For General Information
7. Click Finish
2.9 Other Setup Tasks
The remaining chapters in this book describe other areas of Email Firewall to set up, administer and monitor. The following sections describe these areas in brief detail.
2.9.1 Setting Up Message Queues
Email Firewall uses message queues to hold email messages. Some queues are temporary repositories for messages in transit through the Email Firewall SMTP relay, while others provide more permanent storage for messages that must be processed manually. The queues and their functions are described in detail in Chapter 3, Working With Queues.
Messages held in the configurable queues can be filtered, viewed, changed, sent, returned, reprocessed or deleted. Each queue has a configurable threshold that, when reached, can trigger a notification or log an event. The configurable Email Firewall message queues include:
• Quarantine (Default)
• Detention
• Retry
• Dead Letter
• Defer
• Redirect
• Secure Messenger
• Spam Analysis
• Inbound
• Outbound
In addition to the Default Quarantine queue, custom quarantine queues can be created, allowing more granular storage of quarantined messages.
There are also non-configurable queues: Partition, Return and Archive. Message count for these queues is displayed on the Status page.
What is the Personal Quarantine Manager?
The Personal Quarantine Manager (PQM) eliminates the need for
administrators to quickly review the Quarantine queues for potential false positives. When this feature is installed and enabled, message recipients are able to see a summary of their quarantined messages and release a copy of each message they want to receive. The message itself remains in the Quarantine queue until automatically purged by an aging action or until acted upon by an administrator.
For more information about the PQM and how to set it up, see 3.7 Using Personal Quarantine Manager on page 142.
2.9.2 Setting Up Reporting
The Email Firewall reporting tool creates email-usage reports that show how Email Firewall is operating in your environment. These reports are based on events logged to the Email Firewall Event Log. The reports show, in summary detail, message volume passing through Email Firewall, which policies are violated most often, which domains send and receive the highest number of messages, and which user sends the greatest number of virus-infected messages.
These reports also show attachment and message volume for specific email users identified by email address, policy violations for individual senders and recipients, and viruses caught in messages from individual users.
Audit reports show the actions performed in the Email Firewall Directory, and identifies the administrator who performed those actions.
Chapter 11, Email Firewall Reports describes these reports and provides instructions for setting them up.
2.9.3 Setting Up Policies
Policies provide the message content filtering and security measures available to Email Firewall after a message has been accepted by the Email Firewall SMTP Relay. Chapter 5, Understanding Policies explains how Email Firewall policies are structured. Chapter 6, Creating and Editing Policies provides
2.9.4 Setting Up the Directory
Email Firewall policies must be applied to directory objects to be effective. A default directory structure is set up during installation. Section 5.3 Email Firewall Directory on page 220 describes this default structure and how to augment it. Tools to more effectively manage the directory are described in 10.1 Email Firewall Directory Tools on page 532 and 10.2 Setting Up LDAP Directory Imports on page 534, and sections following.
2.9.5 Setting Up Security
Email Firewall can encrypt, decrypt, digitally sign, and verify incoming and outgoing messages using policies and security integration features. Chapter 8, Email Encryption and Authentication Overview describes the concepts behind the Email Firewall security features and implementation. Chapter 9, Security Configuration provides instructions for setting up Email Firewall security features.
2.9.6 What is the Dynamic Anti-spam Service?
When your organization has purchased a license for the Tumbleweed Dynamic Anti-spam Service (DAS) and installed and configured the service, the Spam Analysis Engine preprocesses each message. This preprocessing, together with Email Firewall policies, allows you to reduce the number of spam messages entering your organization.
The Dynamic Anti-spam Service works by processing email messages after they have been accepted by the inbound Email Firewall SMTP Relay service, but before they are processed by the Email Firewall Policy Engine. The product adds the Spam Analysis Engine service to the Email Firewall list of services.
The Tumbleweed Message Protection Lab™ provides data for the Email Firewall Dynamic Anti-spam filter updates. The Spam Analysis Engine uses this filter data in message analysis.
The Spam Analysis Engine uses multiple heuristics to generate a multi-dimensional categorization for each message processed, and applies these heuristics and statistical analyses to identify and categorize spam. The Spam Analysis Engine is extensible over time using the Dynamic Anti-spam filter updates, as new techniques and categorizations are created. This process
ensures that the system maintains a high capture rate and low false positive rate, even as spam tactics evolve.
For more information about the Dynamic Anti-spam Service, see Chapter 7, Dynamic Anti-Spam Service.
2.9.7 What is Secure Redirect?
When your organization has access to a Tumbleweed IME Server and installs and configures the Secure Redirect component, Email Firewall can
automatically redirect selected Internet (SMTP) messages to the IME server for subsequent delivery. The IME server provides secure, traceable delivery to the recipients.
In the Setup page, Secure Redirect is used when you have access to a Tumbleweed IME Server and have installed the Secure Redirect Service component. You create Redirect Profiles to use when specifying Redirect as a policy action.
For detailed information about setting up and using the Redirect component and for information on creating Secure Redirect package profiles, see the
Tumbleweed Secure Redirect 6.2 Administrator’s Guide.
2.9.8 What is Secure Messenger?
Tumbleweed Secure Messenger is an enterprise secure email software solution.
If installed, it works with the Email Firewall to inspect outbound email at the network gateway and automatically redirect messages that contain sensitive content to a secure, encrypted channel.
Secure Messenger is an alternative to the Secure Redirect component.
Organizations use one or the other with the Email Firewall to secure their enterprise outbound email.
If Secure Messenger is installed, the Setup page displays the Secure Messenger links from which you can set up and manage Secure Messenger.
For detailed information about setting up and using the Secure Messenger, see the Tumbleweed Secure Messenger 6.2 Administrator’s Guide.
2.9.9 Setting Up Proxy Servers
The Setup Proxy Servers page allows you to set up and configure the Email Firewall HTTP and FTP proxy servers. See Figure 2.25.
The Email Firewall HTTP proxy server is used to do the following for Email Firewall:
• download Certificate Revocation Lists (CRLs).
• retrieve the latest Email Firewall service updates, which is a service provided by the Email Firewall Update Service. The Email Firewall Update Service link "Check for E-Mail Firewall updates" is available on the Email Firewall System Status page.
• allow Recurrent Pattern Detection (RPD) connectivity.