Configuration From Config File
The Metadefender Mail Agent includes a set of configuration files that can be used to customize the application behavior and not most of the configurations are not available on management console.
Metadefender.Common.dll.config
Change will be applied within 30 seconds without restarting mail agent service.
Name |
Description |
Default Value |
InstallationFolder |
Installation folder |
Run-time location of Metascan.Common.dll file |
LogsFolder |
Logs folder |
[Installation folder]\Logs |
LogMaxSize |
Possible values are, for example 100MB, or 4DAYS. |
7DAYS |
LogFormat |
Possible values are Text or Xml |
Text |
LogLevel |
Possible values are Debug, Info, Warn, Error, Fatal |
Debug |
RestClientTimeoutMs |
Default timeout in milliseconds until a REST call times out |
60000 |
Metadefender.Email.Engine.Exchange[2007/2010/2013].Agent.dll.config
Any change on this config file requires restarting Microsoft Exchange Transport service.
Name |
Description |
Default Value |
LogName |
Log name |
Metascan.Email.Engine.Exchange[2003/2007/2010/2013].Agent |
LogFilename |
Log file name |
Metascan.Email.Engine.Exchange[2003/2007/2010/2013].Agent.log |
PickupPath |
Exchange Server Replay Path |
Added at install time |
AgentGuid |
Agent Guid. Should be unique. |
Added at install time |
AgentStatusCheckInterval |
Durations between agent status checks |
00:00:20 |
Protocol |
Protocol to use when sending process requests. Possible values are: REST |
REST |
RestBaseUrl |
REST base url (Should point to Mail Agent, not MD Core) |
http://localhost:8000/ |
UseQueueFile |
Use a temp queue file when submitting email instead of streaming content via protocol |
True |
Metadefender.Email.Engine.Generic.Agent.dll.config
Change will be applied within 30 seconds without restarting mail agent service.
Name |
Description |
Default Value |
WorkExtension |
File extension to use when processing an email. |
.work |
BadExtension |
File extension to use for a file that cannot be parsed or processed |
.bad |
AgentGuid |
Agent Guid. Should be unique. |
Added at install time |
AgentStatusCheckInterval |
Durations between agent status checks |
00:00:20 |
Protocol |
Protocol to use when sending process requests. Possible values are REST |
REST |
StartRestServer |
Start the REST server |
True |
RestoreWorkItemsOnStartup |
Rename any items with a work extension (.work) to .eml on service startup |
True |
EmailProcessedHeaderName |
MIME Header name for emails processed by Mail Agent in order to avoid duplicates |
X-Metadefender-EmailSecurity-Id |
EmailRelayInProcessName |
Process name for emailrelay.exe application |
emailrelay |
EmailRelayOutProcessName |
Process name for emailrelayout.exe application |
emailrelayout |
EmailRelayInStart |
Start Email relay process on service startup. (To monitor for incoming SMTP traffic) |
True |
EmailRelayInPort |
Port to monitor by email relay |
10025 |
EmailRelayInParameters |
Parameters that are passed to email relay application |
--no-daemon --remote-clients --hidden --as-server --port 10025 --spool-dir \"<dir>\" |
EmailRelayOutStart |
Start Email relay process on service startup. (To monitor outgoing email and forward via SMTP) |
True |
EmailRelayOutHosts |
List of Name (or IP adress) and port of server(s) to forward all email to. Multiple servers are separated with a comma (,) Note: Ensure that when the setting is updated the config file doesn't contain settings called 'EmailRelayOutServer' or 'EmailRelayOutPort' (delete them if they exist). |
localhost:25
|
EmailRelayOutParameters |
Parameters that are passed to email relay application |
--no-daemon --hidden --no-smtp --poll 1 --forward-to localhost:25 --spool-dir \"<dir>\" |
EmailRelayInDirection |
Determine the direction of emails. Possible values : 0 = Incoming (If sender's email domain exists in parameter EmailRelayInLocalDomains direction is outgoing, or else incoming) |
0 |
EmailRelayInLocalDomains |
List of local domains. Separate multiple domains with a semi colon (;). For example opswat.com;mycompany.com. Used to perform recipient verification (any recipient with a domain different than the specified domain(s) will be rejected at the SMTP protocol level). Also used when EmailRelayInDirection is set to 2 in order to determine direction. |
* (by default all domains are accepted) |
EmailRelayInQueueThreshold |
Maximum inbound email queue size (exceeding this value will generate an email alert) |
100 |
EmailRelayOutQueueThreshold |
Maximum outbound email queue size (exceeding this value will generate an email alert) |
100 |
EmailRelayOutRetryStart |
Start the retry monitor thread (for emails that failed submission) |
True |
EmailRelayOutRetryInterval |
Duration between submit retries (increasing with retry count). |
00:00:30 |
EmailRelayOutRetryMaxInterval |
Maximum duration between retries. |
00:10:00 |
EmailRelayOutRetryCount |
Maximum number of submit retries before email is moved to permanent failure |
60 |
EmailRelayOutQueue |
Maximum number of .bad files in email queue (exceeding this value cause email alert to be generated) |
10 |
EmailRelayOutPermanent |
Maximum number of items in permanent failure (exceeding this value cause email alert to be generated) |
1 |
EmailRelayOutMaxConnections |
Maximum number of simultaneous SMTP connections when forwarding emails to remote server. |
OS dependant |
EmailRelayInRetryStart |
Start the retry monitor thread (for emails that failed processing) |
True |
EmailRelayInRetryInterval |
Minimum duration between process retries |
00:01:00 (1 minute) |
EmailRelayInRetryCount |
Maximum number of process retries before email is moved to process failure |
10 |
MaxMonitorProcessThreads |
Maximum number of emails processed simultaneously |
Dynamically calculated |
FastNoAttachment |
Avoid sending emails without attachments for processing (improved performance) |
True |
LowPriorityMinSize |
Minimum size (in MB) for emails that will be processed on the low priority threads |
1.5 |
HighPriorityMaxSize |
Maximum size (in MB) for emails that will be processed on the high priority threads |
0.1 |
UseAdjustingThreads |
Specifies if monitoring threads for incoming emails should adjust thread count dynamically or have fixed count |
yes |
AddressValidation |
Specifies if Mail Agent should perform address validation on the incoming emails to detect invalid address (e.g. root@smth, ..@stop, inv'/alid) |
true |
EmailRelayInUseTls |
Enable TLS for incoming SMTP connections |
false |
EmailRelayInForceTls |
Force all incoming SMTP connections to use TLS (only used when EmailRelayInUseTls is true) |
false |
EmailRelayOutUseTls |
Enable TLS for outgoing SMTP connections |
false |
EmailRelayInTlsCertificate |
TLS certificate for incoming SMTP connections (only used when EmailRelayInUseTls is true) Example:-----BEGIN CERTIFICATE-----MIIFYDCCA0igAwIBAgIJALmTg...-----END CERTIFICATE-----
|
null |
EmailRelayInTlsKey |
TLS certificate private key for incoming SMTP connections (only used when EmailRelayInUseTls is true) Example: -----BEGIN PRIVATE KEY-----MIIJQgIBADANBgkqhkiG9w0BA....-----END PRIVATE KEY----- |
null |
EmailRelayOutClientCertificate |
Client certificate for outoing SMTP connections (used when a server requests a client certificate) Example: |
null |
Metadefender.Quarantine.Mail.dll.config
Name |
Description |
Default Value |
StartRestServer |
Start the REST server (SmtpConfiguration) |
True |
SubmitCommandTimeout |
Timeout for SMTP commands |
00:01:00 (1 minute) |
EmailSubmission |
TTL (Time To Live) for an SMTP submit request. If email has not been submitted within this timespan the request is lost |
01:00:00 (1 hour) |
Metadefender.Engine.History.dll.config
Any change on this config file requires restarting Mail agent service.
Name |
Description |
Default Value |
HistoryEntryExpireSpan |
Duration to keep history entries in the database |
91:00:00 (91 days) |
StartRestServer |
Start the REST server (History) |
True |
Metadefender.Email.Engine.Processor.dll.config
Any change on this config file requires restarting Mail agent service.
Name |
Description |
Default Value |
StartRestServer |
Start the REST server (Processor) |
True |
ConvertTnefMessagesToSmtp |
Convert TNEF encoded emails to MIME format |
False |
MonitorMode |
Enables a monitoring mode of the Mail Agent. When set, no emails will be sanitized or quarantined (even when infected etc.) |
False |
AddXHeadersToOutgoingEmail |
Force Mail Agent to add x-headers (Custom Email Headers) to outgoing emails |
False |
EmailProcessedHeaderName |
MIME Header name for emails processed by Mail Agent in order to avoid duplicates |
X-Metadefender-EmailSecurity-Id |
EmailAddCustomXHeaders |
Add custom x-headers to each email processed by Mail Agent. See Custom Email Headers for more information. |
|
EmailBlockedQuarantineMode |
Option to move blocked emails to MD Core quarantine or submit them via SMTP for quarantine by other service. Possible values are REST (MD Core Quarantine) or SMTP |
REST |
EmailSanitizedQuarantineMode |
Option to move original copy of sanitized emails to MD Core quarantine or submit them via SMTP for quarantine by other service. Possible values are REST (MD Core Quarantine) or SMTP |
REST |
EmailQuarantineHeaderName |
The name of the X-Header that will be added to emails when EmailBlockedQuarantineMode or EmailSanitizedQuarantineMode is set to SMTP. Header value will always be 'True' |
X-Metadefender-To-Quarantine |
DoSpfCheck |
Enables SPF (Sender Policy Framework) lookups in Mail Agent. Result is placed in a header. |
False |
SpfCheckHeaderName |
The name of the X-Header where to store the SPF lookup result |
X-Metadefender-Spf-Result |
SpfCheckReasonName |
The name of the X-Header where to store a reason for a failed/skipped SPF lookup |
X-Metadefender-Spf-Reason |
Metadefender.Scanner.dll.config
Change will be applied within 30 seconds without restarting mail agent service.
Name |
Description |
Default Value |
MetascanMode |
Possible values are |
RESTv2 |
MetascanScanTimeout |
Scanning timeout |
00:05:00 |
MetascanScanQueueTimeout |
Metadefender Core In Queue timeout |
00:05:00 |
MetascanScanProgressPauseMS |
Used in RESTv2 mode. Pause (in ms) between progress request calls |
100 |
MaxMetadefenderCore |
If this limit is exceeded an alert will be sent saying that Metadefender Core is unresponsive and email delivery might be slower |
250 |
MetadefenderUnavailableRetrySpan |
Minimum pause for retry after a Metadefender Core goes down (only applicable if multiple scanners are configured) |
00:01:00 |
MetadefenderAvergeScanTimeSpan |
Span for for scan times when calculating average scan time (when using multiple MD Cores) |
00:01:00 |
UrlPrioritzationMethod |
Metadefender Core Url prioritization method. Possible vaules: RoundRobin, Circular, ScanTime |
RoundRobin |
LogAllRequests |
Increased logging. When set to true it will log all GET requests for getting scan settings and email disclaimers |
false |
Metadefender.Quarantine.dll.config
Any change on this config file requires restarting Mail agent service.
Name |
Description |
Default Value |
MaintenanceInterval |
Interval between checking folder actions & auto-deliver |
00:00:30 |
RunAutoActionThread |
Start the thread checking folder actions & auto-deliver |
True |
CompressionMode |
Quarantine item compression mode. Possible values are None, Zip |
Zip |
MonitoringFolderId |
Predefined Quarantined folder id |
|
QuarantineReportId |
Predefined Quarantine Report id |
|
StartRestServer |
Start the REST server (Quarantine) |
True |
ReportUidExpireSpan |
Expiry time for entries used to record which quarantine items were inlucded in Quarantine Reports |
1095:00:00 |
MaxQuarantineItemSize |
Maximum buffer size when accepting quarantine items via REST |
long max value |
EmailAlertExpireSpan |
The minimum interval between unique email alerts (errors). This is used to prevent too many alerts being sent during continuous errors |
01:00:00 |
Metadefender.Email.Engine.Service.exe.config
Any change on this config file requires restarting Mail agent service.
Name |
Description |
Default Value |
LogName |
Log name |
Metascan.Email.Engine.Service |
LogFilename |
Log file name |
Metascan.Email.Engine.Service.log |
ComponentList |
List of component loaded by service at startup |
|
RestBaseUrl |
REST server base URL |
http://<computer_name>:8000 |
QuarantineBaseUrl |
Metadefender Core Quarantine server base URL |
http://<computer_name>:8000 |
MetascanUrl |
Metadefender Core REST URL |
http://<core_url>:8008/metascan_rest |
MetascanApiKey |
Metascan API key (encrypted) |
|
StatusCheckInterval |
Interval between component status checks (for error alerts) |
00:00:30 |
UsePerformanceCounters |
Creates a performance counter category (Metadefender Generic Mail Agent) for monitoring and recording processing data |
False |
ScanEmailBody |
Specifies if Mail Agent should scan the body of the email |
True |
MaxRetries |
Maximum number of retries before quit trying to connect to Metadefender Core |
10000 |
TimeBetweenRetries |
Number of milliseconds before attempting to connect to Metadefender Core |
6000 |
UpdateUrlsOnStartup |
Specifies if the service should attempt to update config URLs at startup. |
True |
MetadefenderCoreIsLocal |
Specifies if Metadefender Core is installed locally |
True when installed with Metadefender Core False when installed remotely |
ConnectionCheckOnStartup |
Specifies if Mail Agent should do a connection + valid license test on service startup. If enabled Mail Agent will not intercept emails before MD Core is responding. |
False |
Metadefender.Quarantine.Service.exe.config
Any change on this config file requires restarting Mail agent service.
Name |
Description |
Default Value |
MongoDbUrl |
Mongo DB URL |
mongodb://localhost:27018 |
MongoDbUrlEncryptionMode |
MongoDb Url value encryption mode. Possible values are None, Encrypted |
None |
MongoDbName |
MongoDB database name |
MetadefenderQuarantine |
MongoDBStartupTimeout |
Timeout to wait for MongoDB to respond |
00:00:30 |
LogName |
Log name |
Metascan.Email.Engine.Quarantine.Service |
LogFilename |
Log file name |
Default is Metascan.Email.Engine.Quarantine.Service.log |
ComponentList |
List of component loaded by service at startup |
|
RestBaseUrl |
REST server base URL |
http://<computer_name>:8000 |
QuarantineBaseUrl |
Metadefender Core Quarantine server base URL |
http://<computer_name>:8000 |
MetascanUrl |
Metadefender Core REST URL |
http://<core_url>:8008/metascan_rest |
MetascanApiKey |
Metadefender API key (encrypted) |
|
WebBaseUrl |
Metadefender Web Site base URL |
http://<core_url>:8008//management/# |
MongoDBStartupTimeout |
Time to wait for MongoDB database to start |
00:00:30 |
UpdateUrlsOnStartup |
Specifies if the service should attempt to update config URLs at startup |
True |
MetadefenderCoreIsLocal |
Specifies if Metadefender Core is installed locally |
True when installed with Metadefender Core False when installed remotely |
Metadefender.Engine.Statistics.dll.config
Any change on this config file requires restarting Mail agent service.
Name |
Description |
Default Value |
StartRestServer |
Start the REST server (Statistics) |
True |
StatisticsEntryExpireSpan |
Duration to keep statistics entries in the database |
31:00:00 |
StatisticsEntryInterval |
Interval used when storing statistics. Possible values are Minute, TenMinute, Hour, Day |
Minute |
Metadefender.Engine.Events.dll.config
Any change on this config file requires restarting Mail agent service.
Name |
Description |
Default Value |
EventEntryExpireSpan |
Duration to keep system event entries in the database |
91:00:00 (91 days) |
StartRestServer |
Start the REST server (Events) |
True |
XML schema for config file
Below is a sample configuration file.
<?
xml
version
=
"1.0"
?>
<
configuration
>
<
applicationSettings
>
<[namespace]>
<
setting
name
=
"[name]"
serializeAs
=
"String"
>
<
value
>[value]</
value
>
</
setting
>
</[namespace]>
</
applicationSettings
>
</
configuration
>
Attribute |
Description |
namespace |
For display reasons only. For example: Metadefender.Common |
name |
Setting name. Example: InstallationFolder |
value |
Setting value. Example: c:\MyInstallFolder |