the default gateway for this 3Com Email Firewall. This is typically your network router. Syslog host — Enter an optional syslog server collects and stores log files from many sources.
Page 90: Network Interfaces
■ Network Interfaces section, you can modify your network interface IP Address — Enter the IP address for this 3Com Email Firewall. Netmask — Enter the appropriate netmask for your network. Media — Select the type of network card. Use automatic configuration.
Page 91: Web Proxy
Web Proxy A secure proxy server may be used to cache and proxy requests to systems external to your network, such as an HTTP web proxy server. If you use a proxy server on your network, you must enter the proxy server address and a username and password to allow Anti-Virus, Anti-Spam, and Licensing services to retrieve updates.
Page 92: Static Routes
Static Routes Static routes are required if the mail servers to which mail must be relayed are located on another network, such as behind an internal firewall or accessed via a VPN. Select System Config -> Static Routes from the menu to define any static routes.
Page 93: Licensing
Licensing Your 3Com Email Firewall must be licensed before it can process mail. and enter a new license key if you are renewing or upgrading your current license. Select System Config -> Licensing from the menu to view and manage your license information.
Page 94: License Agreements
HAPTER YSTEM ONFIGURATION License Agreements Click the specified button to view the license agreements for the 3Com Email Firewall, the Anti-Virus software, and Third Party Open Source products. License Renewal or To renew or upgrade your license, you will need an annual subscription Upgrade renewal key or an additional user key.
Page 95 To install a commercial certificate: 1 Select System Config -> SSL Certificates from the menu to view and manage your certificates. 2 Create a new self-signed certificate by clicking the Generate a 'self-signed' certificate button. 3 Click Apply. You must then reboot to install the new certificate. 4 Click the Show installed certificate button to display the certificate and an accompanying certificate request.
Page 96: Software Updates
YSTEM ONFIGURATION Software Updates It is important to keep your 3Com Email Firewall software updated with the latest patches and upgrades. A key aspect of good security is responding quickly to new attacks and exposures by updating the system software when updates are available.
Page 97: Security Connection
Select System Mgmt -> Backup & Restore from the menu to perform a backup. Security Connection that polls 3Com’s support servers for new updates, security alerts, and other important information. When new information and updates are received, an email can be sent to the administrator.
Page 98 6: S HAPTER YSTEM ONFIGURATION...
Page 99: System Management
This chapter describes how to use the system management features of the 3Com Email Firewall, and includes the following topics: ■ ■ ■ ■ ■ ■ ■ Status and Utility Select System Mgmt -> Status and Utility from the menu to view a number of system statistics such as the total system uptime, load average, the amount of used swap and disk partition space, and NTP server status.
Page 100: Utility Functions
7: S HAPTER YSTEM ANAGEMENT Utility Functions network and diagnostic utilities. ■ ■ ■ ■ Utility Functions section allows you to control mail services and run Mail System Control — Use this button to Stop and Start all mail queues. Mail Receiving —...
Page 101 SMTP Probe The SMTP (Simple Mail Transport Protocol) Probe is used to test email connectivity with a remote SMTP server. This allows you to verify that a specific SMTP server is responding to connection requests and returning a valid response. In the SMTP Probe screen you must enter the destination SMTP server, the envelope header fields for the sender and recipient (MAIL FROM and RCPT TO), the HELO identifier, and the message data.
Page 102 This ensures that you have network connectivity to the destination server. If you do not receive a response, the destination host may not be available or it may indicate that your 3Com Email Firewall does not have network connectivity.
Page 103 Status and Utility Traceroute Utility Traceroute is used to see the routing steps between two hosts. If you are losing connectivity somewhere in between the two hosts, you can use traceroute to see where exactly the packet is losing its connection. The traceroute utility will show each network “hop”...
Page 104: Current Admin And Spam Quarantine Users
7: S HAPTER YSTEM ANAGEMENT Current Admin and Spam Quarantine Users logged in via the admin interface or through a Spam Quarantine session. Configuration The configuration information screen shows you important system Information information such as the current version of the system software, the time it was installed, and CPU and RAM information.
Page 105: Quarantine
Quarantine Quarantine Quarantine area contains messages that have been quarantined because of a virus, malformed message, illegal attachment, or other issue. Select System Mgmt -> Quarantine to view and manage the quarantine area. You can view the details of a message by clicking on its ID number or remove the message from quarantine by clicking the Remove button.
Page 106: Daily Tasks
7: S HAPTER YSTEM ANAGEMENT ■ ■ ■ ■ Click Update to enable the settings for new quarantined messages. Click Update and Expire Now to apply the settings to all messages in the quarantine area. Daily Tasks backups. The FTP backup and Email backup features must be configured separately in the System Mgmt ->...
Page 107: Backup And Restore
Backup and Restore The 3Com Email Firewall can backup all data, including the database, quarantined items, mail queues, mailboxes, uploaded user lists, SSL certificates, reports, and system configuration data. The restore feature can restore any of these items individually. The 3Com Email Firewall should be backed up before performing any type of software upgrade or update.
Page 108 7: S HAPTER YSTEM ANAGEMENT Confirm the listed options, and then click Create backup now to begin. The file ( FTP Options If you choose the FTP option you must specify the address of the destination FTP server, including a valid login and password. ■...
Page 109 Administrator Backup Email Options If you select the Email backup type, the configuration will be saved and sent via email attachment to the 3Com Email Firewall administrator. It is recommended that you save the email attachment to your local disk.
Page 110 7: S HAPTER YSTEM ANAGEMENT Confirm the listed options, and then click Create backup now to begin. Daily Alternately, you can click Create scheduled backup to go to the Tasks menu to create a recurring Email backup.
Page 111: Restores
Backup and Restore Restores To perform a system restore, select the type of restore to perform (Local Disk or FTP) and click the Next >> button. Restore from Local Disk To perform a restore from a file on a local disk, click the Browse button to find the backup file.
Page 112 7: S HAPTER YSTEM ANAGEMENT Restore from FTP To restore from FTP, enter the following required information to connect to your FTP server. ■ ■ ■ ■ ■ Click Next >> to continue. Confirm the contents of the uploaded file, and then click Restore now to perform the restore.
Page 113: Reboot And Shutdown
Reboot and The 3Com Email Firewall can be safely rebooted or shut down from the Shutdown System Mgmt -> Reboot and Shutdown screen. Before shutting down, remove any media from the floppy and CDROM drives. Click Reboot now to shutdown the system and reboot.
Page 114 7: S HAPTER YSTEM ANAGEMENT...
Page 115: Monitoring Activity And Status
■ ■ Monitoring Mail Select Activity from the main menu to view the 3Com Email Firewall’s Processing Activity Activity information on mail processing activity, such as the number of messages in the mail queue, the number of different types of messages received and sent, and current message activity.
Page 116: Chapter 8: Monitoring Activity And Status
8: M HAPTER ONITORING Mail Server Status The mail system status is shown in the top left window. Mail will either be running or stopped. Use the Stop or Start button to control mail processing. Mail Queue (Mail Q) The mail queue activity (Mail Q) section displays the number of Deferred indicator of how your mail is processing.
Page 117: Email Firewall Status
Email Firewall Status Email Firewall Status Select Status from the main menu to determine if all services and servers are functioning properly. For each service, a status icon will indicate if the service is running properly, if there is a warning, or the service is unable to connect.
Page 118: System Alarms
License — Displays your license information including the expiration date. If this information is incorrect or if you have installed a license and it does not display as active, please contact 3Com support. A warning icon indicates that your license will expire in a week.
Page 119: Report Problems
Report Problems Click the Report Problems button at the bottom of the send selected reports back to 3Com for analysis if you experiencing problems with your 3Com Email Firewall. Send to — This is the email address for 3Com support.
Page 120: Troubleshooting Mail Delivery Problems
DNS — If your DNS is not working or configured properly, mail will not be forwarded to your 3Com Email Firewall or you will not be able to lookup external mail sites. Check the DNS service itself to see if it is running and check your DNS records for any misconfiguration for your mail services.
Page 121: Examining Log Files
a period of time. You can view the relevant messages that may indicate why you cannot connect to that particular mail server. The server could be down, too busy, or not currently accepting connections. Examining Log Files Examine the system log files in the Reporting -> System Logs screen. The Mail Transport log is the most important as it provides a detailed description of each message that passes through the system.
Page 122 Firewall, try to ping hosts both on the internal and external networks. You should also try to ping the firewall, DNS server, and external router. Try to ping the 3Com Email Firewall from these locations to ensure you have connectivity.
Page 123: Troubleshooting Content Issues
Troubleshooting If the mail has been delivered to the 3Com Email Firewall successfully, it Content Issues will undergo security processing before delivery to its final destination. Many of the security tools used by the 3Com Email Firewall, such as Anti-Spam, Content Filtering, Anti-Virus scanning, Attachment Control,...
Page 124 8: M HAPTER ONITORING CTIVITY TATUS Click on a specific message to see the details of its processing and final disposition.
Page 125: System Messages
USTOMIZING Message variables can be used to customize the content of notification, annotation, and delivery messages. The 3Com Email Firewall will substitute your local settings for the variables at the time the message is sent. For example, in the following Mail Delivery ->...
Page 126 PPENDIX USTOMIZING YSTEM Variable %HOSTNAME% %POSTMASTER_MAIL _ADDR% %DELAY_WARN_TIME %MAX_QUEUE_TIME %S_YOU% or (%SENDER%) %R_YOU% or (%RECIPIENT%) %SPAM_FOLDER% %SPAM_EXPIRY% %SPAM_MESSAGES% The information for %DISPN% ESSAGES Value Hostname entered on the Network Settings screen Email address of the admin user In Delivery Settings - Time before Delay Warning In Delivery Settings -...
Page 127 If you have forgotten your admin password, it cannot be recovered and you will not be able to login to the 3Com Email Firewall. In this case, the system must be reset to factory default settings from the system console.
Page 128 B: R PPENDIX ESET TO ACTORY EFAULT ETTINGS FROM ONSOLE 8 You will need to reinstall and license the system using the Setup Wizard Installation Guide and License Wizard. See the for details on installing the 3Com Email Firewall.
Page 129: License Agreements
HIRD ARTY OPYRIGHT AND ICENSE GREEMENTS APACHE Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document.
Page 130 C: T PPENDIX HIRD ARTY OPYRIGHT AND ICENSE GREEMENTS "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work. 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form.
Page 131 9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability.
Page 132 C: T PPENDIX HIRD ARTY OPYRIGHT AND ICENSE GREEMENTS Distributed Checksum Clearinghouse Copyright (c) 2004 by Rhyolite Software Permission to use, copy, modify, and distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies. THE SOFTWARE IS PROVIDED "AS IS"...
Page 133 FreeBSD Copyright 1994-2004 The FreeBSD Project. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
Page 134 C: T PPENDIX HIRD ARTY OPYRIGHT AND ICENSE GREEMENTS Legal Terms =========== Definitions -------------- Throughout this license, the terms `package', `FreeType Project', and `FreeType archive' refer to the set of files originally distributed by the authors (David Turner, Robert Wilhelm, and Werner Lemberg) as the `FreeType Project', be they named as alpha, beta or final release.
Page 135 4. Contacts ----------- There are two mailing lists related to FreeType: * freetype@freetype.org Discusses general use and applications of FreeType, as well as future and wanted additions to the library and distribution. If you are looking for support, start in this list if you haven't found anything to help you in the documentation.
Page 136 C: T PPENDIX HIRD ARTY OPYRIGHT AND ICENSE GREEMENTS JPEG The authors make NO WARRANTY or representation, either express or implied, with respect to this software, its quality, accuracy, merchantability, or fitness for a particular purpose. This software is provided "AS IS", and you, its user, assume the entire risk as to its quality and accuracy.
Page 137 ModSSL Copyright (c) 1998-2004 Ralf S. Engelschall. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
Page 138 C: T PPENDIX HIRD ARTY OPYRIGHT AND ICENSE GREEMENTS Copyright (c) David L. Mills 1992-2004 Permission to use, copy, modify, and distribute this software and its documentation for any purpose and without fee is hereby granted, provided that the above copyright notice appears in all copies and that both the copyright notice and this permission notice appear in supporting documentation, and that the name University of Delaware not be used in advertising or publicity pertaining to distribution of the software without specific, written prior permission.
Page 139 OpenSSH The licences which components of this software fall under are as follows. First, we will summarize and say that all components are under a BSD licence, or a licence more free than that. OpenSSH contains no GPL code. 1) Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland All rights reserved As far as I am concerned, the code I have written for this software can be used freely for any purpose.
Page 140 PPENDIX HIRD ARTY OPYRIGHT AND 4) The Rijndael implementation by Vincent Rijmen, Antoon Bosselaers and Paulo Barreto is in the public domain and distributed with the following license: @version 3.0 (December 2000) Optimised ANSI C code for the Rijndael cipher (now AES) @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be>...
Page 141 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
Page 142 C: T PPENDIX HIRD ARTY OPYRIGHT AND ICENSE GREEMENTS Redistribution and use in source and binary forms of Linux-PAM, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain any existing copyright notice, and this entire permission notice in its entirety, including the disclaimer of warranties.
Page 143 Info-ZIP Copyright (c) 1990-2003 Info-ZIP. All rights reserved. For the purposes of this copyright and license, "Info-ZIP" is defined as the following set of individuals: Mark Adler, John Bush, Karl Davis, Harald Denker, Jean-Michel Dubois, Jean-loup Gailly, Hunter Goatley, Ian Gorman, Chris Herborth, Dirk Haase, Greg Hartwig, Robert Heath, Jonathan Hudson, Paul Kienitz, David Kirschbaum, Johnny Lee, Onno van der Linden, Igor Mandrichenko, Steve P.
Page 144 C: T PPENDIX HIRD ARTY OPYRIGHT AND ICENSE GREEMENTS...
Page 145 Attachment Control A feature that allows you to block attachments based on their extension or MIME type. Blind Carbon Copy. The copy of an email is sent to a specified address without the other recipient’s knowledge. Certificate An attachment to a message that verifies its origin. Certificate Authority A centralized organization that verifies and issues digital certificates.
Page 146 LOSSARY Internet Protocol. IP is a layer 3 network protocol that is the standard for sending data through a network. IP is part of the TCP/IP set of protocols that describe the routing of packets to addressed devices. IP address Internet Protocol address.
Page 147 Quarantine A protected area for storing messages that contain viruses or are considered spam. Messages can be deleted from the quarantine or released back into an email inbox. Realtime Blackhole List. A list of servers that are considered sources of known spam.
Page 148 LOSSARY Transport Layer Security. A protocol for encrypting and providing data integrity over the Internet. Traceroute A utility used to verify the routing path from one network host to another. Trusted Senders List A list of users who can bypass email security controls when mailing local users.
Page 149 Activity 115 Admin Account 86 lost password 127 Administrator Privileges 67, 87 Advanced Anti-Spam Options 69 Annotations Delivery Settings 24 Anti-Spam 47 Header 70 Server status 118 Anti-Virus 32 Server status 118 Archive log 77 Attachment Control 34, 123 Attachment Types 34 Authentication log 77 Auto Generate Report 73 Backup and Restore 107...
Page 150 Distributed Checksum Clearinghouse (DCC) 49 DNS 89, 103 DNS Server status 118 Domain 89 Double Bounce 26 Email backup 106, 109 Email History 79, 123 Encryption 41, 94 Specific Site Policy 43 Envelope-From 38 Envelope-To 38 ESMTP (Extended SMTP) 25 Examining Log Files 121 Factory default settings 113, 127 Flush Mail Queue 100, 122...
Page 151 Local Disk backup 107 Local users 86 Login failure 81 Lost admin password 127 Mail Access 37, 70 Mail Configuration 85 Mail Filtering 37, 70 Mail Mappings 26 Mail Queue Statistics 116 Mail Queues 104, 116 Mail Received Recently 116 Mail Routing 19 Mail Server Status 116 Mail Transport log 77, 121...
Page 152 BCC Action 60 Preferences 59 priority 58 Ping 102, 122 Quarantine 105 Queue ID 79 Queue Sizes 81 Raw Mail Body 57 RBL (Realtime Blackhole List) 69 Reboot and Shutdown 113 Relay 23 Report Configuration 72 Report Fields 74 Reporting 15, 71 Reporting History Size 82 Reset to Factory Settings 113, 127 Restore from FTP 112...
Page 153 Tokens 57 Training 54 Status 117 Status and Utility 99 Strip Received Headers 23 Swap usage 81 Syslog 78, 89 System History 80 System Logs 77 TCP extensions 90 Time Server status 118 Time Zone 84 TLS 41, 42 Token 57 Traceroute 103, 122 Troubleshooting Content Issues 123 Troubleshooting Mail Delivery Problems 120...
Page 154: Limited Warranty
(not transferable to a subsequent end user). FOR NON-US CUSTOMERS: Where a limited lifetime warranty is not permitted by local law, a 10 year warranty period shall be given by 3Com. The duration of this warranty shall be modified where necessary to meet any minimum warranty required by law.

3Com 3CR3MFA-92 User Manual

1 Om Email Firewall Overview

2 Configuring Mail Delivery

3 Configuring Mail Security

4 Anti -Spam Configuration

5 Reporting

6 System Configuration

7 System Management

8 Monitoring Activity and Status

Ustomizing Ystem Essages

Quick Links

Troubleshooting

Need help?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for 3Com 3CR3MFA-92

Summary of Contents for 3Com 3CR3MFA-92

Table of Contents