2.5 Migrating from Metadefender Email v3
Metadefender Email Security v4 is not backwards compatible with Metadefender Email v3.
As a consequence configuration and databases of Email v3 must be migrated manually to Email Securtiy v4.
Precautions
Metadefender Core compatibility
Metadefender Email v3 is bundled into Metadefender Core v3. Metadefender Email v3 is not compatible with Metadefender Core v4.
Metadefender Email Security v4 is a standalone product. Metadefender Email Security v4 is not compatible with Metadefender Core v3.
For Metadefender Email Security v4 requirements on Metadefender Core see 2.1.2 System requirements.
System requirements
For Metadefender Email Security v4 requirements on hardware, OS and other software, see 2.1.2 System requirements.
Standalone deployment
When Metadefender Email Security v4 is deployed in standalone mode (to a separate machine from Metadefender Core) then it is expected to require a less powerful hardware than a Metadefender Email v3 (and a combined Metadefender Core v3) deployment.
Combined Core & Email Security deployment
When Metadefender Email Security v4 is deployed in combined mode (to the same machine as Metadefender Core) then it is expected to require approximately the same hardware performance than a Metadefender Email v3 (and a combined Metadefender Core v3) deployment.
Migrating configuration
Configuration map
Metadefender Email v3 configuration topic |
v3 documentation |
Metadefender Email Security v4 configuration topic |
v4 documentation |
Configuring Incoming Threat Protection Configuring Outgoing Threat Protection |
Security rules |
||
|
|
Policy > Security rules / add/modify / RELAY / FORWARD PROCESSED EMAILS TO |
|
|
|
Policy > Security rules / add/modify / DIRECTION |
|
|
|
|
|
Configuring Recipient Verification |
Security rules |
||
C:\Program Files (x86)\OPSWAT\Metadefender Core <engine count>\Metadefender Mail Agent\
Metadefender.Email.Engine.Generic |
|
Policy > Security rules / add/modify / FILTER / RECIPIENT DOMAIN OR ADDRESS |
The recipient is verified according to the settings in the filter of the first matching rule. To reproduce the same results:
|
|
|
|
|
TLS support (Incoming/Outgoing emails) |
|
|
|
|
|
|
|
Cloud Deployment |
Cloud deployment configuration |
||
|
|
|
|
Onsite Microsoft Exchange Deployment |
Onsite Microsoft Exchange deployment |
||
|
|
|
|
Notification and Report |
|
|
|
Sources > Metadefender Email > Settings / E-Mail Settings For Notifications |
|
|
|
Error Email Notification |
N/A |
|
|
Infection Email Notification |
Policy > Security rules / add/modify / ACTIONS / NOTIFY RECIPIENTS IF EMAIL IS BLOCKED |
||
Quarantine Reports |
|
||
Quarantine > Configure Quarantine Reports / SMTP Configuration Settings |
|
|
|
Quarantine > Configure Quarantine Reports / Schedule Quarantine Reports |
|
Settings > Quarantine reports |
|
|
|
|
|
Configuration From Config File |
|
|
|
Metadefender .Common.dll.config |
|
|
|
InstallationFolder |
|
not configurable |
Removed as can cause unexpected results |
LogsFolder |
|
logfile |
Can be configured as part of the logfile path |
LogMaxSize |
|
not configurable |
|
LogFormat |
|
not configurable |
Depends on the logging method |
LogLevel |
|
loglevel / wineventlog_level |
|
RestClientTimeoutMs |
|
not configurable |
No internal REST communication |
Metadefender.Email.Engine.Exchange |
|
N/A |
|
Metadefender.Email.Engine.Generic .Agent.dll.config |
|
|
|
WorkExtension |
|
not configurable |
|
BadExtension |
|
not configurable |
|
AgentGuid |
Agent Guid. Should be unique. |
N/A |
|
AgentStatusCheckInterval |
Durations between agent status checks |
N/A |
|
Protocol |
Protocol to use when sending process requests. Possible values are REST |
not configurable |
Always REST |
StartRestServer |
Start the REST server |
not configurable |
Always started |
RestoreWorkItemsOnStartup |
Rename any items with a work extension (.work) to .eml on service startup |
N/A |
|
EmailProcessedHeaderName |
MIME Header name for emails processed by Mail Agent in order to avoid duplicates |
not configurable |
|
EmailRelayInProcessName |
Process name for emailrelay.exe application |
not configurable |
It is emailrelay |
EmailRelayOutProcessName |
Process name for emailrelayout.exe application |
N/A |
This is not existing in v4 |
EmailRelayInStart |
Start Email relay process on service startup. (To monitor for incoming SMTP traffic) |
not configurable |
Always true |
EmailRelayInPort |
10025 |
Settings > Global settings / Inbound SMTP settings / SMTP PORT |
Default is 10025 |
EmailRelayInParameters |
Parameters that are passed to email relay application --no-daemon --remote-clients --hidden --as-server --port 10025 --spool-dir \"<dir>\" |
N/A |
Automatically generated in v4. We don't provide support for any custom parameters. |
EmailRelayOutStart |
Start Email relay process on service startup. (To monitor outgoing email and forward via SMTP) |
N/A |
|
EmailRelayOutHosts |
List of Name (or IP adress) and port of server(s) to forward all email to. Multiple servers are separated with a comma (,) Note: Ensure that when the setting is updated the config file doesn't contain settings called 'EmailRelayOutServer' or 'EmailRelayOutPort' (delete them if they exist). |
N/A
|
|
EmailRelayOutParameters |
Parameters that are passed to email relay application |
N/A |
|
EmailRelayInDirection |
Determine the direction of emails. Possible values : 0 = Incoming (If sender's email domain exists in parameter EmailRelayInLocalDomains direction is outgoing, or else incoming) |
Policy > Security rules / add/modify / DIRECTION |
|
EmailRelayInLocalDomains |
List of local domains. Separate multiple domains with a semi colon (;). For example opswat.com;mycompany.com. Used to perform recipient verification (any recipient with a domain different than the specified domain(s) will be rejected at the SMTP protocol level). Also used when EmailRelayInDirection is set to 2 in order to determine direction. |
Policy > Security rules / add/modify / FILTER / RECIPIENT DOMAIN OR ADDRESS |
|
EmailRelayInQueueThreshold |
Maximum inbound email queue size (exceeding this value will generate an email alert) |
N/A |
|
EmailRelayOutQueueThreshold |
Maximum outbound email queue size (exceeding this value will generate an email alert) |
N/A |
|
EmailRelayOutRetryStart |
Start the retry monitor thread (for emails that failed submission) |
Auto |
|
EmailRelayOutRetryInterval |
Duration between submit retries (increasing with retry count) |
Settings > Global settings / Resend settings / RETRY INTERVAL |
|
EmailRelayOutRetryMaxInterval |
Maximum duration between retries. |
Settings > Global settings / Resend settings / RETRY INTERVAL |
|
EmailRelayOutRetryCount |
Maximum number of submit retries before email is moved to permanent failure |
Settings > Global settings / Resend settings / RETRY COUNT |
|
EmailRelayOutQueue |
Maximum number of .bad files in email queue (exceeding this value cause email alert to be generated) |
N/A |
|
EmailRelayOutPermanent |
Maximum number of items in permanent failure (exceeding this value cause email alert to be generated) |
N/A |
|
EmailRelayOutMaxConnections |
Maximum number of simultaneous SMTP connections when forwarding emails to remote server. |
not configurable |
As much as allowed by the server |
EmailRelayInRetryStart |
Start the retry monitor thread (for emails that failed processing) |
Auto |
|
EmailRelayInRetryInterval |
Minimum duration between process retries |
Settings > Global settings / Resend settings / RETRY INTERVAL |
|
EmailRelayInRetryCount |
Maximum number of process retries before email is moved to process failure |
Settings > Global settings / Resend settings / RETRY COUNT |
|
MaxMonitorProcessThreads |
Maximum number of emails processed simultaneously |
not configurable |
As much as can be taken by the system |
FastNoAttachment |
Avoid sending emails without attachments for processing (improved performance) |
not configurable |
|
LowPriorityMinSize |
Minimum size (in MB) for emails that will be processed on the low priority threads |
N/A |
|
HighPriorityMaxSize |
Maximum size (in MB) for emails that will be processed on the high priority threads |
N/A |
|
UseAdjustingThreads |
Specifies if monitoring threads for incoming emails should adjust thread count dynamically or have fixed count |
N/A |
|
AddressValidation |
Specifies if Mail Agent should perform address validation on the incoming emails to detect invalid address (e.g. root@smth, ..@stop, inv'/alid) |
N/A |
Always true |
EmailRelayInUseTls |
Enable TLS for incoming SMTP connections |
Settings > Global settings / Inbound SMTP settings / ENCRYPTION / STARTTLS optional |
|
EmailRelayInForceTls |
Force all incoming SMTP connections to use TLS (only used when EmailRelayInUseTls is true) |
Settings > Global settings / Inbound SMTP settings / ENCRYPTION / STARTTLS required |
|
EmailRelayOutUseTls |
Enable TLS for outgoing SMTP connections |
Inventory > Server profiles (SERVER PROFILE TYPE: SMTP) / add/modify / SERVER SPECIFICATIONS (smtps schemes) Inventory > Server profiles (SERVER PROFILE TYPE: SMTP) / add/modify / TRANSPORT LEVEL ENCRYPTION (smtp schemes) |
|
EmailRelayInTlsCertificate |
TLS certificate for incoming SMTP connections (only used when EmailRelayInUseTls is true) Example:-----BEGIN CERTIFICATE-----MIIFYDCCA0igAwIBAgIJALmTg...-----END CERTIFICATE-----
|
not configurable |
<install base>\data\cert.pem Example: C:\Program Files\OPSWAT\Metadefender Email Security\data\cert.pem |
EmailRelayInTlsKey |
TLS certificate private key for incoming SMTP connections (only used when EmailRelayInUseTls is true) Example: -----BEGIN PRIVATE KEY-----MIIJQgIBADANBgkqhkiG9w0BA....-----END PRIVATE KEY----- |
not configurable |
<install base>\data\key.pem Example: C:\Program Files\OPSWAT\Metadefender Email Security\data\key.pem |
EmailRelayOutClientCertificate |
Client certificate for outoing SMTP connections (used when a server requests a client certificate) Example: |
not configurable |
<install base>\data\cert.pem Example: C:\Program Files\OPSWAT\Metadefender Email Security\data\cert.pem |
Metadefender.Quarantine .Mail.dll.config |
|
|
|
StartRestServer |
Start the REST server (SmtpConfiguration) |
N/A |
|
SubmitCommandTimeout |
Timeout for SMTP commands |
N/A |
|
EmailSubmission |
TTL (Time To Live) for an SMTP submit request. If email has not been submitted within this timespan the request is lost |
N/A |
|
Metadefender.Engine .History.dll.config |
|
|
|
HistoryEntryExpireSpan |
Duration to keep history entries in the database |
Settings > Data retention / Email history clean up |
|
StartRestServer |
Start the REST server (History) |
N/A |
|
Metadefender.Email.Engine .Processor.dll.config |
|
|
|
StartRestServer |
Start the REST server (Processor) |
N/A |
|
ConvertTnefMessagesToSmtp |
Convert TNEF encoded emails to MIME format |
not configurable |
Always false |
MonitorMode |
Enables a monitoring mode of the Mail Agent. When set, no emails will be sanitized or quarantined (even when infected etc.) |
not configurable |
Always false |
AddXHeadersToOutgoingEmail |
Force Mail Agent to add x-headers (Custom Email Headers) to outgoing emails |
not configurable |
Always false 4.2.0 |
EmailProcessedHeaderName |
MIME Header name for emails processed by Mail Agent in order to avoid duplicates |
not configurable |
|
EmailAddCustomXHeaders |
Add custom x-headers to each email processed by Mail Agent. See Custom Email Headers for more information. |
not configurable |
No headers added |
EmailBlockedQuarantineMode |
Option to move blocked emails to MD Core quarantine or submit them via SMTP for quarantine by other service. Possible values are REST (MD Core Quarantine) or SMTP |
|
|
EmailSanitizedQuarantineMode |
Option to move original copy of sanitized emails to MD Core quarantine or submit them via SMTP for quarantine by other service. Possible values are REST (MD Core Quarantine) or SMTP |
|
|
EmailQuarantineHeaderName |
The name of the X-Header that will be added to emails when EmailBlockedQuarantineMode or EmailSanitizedQuarantineMode is set to SMTP. Header value will always be 'True' |
not configurable |
3.6.1 Quarantine emails on another mail server X-Metadefender-To-Quarantine |
DoSpfCheck |
Enables SPF (Sender Policy Framework) lookups in Mail Agent. Result is placed in a header. |
Settings > Global Settings / Sender Policy Framework lookup / PERFORM SPF LOOKUP ON EXTERNAL IP ADDRESSES |
|
SpfCheckHeaderName |
The name of the X-Header where to store the SPF lookup result |
not configurable |
X-Metadefender-Spf-Result |
SpfCheckReasonName |
The name of the X-Header where to store a reason for a failed/skipped SPF lookup |
not configurable |
X-Metadefender-Spf-Reason |
Metadefender .Scanner.dll.config |
|
|
|
MetascanMode |
Possible values are |
N/A |
|
MetascanScanTimeout |
Scanning timeout |
not configurable |
Always 00:05:00 |
MetascanScanQueueTimeout |
Metadefender Core In Queue timeout |
N/A |
|
MetascanScanProgressPauseMS |
Used in RESTv2 mode. Pause (in ms) between progress request calls |
not configurable |
Hard-coded in v4 (100ms) until UI options (?) are introduced. |
MaxMetadefenderCore |
If this limit is exceeded an alert will be sent saying that Metadefender Core is unresponsive and email delivery might be slower |
N/A |
|
MetadefenderUnavailableRetrySpan |
Minimum pause for retry after a Metadefender Core goes down (only applicable if multiple scanners are configured) |
Settings > Global settings / Resend settings / RETRY INTERVAL |
|
MetadefenderAvergeScanTimeSpan |
Span for for scan times when calculating average scan time (when using multiple MD Cores) |
N/A |
|
UrlPrioritzationMethod |
Metadefender Core Url prioritization method. Possible vaules: RoundRobin, Circular, ScanTime |
Inventory > Server profiles / add/modify (SERVER PROFILE TYPE: Metadefender Core) / SERVER PREFERENCE |
|
LogAllRequests |
Increased logging. When set to true it will log all GET requests for getting scan settings and email disclaimers |
N/A |
|
Metadefender .Quarantine.dll.config |
|
|
|
MaintenanceInterval |
Interval between checking folder actions & auto-deliver |
N/A |
|
RunAutoActionThread |
Start the thread checking folder actions & auto-deliver |
N/A |
|
CompressionMode |
Quarantine item compression mode. Possible values are None, Zip |
not configurable |
No compression |
MonitoringFolderId |
Predefined Quarantined folder id |
N/A |
|
QuarantineReportId |
Predefined Quarantine Report id |
N/A |
|
StartRestServer |
Start the REST server (Quarantine) |
N/A |
|
ReportUidExpireSpan |
Expiry time for entries used to record which quarantine items were inlucded in Quarantine Reports |
not configurable |
|
MaxQuarantineItemSize |
Maximum buffer size when accepting quarantine items via REST |
not configurable |
|
EmailAlertExpireSpan |
The minimum interval between unique email alerts (errors). This is used to prevent too many alerts being sent during continuous errors |
N/A |
|
Metadefender.Email.Engine .Service.exe.config |
|
|
|
LogName |
Log name |
N/A |
|
LogFilename |
Log file name |
N/A |
|
ComponentList |
List of component loaded by service at startup |
N/A |
|
RestBaseUrl |
REST server base URL |
N/A |
|
QuarantineBaseUrl |
Metadefender Core Quarantine server base URL |
N/A |
|
MetascanUrl |
Metadefender Core REST URL |
Settings > Globals settings / Metadefender Core settings |
|
MetascanApiKey |
Metascan API key (encrypted) |
N/A |
|
StatusCheckInterval |
Interval between component status checks (for error alerts) |
N/A |
|
UsePerformanceCounters |
Creates a performance counter category (Metadefender Generic Mail Agent) for monitoring and recording processing data |
N/A |
|
ScanEmailBody |
Specifies if Mail Agent should scan the body of the email |
not configurable |
Always scanned |
MaxRetries |
Maximum number of retries before quit trying to connect to Metadefender Core |
not configurable |
Not applicable in v4, All retries are handled by the regular workflow retry scheme. |
TimeBetweenRetries |
Number of milliseconds before attempting to connect to Metadefender Core |
not configurable |
Not applicable in v4, All retries are handled by the regular workflow retry scheme. |
UpdateUrlsOnStartup |
Specifies if the service should attempt to update config URLs at startup. |
not configurable |
Never updated |
MetadefenderCoreIsLocal |
Specifies if Metadefender Core is installed locally |
N/A |
|
ConnectionCheckOnStartup |
Specifies if Mail Agent should do a connection + valid license test on service startup. If enabled Mail Agent will not intercept emails before MD Core is responding. |
not configurable |
Never checked |
Metadefender.Quarantine .Service.exe.config |
|
|
|
MongoDbUrl |
Mongo DB URL |
N/A |
|
MongoDbUrlEncryptionMode |
MongoDb Url value encryption mode. Possible values are None, Encrypted |
N/A |
|
MongoDbName |
MongoDB database name |
N/A |
|
MongoDBStartupTimeout |
Timeout to wait for MongoDB to respond |
N/A |
|
LogName |
Log name |
N/A |
|
LogFilename |
Log file name |
N/A |
|
ComponentList |
List of component loaded by service at startup |
N/A |
|
RestBaseUrl |
REST server base URL |
N/A |
|
QuarantineBaseUrl |
Metadefender Core Quarantine server base URL |
N/A |
|
MetascanUrl |
Metadefender Core REST URL |
Settings > Globals settings / Metadefender Core settings |
|
MetascanApiKey |
Metadefender API key (encrypted) |
N/A |
|
WebBaseUrl |
Metadefender Web Site base URL |
N/A |
|
UpdateUrlsOnStartup |
Specifies if the service should attempt to update config URLs at startup |
N/A |
|
MetadefenderCoreIsLocal |
Specifies if Metadefender Core is installed locally |
N/A |
|
Metadefender.Engine .Statistics.dll.config |
|
N/A |
|
Metadefender.Engine .Events.dll.config |
|
N/A |
|
|
|
|
|
Custom Email Headers |
N/A |
4.2.0 |
|
|
|
|
|
Enable Sender Policy Framework (SPF) Lookup |
Settings > Global Settings / Sender Policy Framework lookup / PERFORM SPF LOOKUP ON EXTERNAL IP ADDRESSES
|
|
|
|
|
|
|
Log collection (collectLogs.exe) |
How to create support package |
||
|
|
|
|
Log options |
Framework log settings (registry) |
||
|
|
|
|
Multiple Metadefender Core Instances Configuration |
Inventory > Server profiles / add/modify (SERVER PROFILE TYPE: Metadefender Core) |
|
|
Email Processing Workflow (Metadefender Core) |
Security rules |
||
Sources > Metadefender Email > Workflows |
|
Policy > Security rules / add/modify / SCAN / APPLIED CORE RULE |
|
Configuration > Workflows |
|
(Core) Policy > Security rules |
|
|
|
|
|
Quarantine Email |
|
|
|
Sources > Metadefender Email > Settings / Quarantine any e-mails that are blocked |
|
Policy > Security rules / add/modify / ACTIONS / IF CONTENT IS BLOCKED / QUARANTINE ORIGINAL EMAIL |
|
Quarantine Email On Another Mail Server |
" HKEY_LOCAL_MACHINE\SOFTWARE\OPSWAT\Metadefender Email Security"!external_quarantine |
Migrating data
Currently there is no automation supporting migration from v3 to v4.
In case Metadefender Mail v3 data wanted to be migrated to Metadefender Email Security v4, OPSWAT customer support must be contacted.
The description in this section is given for information only .
Migration window
Migrating data from Metadefender Mail v3 to Metadefender Email Security v4 takes time.
During the time of the migration processing will be most probably down (otherwise the migration would potentially be a never ending procedure). For this reason the time window for migration must be planned with care in advance.
The length of the migration procedure depends on the amount of data to be migrated.
Waiting for workflows-in-progress to settle
It is advised to wait all emails in progress to finish processing (either to be completed, quarantined or fail permanently) so that the migration procedure can happen on a stable state of the system.
Potential data loss
Emails (and related information) in processing may be lost during the migration.
Migrated data
During the migration the following data will be migrated:
-
Email history
-
Emails in quarantine
-
Emails in permanent failure status