4.3. Settings

Runtime settings of Email Gateway Security can be configured under Settings > General.

Retry

When scanning or relaying the email fails (e.g. the internal processing component or the relay SMTP server is not available), Email Gateway Security will retry.

Under Settings > General / Retry the retry count and the interval between each attempt can be configured.

SMTP server

Email Gateway Security’s inbount SMTP server port and the SMTP server’s encryption can be configured under Settings > General / SMTP server.

Anti-spam

Perform SPF lookup on external IP addresses

Sender Policy Framework

Sender Policy Framework (SPF) is a mechanism defined by RFC 7208 which can help determine if incoming mails are sent from a host authorized by the domain's administrators. Usually a domain administrator will publish a TXT record in the Domain Name System (DNS) in order to specify a list of authorized hosts that can send emails from that domain. Enabling SPF is an anti-spam technique that will instruct MetaDefender Email Gateway Security to perform SPF checks on the "FROM" address(es) and add a header to the email with the SPF result.

For further details see Sender Policy Framework (SPF) for Authorizing Use of Domains in Email.

To configure whether to perform the SPF lookup on external IP addresses from which emails were submitted, or not, set Settings > General / SMTP server / Anti-spam / Perform SPF lookup on external IP addresses accordingly. For further details see 5.6. Anti-spam.

Verify DKIM Signatures

DomainKeys Identified Mail

DomainKeys Identified Mail (DKIM) is a mechanism defined by RFC6376. It is an email authentication method designed to detect forged sender addresses in emails (email spoofing), a technique often used in phishing and email spam.

To configure whether to verify DKIM signatures for processed emails, awr Settings > General / SMTP server / Anti-spam / Perform SPF lookup on external IP addresses accordingly. For further details see 5.6. Anti-spam.

images/download/attachments/4658217/image-20200318-155126.png

License

Automatically assign license to users

Email Gateway Security is capable to automatically discover users and count them for licensing using machine learning techniques. To enable automatic user discovery turn Settings > General / Licensing / Automatically assign license to users on.

Only license users from Active Directory

Email Gateway Security can have a tight integration with Active Directory (or other LDAP based directory services). Enabling Settings > General / Licensing / Only license users from Active Directory will make the product to refuse all recipients (for inbound rules) and senders (for outbound rules) that do not exist in the Active Directory.

Licensing non-existing users

Licensing users from Active Directory only can eliminate the risk that non-existing users will be counted for license.

For further details see 1. Licensing and 4.6. Server profiles.

Syncronize licensed users with Active Directory

Enabling this setting will sync licensed users with users in Active Directory. If certain users have been removed from the Active Directory then those users get unlicensed in Email Gateway Security, too.

Sync time

Synchronization runs once every day at midday according to the server time.

On-demand synchronization to Active Directory is also available. For details see 5.8. User based licensing.

Configuration

Deployment mode

Deployment mode options are used to evaluate/test MetaDefender Email Gateway Security without necessarily affecting your existing email traffic. The following deployment modes are available:

Diagram

Notes

Protection mode

images/download/attachments/4658217/image-20200311-124719_%281%29.png

Use this mode when you deploy MetaDefender Email Gateway Security in a production environment. This mode will protect your emails from malicious and untrusted content.

Out-of-band monitoring mode

images/download/attachments/4658217/image-20200313-074014.png

Use this mode ONLY when you want to evaluate MetaDefender Email Gateway Security in an out-of-band scenario. This mode will NOT deliver any processed email. It requires you to send copies of emails to MetaDefender Email Gateway Security for processing.

Inline monitoring mode

images/download/attachments/4658217/image-20200313-074049.png

Use this mode ONLY when you want to evaluate MetaDefender Email Gateway Security without making modifications to processed emails. This mode will NOT protect your emails from malicious or untrusted content.

Server name

Settings > General / Configuration / Server name is the IP or DNS address that will be used in URLs generated by Email Gateway Security (e.g. notifications, reports) to identify this server.

Empty value

When this field is left empty there won't be any links in the notification and reports to this instance.

Publicly visible value

When setting this property please be aware that this address may be sent for recipients outside of your company (e.g. in a notification about password protected document).

images/download/attachments/4658217/image-20200318-155151.png