3Com Corporation and its licensors reserve the right to revise this documentation and to make changes in
content from time to time without obligation on the part of 3Com Corporation or its licensors to provide
notification of such revision or change.
3Com Corporation and its licensors provide this documentation without warranty, term, or condition of any
kind, either implied or expressed, including, but not limited to, the implied warranties, terms or conditions of
merchantability, satisfactory quality, and fitness for a particular purpose. 3Com Corporation and its licensors
may make improvements or changes in the product(s) and/or the program(s) described in this documentation
at any time.
If there is any software on removable media described in this documentation, it is furnished under a license
agreement included with the product as a separate document, in the hard copy documentation, or on the
removable media in a directory file named LICENSE.TXT or !LICENSE.TXT. If you are unable to locate a copy,
please contact 3Com and a copy will be provided to you.
UNITED STATES GOVERNMENT LEGEND
If you are a United States government agency, then this documentation and the software described herein are
provided to you subject to the following:
All technical data and computer software are commercial in nature and developed solely at private expense.
Software is delivered as “Commercial Computer Software” as defined in DFARS 252.227-7014 (June 1995) or
as a “commercial item” as defined in FAR
provided in 3Com’s standard commercial license for the Software. Technical data is provided with limited
rights only as provided in DFAR 252.227-7015 (Nov
applicable. You agree not to remove or deface any portion of any legend provided on any licensed program or
documentation contained in, or delivered to you in conjunction with, this User Guide.
Unless otherwise indicated, 3Com registered trademarks are registered in the United States and may or may not
be registered in other countries.
3Com, the 3Com logo are registered trademarks of 3Com Corporation.
BorderWare, the Powered by BorderWare Logo, and BorderWare Security Network are trademarks or
registered trademarks of BorderWare Technologies Inc. in the United States and other jurisdictions.
Microsoft and Windows are registered trademarks of Microsoft Corporation.
All other company and product names may be trademarks of the respective companies with which they are
associated.
ENVIRONMENTAL STATEMENT
It is the policy of 3Com Corporation to be environmentally-friendly in all operations. To uphold our policy, we
are committed to:
Establishing environmental performance standards that comply with national legislation and regulations.
Conserving energy, materials and natural resources in all operations.
Reducing the waste generated by all operations. Ensuring that all waste conforms to recognized
environmental standards. Maximizing the recyclable and reusable content of all products.
Ensuring that all products can be recycled, reused and disposed of safely.
Ensuring that all products are labelled according to recognized environmental standards.
Improving our environmental record on a continual basis.
End of Life Statement
3Com processes allow for the recovery, reclamation and safe disposal of all end-of-life electronic components.
Regulated Materials Statement
3Com products do not contain any hazardous or ozone-depleting material.
Environmental Statement about the Documentation
The documentation for this product is printed on paper that comes from sustainable, managed forests; it is
fully biodegradable and recyclable, and is completely chlorine-free. The varnish is environmentally-friendly, and
the inks are vegetable-based with a low heavy-metal content.
ENCRYPTION
This product contains encryption and may require U.S. and/or local government authorization prior to export
or import to another country.
2.101(a) and as such is provided with only such rights as are
1995) or FAR 52.227-14 (June 1987), whichever is
CONTENTS
ABOUT THIS GUIDE
Conventions 10
Related Documentation 11
Documentation Comments 11
Delivery Settings 23
Gateway Features 23
Default Mail Relay 23
BCC All Mail 24
Annotations 24
Advanced Delivery Settings 25
Mail Mappings 26
Uploading Mapping List 27
Virtual Mappings 28
Uploading Virtual Mapping List 29
3CONFIGURING MAIL SECURITY
Anti-Virus 31
Notifications 33
Pattern Files 33
Attachment Control 34
Notifications 35
Editing Attachment Types 36
Mail Access/Filtering 37
Specific Access Patterns 38
Pattern Based Message Filtering 39
Message Restrictions 39
SMTP Authenticated Relay 40
SMTP Banner 40
SMTP Security 41
Incoming Mail 42
Mail Delivery 42
Malformed Email 44
4ANTI-SPAM CONFIGURATION
Anti-Spam Features 47
DCC 49
STA 50
Spam Action 52
Maybe Spam Action 52
Diagnostics 53
STA Training 54
Pattern Based Message Filtering 54
Message Part 55
Match Option 58
Pattern 58
Priority 58
Action 58
Upload or Download File 59
PBMF Preferences 59
59
Objectionable Content Filtering 61
Actions 61
Notifications 62
Upload and Download Filter List 62
Trusted Senders List 62
Adding Trusted Senders 63
Spam Quarantine 64
Spam Quarantine Configuration 64
User Notification 65
Set Redirect Action for Anti-Spam Features 65
Enabling User Access on a Network Interface 66
Examining the Quarantine 66
Quarantine and Trusted Senders List Users 67
Upload and Download User Lists 68
Enabling User Access on a Network Interface 68
Configuration Information 104
Mail Queues 104
Quarantine 105
Expiry Settings 105
Daily Tasks 106
Backup and Restore 107
Starting a Backup 107
Restores 111
Reboot and Shutdown 113
Reset to Factory Settings 113
8MONITORING ACTIVITY AND STATUS
Monitoring Mail Processing Activity 115
Mail Server Status 116
Mail Queue (Mail Q) 116
Mail Queue Statistics 116
Mail Received Recently 116
Troubleshooting Mail Queue Problems 116
Email Firewall Status 117
System Alarms 118
Licensing 118
BorderWare Mail Security Services 118
Network Settings 118
Report Problems 119
Troubleshooting Mail Delivery Problems 120
Examining Log Files 121
Troubleshooting Content Issues 123
Email History 123
ACUSTOMIZING SYSTEM MESSAGES
BRESETTO FACTORY DEFAULT SETTINGSFROM CONSOLE
CTHIRD PARTY COPYRIGHTAND LICENSE AGREEMENTS
GLOSSARY
ABOUT THIS GUIDE
The instructions in this guide are designed to help you with configuration
and system administration tasks for the 3Com
This guide is intended for the system or network administrator who is
responsible for configuring, using, and managing the 3Com Email
Firewall. It assumes a working knowledge of TCP/IP network and email
communications protocols.
For more detailed information on 3Com Email Firewall installation, please
see the accompanying Installation Guide.
If release notes are shipped with your product and the information there
differs from the information in this guide, follow the instructions in the
release notes.
Most user guides and release notes are available in Adobe Acrobat
Reader Portable Document Format (PDF) or HTML on the 3Com
Wide Web site:
World
http://www.3com.com/products
®
Email Firewall.
10ABOUT THIS GUIDE
ConventionsTable 1 and Table 2 list conventions that are used throughout this guide.
Table 1 Notice Icons
IconNotice TypeDescription
Information note Information that describes important features or
instructions
Caution Information that alerts you to potential loss of data or
potential damage to an application, system, or device
Warning Information that alerts you to potential personal injury
Table 2 Text Conventions
ConventionDescription
Screen displays This typeface represents information as it appears on the
screen.
SyntaxThe word “syntax” means that you must evaluate the syntax
provided and then supply the appropriate values for the
placeholders that appear in angle brackets. Example:
To change your password, use the following syntax:
system password <password>
In this example, you must supply a password for <password>.
CommandsThe word “command” means that you must enter the
command exactly as shown and then press Return or Enter.
Commands appear in bold.
The words “enter”
and
“type”
Keyboard key names If you must press two or more keys simultaneously, the key
Words in
italics
When you see the word “enter” in this guide, you must type
something, and then press Return or Enter. Do not press
Return or Enter when an instruction simply says “type.”
names are linked with a plus sign (+). Example:
Press Ctrl+Alt+Del
Italics are used to:
■ Emphasize a point.
■ Denote a new term at the place where it is defined in the
text.
■ Identify menu names, menu commands, and software
button names. Examples:
From the
Help
menu, select
Contents
.
Click OK.
Related Documentation
11
Related
Documentation
Documentation
Comments
In addition to this guide, each 3Com Email Firewall documentation set
includes the following:
■
3Com Email Firewall Installation Guide
This guide contains detailed information on installing the 3Com Email
Firewall.
■
Release Notes
These notes provide information about the current software release,
including new features, modifications, and known problems.
Your suggestions are very important to us. They will help make our
documentation more useful to you. Please send comments about this
document to 3Com via the following URL:
Please include the following information when contacting us:
■ Document title
■ Document part number (on the title page)
■ Page number (if appropriate)
Example:
■ 3Com Email Firewall User Guide
■ Part number: DUA-MFA100-AAA01
■ Page 25
Please note that we can only respond to comments and questions about
3Com product documentation. Questions related to technical support or
sales should be directed in the first instance to your network supplier.
12ABOUT THIS GUIDE
1
3COM EMAIL FIREWALL OVERVIEW
This chapter provides an overview of the 3Com Email Firewall and its
features, and includes the following topics:
■ Deployment and Installation
■ Features
■ System Administration
Deployment and
Installation
The 3Com Email Firewall is designed to be situated between your mail
servers and the Internet so that there are no direct SMTP (Simple Mail
Transport Protocol) connections between external and internal servers.
The 3Com Email Firewall is installed behind the existing firewall on the
Internal network.
Inbound mail will be forwarded from the Firewall or Router to the 3Com
Email Firewall where it will be scanned, processed, and then sent to your
internal mail server for delivery.
Outbound mail will be sent from your internal mail server to the 3Com
Email Firewall to be scanned, processed, and then delivered to the
destination SMTP server on the Internet.
14CHAPTER 1: 3COM EMAIL FIREWALL OVERVIEW
InstallationFor detailed information on installation, see the
Installation Guide
that
came with your 3Com Email Firewall.
FeaturesThe following sections provide an overview of the main features of the
3Com Email Firewall.
Anti-SpamThe 3Com Email Firewall contains a variety of powerful features to
prevent spam messages, including the following:
■ Server-based tools such as DCC (Distributed Checksum
Clearinghouse), STA (Statistical Token Analysis), Objectionable
Content Filtering, and Pattern Based Message Filtering that prevent
spam messages from being delivered to an end user’s mailbox.
■ User-based tools for managing quarantined spam and building trusted
When enabled, all messages (inbound and outbound) passing through
the 3Com Email Firewall are scanned for viruses.
Viruses can be selectively blocked depending on whether they are found
in inbound or outbound messages. Message attachments are recursively
disassembled to help ensure that viruses cannot be concealed.
Malformed Email
Checks
Many viruses try to elude virus scanners by concealing themselves in
malformed messages. The scan engines cannot detect the attachment
and pass the complete message through to an internal server.
Some mail clients try to rebuild malformed messages and may rebuild or
activate a virus-infected attachment. Other types of malformed messages
are designed to attack mail servers directly. These types of messages are
often used in denial-of-service (DoS) attacks.
The 3Com Email Firewall analyzes each message with very extensive
integrity checks. Malformed messages are quarantined if they cannot be
processed.
Features
Attachment ControlAttachment filtering can be used to control a wide range of problems
originating from the use of attachments, such as viruses, objectionable
content, and confidential documents leaving your network.
Both inbound and outbound email can be scanned. Messages containing
forbidden attachments can be rejected or quarantined.
Email SecurityCommunications between email gateways that are normally sent in clear
text can be protected from interception and eavesdropping via TLS
(Transport Layer Security) encryption.
ReportingThe 3Com Email Firewall's reporting features allow you to create
customized reports on mail and system activity, including the following:
■ Traffic Summary
■ System Health
■ Top Mailbox Disk Users
■ Spam Statistics
15
■ Virus Reports
■ Email History
■ System Events History
The reports are derived from information written to the various systems
logs and then stored in the database. Reports are stored on the system
for online viewing and can also be emailed automatically to specified
users.
16CHAPTER 1: 3COM EMAIL FIREWALL OVERVIEW
System
Administration
The 3Com Email Firewall is administered via a web browser.
The following web browsers are supported:
■ Microsoft Internet Explorer 5.5 or greater
■ Netscape 7.0 or greater
■ Mozilla Firefox 1.0 or greater
■ Safari 1.2.3 or greater
Your web browser must have cookies enabled to be able to connect and
login to the 3Com Email Firewall.
Launch a web browser on your computer and enter the IP address or
hostname into the location bar, such as https://192.168.1.253, or
https://mail.example.com.
The login screen will then be displayed. Enter the user name admin and
the corresponding password.
The
Activity
screen and main menu will then be displayed.
System Administration
Main MenuThe main menu provides quick access to the 3Com Email Firewall’s
configuration and management options.
The menu is divided into the following sections:
17
■ Activity — The
Activity
screen provides you with a variety of
information on mail processing activity, such as the number of
messages in the mail queue, the number of different types of
messages received and sent, and current message activity.
■ Status — The
Status
page displays a list of system services and their
current status. Network and system tests can also be performed.
■ Mail Delivery — This menu allows you to configure mail delivery
features such as:
■Anti-Spam
■Anti-Virus
■Attachment Control
■Mail Routing
■Delivery Settings
■Mail Access/Filtering
■Mail Mappings
■Virtual Mappings
■SMTP Security
■Malformed Email detection
18CHAPTER 1: 3COM EMAIL FIREWALL OVERVIEW
■ Reporting — This menu allows you to view and configure the
reporting and system log features of the 3Com Email Firewall.
■ System Configuration — This menu allows you to view and modify
system configuration settings such as:
■The Setup Wizard
■Admin Account
■System Users
■Network Settings
■Web Proxy
■Static Routes
■Licensing
■SSL Certificates
■Software Updates
■ System Management — This menu is used for system management
features such as:
■Status and Utility menu for troubleshooting
■Mail Queues
■Quarantine
■Backup and Restore
■Reboot and Shutdown
■Returning the system to factory settings
2
CONFIGURING MAIL DELIVERY
This chapter describes how to configure your 3Com Email Firewall to
accept and deliver mail, and includes the following topics:
■ Mail Routing
■ Delivery Settings
■ Mail Mappings
■ Virtual Mappings
Mail RoutingMail Routes are used to define the domains you will be accepting mail
for, and where locally to deliver the mail such as an internal Microsoft
Exchange mail server. The Mail Domain you configured at installation
time using the Setup Wizard will automatically be created.
Select Mail Delivery -> Mail Routing from the menu to define additional
mail routes.
■ Sub — Select this check box to accept and relay subdomains for the
specified domain.
■ Domain — Enter the domain for which mail is to be accepted, such as
example.com
.
®
20CHAPTER 2: CONFIGURING MAIL DELIVERY
■ Route-to — Enter the address for the mail server to which mail will be
delivered. This is your local mail server, such as a Microsoft Exchange
mail system.
■ MX — (Optional) Select the MX check box if you need to look up the
mail routes in DNS before delivery. If this is not enabled, MX records
will be ignored. Generally, you do not need to select this item unless
you are using multiple mail server DNS entries for load
balancing/failover purposes. By checking the MX record, DNS will be
able to send the request to the next mail server in the list.
■ KeepOpen — (Optional) Select the KeepOpen check box to ensure
that each mail message to the domain will not be removed from the
active queue until delivery is attempted, even if the preceding mail
failed or was deferred. This setting ensures that local mail servers
receive high priority.
The KeepOpen option should only be used for domains that are usually
very reliable. If the domain is unavailable, it may cause system
performance problems due to excessive error conditions and deferred
mail.
A list of domains can also be uploaded in one text file. The file must
contain comma or tab separated entries in the form:
) should be created in csv file format using Excel,
Notepad or other Windows text editor. It is recommended that you
download the domain file first by clicking Download File, editing it as
required, and uploading it using the Upload File button.
Mail Routing
21
Additional Mail Route
Rules
When adding an additional mail route for a local email server, you must
add a Specific Access Pattern and a Pattern Based Message Filter to trust
mail from that server for Anti-Spam training purposes.
These procedures are not required for the default mail route you
configured at installation time with the Setup Wizard.
Adding a Specific Access Pattern
1 Select Mail Delivery -> Mail Access/Filtering from the menu.
Your primary mail route defined during installation will already be
configured.
2 Click Add Pattern to add a new pattern for the additional mail route.
3 Enter the IP address of the mail server you are routing to in the
Pattern
field.
22CHAPTER 2: CONFIGURING MAIL DELIVERY
4 Select
5 Select Trust for the action if the pattern matches, and click OK.
1 Select Mail Delivery -> Mail Access/Filtering from the menu. Select Pattern
2 Click Add to add a new filter rule.
Client Access
Adding a Pattern Based Message Filter
Based Message Filtering.
3 Select Client IP as the
for the mail route as the pattern.
4 Set the
Action
to Trust and click Update to add the new rule.
Message Part
, and set the address of the mail server
Delivery Settings
23
Delivery SettingsYou can customize various delivery settings that affect how you accept
and deliver mail messages.
Select Mail Delivery -> Delivery Settings from the menu.
Delivery Settings ■ Maximum time in mail queue — Enter the number of days for a
message to stay in the queue before being returned to the sender as
"undeliverable."
■ Time before delay warning — Number of hours before issuing the
sender a notification that mail is delayed.
■ Time to retain undelivered MAILER-DAEMON mail — The number of
hours to keep undelivered mail addressed to MAILER-DAEMON (the
internal mail server process.)
Gateway Features■ Masquerade Addresses — Masquerades internal hostnames by
rewriting headers to only include the address of the 3Com Email
Firewall.
■ Strip Received Headers — Strip all Received headers from outgoing
messages.
Default Mail Relay■ Relay To — (Optional) Enter an optional hostname or IP address of a
mail server (not this 3Com Email Firewall) to relay mail to for all email
with unspecified destinations. A recipient's email domain will be
24CHAPTER 2: CONFIGURING MAIL DELIVERY
checked against the Mail Routing table, and if the destination is not
specified the email will be sent to the Default Mail Relay server for
delivery. This option is typically used when the 3Com Email Firewall
cannot deliver email directly to remote mail servers.
■ Ignore MX record — Enable this option to prevent an MX record
lookup for this host to force relay settings.
BCC All MailThe 3Com Email Firewall offers an archiving feature for organizations
that require storage of all email that passes through their corporate mail
servers. This option sends a blind carbon copy (BCC) of each message
that passes through the 3Com Email Firewall to the specified address.
This address can be local or on any other system. Once copied, the mail
can be effectively managed and archived from this account.
■ Copy all mail to — Enter an email address to copy mail to.
■ Errors to — Specify an address that will receive error messages if there
are problems delivering the BCC mail.
AnnotationsIn the
appended to all emails and customize
Warning
The variables in the messages, such as
%HOSTNAME%
substituted at the time the message is sent.
See Appendix A“Customizing System Messages” on page 125 for a full
list of variables that can be used.
Annotations
messages.
, are local system settings that are automatically
section, you can enable annotations that are
Delivery Failure
%PROGRAM%
and
Delivery Delay
and
Delivery Settings
25
Advanced Delivery
Settings
Click the Advanced button to reveal options for advanced SMTP (Simple
Mail Transport Protocol) settings and SMTP notifications.
Advanced SMTP Settings
■ SMTP Pipelining — Pipelining allows more than one SMTP command
to be inserted into a network packet which reduces SMTP connection
times. Some mail servers may experience problems with SMTP
command pipelining and you may have to disable this feature if
required.
to support additional media types in email messages. Some mail
servers may not support ESMTP and you may have to disable this
feature if you are experiencing problems.
SMTP Notification (Advanced)
Select the type of notifications that are sent to the postmaster account.
■ Resource — Mail not delivered due to resource problems such as
queue file write errors.
■ Software — Mail not delivered due to software problems.
■ Bounce — Send postmaster copies of undeliverable mail. If mail is
undeliverable, a single bounce message is sent to the postmaster with
a copy of the message that was not delivered. For privacy reasons, the
postmaster copy is truncated after the original message headers. If a
single bounce message is undeliverable, the postmaster receives a
26CHAPTER 2: CONFIGURING MAIL DELIVERY
double bounce message with a copy of the entire single bounce
message.
■ Delay — Inform the postmaster of delayed mail. In this case, the
postmaster receives message headers only.
■ Policy — Inform the postmaster of client requests that were rejected
because of unsolicited mail policy restrictions. The postmaster will
receive a transcript of the entire SMTP session.
■ Protocol — Inform the postmaster of protocol errors (client or server),
or attempts by a client to execute unimplemented commands. The
postmaster will receive a transcript of the entire SMTP session.
■ Double Bounce — Send double bounces to the postmaster.
Mail MappingsMail Mappings are used to map an external address to a different internal
address and vice versa. This is useful for hiding internal mail server
addresses from external users.
For mail originating externally, the mail mapping translates the address in
the To: and CC: mail header field into a corresponding internal address to
be delivered to a specific internal mailbox.
For example, mail addressed to
the internal mail address
user@example.com
user@sales.example.com
can be redirected to
. This enables the
message to be delivered to the user's preferred mailbox.
Similarly, mail originating internally will have the address in the From:,
Reply-To:, and Sender: header modified by a mail mapping so it appears
to have come from the preferred external form of the mail address,
user@example.com
.
Select Mail Delivery -> Mail Mappings to configure your mail mappings.
Mail Mappings
27
Click Add to add a new mapping to your list.
■ External mail address — Enter the external mail address that you want
to be converted to the specified internal email address for incoming
mail. The specified internal address will be converted to this external
address for outgoing mail.
■ Internal mail address — Enter the internal mail address that you want
external addresses to be mapped to for incoming mail. The internal
address will be converted to the specified external address for
outgoing mail.
■ Extra internal addresses — Enter any additional internal mappings that
will be included in the outgoing mail conversion.
Click Update when finished.
Uploading Mapping ListA list of mappings can also be uploaded in one text file. The file must
contain comma or tab separated entries in the form:
["sender" or "recipient"],[map_in],[map_out],[value ("on" or "off")]
For example:
sender,user@example.com,user@sales.example.com,on
The file (
mailmapping.csv
) should be created in csv file format using Excel,
Notepad or other Windows text editor. It is recommended that you
download the mail mapping file first by clicking Download File, editing it
as required, and uploading it using the Upload File button.
28CHAPTER 2: CONFIGURING MAIL DELIVERY
Virtual MappingsVirtual Mappings are used to redirect mail addressed for one domain to a
different domain. This process is performed without modifying the To:
and From: headers in the mail, as virtual mappings modify the
envelope-recipient address.
For example, the 3Com Email Firewall can be configured to accept mail
example.com
for
Email Firewall to distribute mail to multiple internal servers based on the
Recipient: address of the incoming mail.
Virtual Mappings are useful for acting as a wildcard mail mapping, such
as mail for
Select Mail Delivery -> Virtual Mappings to configure your mappings.
and deliver it to
example.com
is sent to
example2.com
. This allows the 3Com
exchange.example.com
.
Click the Add Virtual Mapping button to add a new mapping.
■ Input — Enter the domain or address to which incoming mail is
directed in the Input box.
■ Output — Enter the domain or address to which mail should be
redirected to in the Output box.
Virtual Mappings
29
Uploading Virtual
Mapping List
A list of virtual mappings can also be uploaded in one text file. The file
must contain comma or tab separated entries in the form:
) should be created in csv file format using Excel,
Notepad or other Windows text editor. It is recommended that you
download the virtual mapping file first by clicking Download File, editing
it as required, and uploading it using the Upload File button.
30CHAPTER 2: CONFIGURING MAIL DELIVERY
Loading...
+ 124 hidden pages
You need points to download manuals.
1 point = 1 manual.
You can buy points or you can get point for every manual you upload.