The Administration Guide explains how to configure Symantec Brightmail Gateway to filter messages, block and allow messages at connection, and block viruses and spam. The Administration Guide also describes how the Brightmail Gateway controls message flow and message filtering and explains how you can configure email settings and group settings. The Administration Guide provides information about the mail transfer agent (MTA), configuring directory data services (DDS) and content filtering, and how to monitor reports and the product status.
Table of Contents:
About Symantec Brightmail Gateway
What's new in Symantec Brightmail Gateway
Components of Symantec Brightmail Gateway
About the Symantec Brightmail Gateway software components
About the Symantec Brightmail Gateway hardware component
How Symantec Brightmail Gateway works
What you can do with Symantec Brightmail Gateway
Where to get more information
Logging on and logging off
Feature dependencies
Preinstalled policies
About default policies and features
Default email spam policies
Default email virus policies
Default IM spim policies
Default IM virus policies
Performing initial configuration tasks
Performing optional configuration tasks
Setting up Scanners
Setting up system monitoring with alerts, logs, and report settings
Setting up certificates for authentication
Configuring Control Center settings
Configuring a directory data service
Setting up SNMP and UPS monitoring
Configuring email settings
Enabling reputation-based filtering features
Configuring spam, virus, and IM settings policies
Setting up email authentication
Creating policy groups and assigning policies
What you can do with content filtering
Adding Scanners
Verifying Scanner installation settings
Specifying DNS server addresses
Verifying Scanner time settings
Specifying proxy settings
Configuring Ethernet settings and routes
Configuring Scanner email settings
About Scanner email settings
Configuring mail flow direction
Changing Scanner inbound mail settings
Changing Scanner inbound mail acceptance settings
Configuring Scanner inbound email delivery settings
Changing Scanner outbound mail settings
Changing Scanner outbound mail acceptance settings
Configuring Scanner outbound mail delivery settings
Configuring SMTP advanced settings
SMTP advanced authentication settings
SMTP advanced inbound settings
SMTP advanced outbound settings
SMTP advanced delivery settings
SMTP advanced settings for delivery bindings
Specifying internal mail hosts for non-gateway deployments
Internal mail servers: non-gateway deployments
Modifying Scanner configurations
Enabling and disabling Scanners
Deleting Scanners
Stopping and starting Scanners
Managing services and MTA operations
Working with Services
About email domains
Adding or editing domains
Importing a domains list
Deleting domains
About email domain acceptance settings
About aliases and address masquerades
Adding or editing aliases
Importing aliases
Alias addresses
Adding or editing address masquerades
Importing an address masquerade list
About invalid recipients
Setting up invalid recipient handling
About email message flow
Email message flow phases
Enabling SPF and Sender ID authentication
Configuring DKIM authentication
Adding a domain key
Deleting a domain key
Viewing a domain key
Importing a domain key
Enabling DKIM validation
Creating a content filtering policy for DKIM validation
Enabling DKIM signing for a domain
Using SMTP authentication
Configuring SMTP authentication mail settings
Best practices for using SMTP authentication
Enabling or disabling good and bad sender groups
Choosing actions for good and bad sender groups
Adding senders to administrator and third party sender groups
Editing good and bad sender group members
Deleting good and bad sender group members
Enabling or disabling good and bad sender group members
Importing good and bad sender group entries
Sender group import file formats
Exporting sender group information
Supported methods for identifying senders
About blocking and allowing messages at connection time
About managing connection load at the gateway
Configuring Connection Classification
Connection class default settings
Configuring email virus attack recognition
Configuring directory harvest attack recognition
About blocking and allowing messages using sender groups
About conserving resources using Fastpass
Configuring Fastpass
About defending against bounce attacks
Configuring the Control Center for bounce attack prevention
Configuring policy groups for bounce attack prevention
Creating an email spam policy for bounce attack prevention
Researching IP address reputation
About certificates
Adding a self-signed certificate
Adding a CA certificate
Requesting a Certificate Authority-signed certificate
Changing a self-signed certificate or domain key name
PEM format requirements for certificates and domain keys
Importing a Certificate Authority-signed certificate
Replacing existing CA certificates
Viewing existing CA certificates
Backing up CA certificates
Deleting an SMTP/TLS or HTTPS certificate
Viewing an SMTP/TLS or HTTPS certificate
Assigning an MTA TLS certificate to a Scanner
Assigning a user interface HTTPS certificate to the Control Center
About detecting viruses and malicious attacks
Product technologies that detect viruses and malicious attacks
What you can do with suspicious attachments
Spyware or adware verdict details
How to detect virus and malicious threat detection
Creating email virus policies
Modifying email virus policies
Enabling or disabling email virus policies
Deleting email virus policies
Copying email virus policies
Excluding file types from virus scanning
Modifying the file types to exclude from scanning
Enabling or disabling the lists of file types to exclude from scanning
Deleting lists of file types to exclude from scanning
Exporting lists of the file types to exclude from scanning
Modifying the heuristic level
Setting limits on nested files
About updating virus definitions
Viewing the status of your virus definitions
Scheduling automatic virus definition updates
Disabling automatic virus definition updates
Initiating virus definition updates on demand
Specifying from where to obtain virus definitions
Obtaining definitions when a new, emerging threat is discovered
About quarantining suspected viruses
Viewing suspect virus messages in quarantine
Choosing the language encoding for suspect virus messages
Specifying the number of suspect virus message entries to view per page
About navigating Suspect Virus Quarantine
Sorting suspect virus messages in quarantine
Searching quarantined virus messages
Suspect virus message search criteria and tips
Deleting suspect virus messages in quarantine
Releasing suspect virus messages from quarantine
Specifying how long suspect virus messages are retained in quarantine
Modifying the disk space allotted for Suspect Virus Quarantine
About filtering spam
Configuring spam detection
Creating email spam policies
Enabling and disabling spam policies
Modifying spam policies
Copying spam policies
Deleting spam policies
Configuring the threshold for suspected spam identification
Enabling or disabling URI reporting to Symantec
Participating in the Symantec Probe Network
About the Symantec Probe Network
About probe accounts
About creating probe accounts
Setting up probe accounts
Enabling probe participation
Creating probe accounts from invalid recipient email addresses
Creating probe accounts manually
Enabling probe accounts
Disabling a probe account
Deleting a probe account
About quarantining spam
Before you use Spam Quarantine
Forwarding spam messages for non-existent addresses to quarantine
Configuring Spam Quarantine for administrator-only access
Viewing spam and suspected messages in quarantine
How Spam Quarantine differs for administrators and users
Viewing spam and suspected spam messages sent to the postmaster mailbox
About navigating Spam Quarantine
Specifying the number of entries to appear on the Spam Quarantine Message list page
Sorting spam and suspected messages in quarantine by date
Releasing false-positive messages from quarantine
Deleting spam messages in quarantine
Searching quarantined spam messages
Spam message search criteria and tips
Viewing spam message headers
Choosing the language encoding for spam messages
Modifying Spam Quarantine thresholds
Spam Quarantine threshold considerations
Specifying who to notify of false positive messages
About configuring the user and distribution list notification digests
About how spam is handled when addressed to distribution lists
Specifying when to notify users of spam messages in their quarantine
Modifying the spam notification message digest templates
Spam notification message variables
Enabling notification digests for distribution lists
Selecting the notification digest format
Specifying how long spam messages are retained in quarantine
Specifying when and how often Spam Quarantine is expunged
Troubleshooting Spam Quarantine
About IM
Enabling IM filtering
About spim
About how spim works
About detecting spim
About detecting known spim
About detecting suspected spim
Enabling spim detection
About registering IM users
About the IM user registration process
Enabling IM user registration
Editing IM user registration text
Registering an IM user as an administrator
Self-registering an IM user
Editing and deleting registered IM users
Blocking access to an IM network
Creating IM virus policies
Creating IM spim policies
About policy groups
Creating a policy group
Adding members to a policy group
Managing policy group members
Importing and exporting policy group members
Researching policy group membership for a user
Editing, deleting, enabling, or disabling a policy group
Selecting policies for policy groups
About assigning filter policies to policy groups
Virus categories and default actions
Selecting virus policies for a policy group
Selecting spam and spim policies for a policy group
Selecting Network Access Control policies for a policy group
Selecting content filtering policies for a policy group
Enabling and disabling end user settings for policy groups
Requirements for enabling end-user settings for policy groups
Allowing or blocking email based on language
Setting policy group precedence
About content filtering
Creating content filtering policies
About content filtering policy templates
Selecting the content filtering policy template
Defining the content filtering policy
Considerations for content filtering policy conditions
Configuring content filtering policy conditions
Content filtering policy conditions
Message parts used in conditions
Content filtering condition match criteria
Putting predefined regular expressions into content filtering policy conditions
Specifying content filtering policy actions
Content filtering policy actions
Specifying the policy groups for which content filtering policies apply
Editing content filtering policies
Deleting content filtering policies
Copying content filtering policies
Enabling and disabling content filtering policies
Specifying the order that content filtering policies are evaluated
About preventing data loss with structured data
About your data source files
Defining records
About mapping your data source file columns
System patterns
Mapping data source file columns to fields in Symantec Brightmail Gateway
Uploading data source files
Replicating records
Modifying records
Deleting records
About views
Creating views
Editing views
Deleting views
About policy violation notifications
Creating policy violation notifications
Editing policy violation notifications
Deleting policy violation notifications
About content filtering dictionaries
Considerations when you use dictionaries
Scanning non-plain text file attachments for content filtering violations
Exporting words or phrases from dictionaries
Disabling and enabling predefined words or phrases in dictionaries
Creating user-defined dictionaries
Importing words or phrases into dictionaries
Editing dictionaries
Deleting user-defined words or phrases from dictionaries
Finding words or phrases in dictionaries
Deleting dictionaries
Premium and custom content filtering dictionaries
About patterns
Creating your own custom patterns
Editing patterns
Deleting patterns
Annotating messages that contain violations
Editing annotations
Deleting annotations
About attachment lists
Creating lists to detect file attachment types
Editing attachment lists
Deleting attachment lists
Predefined attachment lists
Perl-compatible regular expressions
Perl-compatible regular expression examples
Specifying where to save archived messages
About content incident folders
About managing the size of content incident folders
Creating content incident folders
Editing content incident folders
Deleting content incident folders
Scheduling the content incident folder Expunger
About monitoring and acting on incidents
Creating incident notifications
Viewing incidents in content incident folders
Acting on multiple incidents at a time
Content incident actions
Archiving incidents
Exporting an incident's history
Forwarding incidents
Deleting incidents
Approving, rejecting, or holding quarantined incidents
Updating an incident's status
Changing an incident's severity level
Viewing an incident's history
About encrypting messages with Symantec Content Encryption
Preparing your system for content encryption
Managing the host and port information for content encryption
Provisioning a content encryption account
About Symantec Network Prevent
Required ports for Symantec Network Prevent integration
How Symantec Brightmail Gateway and Symantec Network Prevent interact
Common Symantec Network Prevent actions
Supported Symantec Network Prevent delivery modes
About failure behavior with Symantec Network Prevent
How to resolve a delivery queue back up to Symantec Network Prevent
Enabling or disabling bypass for Symantec Network Prevent
Creating a policy to detect unscanned email if Symantec Network Prevent bypass is enabled
About Symantec Network Prevent reports
About performance implications for Symantec Network Prevent integration
About Symantec Network Prevent preference order
Troubleshooting Symantec Network Prevent integration: messages bounce
Troubleshooting Symantec Network Prevent integration: deferred messages
Configuring Symantec Network Prevent to return email to Symantec Brightmail Gateway
Configuring email connections to and from Symantec Network Prevent
Creating an incident based on Symantec Network Prevent header markup
About taking Symantec Network Prevent servers offline for maintenance
About using the directory data service
About data sources and functions
About data source queries
About using the authentication function with your data source
About using the recipient validation function with your data source
About using the routing function with your data source
About using the address resolution function with your data source
Creating a data source
Adding a data source
Configuring data source advanced settings
Enabling functions on a new data source
About the directory data cache
Enabling cache persistence
About preloading your directory data cache
About expanding distribution lists and preserving recipient addresses
Enabling distribution list expansion for your data sources
Preserving recipient addresses for your data sources
About modifying existing data sources
Disabling or enabling a data source
Deleting a data source
Editing a data source
Best practices for security
Best practices for scalability
About working with reports
Selecting the data to track for reports
Creating and configuring reports
Report types
Saving favorite reports
Editing a favorite report's filter options
Editing a favorite report's schedule
Copying favorite reports
Deleting favorite reports
About generated reports layout and data
Running reports on demand
Generating reports automatically
Canceling scheduled reports
Emailing generated reports
Specifying the report email notification sender and subject line
Printing generated reports
Saving generated reports
About purging report data
Specifying how long report data is retained
Specifying when and how often report data is purged
Deleting all report data at one time
Troubleshooting report generation
About monitoring the status of your product
About the Dashboard
Viewing the Dashboard
Threat category components
Viewing the status of your hardware
Viewing information about your hardware
Viewing the status of software and services
Monitoring message queue size and volume
MTA and message queue behavior
Configuring alerts
Types of alerts
Monitoring devices through SNMP
Downloading a Management Information Base for SNMP
Configuring UPS settings
About scheduled tasks
Setting scheduled tasks failures alerts
Scheduled tasks types
About logs
Log types
Viewing log files
Saving log files
Managing the log database size
Manually deleting log files
About log disk space alerts
Configuring low disk space alerts
Clear disk space checklist
Configuring remote logging to syslog
Standard prefix for Scanner logs sent to remote syslog
Log format of boot.log, cron, message, and secure components for remote syslog
Log format of Conduit, Brightmail Client, Brightmail Engine, JLU Controller, and IM Relay for remote syslog
Log format of mail transfer agent for remote syslog
Log format of message audit logs for remote syslog
Enabling the Message Audit Log
Configuring log levels
About message audit logging
Format of audit logs
Audit log events
Searching for a message in the Message Audit Log
Exporting Message Audit Log data
About message queues
Viewing queued messages
Rerouting messages in the delivery queue
Deleting queued messages
Stopping the mail flow
Flushing message queues
Troubleshooting the message queue
Viewing IM users that are signed on
Viewing the connection status of your IM networks
Configuring Control Center settings
About simultaneous Control Center access
About backing up log data
Checking the Control Center error log
Running network utilities from the Control Center
Licensing your product
Viewing license statuses
Enforcing strong passwords
Password best practices
Strong password criteria
Adding administrators
Editing an administrator
Deleting an administrator
Administrator rights
Resetting an administrator password
About maintaining adequate disk space
Turning off an appliance
Restarting an appliance
Resetting an appliance to its factory default
Scheduling backups
Editing a scheduled backup
Deleting a scheduled backup
Performing an on-demand backup
Restoring an appliance from backups
About software updates
Determining which version of software is installed
Software update best practices
Monitoring software update using the command line interface
Updating your software
Configuring bad message handling
Setting up your SMTP greetings and postmaster address
Customizing the date format and time format
Date format and time format pattern syntax
Specifying what to include in diagnostic packages
About troubleshooting issues with Symantec Brightmail Gateway with diagnostics
Generating and downloading diagnostic packages
Generating diagnostic packages and transferring them to a remote location
Deleting diagnostic packages
Converting 8-bit MIME messages to 7-bit MIME
Administering Symantec Brightmail Gateway through the command line
Command line interface access methods
About filtering
Verdicts and actions for email messages
Verdicts and actions for instant messages
Multiple actions per verdict
Verdict and action combinations
About multiple content filtering policies
Limits on combining actions
Action processing combinations
User interface action combinations
Verdicts by verdict category
Verdict combinations
agent-config
cat
cc-config
clear
db-backup
db-restore
delete
diagnostics
dns-control
grep
help
ifconfig
iostat
ldapsearch
list
mallog
malquery
monitor
more
mta-control
netstat
nslookup
password
ping
reboot
route
rpmdb
service
show
shutdown
sshd-config
tail
telnet
traceroute
update
U.S. regulatory policy templates
Export Administration Regulations (EAR)
Gramm-Leach-Bliley
HIPAA
International Traffic in Arms Regulations (ITAR)
NASD Rule 2711 and NYSE Rules 351 and 472
NASD Rule 3010 and NYSE Rule 342
NERC Security Guidelines for Electric Utilities
Office of Foreign Assets Control (OFAC)
Payment Card Industry Data Security Standard
Sarbanes-Oxley
SEC Fair Disclosure Regulation
State Data Privacy
Confidential data-protection policy templates
Confidential Documents
Defense Message System (DMS) GENSER Classification
Design Documents
Encrypted Data
Financial Information
Mergers and Acquisition Data
Price Information
Project Data
Publishing Documents
Resumes
Source Code
US Intelligence Control Markings (CAPCO) and DCID 1/7
Acceptable use policy templates
Competitor Communications
Gambling
Illegal Drugs
Media Files
Offensive Language
Racist Language
Restricted Files
Restricted Recipients
Sexually Explicit Language
Violence and Weapons
Customer and employee data-protection templates
Canadian Social Insurance Number
Credit Card Numbers
Customer Data Protection
Employee Data Protection
Individual Taxpayer Identification Numbers (ITIN)
SWIFT Codes
UK Drivers License Numbers
UK Electoral Roll Numbers
UK National Insurance Number
UK Passport Numbers
UK Tax ID Numbers
US Social Security Numbers
Network security policy templates
Network Diagrams
Network Security
Password Files
UK and international regulatory policy templates
Caldicott Report
Data Protection Act 1998
EU Data Protection Directives
Human Rights Act 1998
PIPEDA
Symantec Brightmail Gateway support for VMware tools
ご意見ありがとうございます。以下にコメントがある場合はお知らせください。(ログインが必要です)