Symantec BRIGHTMAIL - SYM ANTISPAM AND, Brightmail AntiSpam 6.0 Installation Manual

Download

Page 1

Symantec Brightmail AntiSpam

™

Version 6.0

Installation Guide

Page 2

Symantec Brightmail AntiSpam™ Version 6.0.2 Installation Guide Document Version 1.0

Brightmail, the Brightmail logo, BLOC, BrightSig, Probe Network and The Anti-Spam Leader are trademarks or registered trademarks of Symantec Corporation.

Symantec and the Symantec logo are U.S. registered trademarks and Symantec Security Response (SSR) is a trademark of Symantec Corporation. Symantec Brightmail AntiSpam is protected under U.S. Patent No. 6,052,709. Microsoft, Windows, and/or other Microsoft products referenced herein are either trademarks or registered trademarks of Microsoft. For third party notices, see Appendix B, “Third Party Licenses,” on page 145 All other trademarks, service marks, trade names, or company names referenced herein are used for identification only and are the property of their

respective owners.

Symantec Corporation

20330 Stevens Creek Blvd. Cupertino, CA 95014 U.S.A. Voice +1 408 517 8000

http://www.symantec.com

Page 3

Table of Contents

Symantec Brightmail AntiSpam Overview. . . . . . . . . . . . . . . . . . . . . . . 1

What’s New in Symantec Brightmail AntiSpam . . . . . . . . . . . . . . . . . . . . . . 2

Symantec Brightmail AntiSpam Architecture Overview . . . . . . . . . . . . . . . . 3

Brightmail Scanner . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

Brightmail Control Center. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

Group Policies, Email Categories, and Filtering Actions. . . . . . . . . . . . . . . . 6

Brightmail Filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

AntiSpam Filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

Content Filters. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

Blocked and Allowed Senders Lists . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

AntiVirus Filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10

Brightmail Conduit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

Brightmail Quarantine. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

Spam Foldering and Submissions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

Installation Sequence . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

Installing Brightmail Scanner for Sendmail . . . . . . . . . . . . . . . . . . . . 15

Preparing to Install Brightmail Scanner . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

Confirm Hardware Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

Confirm Software and Location Requirements. . . . . . . . . . . . . . . . . . 16

Enable Sendmail External Filtering . . . . . . . . . . . . . . . . . . . . . . . . . . 17

Create Required Accounts and Directories. . . . . . . . . . . . . . . . . . . . . 18

Installing Brightmail Scanner for Sendmail . . . . . . . . . . . . . . . . . . . . . . . . . 19

Find and Run the Install Script . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

Upgrading Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21

Installing with the Command-Line Installer. . . . . . . . . . . . . . . . . . . . 23

Starting a Brightmail Scanner. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30

Registering to Receive New AntiSpam Filters . . . . . . . . . . . . . . . . . . 30

What to Do Next. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

Installation Guide iii

Page 4

Table of Contents

Uninstalling Brightmail Scanner for Sendmail . . . . . . . . . . . . . . . . . . . . . . .31

Uninstalling with the Command-Line Installer. . . . . . . . . . . . . . . . . .31

Configuring Sendmail for the Brightmail Filter . . . . . . . . . . . . . . . . . 33

Understanding the Filter Address and Optional Settings . . . . . . . . . . . . . . . 33

Configuring Sendmail Switch to Work with Brightmail Scanner. . . . . . . . . 35

Configuring Sendmail for Brightmail Scanner with sendmail.cf . . . . . . . . . 40

Configuring Sendmail for Brightmail Scanner with M4. . . . . . . . . . . . . . . . 41

Installing Brightmail Scanner for Windows. . . . . . . . . . . . . . . . . . . . .43

Hardware Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43

Software Environment. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43

Upgrading Software. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44

Installing Brightmail Scanner for Windows . . . . . . . . . . . . . . . . . . . . . . . . . 46

Verifying Brightmail Scanner Installation. . . . . . . . . . . . . . . . . . . . . .53

Modifying, Repairing, and Removing Brightmail Scanner. . . . . . . . . . . . . .54

Installing Brightmail Control Center. . . . . . . . . . . . . . . . . . . . . . . . . . . .57

Hardware Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57

Software Environment Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .58

Operating System Compatibility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58

LDAP Compatibility for Brightmail Quarantine. . . . . . . . . . . . . . . . . 59

Web Browser Compatibility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59

Checking for Port Availability Via TCP/IP. . . . . . . . . . . . . . . . . . . . . 60

Upgrading Software. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60

Installing Brightmail Control Center on UNIX. . . . . . . . . . . . . . . . . . . . . . . 60

Accessing the UNIX Install Script . . . . . . . . . . . . . . . . . . . . . . . . . . .61

Running the Installer on UNIX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .62

Reinstalling Control Center on UNIX. . . . . . . . . . . . . . . . . . . . . . . . . 67

Installing Brightmail Control Center on Windows . . . . . . . . . . . . . . . . . . . .67

Automatic Startup Configured by Brightmail Control Center Installer . . . . 73

Uninstalling Brightmail Control Center on UNIX . . . . . . . . . . . . . . . . . . . . 73

Uninstalling Brightmail Control Center on Windows. . . . . . . . . . . . . . . . . . 73

Control Center Testing and Configuration. . . . . . . . . . . . . . . . . . . . . . 75

Testing Installation of the Brightmail Control Center. . . . . . . . . . . . . . . . . . 76

Reviewing the Installation Log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .76

Logging in and Logging out . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76

Checking Versions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76

Adding a Brightmail Scanner . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .77

Starting a Brightmail Scanner from the Brightmail Control Center . . 78

iv Symantec Brightmail AntiSpam™

Page 5

Table of Contents

Testing Symantec Brightmail AntiSpam Filtering . . . . . . . . . . . . . . . . . . . . 78

Verifying Normal Delivery. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78

Verifying Spam Filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79

Testing AntiVirus Filtering. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79

Verifying Spam Filtering to Quarantine . . . . . . . . . . . . . . . . . . . . . . . 79

Configuring the Brightmail Control Center to Use WebLogic. . . . . . . . . . . 81

Copying the MySQL Connector/J API. . . . . . . . . . . . . . . . . . . . . . . . 81

Adding MySQL Connector/J to the CLASSPATH Variable . . . . . . . 81

Configuring the Brightmail JDBC Connection Pool . . . . . . . . . . . . . 82

Configuring a Data Source . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85

Deploying the brightmail.war . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86

Testing the Control Center with the WebLogic Application Server. . 86

Plug-Ins and Foldering. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87

Installing the Symantec Plug-in for Outlook . . . . . . . . . . . . . . . . . . . . . . . . 87

Usage Scenarios . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87

End User Experience. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88

Software Requirements. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89

Administrator Setup Instructions . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89

Configuring Automatic Spam Foldering. . . . . . . . . . . . . . . . . . . . . . . . . . . . 93

Configuring the Spam Folder Agent. . . . . . . . . . . . . . . . . . . . . . . . . . 93

Configuring the Symantec Spam Folder Agent for Domino . . . . . . . 95

Enabling Automatic Spam Foldering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105

Appendix A: Symantec Brightmail AntiSpam Files. . . . . . . . . . . . 107

Brightmail Scanner on UNIX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108

Brightmail Scanner, Complete

(Brightmail Server, Brightmail Client). . . . . . . . . . . . . . . . . . . . . . . 108

Brightmail Scanner Installation with Brightmail Server Only . . . . . 113

Brightmail Scanner Installation with Brightmail Client Only . . . . . 118

Brightmail Scanner on Windows . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120

Brightmail Scanner, Complete

(Brightmail Server, Brightmail Client). . . . . . . . . . . . . . . . . . . . . . . 120

Brightmail Scanner Installation with Brightmail Server Only . . . . . 127

Brightmail Scanner Installation with Brightmail Client Only . . . . . 132

Brightmail Control Center on All Platforms. . . . . . . . . . . . . . . . . . . . . . . . 134

Appendix B: Third Party Licenses. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145

Index. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151

Installation Guide v

Page 6

Table of Contents

vi SymantecBrightmail AntiSpam™

Page 7

Symantec Brightmail AntiSpam Overview

Welcome to Symantec Brightmail AntiSpam™, Symantec’s industry-leading message filtering system. Symantec Brightmail AntiSpam offers complete, Internet-wide, serverside antispam and antivirus protection. It actively seeks out, identifies, analyzes, and ultimately defuses spam and virus attacks before they inconvenience your users and overwhelm or damage your networks. Symantec software allows you to remove unwanted mail before it reaches your users’ inboxes, without violating their privacy.

Symantec Brightmail AntiSpam software filters email in four ways:

• AntiSpam Filters use our state-of-the-art technologies and strategies to filter and classify email as it enters your site.

• AntiVirus Filters combine Symantec processing technology with Symantec AntiVirus definitions and engines to clean viruses from your email.

• Content Filters supplement AntiSpam Filters; you can tailor them specifically to the needs of your organization.

• The Allowed Senders List and the Blocked Senders List filter messages based on the sender. You can create your own lists and subscribe to third-party lists. Symantec Brightmail AntiSpam includes the Brightmail Reputation Service, which consists of our Open Proxy List, Safe List and Suspect List. These features filter messages based on extensive research to ascertain the reputation of the originating IP address, as a source of spam or of legitimate email.

This section contains the following topics:

• What’s New in Symantec Brightmail AntiSpam

• Symantec Brightmail AntiSpam Architecture Overview

• Group Policies, Email Categories, and Filtering Actions

• Brightmail Filters

• Brightmail Conduit

• Brightmail Quarantine

• Spam Foldering and Submissions

• Installation Sequence

Installation Guide 1

Page 8

Symantec Brightmail AntiSpam Overview

What’s New in Symantec Brightmail AntiSpam

Symantec Brightmail AntiSpam Version 6.0 provides the following enhancements over previous releases:

Table 1. Symantec Brightmail AntiSpam Version 6.0 Enhancements

Feature Description

Brightmail Control Center

Brightmail Scanner

The Brightmail Control Center (Control Center) is a Web-based cross-platform configuration and administration center built in Java. Each Symante c Brightmail AntiSpam installation has one Control Center, which also houses Brightmail Quarantine and supporting software. You can configure and monitor all of your Brightmail Scanners from the Control Center.

The Control Center replaces the Brightmail configuration file, the Configurator and the Brightmail Administration Console. These components are no longer included in Symantec Brightmail AntiSpam.

Brightmail Scanners perform email filtering. Your Symantec Brightmail AntiSpam installation can have one or many Brightmail Scanners. Each Brightmail Scanner includes one or both of the following components: Brightmail Server, Brightmail Client.

Multiple-Machine Management

Group Policies You can now specify an unlimited number of user groups, identified by email addresses

Improved Filtering

Brightmail Reputation Service

Improved Reporting

Language Identification

Quarantine Management and End User Improvements

You can now configure and manage multiple Brightmail Scanners from one Brightmail Control Center. Previously each computer filtering email had to be configured individually.

or domain names, and customize mail filtering for each group. Numerous improvements have been made to Symantec Brightmail AntiSpam's filtering

technologies, including enhanced effectiveness for URL Filters and Heuristic Filters; filtering on mailto: links in messages; improved filtering on MIME headers; and the next generation of Signature Filters, which target comparisons to specific message components with surgical precision.

The Brightmail Reputation Service provides comprehensive reputation tracking that enhances the power of Symantec Brightmail AntiSpam. Symantec manages three lists as part of the Brightmail Reputation Service. Each list operates automatically and filters your messages using the same technology as Symantec’s other filters. The Brightmail Reputation Service includes the Open Proxy List, the Safe List and the Suspect List.

For added convenience and clarity, pre-set reports are now separated into two groups: antispam reports and antivirus reports. Y ou can choose from a selection of reports; each report can be customized to include specific date ranges, time period groupings, and various delivery and output options. For some reports, you can filter based on specific recipients and senders of interest.

Users of the Brightmail Plug-in for Outlook can choose from a list of languages in which they would like to receive messages. Messages identified as written in a language not on the user’s list will be filtered as spam.

Brightmail Quarantine is now managed via the Brightmail Control Center. You can now set messages to be deleted based on the total size of the Quarantine database or based on each user’s storage usage. When users receive digest notificati ons from Brightmail Quarantine, they can now click on a View link to view an individual message, or click on a Release link to release a message back to the inbox.

2Symantec

Brightmail AntiSpam ™

Page 9

Symantec Brightmail AntiSpam Overview

Symantec Brightmail AntiSpam Architecture Overview

Using Brightmail AntiSpam, you set up a powerful message filtering system that protects your customers and your network through an approach that is centralized and automated, but also provides customizable, open features that you can tailor for your system. The net effect of this highly scalable structure is to unburden your customers of unwanted email.

As spam messages traverse the Internet, they pass through Symantec’s wo rldwid e Prob e Network

, an extensive array of email addresses. The Probe Network includes over two million probe accounts that attract the latest spam, based upon up-to-date research into spamming methodologies. The Probe Network sends possible spam emails in real time to the Brightmail Logistics and Operations Center (BLOC

) for evaluation. If the message is verified as spam, the BLOC issues AntiSpam Filters to Brightmail Scanners on your system that isolate similar messages.

The BLOC consists of several centers working cooperatively on three continents, comprising a round-the-clock protection network that spans the globe. Sophisticated automatic tools, assisted and monitored by BLOC Technicians, evaluate mail for new variations of spam, then issue filters to identify and capture similar messages. The BLOC continuously provides updated filters to Brightmail Servers on your system. BLOC T e chnicians play an important role in confirming the identification of possible spam. This combination of automation and human intervention allows Symantec Brightmail AntiSpam to adapt in real time to ever-changing spamming techniques, giving it unparalleled flexibility and accuracy as a spam filter.

Most of the filters that the BLOC creates are designed to thwart specific spam attacks. A spam attack can contain thousands of identical or similar messages. By targeting filters against specific attacks, the BLOC keeps Symantec’s false positive rate extremely low (less than 1 in 1 million).

Symantec also employs a carefully designed set of heuristic filters, which target patterns common in spam and add a proactive element to our spam-fighting arsenal. Commonly available heuristic filters can lead to large increases in false positives because of the problems inherent in a pattern-matching approach. Symantec Brightmail AntiSpam heuristic filters are carefully designed and tested to prevent large increases in false positives.

Installation Guide 3

Page 10

Symantec Brightmail AntiSpam Overview

Figure 1 shows an overview of Symantec Brightmail AntiSpam.

Figure 1. Symantec Brightmail AntiSpam Overview

Brightmail Scanner

Each installation of Symantec Brightmail AntiSpam can have one or more Brightmail Scanners. Brightmail Scanners perform the actual filtering of email messages.

Each Brightmail Scanner contains:

• A Brightmail Agent

• One or both of the following:

— A Brightmail Server — A Brightmail Client. If the Brightmail Scanner contains a Brightmail Client, then

a supported mail transfer agent (MTA) must also reside on the same computer.

4Symantec

Brightmail AntiSpam ™

Page 11

Brightmail Agent

This component communicates with the Brightmail Control Center to support centralized configuration and administration activities.

Brightmail Client

The Brightmail Client is a communications channel between the MTA and the Brightmail Server. You can use multiple Brightmail Clients; each one can talk to multiple Brightmail Servers. The Brightmail Client performs load balancing between Brightmail Servers.

Brightmail Server

The Brightmail Servers at your site process spam based on configuration options you select. Each Brightmail Server is a multi-threaded process that listens for requests from Brightmail Clients. Using a variety of state-of-the-art technologies, the Brightmail Server filters messages for classification. The classification, or verdict, is then returned to the Brightmail Client for subsequent delivery action.

Brightmail Control Center

Symantec Brightmail AntiSpam Overview

Each Symantec Brightmail AntiSpam installation has exactly one Brightmail Control Center. This is the central nervous system of your Symantec software. The Brightmail Control Center communicates with the Brightmail Agent on each of your Brightmail Scanners. For smaller installations, you can install the Brightmail Control Center and the Brightmail Scanner on the same computer.

From this Web-based graphical user interface, you can:

• Configure, start and stop each of your Brightmail Scanners.

• Specify email filtering options for groups of users or for all of your users at once.

• Monitor consolidated reports and logs for all Brightmail Scanners.

• See summary information.

• Administer Brightmail Quarantine.

• View online help for Brightmail Control Center screens.

The Brightmail Control Center contains the following software:

Brightmail Quarantine

Brightmail Quarantine provides storage of spam messages and Web-based end user access to spam. You can also configure Brightmail Quarantine for administrator-only access. Use of Brightmail Quarantine is optional.

Third Party Software: Database, Web Server

A single MySQL database stores all of your Symantec Brightmail AntiSpam configuration information, as well as Brightmail Quarantine information and emails (if you are using Brightmail Quarantine). Configuration information is communicated to each Brightmail Scanner via an XML file. A Java-based Web Server (by default this is the Tomcat Web

Installation Guide 5

Page 12

Symantec Brightmail AntiSpam Overview

Server) performs Web hosting functions for the Brightmail Control Center and Brightmail Quarantine.

Figure 2

shows the major components of Symantec Brightmail AntiSpam installed at your

site.

Figure 2. Symantec Brightmail AntiSpam Components

Group Policies, Email Categories, and Filtering Actions

Symantec Brightmail AntiSpam provides a wide variety of actions for filtering email, and allows you to either set identical options for all users, or specify different actions for different groups of users.

6Symantec

Brightmail AntiSpam ™

Page 13

Symantec Brightmail AntiSpam Overview

You can specify groups of users based on email addresses or domain names. For each group, you can specify email filtering actions for seven different categories of email. For each category you can specify one of up to eight different filtering options.

You can choose different filtering actions for the following categories of email:

•Spam – Email messages identified as spam using Symantec’s AntiSpam Filters.

• Suspected spam – You can use Symantec’s Spam Scoring to identify a range of email

as suspected spam, based on scores assigned by AntiSpam Filters.

• Email from blocked senders – Y ou can specify a list of blocked senders, and you can

use third party blocked senders lists. The lists included in the Brightmail Reputation Service are used by default.

• Emails infected with viruses – Symantec identifies virus-infected emails using

AntiVirus Filters, based on Symantec virus definitions and engines.

• Mass-mailing worms – Symantec Brightmail AntiSpam identifies mass-mailing

worm emails as distinct from spam o r vi rus emails, because many customers prefer to delete these emails immediately.

• Unscannable emails – These are emails that could not be scanned due to s ize

restrictions or other variables. They may or may not contain viruses. You can choose how to handle these messages.

• Custom filtered emails – You can specify special filters unique to your organization,

to filter for specific content in email messages.

In addition to the seven categories listed above, you can also specify trusted senders by creating an Allowed Senders List and by subscribing to third party allowed senders lists. Messages from allowed senders are automatically sent to user inboxes, bypassing all filtering (except antivirus filtering, if enabled). The Safe List, part of the Brightmail Reputation Service, is implemented by default.

The filtering actions available vary by email category, and include the following:

• Deliver messages normally.

• Mark messages as spam, either by altering the subject line or by including a

configurable X-Header.

• Delete messages.

• Route messages to an administrator’s mailbox for subsequent examination.

• Save messages in a directory specified for that purpose.

• Send messages to Brightmail Quarantine, where users can access them via the Web.

• Route messages to each user’s spam folder using the Spam Folder Agent, native

foldering in Exchange 2003, or the Symantec Spam Folder Agent for Domino.

• Clean messages of viruses and deliver each cleaned message normally, with a

notification to the recipient.

Installation Guide 7

Page 14

Brightmail Filters

Symantec Brightmail AntiSpam employs the following four major types of filters:

• AntiSpam Filters – AntiSpam Filters are created by Symantec using our state-of-the-

art technologies and strategies to filter and classify email as it enters your site.

• Content Filters – Custom content filters are written by you, using the Brightmail

Control Center or the Sieve scripting language, to tailor filtering to the needs of your organization.

• Blocked and Allowed Senders Lists – You can create lists of blocked senders and

allowed senders and you can use third party lists. The lists included in the Brightmail Reputation Service are deployed by default.

• AntiVirus Filters – Antivirus definitions and engines provided by Symantec protect

your users from email-borne viruses.

AntiSpam Filters

The nature of spam—and the business implications of false positives—demands a careful and flexible approach to filter creation. Accordingly, Symantec does not use a one-sizefits-all approach to creating filters. Instead, it employs a combination of filtering strategies, based on the specific type of spam. Some technologies perform sophisticated comparisons with the latest spam received by the Probe Network, resulting in matches of unparalleled accuracy. Others are more proactive, attacking future spam based on special characteristics or origination information. Symantec filter types include:

Symantec Brightmail AntiSpam Overview

• Heuristic Filters

• URL Filters

• Signature Filters

• Header Filters

Heuristic Filters – Heuristic Filters scan the headers and the body of a message, applying a variety of tests. These tests search for tell-tale characteristics that are usually inherent in spam, such as opt-out links, specific phrases, and forged headers. Each characteristic is assigned a spam probability, and the message is given a cumulative probability score based on the overall test results. If a certain probability threshold is reached, Symantec Brightmail AntiSpam determines the message to be spam. Using heuristics, Symantec Brightmail AntiSpam software can make the determination that a message is sp am, even if it hasn’t passed through the Probe Network. The BLOC transmits updated Heuristic Filters as it does other AntiSpam Filters.

URL Filters – Symantec’s URL Filters catch messages based on specific URLs found in spam. URL-based spam is increasingly pervasive because spammers want to direct readers to a specific W eb site for contact information or purchasing instructions. Although the underlying URLs do not change frequently, spammers attempt to obfuscate and disguise them. As a result, these URLs appear to be unique across similar spam messages.

8Symantec

Brightmail AntiSpam ™

Page 15

Signature Filters – When messages flow into the BLOC, they are characterized using proprietary algorithms into a unique signature, which is added to the database of known spam. Using this signature, Signature Filters group and match seemingly random messages that originated from a single attack. By distilling a complex and evolving attack to its DNA, more spam can be deflected with a single filter. Signature Filters include BrightSig2 Filters, Body Hash Filters and Attachment Filters.

Header Filters – Header Filters are regular expression-based filters that are applied to the header lines of a message. Header Filters can be used to compare email messages to spam messages seen by the Probe Network, and to exploit commonalities or trends present in spam messages (similar to the use of Symantec’s Heuristic Filters).

Content Filters

You can create custom content filters, using either the Custom Filters Editor provided through the Brightmail Control Center, or using a Sieve filters file. You can specify a wide variety of filtering criteria. You have three sets of choices for the action to take on these messages:

Symantec Brightmail AntiSpam Overview

• Deliver normally.

• Treat the same as another email category: you can use the same action on custom-

filtered messages that you chose for spam, viruses, or any other category.

• Treat as company-specific content: choose a unique action for custom-filtered

messages.

Blocked and Allowed Senders Lists

You can use lists of blocked and allowed senders (also known as blacklists and whitelists) in a variety of ways:

• Define a custom Allowed Senders List – Allowed senders are approved or trusted

senders. Unless AntiVirus Filters detect a virus or worm, Symantec Brightmail AntiSpam treats mail coming from an address or connection in your Allowed Senders List as legitimate mail. Such mail is delivered immediately to the inbox, bypassing any other filtering. You therefore cannot choose message handling actions for messages from allowed senders; by definition these messages will be delivered to the user inbox.

• Define a custom Blocked Senders List – You can block messages from any senders

you wish. You can define message handling actions that apply to messages from blocked senders for each group policy.

• Check incoming mail against third party blocked senders lists and third party

allowed senders lists – Third parties compile and manage lists of desirable or

undesirable domains, IP connections, and networks. A DNS blacklist is a common example of such a list. DNS blacklists allow subscribers to check, using DNS lookups, whether incoming mail is originating from known spammers. Many of the hosts on the list typically are running open SMTP relays or open proxy server ports. Such insecure relays and ports are effective conduits for sending unsolicited bulk email. Subscribers

Installation Guide 9

Page 16

Symantec Brightmail AntiSpam Overview

to DNS lists can thus block or delete mail from these blacklisted hosts. On the other hand, administrators who subscribe to DNS whitelists can leverage a list of legitimate mail servers and senders. You can add a DNS blacklist as a third-party blocked senders list. You can add a DNS whitelist as a third party allowed senders list.

— Brightmail Reputation Service Lists: By default, Symantec Brightmail

AntiSpam is configured to check mail against three lists, all part of the Brightmail Reputation Service, managed by Symantec. Unlike other lists, which simply aggregate information and are frequently outdated, the Brightmail Reputation Service lists are generated and updated hourly. They are downloaded to your system and updated just like other filters.

– The Open Proxy List is a dynamic database containing IP addresses of

identity-masking relays, including proxy servers with open or insecure ports. Because open proxy servers allow spammers to conceal their identities and off-load the cost of emailing to other parties, spammers will continually misuse a vulnerable server until it is brought offline or secured. Symantec recommends that organizations secure their proxy servers to ensure that spammers cannot connect to open ports and relay SMTP email.

AntiVirus Filters

NOTE: The following information and all other references to antivirus functions assume

Virus experts at Symantec Security Response (SSR) provide up-to-date virus definitions and engines to rid email attachments of viruses.

The BLOC—through automated processes monitored by BLOC Technicians—integrates the virus definitions and engines into AntiV irus Filt ers, tests them, and distributes them to your site.

The Brightmail Scanner—using the AntiVirus Cleaner (Cleaner)—filters the attachments of incoming email in search of viruses. If filtering detects no viruses, the message is analyzed for spam. If filtering detects one or more viruses, the policies you have set up go into effect. For example, you can instruct the Brightmail Scanner to delete the message or to clean and then deliver the message. You can also set policies potential virus messages that cannot be processed by the Cleaner.

Symantec Brightmail AntiSpam also provides protection against mass-mailing worms, which can leave hundreds of spam messages in their wake. The Worm Auto-Delete feature automatically removes not only the worm but also the associated emails. This convenient feature saves users from having to wade through hundreds of inbox messages that, although clean from viruses, server no valuable purpose.

– The Safe List is a list of IP addresses from which virtually no outgoing email

is spam.

– The Suspect List is a list of IP addresses from which virtually all outgoing

email is spam.

you have purchased antivirus filtering.

10 Symantec Brightmail AntiSpam ™

Page 17

The Cleaner creates a configurable advisory text message. This message informs the user that the infected attachment has been cleaned, deleted, or delivered without cleaning. The Cleaner inserts the original message, if delivered, as an attachment to the advisory message. The Cleaner also places a special identifying line in the message header so that the message is not filtered again for viruses.

Brightmail Conduit

Having up-to-date filters is imperative to ensure the highest success rate of filtering and blocking unwanted email. Filter updates are accomplished through a dialogue between the BLOC and the Brightmail Conduit, a component that runs at your site. The Conduit handles all such communication at your site. The Conduit runs on each Brightmail Scanner that contains a Brightmail Server.

The Conduit polls a secure Web site every minute to check for the availability of new filters from the BLOC. If new filters are available, the Conduit retrieves the updated filters using secure HTTPS file transfer. After authenticating the filters, the Conduit notifies the Brightmail Server to begin using the updated filters. The Conduit also manages statistics, both for use by the BLOC and by the Brightmail Control Center, which aggregates the statistics from Brightmail Scanners to create consolidated reports.

Symantec Brightmail AntiSpam Overview

Brightmail Quarantine

Brightmail Quarantine (Quarantine) provides users direct Web-based access to spam messages that Symantec software has sidelined into the Quarantine database for them. Users can check for misidentified messages, resend messages to their inbox, and delete or search messages. An administrator account provides access to all quarantined messages.

Quarantine stores spam messages in the Symantec Brightmail AntiSpam MySQL database on the Brightmail Control Center computer. A Notifier process periodically sends users a reminder to check their spam messages in Quarantine. Spam messages older than a customizable time period are deleted automatically by an Expunger process. A Java-based Web Server presents the Quarantine interface to users.

Spam Foldering and Submissions

Symantec Brightmail AntiSpam features the Spam Folder Agent and the Symantec Spam Folder Agent for Domino, designed to work on Microsoft Exchange and Lotus Domino Servers, respectively. Installed separately from the standard Brightmail installation, these agents create a subfolder and a server-side filter in each user’s mailbox. This filter gets applied to messages that the Brightmail Scanner identifies as spam, routing spam into each user’s spam folder. The spam folder agents relieve end users and administrators of the burden of using their mail clients to create filters. The Symantec Spam Folder Agent for Domino also allows users to submit missed spam and false positives to Symantec.

Installation Guide 11

Page 18

Symantec Brightmail AntiSpam Overview

The Symantec Plug-in for Outlook makes it easy for Outlook users to submit missed spam and false positives to Symantec. Depending on how you configure the plug-in, user submissions can also be sent automatically to a local system administrator. The Symantec Plug-in for Outlook also gives users the option to administer their own allowed senders and blocked senders lists.

Refer to “Plug-Ins and Foldering,” on page 87 options and submissions.

Installation Sequence

Different environments and circumstances may influence how you approach installation. This document presents a basic approach that is applicable in a variety of circumstances and works for many, if not most, enterprise installations. As always, we welcome your feedback on the procedure.

To install Symantec Brightmail AntiSpam: 1

Verify your software, hardware and operating system requirements or prerequisite actions. Use the following sections for this purpose:

— UNIX: Brightmail Scanner

– “Confirm Hardware Requirements,” on page 15 – “Confirm Software and Location Requirements,” on page 16 – “Create Required Accounts and Directories,” on page 18

— Windows: Brightmail Scanner

– “Hardware Requirements,” on page 43

for more information about spam foldering

– “Software Environment,” on page 43

— UNIX and Windows: Brightmail Control Center

– “Hardware Requirements,” on page 57 – “Software Environment Requirements,” on page 58 – “Operating System Compatibility,” on page 58

2 Install at least one Brightmail Scanner as described in “Installing Brightmail Scanner

for Sendmail,” on page 19 or “Installing Brightmail Scanner for Windows,” on page 46.

NOTE: If you are upgrading from a previous release you should upgrade ALL

Brightmail Scanners prior to upgrading the Brightmail Control Center. See

“Upgrading Software,” on page 21 “Upgrading Software,” on page 44

3 Install Brightmail Control Center as described in “Installing Brightmail Control

for UNIX Brightmail Scanners, or for Windows Brightmail Scanners.

Center on UNIX,” on page 60 or “Installing Brightmail Control Center on Windows,” on page 67.

12 Symantec Brightmail AntiSpam ™

Page 19

Symantec Brightmail AntiSpam Overview

Add a Brightmail Scanner using the Brightmail Control Center as described in

“Adding a Brightmail Scanner,” on page 77

5 Make sure the Brightmail Scanner can be turned on by the Brightmail Control Center

as described in “Starting a Brightmail Scanner from the Brightmail Control Center,”

on page 78.

6 T est that filtering is working as described in “Testing Symantec Brightmail AntiSpam

Filtering,” on page 78.

Installation Guide 13

Page 20

Symantec Brightmail AntiSpam Overview

14 Symantec Brightmail AntiSpam ™

Page 21

Installing Brightmail Scanner for Sendmail

This section describes how to prepare for and install Brightmail Scanner for Sendmail. Brightmail Scanner contains the Brightmail Agent and also contains either a Brightmail Server, a Brightmail Client or both a Brightmail Server and a Brightmail Client.

The following sections describe how to install Brightmail Scanner:

• Preparing to Install Brightmail Scanner

• Installing Brightmail Scanner for Sendmail

• What to Do Next

• Uninstalling Brightmail Scanner for Sendmail

NOTE: If you are upgrading from Version 6.0 or Version 6.0.1, refer to “Upgrading

Software,” on page 21.

Preparing to Install Brightmail Scanner

This section contains details of what needs to be done before installing Brightmail Scanner. Use the following sections for information on how best to prepare for the installation of Brightmail Scanner.

• Confirm Hardware Requirements

• Confirm Software and Location Requirements

• Enable Sendmail External Filtering

• Create Required Accounts and Directories

Confirm Hardware Requirements

The number of Brightmail Scanner computers you deploy depends on your message volume. The minimum suggested configuration requirements for each Brightmail Scanner computer include:

• Solaris

— UltraSPARC processor — 512 MB RAM minimum (1 GB or more recommended) — 250 MB disk space minimum (1 GB or more recommended)

Installation Guide 15

Page 22

Installing Brightmail Scanner for Sendmail

• Linux — Intel Pentium or compatible III or IV processor — 512 MB RAM minimum (1 GB or more recommended) — 250 MB disk space minimum (1 GB or more recommended)

For more information on hardware requirements, see the Symantec Brightmail AntiSpam Deployment Planning Guide.

Confirm Software and Location Requirements

This version of Symantec Brightmail AntiSpam is supported for Sendmail on the following operating systems and contains these additional software requirements:

• Solaris

— Solaris 8 or 9 For Solaris 8, patch 112438 is required. Because the

tar, GNU tar is required to install Symantec Brightmail AntiSpam. GNU tar for

Solaris is available from

tar file names exceed the 40 character file name limit of native Solaris

http://www.sunfreeware.com and other web sites.

• Linux

— Red Hat Enterprise Linux AS 3.0 — Red Hat Enterprise Linux ES 3.0

For Linux installations, the Installer requires the

compat-libstdc++ library is available on your Red Hat distribution CD.

compat-libstdc++ library. The

• A fully qualified domain name is requir ed for each computer running Brightmail Scanner.

• Sendmail 8.12.11 or later or Sendmail Switch 3.1

• Sendmail Filtering

You must enable the Sendmail Milter API. For more information, see “Enable

Sendmail External Filtering,” on page 17.

You can use the Sendmail restricted shell ( refer to the Sendmail documentation and the Sendmail

• Root access using

su or sudo

smrsh) to run executables. For information,

README file.

• 82 MB of free disk space for the installed files

• 172 MB of free

You can set the environment variable directory if your

/tmp disk space for use during installation

IATEMPDIR to an alternate temporary storage

/tmp directory does not have enough space.

• Outbound Access by Brightmail Server to TCP port 443

Open port 443 on your firewall for HTTPS communication. For registration and ongoing operations, Symantec Brightmail AntiSpam communicates with the BLOC

16 Symantec Brightmail AntiSpam ™

Page 23

Installing Brightmail Scanner for Sendmail

over a secure connection. Consequently, TCP port 443 must be configured to allow outbound connections.

NOTE: Symantec Brightmail AntiSpam’s ability to identify spam accurately depends on

having access to messages in their original form. Software and hardware which modify message headers and/or the content or structure of message bodies may undermine Symantec Brightmail AntiSpam’s effectiveness.

Enable Sendmail External Filtering

Your Sendmail installation must have support enabled for the Mail Filter API (Milter). Milter is necessary to support external mail filters, such as the Brightmail Filter.

To verify if you have Milter support enabled, type the following command:

/usr/lib/sendmail -bt -d0 < /dev/null

The system displays text similar to the following:

Version 8.12.11 Compiled with: DNSMAP LOG MAP_REGEX MATCHGECOS MILTER MIME7TO8 MIME8TO7 NAMED_BIND NDBM NETINET NETINET6 NETUNIX NIS NISPLUS PIPELINING SCANF XDEBUG

If you see a reference to

MILTER, then your Sendmail installation has the required Milter

support and you can skip this section. Otherwise, follow the steps below to add the necessary lines to the build configuration file

in the Sendmail directory and build a new version of Sendmail. If you have problems building and configuring Sendmail, refer to the following configuration document:

http://www.milter.org/milter_api/installation.html. If you do not have the

Sendmail source, you can find it on the Sendmail Web site:

NOTE: For more information on setting up Sendmail see “Configuring Sendmail for the

http://www.sendmail.org.

Brightmail Filter,” on page 33.

To compile Sendmail 8.12 to use external mail filters: 1

2 Change to your base sendmail directory and open the build configuration file (located

devtools/Site/site.config.m4).

at You can create this file if it doesn’t exist.

3 Add the following line:

APPENDDEF(`conf_sendmail_ENVDEF', `-DMILTER')

4 Save your changes to the build configuration file.

Installation Guide 17

Page 24

Installing Brightmail Scanner for Sendmail

In the sendmail directory, type the following to build Sendmail 8.12 with the new settings:

# sh Build -c

6 To verify external filter support, type the following:

# /usr/lib/sendmail -bt -d0 < /dev/null

The system displays text similar to the following. Be sure to check the text for references to

MILTER.

Version 8.12.11 Compiled with: DNSMAP LOG MAP_REGEX MATCHGECOS MILTER MIME7TO8 MIME8TO7 NAMED_BIND NDBM NETINET NETINET6 NETUNIX NIS NISPLUS PIPELINING SCANF XDEBUG

Create Required Accounts and Directories

Brightmail Scanner runs as user mailwall in the bmi group. Do not change these settings.

1 Before you install Brightmail Scanner, create the bmi group and the mailwall user in

bmi group. The following steps describe one way to do this. You can use different

the tools to perform this task.

For Solaris users:

$ su Password: your_root_password # groupadd bmi # useradd -c "dummy user for Brightmail" -d /opt/symantec/sbas/Scanner -m -g \

bmi mailwall

For Linux users:

$ su Password: your_root_password # groupadd -r bmi

useradd -c "dummy user for Brightmail" -d /opt/symantec

-g bmi mailwall

NOTE: The -r flag (Red Hat Enterprise Linux only) places the specified user or group

/sbas/Scanner

-m -r \

into a specific range of account IDs used for system accounts.

2 Next, create a mail alias for the mailwall account so that all mail sent to mailwall is

read by an administrator.

18 Symantec Brightmail AntiSpam ™

Page 25

Installing Brightmail Scanner for Sendmail

Table 2 describes the ways to invoke the Installer when installing Brightmail Scanner.

Table 2. Installer Invocation Methods

Method Command Description

Command Line install The Installer prompts are presented in the terminal window

in which you started the Installer.

Graphical User Interface (GUI)

install -i awt The Installer prompts are presented using X Windows. To

The prompts for the command line and GUI installation are the same. Only the command line installation is presented in this guide. During installation, you can return to the previous question (go back) or quit at any time.

The Installer creates the following default mail-handling characteristics:

• Symantec Brightmail AntiSpam filters email addressed to all domains

• All spam messages will have their Subject line modified, such that it begins with

[Spam]

• All viruses detected in messages will be cleaned and the cleaned messages will be

delivered to the inbox

NOTE: These settings, along with many others, can be adjusted using the Brightmail

Control Center. For more information about doing so please refer to the Symantec Brightmail AntiSpam Administration Guide.

Find and Run the Install Script

An install script has been prepared for Linux and Solaris installations of Brightmail Scanner. The install script ensures access to the correct libraries for Linux installations, and provides the appropriate Java runtime environment for the Installer.

use this GUI installation, X Windows must be installed and configured correctly on your system.

To locate the Install Script: 1 Make sure you have created the mailwall user and bmi group as described in “Create

Required Accounts and Directories,” on page 18.

The Installer won’t run if you haven’t done this.

2 Do one of the following to navigate to the install script based on whether you are

installing from a CD-ROM or a downloaded file:

If you are installing from a CD-ROM:

a. Insert the CD containing Symantec Brightmail AntiSpam software into the CD-

ROM drive.

The CD will mount automatically to

Installation Guide 19

/cdrom/bas_60x on Solaris systems.

Page 26

Installing Brightmail Scanner for Sendmail

b. If you are using Linux, mount the CD-ROM.

$ mount /dev/cdrom

This command can fail if you’ve modified

/etc/fstab on your system.

c. If you are using Linux, type:

$ cd /mnt/cdrom

d. Change to the appropriate directory for your CD-ROM.

$ cd operating_system

You will see the following top-level directories and files:

Table 3. Linux/Solaris Directories and Files for Brightmail Scanner Installation

File or Directory Contents

EULA File containing the End User License Agreement install Install script to prepare system and run the Installer scanner_install_platform.bin Installer binary for Solaris or Linux, invoked by the install script documentation.html List of available documentation

e. Locate the two files,

install and EULA.

If you are installing from a downloaded tar file:

a. Change to the directory that contains the Symantec Brightmail AntiSpam software. b. Untar the distribution file.

For Solaris: $ tar -zxvf BAS_60x_sparc_solaris.tgz

For Linux: $ tar -zxvf BAS_60x_x86_linux.tgz

c. Locate the two files,

For a directory listing see Table 3.

3 Open and read the file named EULA.

You should read this End User License Agreement before performing the installation.

4 If you are using a previous version, read the next section. If not, continue with

“Installing with the Command-Line Installer,” on page 23

20 Symantec Brightmail AntiSpam ™

install and EULA.

Page 27

Upgrading Software

You must upgrade all of your Brightmail Scanners before you upgrade your Brightmail Control Center. You can upgrade from either Version 6.0 or Version 6.0.1. Upgrading or migrating data from Version 5.5 or earlier versions is not supported. Use of the Settings > Migration page in the Brightmail Control Center is not supported.

Follow the instructions in “To upgrade from Version 6.0 or Version 6.0.1 to Version

6.0.2:” below.

However, if you want to do either of the following, follow the instructions in “Uninstalling

Version 6.0 or 6.0.1 and installing Version 6.0.2,” on page 22:

• Install the Version 6.0.2 Brightmail Scanner into a different folder than the folder

where your current Version 6.0.x Brightmail Scann er resides.

• Change the selection of components on this Brightmail Scanner (Brightmail Server,

Brightmail Client or both).

To upgrade from Version 6.0 or Version 6.0.1 to Version 6.0.2: 1

From the Brightmail Scanner computer, stop all Scanner processes using the following command, as root:

Installing Brightmail Scanner for Sendmail

# /etc/init.d/mailwall stop

2 Follow the instructions in, “Installing with the Command-Line Installer,” on page 23.

As you perform the installation, note the following: a. When asked to specify your Brightmail Control Center, your answer can differ

from the current (Version 6.0.x) configuration of this Brightmail Scanner.

b. When asked to choose your installation type, your choice (Complete, Brightmail

Server or Brightmail Client) must match the current (Version 6.0.x) configuration of this Brightmail Scanner.

c. Although you may be asked to register again, you do not need to register again.

3 From the Brightmail Scanner computer, start all Scanner processes using the

following command, as root:

# /etc/init.d/mailwall start

4 Before upgrading your Brightmail Control Center, upgrade each Brightmail Scanner

in your system.

5 Follow the instructions in “Installing Brightmail Control Center,” on page 57 to

upgrade your Brightmail Control Center.

6 After upgrading all Brightmail Scanners and the Brightmail Control Center, you can

make any configuration changes needed from the Brightmail Control Center.

Installation Guide 21

Page 28

Installing Brightmail Scanner for Sendmail

Uninstalling Version 6.0 or 6.0.1 and installing Version 6.0.2

If you uninstall and reinstall, you may need to register. First, decide which of the following four scenarios applies to you, then follow the appropriate instructions.

• The Brightmail Scanner you are installing does not include a Brightmail Server. You therefore do not need to register. See “To uninstall Version 6.0 or 6.0.1 and install

Version 6.0.2:”, and ignore step 4.

• You are currently on a free trial, and you plan to install in a different directory for production use. See “To uninstall Version 6.0 or 6.0.1 and install Version 6.0.2:”

• Your license is about to expire. See “To uninstall Version 6.0 or 6.0.1 and install

Version 6.0.2:”.

• Your license is not due to expire soon. See “To uninstall Version 6.0 or 6.0.1 and

install Version 6.0.2 using an existing license key:”.

To uninstall Version 6.0 or 6.0.1 and install Version 6.0.2: 1

From the Version 6.0.x Brightmail Control Center, remove the Version 6.0.x Brightmail Scanner.

2 From the Brightmail Scanner computer, stop the Scanner, using the following

command, as root:

# /etc/init.d/mailwall stop

3 Uninstall the Version 6.0.x Brightmail Scanner. 4 Install the Version 6.0.2 Brightmail Scanner. 5 If your Version 6.0.2 Brightmail Scanner includes a Brightmail Server, you must

NOTE: Because Symantec is now using (as of Version 6.0.1) a different licensing

technology for this product, to register you mus t contact your Symantec sales person or go to the following URL:

6 Before installing your Brightmail Control Center, upgrade each Brightmail Scanner in

http://www.symantecstore.com/renew.

your system.

7 Install the Version 6.0.2 Brightmail Control Center. 8 From the Version 6.0.2 Brightmail Control Center, add the Brightmail Scanners.

To uninstall Version 6.0 or 6.0.1 and install Version 6.0.2 using an existing license key: 1 Make a backup copy of the cert.pem file, which you can find in the etc directory

under your installation directory.

2 Uninstall Version 6.0.x. 3 In your new installation directory, create a new directory named: etc

22 Symantec Brightmail AntiSpam ™

Page 29

Installing Brightmail Scanner for Sendmail

Copy the backup cert.pem file into the etc directory you created.

5 Install Version 6.0.2 into your new installation directory. 6 Before installing your Brightmail Control Center, upgrade each Brightmail Scanner in

your system.

7 Install the Version 6.0.2 Brightmail Control Center. 8 From the Version 6.0.2 Brightmail Control Center, add the Brightmail Scanners.

When your license key expires you will need to register using a license (. purchase one, contact your Symantec sales person or go to the following URL:

www.symantecstore.com/renew. Then follow the instructions in “Registering to Receive

New AntiSpam Filters,” on page 30.

Installing with the Command-Line Installer

NOTE: When running on Red Hat Enterprise Linux, the Installer requires the presence of

compat-libstdc++ library . If this library is not on your machine, the Installer

the will stop and ask you to install the library before you install Brightmail Scanner. The

compat-libstdc++ library is available on your Red Hat distribution CD.

1 As root user, run the Installer:

$ su root -c './install' Password: your_root_password

2 If you have the binary for the Brightmail Control Center in the same directory as

Brightmail Scanner binary, you will be prompted to select an installation as shown in the following example. Otherwise, installation begins immediately.

Installers for both Brightmail Control Center and

Brightmail Scanner software are present and available to

be installed. Please select one of the following: 1 - Brightmail Scanner 2 - Brightmail Control Center q - Quit or Exit Which software would you like to install? 1

slf) file. T o

http://

3 Choose 1 from the menu if you see the above screen and press Enter to install

Brightmail Scanner.

Installation Guide 23

Page 30

Installing Brightmail Scanner for Sendmail

The install script runs, prepares your system as required, and then runs the Installer. The Installer displays introductory text.

Introduction

------------

This installer will guide you through the installation of Brightmail

Scanner, part of Symantec Brightmail AntiSpam.

Respond to each prompt to proceed to the next step in the installation. If you want to change something on a previous step, type 'back'. You may cancel this installation at any time by typing 'quit'. PRESS <ENTER> TO CONTINUE:

4 At the first prompt, read the License Agreement if you have not already done so and

indicate whether or not you accept it as provided. To accept the license agreement,

type

License Agreement

-----------------

Do you agree to the terms and conditions covered in the license agreement: /your_installer_path/EULA ?

1- Yes

->2- No

ENTER THE NUMBER FOR YOUR CHOICE, OR PRESS <ENTER> TO ACCEPT THE DEFAULT: : 1

24 Symantec Brightmail AntiSpam ™

Page 31

Installing Brightmail Scanner for Sendmail

At the next prompt, choose the installation directory—the path to Brightmail Scanner files. To accept the recommended path, press Enter.

Choose Install Folder

---------------------

Where would you like to install Brightmail Scanner?

Default Install Folder: /opt/symantec/sbas/Scanner

ENTER AN ABSOLUTE PATH, OR PRESS <ENTER> TO ACCEPT THE DEFAULT :

NOTE: If you are upgrading from Version 6.0 or Version 6.0.1, you will

not be asked for the installation directory location. The existing installation will be upgraded to 6.0.2.

NOTE: While acceptable, setting the location of the installation directory

to a remotely mounted partition is not r ecommended. If you do so, the Installer issues a warning and prompts you to set it to a local partition.

NOTE: If you choose to enter information at this prompt, be very care ful

not to insert any spaces as you type. Spaces are not stripped fr om input that you enter, and they can cause the installation to fail.

If you have already installed Brightmail software, but choose a different directory, the Installer will place the software in the newly specified directory, without modifying the original directory.

INSTALL FOLDER IS: /opt/symantec/sbas/Scanner IS THIS CORRECT? (Y/N): y

6 At the next prompt, confirm the location of the log folder. This is the directory where

notifications and errors are stored by default.

Choose Log Folder

-----------------

Choose a folder where logs will be saved.

Log Folder (DEFAULT: /var/log/brightmail):

NOTE: If you choose to enter information at this prompt, be very care ful

not to insert any spaces as you type. Spaces are not stripped fr om input that you enter, and they can cause the installation to fail.

Installation Guide 25

Page 32

Installing Brightmail Scanner for Sendmail

At the next prompt, provide the location for the Brightmail Control Center.

Specify Brightmail Control Center

---------------------------------

For security purposes, you must specify the computer which is running or will be running the Brightmail Control Center. Only servers

defined here will be allowed to configure this Scanner.

->1- This computer 2- Computer at IP Address

3- Any computer (security risk; check Installation Guide for

details)

ENTER THE NUMBER FOR YOUR CHOICE, OR PRESS <ENTER> TO ACCEPT THE

DEFAULT:

: 1

Choose Brightmail Scanner and a Brightmail Control Center. Choose

Address

Center for this Brightmail Scanner. Choose

This Computer if you are planning on a single-machine installation of a

Computer at IP

to allow the attachment of a different but specific computer as the Control

Any computer to allow the attachment of

any computer as the Control Center for this Brightmail Scanner.

NOTE: Depending on your network security architecture, choosing Any computer could

pose a security risk, because it allows this Brightmail Scanner to be controlled from any computer that has HTTPS access to this computer.

8 At the next prompt, specify the installation type:

Choose Installation Type

------------------------

Please choose the Install Set to be installed by this Installer.

->1- Complete Installation 2- Brightmail Server only 3- Brightmail Client only

ENTER THE NUMBER FOR THE INSTALL SET, OR PRESS <ENTER> TO ACCEPT THE

DEFAULT

: 1

Complete Installation – Installs all components of a Brightmail Scanner, including support for the Sendmail integration and the Brightmail Server. Sendmail needs to be on the same machine as the Brightmail Scanner installation.

Brightmail Server only – Installs all server components of a Brightmail Scanner. No Sendmail integration is installed. Sendmail does not need to be on the same machine as the Brightmail Scanner installation.

26 Symantec Brightmail AntiSpam ™

Page 33

Installing Brightmail Scanner for Sendmail

Brightmail Client only – Installs only the Brightmail Client integration for Sendmail with no Brightmail Server components. Sendmail needs to be on the same machine as the Brightmail Scanner installation. It is not necessary to register a Brightmail Scanner when performing a client-only installation.

NOTE: If you are upgrading from Version 6.0 or 6.0.1 to Version 6.0.2, choose the

same components currently configured on your Version 6.0.x Brightmail Scanner.

At the next prompt, a summary of the choices you’ve made is displayed.

Pre-Installation Summary

------------------------

Please review the following before continuing:

Product Name: Brightmail Scanner

Install Folder:

/opt/symantec/sbas/Scanner

Install Set Complete Installation

Log Folder: /var/log/brightmail

PRESS <ENTER> TO CONTINUE:

9 When performing a client-only installation, you will see this screen after accepting the

installation summary:

Server Address

--------------

You have chosen a client only install. Please enter the IP address of the machine on which a Brightmail Server is or will be available:

Server address (DEFAULT: 127.0.0.1): 10.10.208.27

Supply the IP address for the Brightmail Server to which you wish to connect this client. It is not necessary for the Brightmail Server to be already installed.

10 Press Enter to install the product based on these settings.

Installation Guide 27

Page 34

Installing Brightmail Scanner for Sendmail

Next, Installing... appears on the screen, and a progress bar is displayed.

Installing...

-------------

[================|================|================|==============] [----------------|--------

You are now ready to register Brightmail Scanner. This is necessary if your installation included the Brightmail Server . It is important to have available the path to your Symantec license file and any proxy information required if your company is using a firewall.

However, if you are upgrading Symantec Brightmail AntiSpam from Version 6.0 or

6.0.1 to Version 6.0.2, continue using your previous license by answering

Registration screen. When your license expires, see “Registering to Receive New

No on the

AntiSpam Filters,” on page 30 for instructions on obtaining and implementing a new

license.

11 When you see the following screen, press ENTER to begin registration. If you choose

not to register Brightmail Scanner, or if registration fails, see “Registering to Receive

New AntiSpam Filters,” on page 30 for additional information.

Registration

------------

Please register your Brightmail installation now.

If you choose not to, you will not be able to receive Symantec Brightmail AntiSpam filters until registration is complete.

Do you want to register now?

->1- Yes 2- No

ENTER THE NUMBER FOR YOUR CHOICE, OR PRESS <ENTER> TO ACCEPT THE

DEFAULT:

In the registration process, you are first asked to provide the path to your license file, which Symantec uses to identify you as a valid customer and through which filter delivery is tracked.

28 Symantec Brightmail AntiSpam ™

Page 35

Installing Brightmail Scanner for Sendmail

For new customers, your license file is an .slf file you acquired via Symantec’s Enterprise Licensing System (ELS) when you purchased Symantec Brightmail AntiSpam. If you choose not to register, you can do so later.

Input License File Path

----------------------Please Enter your License File Path.

License File Path: (DEFAULT: none):

12 Type the path to your license file carefully and press Enter. For example:

/home/user/license.slf

Then, you are asked to provide any proxy information that is required to allow your registration information to be transmitted to the BLOC.

Proxy Use

---------

Will you use an HTTPS proxy?

1- Yes

->2- No

ENTER THE NUMBER FOR YOUR CHOICE, OR PRESS <ENTER> TO ACCEPT THE

DEFAULT:

13 Type 1 if you are using a proxy server (you will then be asked for more proxy

information), otherwise press Enter. You have now completed the installation and registration process. A confirmation

screen will be presented to give you complete status on your installation.

Install Complete

Brightmail Scanner has been successfully installed and a default configuration file has been installed.

Before this Brightmail Scanner can filter email, you must install the Brightmail Control Center and add this Brightmail Scanner.

Scanner.

PRESS <ENTER> TO EXIT THE INSTALLER:

In addition to the listed installation confirmation items, the Installer also:

Installation Guide 29

Page 36

Installing Brightmail Scanner for Sendmail

• Sets the permissions for the installation directory to give access to user mailwall

• Creates the Runner configuration file, runner.cfg

• Adds a line for the AntiVirus Cleaner to the crontab of user mailwall

• Installs the Brightmail Scanner script, which lets you start, stop, or restart the

Brightmail Scanner. This script is located in

Starting a Brightmail Scanner

The Brightmail Scanner cannot filter email messages until it is added to the Brightmail Control Center. Before adding the Brightmail Scanner to the Brightmail Control Center, you must start the Brightmail Scanner using the following command, as root, to allow the Brightmail Control Center to find and attach the Brightmail Scanner:

# /etc/init.d/mailwall start

After adding the Brightmail Scanner to the Brightmail Control Center, as described in

“Adding a Brightmail Scanner,” on page 77

Control Center to start and stop the Brightmail Scanner and its components.

/etc/init.d.

, you can use the Status page on the Brightmail

Registering to Receive New AntiSpam Filters

During Brightmail Scanner installation, you are given the chance to register Brightmail Scanner when the installation includes the Brightmail Server. While unregistered, the Brightmail Scanner cannot receive new AntiSpam Filters. When you run the Brightmail Control Center and attempt to start an unregistered Brightmail Scanner, Brightmail Scanner remains disabled.

If your license key is expired, you will need to obtain an sales person or from successful installation. After obtaining your license file, follow these steps to register:

To register after installation: 1

As root user, from the /opt/symantec/sbas/Scanner/sbin directory, run the registration script:

$ su root # cd /opt/symantec/sbas/Scanner/sbin # register.sh

2 The script asks for your license file:

# Please enter the path to a valid license file:

http://www.symantecstore.com/renew and register after

.slf file from your Symantec

3 Enter the absolute path to the location of your .slf file.

30 Symantec Brightmail AntiSpam ™

Page 37

What to Do Next

After successfully installing Brightmail Scanner, only a few additional steps remain to get Symantec Brightmail AntiSpam fully operational. Here is a recommended procedure to finish and test Symantec Brightmail AntiSpam setup for your installation.

1 Configure Sendmail to accommodate the Brightmail Filter as described in

“Configuring Sendmail for the Brightmail Filter,” on page 33

2 If you have not done so already, manually start the Brightmail Scanner using the

following command, as root:

# /etc/init.d/mailwall start

The Brightmail Scanner cannot filter email messages until it is added to the Brightmail Control Center. Manually starting it this one time allows the Brightmail Control Center to find and attach this Brightmail Scanner.

3 Install the Brightmail Control Center as described in “Installing Brightmail Control

Center,” on page 57.

Installing Brightmail Scanner for Sendmail

4 Add the Brightmail Scanner you installed and started as described in “Adding a

Brightmail Scanner,” on page 77.

5 Test filtering of spam as described in “Testing Symantec Brightmail AntiSpam

Filtering,” on page 78.

Uninstalling Brightmail Scanner for Sendmail

To uninstall this version of Brightmail Scanner for Sendmail, use the provided uninstall script. This script will remove files and directories that were initially installed with the install script. However, files that were modified since installation won’t be removed, such as antispam filters.

Uninstalling with the Command-Line Installer

To remove Brightmail Scanner software: 1

Run the Uninstaller as the root user:

$ su root -c '/opt/symantec/sbas/Scanner/UninstallerData/Uninstall' Password: your_root_password

Installation Guide 31

Page 38

Installing Brightmail Scanner for Sendmail

The Uninstaller prints out status messages similar to the following as it removes the Brightmail software:

Preparing CONSOLE Mode Installation...

=========================================================================== Symantec Brightmail AntiSpam (created with InstallAnywhere by Zero G)

---------------------------------------------------------------------------

=========================================================================== About to uninstall...

---------------------

This will remove features installed by InstallAnywhere. It will not remove files and folders created after the installation.

PRESS <ENTER> TO CONTINUE:

=========================================================================== Uninstalling...

---------------

...* * ************************* ************************* ************************* *************************

=========================================================================== Uninstall Complete

------------------

All items were successfully uninstalled.

The Brightmail Scanner is now uninstalled.

32 Symantec Brightmail AntiSpam ™

Page 39

Configuring Sendmail for the Brightmail Filter

The Brightmail Client communicates with the Sendmail MTA using the standard Sendmail Mail Filter API. To implement this integration, the Brightmail Client uses the Brightmail Filter ( over a socket connection. The Brightmail Filter program also controls client-side actions such as removing mail and tagging spam. This section tells you how to enable filtering and the Brightmail Filter in Sendmail. This section includes the following topics:

• Understanding the Filter Address and Optional Settings

• Configuring Sendmail Switch to Work with Brightmail Scanner

• Configuring Sendmail for Brightmail Scanner with sendmail.cf

• Configuring Sendmail for Brightmail Scanner with M4

Based on the version of Sendmail you are using, do the following:

• If you are using Sendmail Switch, use the Sendmail Administration Console to define the filter. See “Configuring Sendmail Switch to Work with Brightmail Scanner,” on

page 35.

• If you are using Sendmail 8.12.11 or later, either manually edit the or if using an m4 file, edit that file. See “Configuring Sendmail for Brig htmail

Scanner with sendmail.cf,” on page 40 or “Configuring Sendmail for Brightmail Scanner with M4,” on page 41.

bmifilter), an intermediary program, which connects to Sendmail

sendmail.cf file,

NOTE: During installation, the Brightmail Filter is configured to use port 41001, with a

default setting of correspond to the port number for the this section.

Understanding the Filter Address and Optional Settings

In Sendmail 8.12.11, and later, the X setting has the following format:

Xbmifilter,S=inet:port_number@machine.your_domain.com

Installation Guide 33

inet:41001. This Brightmail Filter port number must

Xbmifilter setting in Sendmail specified in

Page 40

Configuring Sendmail for the Brightmail Filter

Where:

port_number is the valid networking port number that you configured for the

bmifilter program. machine is the IP address or DNS name of the machine that is running bmifilter.

You can also specify the behavior when Sendmail cannot connect to the Brightmail Filter. You can configure Sendmail to:

• Temporarily reject the message with an behavior, add the

F=T flag to the X setting.

• Permanently reject the message with an behavior, add the

F=R flag to the X setting.

SMTP 4xx instruction. To specify this

SMTP 5xx instruction. To specify this

• Accept the message and send it through (as if the Brightmail Filter was not present). You specify this behavior by omitting the

• Specify a timeout period. To do this, add the

The following example omits the

F= flags so that Sendmail accepts messages if it cannot

F= option.

T=C flag to the X setting.

connect to the Brightmail Filter:

Xbmifilter, S=inet:41001@machine.your_domain.com

Where:

machine is the host to which Sendmail will connect. If you do not specify a machine

name, Sendmail will try to connect on the same machine.

NOTE: In Sendmail Switch, you specify the filter name, filter address and optional

settings differently.You type

bmifilter in the Filter Name field, and the filter

address and optional settings in the Equates field of the INPUT_MAIL_FILTERS() option. See “Configuring Sendmail Switch to Work

with Brightmail Scanner,” on page 35 for more information.

The following example shows the use of the

This example may not be optimal for your environment.

Xbmifilter, S=inet:41001@machine.your_domain.com, F=T, T=C:10m;S:1m;R:1m;E:10m

Where:

C is the connect timeout, S is the send timeout, R is the receive timeout, E is the total

timeout, and

To specify both

m represents minutes.

F= and T= flags, separate them with a comma followed by a space as

shown. For more information on the syntax for this setting, see:

www.milter.org/milter_api/installation.html.

34 Symantec Brightmail AntiSpam ™

T= flag to specify a timeout period:

http://

Page 41

Configuring Sendmail for the Brightmail Filter

Configuring Sendmail Switch to Work with Brightmail Scanner

NOTE: Before completing this pr ocedur e, make sur e you have followed the instructions in

“Enable Sendmail External Filtering,” on page 17

To enable Sendmail Switch to work with a Brightmail Scanner: 1 Using the appropriate URL for your environment, open the Sendmail Administrator

Console in a Web browser.

2 Log in to the Sendmail Administrator Console.

3 Click Edit Existing Configuration. 4 If necessary, select the host or cluster to configure, and then click select.

Installation Guide 35

Page 42

Configuring Sendmail for the Brightmail Filter

Highlight an existing configuration or type a configuration in the text field, and then

click load.

36 Symantec Brightmail AntiSpam ™

Page 43

Configuring Sendmail for the Brightmail Filter

In the menu on the left side, click Expert Configuration.

Installation Guide 37

Page 44

Configuring Sendmail for the Brightmail Filter

In the scrolling list, select INPUT_MAIL_ FILTERS(), and then click

view/edit.

38 Symantec Brightmail AntiSpam ™

Page 45

Click add.

Configuring Sendmail for the Brightmail Filter

9 In the Filter Name field, type bmifilter. 10 In the Equates field, specify the filter address and any optional settings. The

following example is appropriate in most cases:

S=inet:port@machine.xyz.com, T=C:10m;S:1m;R:1m;E:10m

See “Understanding the Filter Address and Optional Settings,” on page 33 information about the optional

NOTE: The filter name and the filter executable name must be the same to

F= failure setting and the T= timeout setting.

for

monitor it from the Service Control page.

11 Click apply to apply the filter. 12 Save your changes and deploy the configuration file.

Installation Guide 39

Page 46

Configuring Sendmail for the Brightmail Filter

Configuring Sendmail for Brightmail Scanner with sendmail.cf

There are two ways to configure Sendmail to work with Symantec Brightmail AntiSpam. You can either edit the

sendmail.cf file. This section covers what you need to know to use sendmail.cf to

configure Sendmail. To use

with M4,” on page 41.

NOTE: Before completing this procedure, make sure you have followed the instructions in

“Enable Sendmail External Filtering,” on page 17

1 Log in as root. 2 Open the Sendmail configuration file, sendmail.cf, for editing. The sendmail.cf

file is usually located in

In the OPTIONS section, add the Brightmail Filter as follows:

OPTIONS

O InputMailFilters=bmifilter

sendmail.cf file, or you can use m4 to generate a new

m4, refer to “Configuring Sendmail for Brightmail Scanner

/var/mail/sendmail.cf or /etc/mail/sendmail.cf.

4 In the MAIL FILTER DEFINITIONS section, enter the following line to complete the

socket for the Brightmail Filter configuration:

Xbmifilter, S=inet:port@machine.your_domain.com

Refer to “Understanding the Filter Address and Optional Settings,” on page 33

for

information on address values.

5 Save the file. 6 Stop Sendmail:

# /etc/init.d/sendmail stop

7 Verify that Sendmail is no longer running:

# ps -ef | grep sendmail

If any processes are shown other than

grep, send a SIGTERM to each process to

terminate it:

# kill process_id

8 Restart Sendmail:

# /etc/init.d/sendmail start

40 Symantec Brightmail AntiSpam ™

Page 47

Configuring Sendmail for the Brightmail Filter

Verify that Sendmail has restarted:

# ps -ef | grep sendmail

Configuring Sendmail for Brightmail Scanner with M4

There are two ways to configure Sendmail to work with Symantec Brightmail AntiSpam. You can either edit the sendmail.cf file, or you can use m4 to generate a new sendmail.cf file. This section covers what you need to know to use m4 to configure Sendmail. To use the sendmail.cf file, refer to “Configuring Sendmail for Brightmail Scanner with

sendmail.cf,” on page 40.

NOTE: Before completing this pr ocedur e, make sur e you have followed the instructions in

“Enable Sendmail External Filtering,” on page 17

If you are using an include the following command, and regenerate your command must come after any

Also, see “Understanding the Filter Address and Optional Settings,” on page 33

m4 file, instead of editing sendmail.cf, you should edit your m4 file to

sendmail.cf file as usual. This

MAILER line(s).

for

timeout settings.

INPUT_MAIL_FILTER(‘bmifilter', ‘S=inet:41001@machine.xyz.com, T=C:10m;S:5m;R:5m;E:10m’)

Where:

41001 is any valid networking port number that you configured for the bmifilter

program.

machine.xyz.com is the IP address or DNS name of the machine that is running

bmifilter.

Installation Guide 41

Page 48

Configuring Sendmail for the Brightmail Filter

42 Symantec Brightmail AntiSpam ™

Page 49

Installing Brightmail Scanner for Windows

The following topics are covered in this section:

• Hardware Requirements

• Software Environment

• Upgrading Software

• Installing Brightmail Scanner for Windows

• Modifying, Repairing, and Removing Brightmail Scanner

Hardware Requirements

The number of Brightmail Scanner computers you should deploy depends on your message volume. The minimum suggested configuration requirements for each Brightmail Scanner computer include:

• Intel Pentium or compatible III or IV processor

• 512 MB RAM minimum (1 GB or more recommended)

• 250 MB disk space minimum (1 GB or more recommended)

For more information on hardware requirements, see the Symantec Brightmail AntiSpam Deployment Planning Guide.

Software Environment

The Brightmail Scanner requires the following:

• The Brightmail Scanner runs on Windows 2000 Server (SP2), Windows 2000

Advanced Server (SP2), Windows Server 2003, Standard Edition, or Windows Server 2003, Enterprise Edition.

The Brightmail Server is not an SMTP MTA and does not r elay mail. Make sure your mail server is operational and relaying mail with the Windows

Caution

Symantec Brightmail AntiSpam Deployment Planning Guide.

Installation Guide 43

SMTP Service, Exchange 2000, or Exchange 2003 before you install Symantec software. If you are using Exchange 5.5 as your MTA, see the

Page 50

• The Brightmail Client requires Microsoft Internet Information Services (IIS) and the Windows SMTP service.

• Open port 443 on your firewall for HTTPS communication. For registration and ongoing operations, Symantec Brightmail AntiSpam communicates with the BLOC over a secure connection. Consequently, TCP port 443 must be configured to allow outbound connections.

• Administrator privileges on the local computer.

NOTE: Symantec Brightmail AntiSpam’s ability to identify spam accurately depends

on having access to messages in their original form. Software and hardware which modify message headers and/or the content or structure of message bodies may undermine Symantec Brightmail AntiSpam’s effectiveness.

Upgrading Software

You must upgrade all of your Brightmail Scanners before you upgrade your Brightmail Control Center . You can upgrade from either Version 6.0.0 or Version 6.0.1. Upgrading or migrating data from Version 5.5 or earlier versions is not supported. Use of the Settings > Migration page in the Brightmail Control Center is not supported.

Installing Brightmail Scanne r for W i ndows

Follow the instructions in “To upgrade from Version 6.0.0 or 6.0.1 to Version 6.0.2:” below.

However, if you want to do either of the following, follow the instructions in “Uninstalling

Version 6.0.0 or 6.0.1 and installing Version 6.0.2,” on page 45:

• Install the Version 6.0.2 Brightmail Scanner into a different folder than the folder where your current Version 6.0.x Brightmail Scanner resides.

• Change the selection of components on this Brightmail Scanner (Brightmail Server, Brightmail Client or both).

To upgrade from Version 6.0.0 or 6.0.1 to Version 6.0.2: 1

Follow the instructions in, “Installing Brightmail Scanner for Windows,” on page 46. As you perform the installation, note the following:

a. When asked to specify your Brightmail Control Center, your answer can differ

from the current (Version 6.0.x) configuration of this Brightmail Scanner.

b. When asked to choose your installation type, your choice (Complete, Brightmail

Server or Brightmail Client) must match the current (Version 6.0.x) configuration of this Brightmail Scanner.

c. You do not need to re-register. However , if your license is expired, you will need to

obtain an

http://www.symantecstore.com/renew and register after successful installa-

tion. See “To register after installation:,” on page 46

.slf file from your Symantec sales person or from

2 Before upgrading your Brightmail Control Center, upgrade each Brightmail Scanner

in your system.

44 Symantec Brightmail AntiSpam ™

Page 51

Installing Brightmail Scanne r for W i ndows

Follow the instructions in “Installing Brightmail Control Center,” on page 57 to upgrade your Brightmail Control Center.

4 After upgrading all Brightmail Scanners and the Brightmail Control Center, you can

make any configuration changes needed from the Brightmail Control Center.

Uninstalling Version 6.0.0 or 6.0.1 and installing Version 6.0.2

If you uninstall and reinstall, you may need to register. First, decide which of the following four scenarios applies to you, then follow the appropriate instructions.

• The Brightmail Scanner you are installing does not include a Brightmail Server. You

therefore do not need to register. See “To uninstall Version 6.0.0 or 6.0.1 and install

Version 6.0.2:”, and ignore step 4.

• You are currently on a free trial, and you plan to install in a different directory for

production use. See “To uninstall Version 6.0.0 or 6.0.1 and install Version 6.0.2:”

• Your license is about to expire. See “To uninstall Version 6.0.0 or 6.0.1 and install

Version 6.0.2:”.

• Your license is not due to expire soon. See “To uninstall Version 6.0.0 or 6.0.1 and

install Version 6.0.2 using an existing license:,” on page 45.

To uninstall Version 6.0.0 or 6.0.1 and install Version 6.0.2: 1

From the Version 6.0.x Brightmail Control Center, remove the Version 6.0.x Brightmail Scanner.

2 Uninstall the Version 6.0.x Brightmail Scanner. 3 Install the Version 6.0.2 Brightmail Scanner. 4 If your Version 6.0.2 Brightmail Scanner includes a Brightmail Server, you must

NOTE: Because Symantec is now using a different licensing technology for this

product, to register you must contact your Symantec sales person or go to the following URL:

5 Before installing your Brightmail Control Center, upgrade each Brightmail Scanner in

http://www.symantecstore.com/renew.

your system.

6 Install the Version 6.0.2 Brightmail Control Center. 7 From the Version 6.0.2 Brightmail Control Center, add the Brightmail Scanners.

To uninstall Version 6.0.0 or 6. 0. 1 and install Version 6.0.2 using an existing license: 1

Make a backup copy of the cert.pem file, which you can find in the etc directory under your installation directory.

2 Uninstall Version 6.0.x. 3 In your new installation directory, create a new directory named: etc 4

Copy the backup cert.pem file into the etc directory you created.

Installation Guide 45

Page 52

Installing Brightmail Scanne r for W i ndows

Install Version 6.0.2 into your new installation directory.

6 Before installing your Brightmail Control Center, upgrade each Brightmail Scanner in

your system.

7 Install the Version 6.0.2 Brightmail Control Center. 8 From the Version 6.0.2 Brightmail Control Center, add the Brightmail Scanners.

When your license key expires you will need to register using a license (. purchase one, contact your Symantec sales person or go to the following URL:

www.symantecstore.com/renew

To register after installation: 1 Find and run the Registration Wizard. By default this file, regwizard.exe, is located

C:\Program Files\Symantec\SBAS\Scanner\bin.

in Follow the instructions on page 52.

Installing Brightmail Scanner for Windows

To install Brightmail Scanner: 1

Close all open applications before installing Symantec software. In particular, be sure to close the Services dialog box from the Administration Tools

program group if it is open. If you don’t, the installation may fail.

2 Do one of the following to navigate to the Setup.exe file:

If you are installing from a CD-ROM:

Insert the Symantec software distribution CD-ROM in your computer’s CD-ROM drive.

If the Installer does not run automatically, open the Windows folder on the CD using Windows Explorer and double-click the Setup.exe icon.

If you are installing from a downloaded zip file:

a. Unzip the zip file. b. Double-click the Setup.exe icon.

slf) file. T o

http://

46 Symantec Brightmail AntiSpam ™

Page 53

Click Brightmail Scanner.

Installing Brightmail Scanne r for W i ndows

4 Click Next.

The License screen is displayed.

Installation Guide 47

Page 54

Installing Brightmail Scanne r for W i ndows

After reading the license agreement, click I accept the terms of this license

agreement, and then click Next.

6 Choose a setup type, and then click Next.

The Complete option installs all software in a predefined set of folders and files. If you are using this option, skip to Step 9. The Custom option allows you to tailor installation options.

NOTE: If you are upgrading from Version 6.0.0 or 6.0.1 to Version 6.0.2, the Installer

will choose the Version 6.0.x installation folder for you and display it at the bottom of the next screen. If you choose Custom, you will be able to change the installation folder. Unless you have uninstalled the prior version, do not change the installation folder. See “Upgrading Software,” on page 44

48 Symantec Brightmail AntiSpam ™

Page 55

Installing Brightmail Scanne r for W i ndows

If you see the following error, either you don’ t have the Windows SMTP Service installed on this computer or you attempted to install the product on a non-Server version of Windows, such as Windows 2000 Professional. The Windows SMTP Service is part of Exchange 2000 and 2003.

The Brightmail Client requires the Windows SMTP Service to block spam.

7 You can also, in the Custom Setup dialog box, click the appropriate icon to expand

the list of customization options for a component

Click Space to test your available disk space against the space requirements for the selected application; click Change to specify a different drive or folder for installation.

8 Make any changes you want, and then click Next.

Installation Guide 49

Page 56

Installing Brightmail Scanne r for W i ndows

If you are installing the Brightmail Client, select an SMTP virtual server from the drop-down list, and then click Next. (The dialog box above will not appear if you are only installing the Brightmail Server.)

10 If you are installing only a Brightmail Client, you will be asked to specify a

Brightmail Server. Supply the IP address for the Brightmail Server to which you wish to connect this

client. It is not necessary for the Brightmail Server to be already installed.

50 Symantec Brightmail AntiSpam ™

Page 57

Installing Brightmail Scanne r for W i ndows

When asked for the location of your Brightmail Control Center: — Choose This computer if you are planning on a single machine installation of a

Brightmail Scanner and a Brightmail Control Center

— Choose Any computer to allow the attachment of any computer as the Control

Center for this Brightmail Scanner.

NOTE: Depending on your network security architecture, choosing Any computer

could pose a security risk, because it allows this Brightmail Scanner to be controlled from any computer that has HTTPS access to this computer.

— Choose Specify computer by IP to allow the attachment of a different but

specific computer as the Control Center for this Brightmail Scanner.

The Installer is now ready to install the Brightmail Scanner .

12 You can click Back to change or review your settings. When you are ready, click

Install to proceed with the installation.

Installation Guide 51

Page 58

Installing Brightmail Scanne r for W i ndows

The Symantec software installs.

For an installation that includes a Brightmail Server, you must register to allow Symantec Brightmail AntiSpam to receive filter updates from Symantec.

NOTE: If you are upgrading from Version 6.0.0 or 6.0.1 to Version 6.0.2, there is no need

to re-register. You will not be asked to register; the InstallShield Wizard Completed screen will appear. However, if your license key is expired, you will need to obtain an

www.symantecstore.com/renew and register after successful installation.

To register Brightmail Scanner: 1

Click Next.

.slf file from your Symantec sales person or from http://

2 T ype or browse to (using the button at the right) the path to your Symantec license file

.slf), and then click Next.

(

52 Symantec Brightmail AntiSpam ™

Page 59

Installing Brightmail Scanne r for W i ndows

If your site requires a proxy server for HTTPS access, click Proxy Settings to specify the proxy server.

4 Click Finish to exit the Registration Wizard. 5 To complete installation, click Finish. 6 Click Exit in the main installation menu, or click the appropriate button to install the

spam folder agent of your choice. See “Configuring the Spam Folder Agent,” on page 93

Spam Folder Agent for Domino,” on page 95.

Verifying Brightmail Scanner Installation

1 Click Start, point to Settings, click Control Panel, and then double-click Add/

Remove Programs. The entry Brightmail Scanner should be displayed in the list.

2 From the Control Panel, double-click Administrative Tools, then double-click

Services.

If only the Brightmail Client is installed, only Brightmail Agent is added to the list of services. If you installed the Brightmail Server, you will also see Brightmail Server, Brightmail Conduit, Brightmail SMTP Harvester, and Brightmail Virus Cleaner.

NOTE: The Brightmail Client is not a process in Windows. It runs as part of the

Windows SMTP service.

or “Configuring the Symantec

Installation Guide 53

Page 60

Installing Brightmail Scanne r for W i ndows

Modifying, Repairing, and Removing Brightmail Scanner

It may be necessary to modify, repair, or remove Brightmail Scanner.

To modify Brightmail Scanner:

Click Start, point to Settings, click Control Panel, and then double-click Add/

Remove Programs.

2 Select Brightmail Scanner and then click Change. 3 Click Next to skip the introductory dialog box.

4 Click Modify, and then click Next.

5 Click the appropriate icon to expand the list of customization options for a co mponent

Modify components if required, and then click Next.

54 Symantec Brightmail AntiSpam ™

Page 61

Installing Brightmail Scanne r for W i ndows

Indicate where your Brightmail Control Center is and click Next.

7 Click Install. 8 Click Finish.

To repair Brightmail Scanner:

Click Start, point to Settings, click Control Panel, and then double-click Add or Remove Programs.

2 Select Brightmail Scanner and then click Change. 3 Click Next to skip the introductory dialog box.

Installation Guide 55

Page 62

Installing Brightmail Scanne r for W i ndows

Click Repair, and then click Next.

5 Click Install to reinstall Symantec Brightmail AntiSpam. 6 Click Finish.

To remove Brightmail Scanner from your computer:

1 Click Start, point to Programs, click Symantec Brightmail Anti-Spam, and then

click Uninstall Brightmail Scanner.

2 Click Yes to confirm uninstallation.

56 Symantec Brightmail AntiSpam ™

Page 63

Installing Brightmail Control Center

The Brightmail Control Center is a We b-based cross-platform configuration and administration center built in Java. Each Symantec Brightmail AntiSpam installation has one Brightmail Control Center, which also houses Brightmail Quarantine and supporting software. You can configure and monitor all of your Brightmail Scanners from the Control Center. This section describes the environment needed to install a Brightmail Control Center, and gives a step-by-step guide for installation.

The following major sections are included:

• Hardware Requirements

• Software Environment Requirements

• Upgrading Software

• Installing Brightmail Control Center on UNIX

• Installing Brightmail Control Center on Windows

• Automatic Startup Configured by Brightmail Control Center Installer

• Uninstalling Brightmail Control Center on UNIX

• Uninstalling Brightmail Control Center on Windows

NOTE: If you are upgrading from Version 6.0.0 or 6.0.1, refer to “Upgrading Software,”

on page 60.

Hardware Requirements

The Brightmail Control Center requires the following minimum hardware setup:

• Solaris

— UltraSPARC processor — 512 MB RAM minimum (1 GB or more recommended) — 250 MB disk space minimum (1 GB or more recommended)

• Linux or Windows

— Intel Pentium or compatible III or IV processor — 512 MB RAM minimum (1 GB or more recommended) — 250 MB disk space minimum (1 GB or more recommended)

Installation Guide 57

Page 64

Installing Brightmail Control Center

For more information on hardware requirements, see the Symantec Brightmail AntiSpam Deployment Planning Guide.

Software Environment Requirements

Listed below are the requirements for installing a Brightmail Control Center.

• Root access using

su or sudo (on UNIX only)

• GNU tar (on Solaris only) Because the tar file names exceed the 40 character file name limit of native Solaris tar, GNU tar is required to install Symantec Brightmail AntiSpam. GNU tar for Solaris is available from

http://www.sunfreeware.com and

other web sites.

• MySQL User and Group definitions (UNIX only)

If you are using the MySQL database packaged with the Brightmail Control Center, create a UNIX user called mysql in a group called mysql before installing the Brightmail Control Center on Linux or Solaris. If you don't, the Installer won't be able to start the MySQL daemon. No special permissions are required for the mysql user or group.

To create this user and group on Solaris:

$ su Password: your_root_password # groupadd mysql # useradd -c "MySQL user" -g mysql mysql

To create this user and group on Linux:

$ su Password: your_root_password # groupadd -r mysql # useradd -c "MySQL user" -r -g mysql mysql

• 82 MB of free disk space for the installed files

• 230 MB of free

/tmp disk space for use during installation (UNIX only)

You can set the environment variable directory if your

$ IATEMPDIR=directory_name

/tmp directory does not have enough space.

• Only one installation of Control Center per customer.

Operating System Compatibility

The Control Center runs on the following operating systems:

58 Symantec Brightmail AntiSpam ™

IATEMPDIR to an alternate temporary storage

Page 65

Installing Brightmail Control Center

• Microsoft Windows 2000 Server (SP2), Windows 2000 Advanced Server, or

Windows Server 2003

• Red Hat Enterprise Linux AS 3.0

Red Hat Enterprise Linux ES 3.0 For Linux installations, the Installer requires the

compat-libstdc++ library is available on your Red Hat distribution CD.

• Sun Solaris 8 or 9

For Solaris 8, patch 112438 is required.

LDAP Compatibility for Brightmail Quarantine

Unless configured for administrator-only access, Brightmail Quarantine requires an LDAP server to authenticate users as they log in to access their quarantined messages and to allow Quarantine to expand user mail aliases. The following LDAP servers are compatible with Brightmail Quarantine:

• Active Directory (all versions)

• Netscape/iPlanet Directory Server 4.2 and 5.1

• Sun ONE Directory Server 5.2

• Exchange 5.5

You should be familiar with the particular LDAP schema used at your company.

Web Browser Compatibility

The Brightmail Control Center can be accessed using the following browsers:

• Internet Explorer 6.0 and greater

• Netscape 7.1 and greater

compat-libstdc++ library. The

NOTE: If your computer already has Netscape 7.1 and you plan to use Netscape 7.1, you

must download and install a new copy of Netscape 7.1. Symantec Brightmail AntiSpam reports will export correctly only with the latest available copies of Netscape 7.1.

Installation Guide 59

Page 66

Installing Brightmail Control Center

Checking for Port Availability Via TCP/IP

Table 4 lists the ports used by the Brightmail Control Center. Other computers on your

network should be able to access these ports, such as the computer where Brightmail Scanner is installed.

Table 4. Ports Used by the Brightmail Control Center

Port Number Purpose

41025 Brightmail Scanner sends spam email to this port using the SMTP email protocol. 41080 User and administrator Web browsers connect to Symantec software on this port by default.

During installation, you can configure the system to use a different port. If you configure the Brightmail Control Center to use a different Web application server than T omcat, the Web access port will most likely be different. For example, the port used by WebLogic is 7001.

41443 When the Installer installs Tomcat as a part of the Brightmail Control Center installation,

Tomcat is configured with a self-signed SSL certificate on a secondary port, using https:/ /localhost:41443/brightmail.

Upgrading Software

You must upgrade all of your Brightmail Scanners before you upgrade your Brightmail Control Center. You can upgrade from Version 6.0.0 or Version 6.0.1. Upgrading or migrating data from Version 5.5 or earlier versions is not supported. Use of the Settings > Migration page in the Brightmail Control Center is not supported.

Follow the instructions for a new installation, and note the following:

• For a UNIX installation, before starting the installation, stop Tomcat. You can use the following command, as root, to stop Tomcat:

# `/etc/init.d/tomcat4 stop`

• Some of the screens depicted for a new installation will not appear.

• It is crucial that you upgrade all of your Brightmail Scanners before you upgrade your

Brightmail Control Center. Before proceeding, review the information in either

“Upgrading Software,” on page 44

for Windows Brightmail Scanners, or “Upgrading

Software,” on page 21 for UNIX Brightmail Scanners.

Installing Brightmail Control Center on UNIX

This section describes how to install the Brightmail Control Center on Linux and Solaris.

60 Symantec Brightmail AntiSpam ™

Page 67

Installing Brightmail Control Center

Accessing the UNIX Install Script

An install script has been prepared for Linux and Solaris installations of the Brightmail Control Center. The install script provides the appropriate Java runtime environment for the Installer.

To locate the Install script:

1 Do one of the following to navigate to the install script based on whether you are

installing from a CD-ROM or a downloaded file:

If you are installing from a CD-ROM:

a. Insert the CD containing Symantec Brightmail AntiSpam software into the CD-

ROM drive. The CD will mount automatically to tems.

b. If you are using Linux, mount the CD-ROM.

$ mount /dev/cdrom

/cdrom/bas_60x on Solaris sys-

This command can fail if you’ve modified

/etc/fstab on your system.

c. If you are using Linux, type:

$ cd /mnt/cdrom

d. Change to the appropriate directory for your CD-ROM.

$ cd operating_system

You will see the following top-level directories and files:

Table 5. Linux/Solaris Directories and Files for Brightmail Control Center Installation

File or Directory Contents

EULA File containing the End User License Agreement install Install script to prepare system and run the Installer bcc_install_platform.bin Installer binary for Solaris or Linux, invoked by the install script documentation List of available documentation

e. Locate the two files, install and EULA.

If you are installing from a downloaded tar file:

a. Change to the directory that contains the Symantec Brightmail AntiSpam software. b. Uncompress and untar the distribution file.

For Solaris: $ tar -zxvf BAS_60x_sparc_solaris.tgz

Installation Guide 61

Page 68

Installing Brightmail Control Center

For Linux: $ tar -zxvf BAS_60x_x86_linux.tgz

c. Locate the two files, install and EULA.

2 Open and read the file named EULA.

You must read this End User License Agreement before performing the installation.

3 If you are using a previous version, read the next section. If not, continue with

“Running the Installer on UNIX,” on page 62

Running the Installer on UNIX

NOTE: If you are upgrading to Version 6.0.2, see “Upgrading Software,” on page 60

before proceeding.

Table 6 describes the ways to invoke the Installer when installing Brightmail Control Center.

Table 6. Installer Invocation Methods

Method Command Description

Command Line install The Installer prompts are presented in the terminal window

in which you started the Installer.

Graphical User Interface (GUI)

install -i awt The Installer prompts are presented using X Windows. To

use this GUI installation, X Windows must be installed and configured correctly on your system.

The prompts for the command line and GUI installation are the same. Only the command line installation is presented in this guide.

NOTE: When running on Red Hat Enterprise Linux, the Installer requires the

presence of the

compat-libstdc++ library. If this library is not on your

machine, the Installer will stop and ask you to install the library before you install Control Center. The

compat-libstdc++ library is available on

your Red Hat distribution CD.

NOTE: If you plan to install the Brightmail Control Center in the same directory

in which Brightmail Quarantine is installed, manually turn off the Tomcat Web Application server.

1 As root user, run the Installer:

$ su root -c './install' Password: your_root_password

62 Symantec Brightmail AntiSpam ™

Page 69

Installing Brightmail Control Center

If you have binaries in the same directory for the Brightmail Control Center and Brightmail Scanner, you will see the following:

Installers for both Brightmail Control Center and Brightmail Scanner software are present and available to be installed. Please select one of the following: 1 - Brightmail Scanner 2 - Brightmail Control Center q - Quit or Exit Which software would you like to install? 2

2 When necessary, choose 2 from the menu and press Enter to install the Brightmail

Control Center. The install script runs, prepares your system as required, and then runs the Installer.

The Installer displays introductory text.

Introduction

------------

The Installer will guide you through the installation of Brightmail

Control Center, part of Symantec Brightmail AntiSpam.

Respond to each prompt to proceed to the next step in the

installation. If you want to change something on a previous s tep, type 'back'.

You may cancel this installation at any time by typing 'quit'.

PRESS <ENTER> TO CONTINUE:

3 Press Enter.

The following text is displayed:

Get User Input: License Agreement

-----------------

Do you agree to the terms and conditions covered in the license

agreement: /directory_path/EULA ?

1- Yes

->2- No

ENTER THE NUMBER FOR YOUR CHOICE, OR PRESS <ENTER> TO ACCEPT THE

DEFAULT:

: 1

4 Read the License Agreement, if you have not already done so, and indicate whether or

not you accept it as provided. To accept the licensing agreement, type

Installation Guide 63

Page 70

Installing Brightmail Control Center

The following text is displayed:

Choose Install Folder

---------------------

Where would you like to install the Brightmail Control Center? Default Install Folder: /opt/symantec/sbas/ControlCenter

ENTER AN ABSOLUTE PATH, OR PRESS <ENTER> TO ACCEPT THE DEFAULT :

5 Choose the installation directory—the path to the Brightmail Control Center files. To

accept the recommended path, press Enter.

NOTE: If you choose to enter information at this prompt, be very careful not to insert

any spaces as you type. Spaces are not stripped from input that you enter, and they can cause the installation to fail.

NOTE: While acceptable, setting the location of the installation directory to a

remotely mounted partition is not recommended. If you do so, the Installer issues a warning and prompts you to set it to a local partition.

The following text is displayed:

Web Application Server The Brightmail Control Center requires a Web application server.

Would you like to install the included copy of Tomcat version 4.1.27

server as your Web Application server, or use your own Web Application server?

->1- Install included copy of Tomcat 2- Use my own Web Application server

ENTER THE NUMBER FOR YOUR CHOICE, OR PRESS <ENTER> TO ACCEPT THE

DEFAULT:

6 Select 1 to install the included Tomcat server or 2 to use your own Web Application

server. The Brig htmail Control Center req uires a Web Application server. The Tomcat Web Application server is bundled and automatically installed with the Brightmail Control Center. Tomcat and WebLogic are the only Web Application servers tested to work with the Brightmail Control Center. For information on using your own Web application server, refer to “Configuring the Brightmail Control Center to Use

WebLogic,” on page 81.

64 Symantec Brightmail AntiSpam ™

Page 71

Installing Brightmail Control Center

If you are using Tomcat, the following text is displayed:

Tomcat Port

-----------

You have chosen to install the included copy of Tomcat as your Web Application Server. Please specify the port number where you will be running the Tomcat Server.

Tomcat port number (DEFAULT: 41080):

7 Press Enter to select the default port address of 41080, or you can enter a different port

address.

NOTE: The Installer configures Tomcat with a self-signed SSL certificate on a

secondary port, using

https://localhost:41443/brightmail.

If you have set the MySQL user and group as described previously, the Installer now proceeds to the Pre-Installation Summary screen. Otherwise, the Installer displays an error and exits.

A summary of the choices you’ve made is displayed.

Pre-Installation Summary

------------------------

Please Review the Following Before Continuing:

Product Name: Brightmail Control Center

Install Folder:

/opt/symantec/sbas/ControlCenter

Application Server: Tomcat

PRESS <ENTER> TO CONTINUE:

8 Press Enter to continue based on these settings.

Before proceeding to installation, the Installer checks to see if Brightmail Quarantine exists on the machine on which you are currently installing Brightmail Control Center . If no earlier version of Quarantine is detected, the Installer asks you where to install the Brightmail Control Center. If an earlier version of Quarantine is detected, Quarantine data is automatically migrated to Version 6.0.2, using the same location. This may take a few minutes.

Installation Guide 65

Page 72

Installing Brightmail Control Center

Next, Installing... appears on the screen, and a progress bar is displayed.

Installing...

-------------

[================|================|================|==============] [----------------|--------

9 When installation is complete, one of the following two messages is displayed,

depending on the choice you made regarding you r Web Application server:

Installation Complete

---------------------

The Brightmail Control Center installation has been completed.

You chose to install the included copy of Tomcat, you can access the Brightmail Control Center here: http://localhost:41080/brightmail

If you are upgrading from a previous version, use your existing password instead.

Click 'Exit' to exit the installer.

PRESS <ENTER> TO EXIT THE INSTALLER:

Installation Complete

---------------------

The Brightmail Control Center installation has been completed.

You chose to install your own Web Application Server, see the Symantec Brightmail AntiSpam Installation Guide for instructions.

Click 'Exit' to exit the installer.

PRESS <ENTER> TO EXIT THE INSTALLER:

For additional information on accessing the Brightmail Control Center, see “Logging in

and Logging out,” on page 76.

66 Symantec Brightmail AntiSpam ™

Page 73

Installing Brightmail Control Center

Reinstalling Control Center on UNIX

The Installer can re-install your current software and preserve existing configuration and other data stored after initial installation. One of the following actions is taken when a Symantec software installation is detected:

• No version of Control Center is found – Installation occurs normally.

• Brightmail Control Center exists – The Installer reinstalls your existing software,

in the same location as the previous version. If current versions of MySQL and Tomcat exist, they are not reinstalled. Except for the MySQL and Tomcat files, all Control Center binaries are updated.

Installing Brightmail Control Center on Windows

NOTE: If you are upgrading to Version 6.0.2, see “Upgrading Software,” on page 60

before proceeding.

1 Close all open applications before installing Control Center. 2 Do one of the following to navigate to the Setup.exe file:

If you are installing from a CD-ROM:

Insert the Symantec Brightmail AntiSpam software distribution CD-ROM in your computer’s CD-ROM drive.

If the Installer does not run automatically, open the Windows folder on the CD using Windows Explorer and double-click the Setup.exe icon.

If you are installing from a downloaded zip file:

a. Unzip the zip file. b. Double-click the Setup.exe icon.

3 Click Brightmail Control Center.

Installation Guide 67

Page 74

Click Next.

Installing Brightmail Control Center

5 After reading the license agreement, click I accept the Terms of the License

Agreement and then Next.

68 Symantec Brightmail AntiSpam ™

Page 75

Installing Brightmail Control Center

Click Next to choose the default folder for the Brightmail Control Center or click Choose... to select a different folder for Control Center.

NOTE: If you are upgrading from Version 6.0.0 or 6.0.1, you will not see

the screen above, as well as some of the following screens.

Installation Guide 69

Page 76

Installing Brightmail Control Center

The Control Center requires a Web application server. The Tomcat application server is bundled with the installation.

7 Do one of the following:

— Click Install included copy of Tomcat and click Next, then click Next to accept

the default port address of

41080, or enter a different port address.

— Click Use my own Web Application server, and then click Next. Tomcat and

W e bLogic are the only web application servers tested to work with the Brightmail Control Center . For informatio n on using your own Web application server, refer to “Configuring the Brightmail Control Center to Use WebLogic,” on page 81

NOTE: The Installer configures Tomcat with a self-signed SSL certificate on a

secondary port, using

https://localhost:41443/brightmail.

70 Symantec Brightmail AntiSpam ™

Page 77

Installing Brightmail Control Center

The default location for MySQL is C:\mysql.

8 If you wish to install MySQL in an alternate location, enter that location here.

NOTE: If you choose to install MySQL in an alternate location, please be aware of the

following: Symantec does not recommend that you install MySQL on a networked drive as it will impact performance of the Brightmail Control Center. If you choose to do this, you must also perform some post installation configuration to allow services to run on networked drives. Do this if only you understand Windows permissions very well.

9 Click Next to view the pre-installation summary.

Installation Guide 71

Page 78

Installing Brightmail Control Center

When you are ready, click Install to proceed. The installation occurs, and when it is done the following displays:

11 Click Done. 12 Click Exit to quit from the Brightmail Control Center Installer.

72 Symantec Brightmail AntiSpam ™

Page 79

Installing Brightmail Control Center

Automatic Startup Configured by Brightmail Control Center Installer

Table 7 describes the processes that make up the Brightmail Control Center. The Installer configures the MySQL and Tomcat (if installed) processes to start automatically when the computer is powered up. If used immediately after installation, these processes may require 15-60 seconds to begin.

Table 7. Control Center Processes/Services

Process Name in UNIX

java Tomcat Tomcat Java servlet container—serves the pages that make

mysqld MySql MySQL server—processes requests to retrieve and store

Service Name in Windows

Description

up the Brightmail Control Center.

data in the MySQL database, such as Brightmail Scanner configuration data or quarantined spam messages.

On UNIX, the processes making up the Brightmail Control Center are configured to run as daemons. Startup scripts are installed in appropriate

/etc/rc* directory.

/etc/init.d and links are created in the

On Windows, the services making up the Brightmail Control Center are configured to a startup type of Automatic.

Uninstalling Brightmail Control Center on UNIX

The Uninstaller uninstalls the Brightmail Control Center files and also the MySQL and Tomcat files if they exist. Just as with the Installer, you can run the Uninstaller using the

-i awt option described in Table 6, “Installer Invocation Methods,” on page 62.

To remove Symantec software, run the Uninstaller as the root user:

$ su root -c '/opt/symantec/sbas/ControlCenter/uninstall.sh' Password: your_root_password

Uninstalling Brightmail Control Center on Windows

The Uninstaller removes the MySQL and Tomcat services if they exist, and then uninstalls the Brightmail Control Center files and also the MySQL and Tomcat files if they exist.

1 Click Start, point to Programs, point to Symantec Brightmail AntiSpam, and then

click Uninstall Brightmail Control Center.

2 A DOS window opens and prompts you to confirm uninstallation.

Installation Guide 73

Page 80

Installing Brightmail Control Center

Type Y and press Enter. MySQL and Tomcat are removed, then the Brightmail Control Center Uninstall screen opens in a separate window.

4 Click Uninstall to start the uninstallation process.

The Install Complete page displays. The page may list some files that it could not remove.

74 Symantec Brightmail AntiSpam ™

Page 81

Control Center Testing and Configuration

This section provides initial testing procedures and instructions for system setup tasks you may need to perform. The following major topics are included :

• Testing Installation of the Brightmail Control Center

• Adding a Brightmail Scanner

• Testing Symantec Brightmail AntiSpam Filtering

• Configuring the Brightmail Control Center to Use WebLogic

Installation Guide 75

Page 82

Control Center Testing and Configuration

Testing Installation of the Brightmail Control Center

The following sections describe how to verify that the Brightmail Control Center is installed correctly and test basic functions of Symantec Brightmail AntiSpam. You can perform the following procedures regardless of any LDAP requirements you may have for Quarantine.

Reviewing the Installation Log

You may want to check the log file created by the Brightmail Installer, either to verify the installation or to diagnose any problems you encountered in running the Installer. The installation log file is different than the runtime log file,

BrightmailLog.log.

The installation log file, called located in:

• UNIX:

/opt/symantec/sbas/ControlCenter

• Windows: C:\Program Files\Symantec\SBAS\ControlCenter

This file is a plain text file, viewable with a text editor such as Notepad or vi. The first page contains a summary of the successful actions and any warnings, and nonfatal and fatal errors. The rest of the file has details about the Installer’s actions.

Logging in and Logging out

Use the following procedures to login and logout of the Brightmail Control Center.

To Login to the Brightmail Control Center: 1 Open a browser window.

NOTE: In the following step, port 41080 is typical for the Tomcat Web application

server. Other Web application servers will use different ports. For example, for WebLogic, specify port

2 Go to the Brightmail Control Center Login page:

http://localhost:41080/brightmail/

3 Enter the desired account information, and then click Login.

Brightmail_Control_Center_InstallLog.log, is

7001.

Logging Out

To log out at any time, click the Log Out icon in the upper right corner of the current screen.

Checking V ersions

If problems arise with your installation, you may be asked for the versions of some products on your system.

76 Symantec Brightmail AntiSpam ™

Page 83

Control Center Testing and Configuration

To check the versions of your installed software:

go to http://localhost:port/brightmail/BrightmailVersion

where port is the port that Tomcat uses, typically 41080.

You can see the installed versions of the following software:

— Brightmail Control Center or Brightmail Quarantine — Java —MySQL

Adding a Brightmail Scanner

If this is your first time accessing the Brightmail Control Center, you must first add a Brightmail Scanner. It is assumed that before continuing, you have installed at least one Brightmail Scanner and started it, as described in “Starting a Brightmail Scanner,” on

page 30.

To add a Brightmail Scanner: 1 In the Brightmail Control Center, click the Settings tab. 2 In the left pane, under System Settings, click Brightmail Scanners.

3 On the Brightmail Scanner Settings page, click Add.

Installation Guide 77

Page 84

Control Center Testing and Configuration

Starting a Brightmail Scanner from the Brightmail Control Center

The following steps can be used after you have initially installed and tested your installation of Symantec Brightmail AntiSpam. If you are still in the installation and testing process, be sure you have started a Brightmail Scanner as described in “Starting a

Brightmail Scanner,” on page 30. Once Symantec Brightmail AntiSpam is up and running,

you can rely on the following steps.

To start Brightmail Scanners from the Brightmail Control Center 1

page 76.

2 Select the Status tab on the Brightmail Control Center.

You will then see one or more Brightmail Scanners displayed in a list.

3 Check the box next to the Brightmail Scanner you wish to enable. The Scanner starts

automatically . The Stop button is now selectable.

Testing Symantec Brightmail AntiSpam Filtering

The following are sample tests by which you can verify that Symantec Brightmail AntiSpam is filtering your email as expected. Use these tests as models for additional tests you might like to perform periodically.

Verifying Normal Delivery

You can verify whether the Windows SMTP Service or Sendmail is working properly with the Brightmail Client to deliver legitimate mail by sending an email to a user.

To test delivery of legitimate mail: 1

Send an email with the subject line "Normal Delivery Test" to a user.

2 Verify that the test message arrives correctly in the normal delivery location on your

local host.

78 Symantec Brightmail AntiSpam ™

Page 85

Verifying Spam Filtering

This test assumes you are using default installation settings for spam message handling.

To test spam filtering with subject line modification: 1 Create a POP3 account on an email client such as Outlook Express.

For the SMTP Server setting on this account, specify the IP address of the machine on which you have installed and started Brightmail Scanner.

2 Compose an email message addressed to an account on the machine running the

Brightmail Scanner.

3 Give the message a subject that is easy to find, such as Test Spam Message. 4 To classify the message as spam, include the following URL on a line by itself in the

message body:

http://www.example.com/url-1.blocked/

5 Send the message. 6 Check the email account to which you sent the message.

You should find a message with the same subject prefixed by the word

Control Center Testing and Configuration

[Spam].

7 Send a message that is not spam to the same account used in step 5. 8 After several minutes have passed, in the Brightmail Control Center, click Status >

Overview. The Total Spam Messages counter on the Summary page increases by one if filtering

is working.

Testing AntiVirus Filtering

You can verify that antivirus filtering is working correctly by sending a test message containing a pseudo-infected virus. This is not a real virus.

To test the AntiVirus Cleaner: 1 Using your preferred email program, create an email message addressed to a test

account.

2 Attach a virus test file such as eicar.com to the email.

Virus test files are located at

3 Send the message. 4 Check the mailbox for the test account to verify receipt of the test message with the

http://www.eicar.org/.

added Cleaner message text.

Verifying Spam Filtering to Quarantine

If you’ve configured Symantec Brightmail AntiSpam to forward spam messages to Quarantine as described below and both the Brightmail Control Center and at least one

Installation Guide 79

Page 86

Control Center Testing and Configuration

Brightmail Scanner is running, you should be able to see spam messages when you log into the Brightmail Control Center as an administrator. There can be a slight delay until the first spam message arrives, depending on the amount of spam received at your organization.

If new spam messages arrive for a user while that user is viewing quarantined messages, the new spam messages will be displayed after a page change. For example, if you’re viewing an individual message and then return to the message list, any new messages that have just arrived will be added at the end of the message list and displayed when the last message list page is displayed.

The Brightmail Scanner must be configured to forward spam messages to Quarantine. If the default configuration is not changed, Symantec Brightmail AntiSpam inserts

[Spam]

in the subject line of spam messages and delivers them to users’ normal inbox rather than Quarantine. The following Symantec Brightmail AntiSpam message categories can be configured to forward messages to Quarantine:

• Spam

• Suspected spam

• Messages from blocked senders

• Messages containing company-specific content (as defined by you)

• Messages that are unscannable for viruses

You can choose to have all, some or none of these message types forwarded to Quarantine.

NOTE: Brightmail Quarantine only supports the ISO-Latin-1 character set. If messages

are processed into the Quarantine database in other character sets, any noncompliant characters may not be readable.

To set up delivery of messages to Quarantine: 1

In the Brightmail Control Center, click the Settings tab, and then click Group Policies.

2 Under Groups, click the appropriate group, such as Default. 3 Under AntiSpam Actions, set the filtering action to Quarantine the Message for the

desired message types. Typically, you’ll want to set If a message is spam or If a message is suspected spam to Quarantine the Message.

4 Click Save. 5 Repeat this process for each group policy that you want to set to deliver messages to

Quarantine.

6 Send a spam message as described in the next procedure.

To send a message that will be classified as spam:

Using an email client such as Microsoft Outlook Express, open an email addressed to

an account configured to filter spam to Quarantine.

80 Symantec Brightmail AntiSpam ™

Page 87

Control Center Testing and Configuration

Give the message a subject that is easy to find such as Test Spam Message.

3 T o classify the message as spam, include one or more of the following URLs on a line

by itself:

http://www.example.com/url-1.blocked/ http://www.example.com/URL-2.blocked/

4 Send the message. 5 Login to the Brightmail Control Center as an administrator and select the Quarantine

tab.

6 Select the Administrator Messages List page and search for a message with the subject

Test Spam Message.

Configuring the Brightmail Control Center to Use WebLogic

T omcat is included with the Brightmail Control Center as the default application server. If you prefer to use the WebLogic application server with the Brightmail Control Center, follow the steps in this section.

Copying the MySQL Connector/J API

The MySQL Connector/J API is a JDBC driver for MySQL, and provides an interface between MySQL and the Java components that make up the Brightmail Control Center. If you choose to install T omcat, the MySQL Connector/J AP I file is installed and configured by the Installer.

To install the MySQL Connector/J API for WebLogic: 1

On the computer where the Brightmail Control Center is installed, locate the file

mysql-connector-java-com-3.0.11-stable-bin.jar in one of the directories

below: UNIX:

/opt/symantec/sbas/ControlCenter/brightmail

Windows: C:\Program Files\Symantec\SBAS\ControlCenter\brightmail

Copy the file mysql-connector-java-com-3.0.11-stable-bin.jar to an appropriate directory on the computer where WebLogic is installed. Copy the file to a directory in your CLASSPATH.

Adding MySQL Connector/J to the CLASSPATH Variable

Ensure the CLASSPATH environment variable includes the MySQL Connector/J API JDBC driver file, the previous section. Once this WebLogic Server, and access the WebLogic Server console.

mysql-connector-java-com-3.0.11-stable-bin.jar as described in

.jar has been added to the CLASSPATH, restart your

Installation Guide 81

Page 88

Control Center Testing and Configuration

Configuring the Brightmail JDBC Connection Pool

1 Select JDBC Connection Pools page in the WebLogic Server console by navigating

your-domain/Services/JDBC/Connection Pools.

2 Select Configure a new JDBC Connection Pool… 3 In the Database Type list, click MySQL. 4 Select the MySQL’s Driver (Type4) Versions:Any.

The page should appear similar to the following.

5 Click Continue.

82 Symantec Brightmail AntiSpam ™

Page 89

Control Center Testing and Configuration

In the Name box, type a name, for example Brightmail Connection Pool.

6 7 In the Database Name box, type brightmail. 8 In the Host Name box, type the database server’s name or IP address. 9 In the Port box, type the port for the database server. 10 In the Database User Name box, type brightmailuser. 11 In the Password box, type password. 12 Confirm the password by typing in password again.

The page should appear similar to the picture above.

13 Click Continue.

Installation Guide 83

Page 90

Control Center Testing and Configuration

The Test database connection page is displayed.

14 In the Driver Classname box, type the JDBC driver class as

com.mysql.jdbc.Driver.

15 In the URL box, type the URL to the database. This has to be of the form:

jdbc:mysql://hostname:port/brightmail?autoReconnect=true.

The hostname and port number shown in italics will be the values you specified in Steps 8 and 9.

The page should appear similar to the picture above.

16 Click Test Driver Configuration. 17 Click Create and deploy.

84 Symantec Brightmail AntiSpam ™

Page 91

Configuring a Data Source

1 Select the JDBC Data Sources page in the WebLogic management console by

navigating to

2 Click Configure a new JDBC Data Source.

your-domain/Services/JDBC/Data Sources.

Control Center Testing and Configuration

3 In the Name box, type a name for your Data Source, for example Brightmail Data

Source

4 In the JNDI Name box, type jdbc/brightmailDataSource.

The Honor Global Transactions and Emulate Two-Phase Commit for non-XA Driver check boxes can be left at the default setting. The page should appear similar to the picture above.

5 Click Continue. 6 Associate the data source with the connection pool you previously created. 7 Click Continue.

The check boxes for the deployment targets can be left at the default setting.

8 Click Create.

Installation Guide 85

Page 92

Control Center Testing and Configuration

Deploying the brightmail.war

1 Find the brightmail.war file, in the directory where you installed the Control Center .

If the path to this file includes a space (for example, if it includes Program Files), move the

2 Select the Web Application Modules hyperlink in the WebLogic Server console. 3 Click Deploy a new Application Module… 4 Navigate to the location of the brightmail.war file, either in the directory where you

brightmail.war file to a directory path that does not include any spaces.

installed Control Center or in the directory you chose in Step 1.

5 Click Target Module. 6 In the Name field, type brightmail. 7 Click Deploy.

Testing the Control Center with the WebLogic Application Server

After following the steps in this section, ensure that the Brightmail Control Center and MySQL are communicating successfully by attempting to log into the Brightmail Control Center as described in the Symantec Brightmail AntiSpam Administration Guide.

86 Symantec Brightmail AntiSpam ™

Page 93

Plug-Ins and Foldering

This section tells you how to install and configure the Symantec plug-in for Outlook and spam foldering agents for Microsoft Exchange and Lotus Domino users. It contains the following topics:

• Installing the Symantec Plug-in for Outlook

• Configuring Automatic Spam Foldering

• Enabling Automatic Spam Foldering

Installing the Symantec Plug-in for Outlook

The Symantec Plug-in for Outlook makes it easy for Outlook users to submit missed spam and false positives to Symantec. Depending on how you configure the plug-in, user submissions can also be automatically sent to a local system administrator. The Symantec Plug-in for Outlook also gives users the option to administer their own Blocked Senders and Allowed Senders Lists as well as specify languages in which they do or do not wish to receive email.

Usage Scenarios

You can use Symantec Plug-in for Outlook with the following other components of Symantec Brightmail AntiSpam:

• Spam Folder Agent (or native MS Exchange foldering)

• Brightmail Quarantine

• Both Spam Folder Agent (or native MS Exchange foldering) and Brightmail

Quarantine

• Neither Spam Folder Agent (or native MS Exchange foldering) nor Brightmail

Quarantine

NOTE: Refer to the Symantec Brightmail Anti-Spam Administration Guide for more

information on Quarantine. To use native MS Exchange foldering, you must use Exchange 2003. See “Configuring the Spam Folder Agent,” on page 93 information on the Spam Folder Agent and on native MS Exchange foldering.

Installation Guide 87

for more

Page 94

End User Experience

NOTE: Documentation for end users is provided in the Symantec Plug-in for Outlook help

system.

After performing a simple installation process, users will have a new toolbar in their Outlook window:

Plug-Ins and Foldering

• This is Spam – Users click this button to submit the message to the BLOC and move it from their Inbox to their Spam folder.

• This is Not Spam – Users click this button to submit the message to Symantec and move it from their Spam folder to their Inbox.

• Empty Spam Folder – Users click this button to empty their Spam folder (if configured)

• Spam Quarantine – Users click this button to launch Brightmail Quarantine in their default Web browser

• Symantec – By choosing an item from this pull-down menu, users can get information on using the plug-in, view a report (if configured), and administer their personal Blocked Senders and Allowed Senders Lists.

Table 8. Symantec Menu Items

Menu Item Description

Symantec Help Launch a help page for the Symantec Plug-In for Outlook using your

Spam Report View spam statistics (if configured).

(if configured).

default Web browser.

88 Symantec Brightmail AntiSpam ™

Page 95

Plug-Ins and Foldering

Table 8. Symantec Menu Items (Continued)

Menu Item Description

Options Set plug-in properties and administer your private Blocked Senders and

Allowed Senders Lists, specify languages in which you do or do not wish to receive email.

About Symantec Get information on the current version of the software.

Software Requirements

The Symantec Plug-in for Outlook can be used with Outlook 2000, Outlook 2002, Outlook XP, and Outlook 2003, on Windows 98, Windows ME, Windows NT, Windows 2000, Windows XP, and Windows 2003.

NOTE: If you are using Spam Folder Agent, the plug-in retrieves the name of the spam

folder from the Spam Folder Agent Inbox Rule. Absent the Spam Folder Agent, the plug-in retrieves the

SPAM_FOLDER value in the Windows registry, it creates a Spam folder during

installation.

SPAM_FOLDER value from the Windows registry. If there is no

Administrator Setup Instructions

To set up the Symantec Plug-in for Outlook: 1

Do one of the following to navigate to the folder containing the Symantec Plug-in for Outlook software:

If you are installing from a CD-ROM: a. Insert the Symantec Brightmail AntiSpam software distribution CD-ROM in your

computer’s CD-ROM drive.

If the Installer runs automatically, click Exit to close the Installer.

b. Open the Windows\Plugin\Outlook folder on the CD using Windows Explorer. If you are installing from a downloaded zip file: a. Unzip the zip file and extract all the contents to a folder. b. Open the Plugin\Outlook folder using Windows Explorer.

2 Copy all the files in the Plugin\Outlook folder to a network directory that is

accessible to your users.

3 You can also modify the setup.ini file to configure system-wide settings. See the

optional settings in Table 9, “Symantec Plug-in for Outlook Setup Variables,” on

page 90.

Installation Guide 89

Page 96

Plug-Ins and Foldering

You can email your users a link to the setup.exe file in this directory, or use remote distribution software to install it on your users’ computers. You can silently install by running

setup.exe with the following switches: /s /v"/qn"

NOTE:

If you run setup.exe with the command /s /v"/qn", the silent install option ignores changes made to the end of the using:

/s.

CmdLine attribute in setup.ini, and then run the silent install

setup.ini. To preserve your changes, add /qn to

Instruct users to close Outlook before running the installer by clicking File, and then clicking Exit. If they close Outlook in any other way, Outlook may continue to run in memory and return an error.

To configure system-wide settings for the Symantec Plug-in for Outlo ok (optional): 1 Open the setup.ini file for editing. This file contains the initial settings for

launching the Symantec Plug-in for Outlook installation package. All the settings you need to use can be set on the beginning of the

setup.ini file. The settings will be added as values for the following

Windows Registry key:

You can also change the settings in Table 9, “Symantec Plug-in for Outlook Setup

CmdLine attribute in the [Startup] section at the

HKLM\Software\Brightmail\OutlookPlugin

Variables,” on page 90.

Example:

CmdLine=SPAM_FOLDER="Junk" ADMIN_FALSE_ADDRESS="admin-false@my.company.com"

Table 9. Symantec Plug-in for Outlook Setup Variables

Variable Name Description

ADMIN_FALSE_ADDRESS The email address of the administrator to copy with

false positive submissions. The default for this is an empty string. If this value is empty, then the message will not be sent to the administrator.

ADMIN_JUNK_ADDRESS The email address of the administrator to copy with

missed spam submissions. The default for this is an empty string. If this value is empty, then the message will not be sent to the administrator.

ALLOW_CONTACTS If set to 1 (the default) or any non-zero value, treat

all entries of the Outlook Contacts folder as members of the Allowed Senders List. If set to 0, do not treat any members of the Outlook Contacts folder as members of the Allowed Senders List.

AUTO_ADD_BLOCKED When submitting a spam message to th e BLOC, add

the sender of the message to the Blocked Senders List. The default is 1.

90 Symantec Brightmail AntiSpam ™

Page 97

Plug-Ins and Foldering

Table 9. Symantec Plug-in for Outlook Setup Variables (Continued)

Variable Name Description

AUTO_ADD_ALLOWED If set to 1 (the default) or any non-zero value,

automatically generate the Allowed Senders list. If set to 0, do not automatically generate the Allowed Senders list

AUTO_ALLOWED If set to 1 (the default) or any non-zero value,

automatically generate the Allowed Senders List. If set to 0, do not automatically generate the Allowed Senders List.

CHECK_ALLOWED If set to 1 (the default) or any non-zero value, move

messages directly to the Spam folder. If a message sender is in the user’s Allowed Senders List or (optionally) Outlook Contacts list, or if ANY of the message’s recipients are in the user’s Allowed Recipients List, the message is moved to the Inbox. Otherwise it stays in the Spam folder.

If set to 0, messages are delivered normally (to the Inbox).

CHECK_BLOCKED If set to 1 (the default) or any non-zero value, move

If set to 0, messages are delivered normally (to the Inbox).

DELETE_SPAM If set to 1 or any non-zero value, spam messages

will be deleted. If set to 0 (the default value), spam messages will be moved to the Spam folder.

DELETE_X_DAYS Deletes messages in the Spam folder which are

more than x days old. The default is 7. Set this value to 0 to disable this feature.

DISPLAY_ARE_YOU_SURE_MSGS Specifies whether the confirmation dialog is

displayed after a message is submitted. If this variable is set to 1 (the default value) the

confirmation message will be displayed. If this variable set to any other value or left empty, the message will not be displayed.

DISPLAY_CONFIRMATION_MSG

Installation Guide 91

Specifies whether the confirmation dialog is displayed after a message is submitted.

If this variable is set to 1 (the default value) the confirmation message will be displayed. If this variable set to any other value or left empty, the message will not be displayed.

Page 98

Plug-Ins and Foldering

Table 9. Symantec Plug-in for Outlook Setup Variables (Continued)

Variable Name Description

EMPTY_SPAM_FOLDER If set to 0 (the default), do not display the Empty

Spam button. If set to 1 or any non-zero value,

display the Empty Spam button. This button allows users to delete the contents of their Spam folders.

HIDE_NOT_SPAM Specifies whether the This is Not Spam butt on is

hidden. The default is 0 (displayed). Any non-zero value, including an empty value, will cause the button to be hidden.

HIDE_SPAM Specifies whether the This is Spam button is

hidden. The default is 0 (displayed). Any non-zero value, including an empty value, will cause the button to be hidden.

MANUAL_ALLOWED If set to 1 (the default) or any non-zero value, allow

users to add entries to the Allowed Senders and Allowed Recipients Lists.

If set to 0, do not allow users to add entries.

MANUAL_BLOCKED If set to 1 (the default) or any non-zero value, allow

users to add entries to the Allowed Senders and Allowed Recipients Lists.

If set to 0, do not allow users to add entries.

MARK_AS_READ If set to 1 (the default) or any non-zero value,

messages are marked as Read when moved to the Spam folder . If set to 0, messages are not marked as Read when moved to the Spam folder.

MODIFY_OPTIONS If set to 1 (the default) or any non-zero value, allow

users to view/edit the Submissions and Preferences tabs.

If set to 0, do not allow users to view/edit the Submissions and Preferences tabs.

MULTI_CONFIRM_MSG The confirmation message for multiple successful

submissions. The default value for this string is: “Thank you for

submitting messages to Symantec for review. We appreciate your help in improving our antispam service. This will be your only acknowledgement.”

SENDER_NOT_IN_ALLOWED Specify the action to take if the message sender is

not in the Allowed Senders List.

• Normal – Move the message to the Inbox.

• Delete – Delete the message.

• SpamFolder – Move the message to the Spam

folder.

The default is Normal.

92 Symantec Brightmail AntiSpam ™

Page 99

Plug-Ins and Foldering

Table 9. Symantec Plug-in for Outlook Setup Variables (Continued)

Variable Name Description

SINGLE_CONFIRM_MSG The confirmation message for a single successful

submission. The default value for this string is: “Thank you for

submitting a message to Symantec for review. We appreciate your help in improving our antispam

service. This will be your only acknowledgement.” SPAM_FOLDER The name of the Spam folder . The default is “Spam.” SPAM_QUARANTINE_URL If specified, this setting causes the Spam

Quarantine button to appear in the toolbar. Clicking

the button displays the Spam Quarantine login page

in a Web browser. If unspecified (the default), the

Spam Quarantine button does not appear in the

toolbar. REPORT_URL If specified, this setting causes the Spam Report

button to appear in the toolbar. Clicking the button

displays the Spam Report application. If unspecified

(the default), the Spam Report button does not

appear in the toolbar.

Save your changes to the setup.ini file.

These settings will be used during each installation of the Symantec Plug-in for Outlook to modify the Windows Registry on each user’s computer.

Configuring Automatic Spam Foldering

You can route users’ spam into a special email folder so they can review it using the Spam Folder Agent or the Symantec Spam Folder Agent for Domino. To enable spam foldering after configuring it, see “Enabling Automatic Spam Foldering,” on page 105

Configuring the Spam Folder Agent

See the Symantec Brightmail AntiSpam Deployment Planning Guide for detailed instructions for enabling spam foldering in Exchange 5.5 or Exchange 2000.

NOTE: In certain configurations, Exchange 2003 will require no additional software to

automatically route spam to a spam folder, but this must be enabled in the Brightmail Control Center. See “Enabling Automatic Spam Foldering,” on

page 105 for more information. To use native foldering in Exchange 2003, you

must deploy Exchange 2003 at the gateway and at the back end. In addition, users must enable the Junk Email Filter feature using Outlook 2003 or Outlook Web Access 2003. See the Symantec Brightmail AntiSpam Deployment Planning

Guide for more details.

Installation Guide 93

Page 100

Plug-Ins and Foldering

To install the Spam Folder Agent (Exchange 5.5 or Exchange 2000): 1

Do one of the following to navigate to the Setup.exe file: If you are installing from a CD-ROM:

a. Insert the Symantec software distribution CD-ROM in your computer’s CD-ROM

drive.

If the Installer does not run automatically, open the Windows folder on the CD using Windows Explorer and Setup.exe.

If you are installing from a downloaded zip file:

a. Unzip the zip file. b. Double-click Setup.exe

2 Click Next to skip the introductory dialog box. 3 After reading the license agreement, click I accept the terms of this license

agreement, and then click Next.

4 Choose a setup type, and then click Next.

Setup options include Complete and Custom. The Complete option installs all software in a predefined set of folders and files. The Custom option allows you to tailor installation options.

5 Under Service Account, specify an account to be used by the Spam Folder Agent.

Type the Active Directory or NT Domain, as well as the user name and password. For instructions on creating the service account for Exchange, see the Symantec

Brightmail AntiSpam Deployment Planning Guide.

6 In the Mailbox field, specify the mailbox alias of a valid mailbox for the Spam Folder

Agent to use. To find this alias, click Active Directory Users and Computers, right-click User

properties, and then click the General tab. The account specified in the last step must have Full Access to this mailbox.

7 In the Spam folder name field, specify the name of the folder in each end user’s

mailbox where spam will be foldered,

8 In the Spam expiration field, specify the period in days for which you want to retain

spam messages. The default period is 30 days. You may need to adjust this setting based on the volume of spam you receive at your

organization.

9 Click Next. 10 Click OK.

NOTE: If the installation process is unable to verify the existence of the spam folder

because you have insufficient user rights, the following message is displayed. You can either continue without verification, or return to the Configuration dialog box and halt installation.

94 Symantec Brightmail AntiSpam ™