3.1.2 Windows Registry configuration

Some configuration options of the server are available in Windows Registry.

After modifying the server configuration entries in the Windows Registry, you must restart the Metadefender Email Gateway Security service in order for the changes to take effect.

Default logging target is Windows Event Log with default level of info (see below).

HKEY_LOCAL_MACHINE\SOFTWARE\OPSWAT\Metadefender Email Security

Parameter

Default value

Type

Required

Description

ExchangeMode

N/A

N/A

N/A

Do not change this value manually!

This value is set when Email Gateway Security is installed in Exchange plugin mode (for details see 3.10 Onsite Microsoft Exchange deployment).

external_quarantine_block

 

dword

optional

Enable quarantining the original copy of blocked emails on an other mail server. For details see 3.6.1 Quarantine emails on another mail server.

If the parameter does not exist or if it is 0, then the internal quarantine will be used in case of blocked emails.

external_quarantine_sanitize

 

dword

optional

Enable quarantining the original copy of sanitized emails on an other mail server. For details see 3.6.1 Quarantine emails on another mail server.

If the parameter does not exist or if it is 0, then the internal quarantine will be used in case of sanitized emails.

sender_helo_domain

 

string

optional

The fully qualified domain name (FQDN) that Email Gateway Security will send in HELO/EHLO commands to relay SMTP servers. Besides this FQDN the external IP address of Email Security will also be sent. For details see section Opening and closing in RFC 821.

If the parameter does not exist or if it is empty then the computer name of Email Gateway Security is sent in HELO/EHLO.

images/inline/7917a9526462fbe7e8765f6189d0546e3ecb3901.png

receiver_helo_domain

 

string

optional

The fully qualified domain name (FQDN) that Email Gateway Security will send in HELO/EHLO commands to SMTP clients. For details see section Opening and closing in RFC 821.

If the parameter does not exist or if it is empty then the computer name of Email Gateway Security is sent in the response to a HELO/EHLO. images/inline/6a75234b69eddc8b14c24682f7f74b0333e0ee03.png

exchange_exclude_probe_emails

 

dword

optional

Microsoft Exchange Server sends probe email messages to monitor the health status of the email processing components. This probe messages can, however, fill Audit > Email History.

Setting this parameter to 0 will enable listing Exchange probe messages in Audit > Email History.

If the parameter does not exist or if it is 1, then Exchange probe messages are not listed in Audit > Email History.

No service restart is needed

There is no need to restart any services for this setting to take effect, because the transport agent reads and applies this registry setting for each email.

processing_threshold

 

dword

optional

This parameter limits the number of emails with "Processing" status at the same time. If this parameter is not present then this number is 150 by default. Setting this value lower can reduce the processing load on both Email Gateway Security and Core.

If the parameter is 0 then the throttling is disabled.

scheduled_db_optimization_time

03:00

string

optional

If this parameter is set, then Email Gateway Security performs a database optimization at the time configured.

Set by default

This value is set to 03:00 (3:00AM each day) by the installation.

The value syntax is:

Value syntax
<hh>:<mm>

Configured to the following value, Email Gateway Security performs the optimization at 3:00AM each day:

Value example
03:00

If not set (or can not be interpreted as a time value) then no optimization is performed.

HKEY_LOCAL_MACHINE\SOFTWARE\OPSWAT\Metadefender Email Security\global

Parameter

Default value

Type

Required

Description

restaddress

0.0.0.0

string

required

One of the IP addresses of the computer that runs the product to serve REST API and web user interface (0.0.0.0 means all interface)

restport

8058

string

required

Designated port number for the web and REST interface

HKEY_LOCAL_MACHINE\SOFTWARE\OPSWAT\Metadefender Email Security\logger

Parameter

Default value

Type

Required

Description

logfile

 

string

optional

Location of a log file to write log messages to.

If the parameter does not exist, then no logs are written to any logfile.

Empty string is not allowed as a value.

loglevel

 

string

optional

Level of logging. Supported values are: debug, info, warning, error.

wineventlog_level

info

string

optional

Level of logging. Supported values are: debug, info, warning, error.

If the parameter does not exist, then no logs are written to the Windows Logs.

syslog

 

string

optional

Value can only be in form of udp://<hostname>:<port>.

If the parameter does not exist, then no logs are written to syslog.

(Multiple server can be specified separated with comma)

syslog_level

 

string

optional

Level of logging. Supported values are: debug, info, warning, error.

override

 

string

optional

Override specific log ids to display them on another level e.g.: "1723:error,663:info". Note: when displaying these log ids their original level will remain the same.

Empty string is allowed as a value.

cef

false

string

optional

If true, the log format is Common Event Format.

local_timezone

false

string

optional

If true, the times sent in syslog messages will be in the server's local timezone. This does not effect entries in the log file/Windows event log.

When syslog is used with cef and local_timezone enabled the timezone name can vary based on the underlying system and it's settings.

Examples

  • Syslog

    • UTC: 2018-09-19T13:07:36Z

    • Local: 2018-09-19T15:07:36+02:00

  • Syslog with CEF

    • UTC: Sep 19 13:12:47 UTC

    • Local 1: Sep 19 15:12:47 CEST

    • Local 2: Sep 19 15:12:47 Central Europe Daylight Time

nginx_logfile

[installdir]\nginx\nginx.log

string

optional

File name and path to store the NGINX logs. (Rotation of this log has not yet been solved on Windows systems)

You must set both of syslog and syslog_level or none of them, and you must set both of logfile and loglevel or none of them.