PureMessage For Microsoft Exchange 2013 And 2016 - Sophos
PureMessage for MicrosoftExchange 2013 and 2016startup guide
ContentsAbout this guide. 1Planning your PureMessage for Microsoft Exchange deployment. 2Deploying PureMessage for Microsoft Exchange to a single Exchange server.2Deploying PureMessage for Microsoft Exchange to multiple Exchange servers.2Installing PureMessage for Microsoft Exchange. 4System requirements. 4Preparing for installation. 4Preconfiguring updates.5Installing PureMessage for Microsoft Exchange. 6Installing a PureMessage for Microsoft Exchange console on a separate computer.8PureMessage for Microsoft Exchange Configuration Group.9Starting and configuring PureMessage for Microsoft Exchange. 11Getting started with PureMessage for Microsoft Exchange.11Set up a mail domain and upstream trusted relay. 12Connect to Active Directory. 12Setting up alerts. 14Setting up an address for alerts. 14Setting up a template for email alerts.14Ensuring anti-virus scanning is enabled.15Blocking files which may contain threats. 16Blocking spam. 17Change anti-spam settings. 17Scanning Exchange Message Stores. 18Enable store scanning and alerts.18Configure scanning of Exchange stores. 18Dealing with quarantined items.20Quarantine housekeeping. 20Dealing with quarantined messages.20Enabling end-users to access the spam quarantine website.22Setting up quarantine digest emails to users. 22Monitoring system activity.24Uninstalling PureMessage for Microsoft Exchange. 26Appendix A: Deploying PureMessage for Microsoft Exchange clusters. 27How PureMessage for Microsoft Exchange works with Exchange clusters. 27Before you install. 27Installation procedure on DAGs.28Uninstalling PureMessage for Microsoft Exchange from a cluster. 28Administering PureMessage for Microsoft Exchange on a cluster. 28Appendix B: How to configure upstream (trusted) relays. 30Which upstream relays should be defined as trusted?. 30Appendix C: How does PureMessage for Microsoft Exchange route mail?. 32Appendix D: AboutPureMessage for Microsoft Exchange mail scanning. 33SMTP scanning. 33Exchange Store scanning. 34Appendix E: Filtering attachments containing unwanted content. 35Filtering blocked phrases within attachments. 35Appendix F: Database Mirroring. 37Prepare SQL Server instances.37Install PureMessage for Microsoft Exchange with database mirroring. 38Configure PureMessage for Microsoft Exchange for database mirroring. 38PureMessage for Microsoft Exchange Glossary. 41Technical support. 44(2018/09/05)
Legal notices.45(2018/09/05)
PureMessage for Microsoft Exchange 2013 and 20161 About this guideThis guide tells you how to do the following: install PureMessage for Microsoft Exchange for Microsoft Exchange 2013 and 2016. start PureMessage for Microsoft Exchange integrate PureMessage for Microsoft Exchange with Active Directory set up alerts ensure that anti-virus scanning is enabled block file types that may contain threats set up spam blocking (if your license permits) set up Exchange store scanning deal with quarantined items enable end-users to access and deal with quarantined items monitor system activityCopyright Sophos Limited1
PureMessage for Microsoft Exchange 2013 and 20162 Planning your PureMessage forMicrosoft Exchange deploymentYou can deploy PureMessage for Microsoft Exchange to a single or multiple Exchange servers, asdescribed below.2.1 Deploying PureMessage for MicrosoftExchange to a single Exchange serverIf your network has only one Exchange server, deploying PureMessage for Microsoft Exchange isstraightforward: install PureMessage for Microsoft Exchange on the Exchange server and configureit according to your email security policy.2.2 Deploying PureMessage for MicrosoftExchange to multiple Exchange serversPureMessage for Microsoft Exchange can protect both front-end (hub transport) servers and backend (mailbox) servers.If you don't want to expose your mailbox servers directly to the internet, you can use an EdgeTransport server in your perimeter network. The Edge Transport server role is available in MicrosoftExchange Server 2013 Service Pack 1 (SP1) or later.NoteIn such hybrid environments, it is recommended that you perform anti-spam scanning on theedge server to filter spam, and install the anti-virus only version of PureMessage for MicrosoftExchange on your back-end servers that do not require anti-spam scanning.Example: Separate Exchange Edge Transport server and ExchangeMailbox serverThis example illustrates how PureMessage for Microsoft Exchange can be installed on severalExchange servers with dedicated roles.NoteInstall the appropriate version of PureMessage for Microsoft Exchange on each server. ForPureMessage for Microsoft Exchange system requirements, see knowledgebase article 118640.2Copyright Sophos Limited
PureMessage for Microsoft Exchange 2013 and 2016Figure 1: Separate Exchange Edge Transport server and Exchange Mailbox serverCopyright Sophos Limited3
PureMessage for Microsoft Exchange 2013 and 20163 Installing PureMessage for MicrosoftExchangeThis section describes how to install PureMessage for Microsoft Exchange.NoteIf you are installing PureMessage for Microsoft Exchange to an Exchange cluster, checkthe system requirements and then go to Appendix A: Deploying PureMessage for MicrosoftExchange clusters (page 27).PureMessage for Microsoft Exchange consists of two components: The PureMessage for Microsoft Exchange service. The PureMessage for Microsoft Exchange administration console.This section tells you how to install both on a single server and also how to install a separateadministration console in order to manage remote PureMessage for Microsoft Exchange servers.Installation involves the following steps: Checking the system requirements. Preparing for installation. Preconfiguring updates (Sophos Enterprise Console customers only). Installing PureMessage for Microsoft Exchange. Installing a PureMessage for Microsoft Exchange console on a separate computer (optional).3.1 System requirementsPureMessage for Microsoft Exchange 4.0.4 and later can be installed on Microsoft Exchange Server2013 and 2016. The minimum requirement for the database is Microsoft SQL Server 2008.For a full list of PureMessage system requirements, see knowledge base article 1186403.2 Preparing for installationNoteIf you are running Windows 2008 or Windows 2008 R2 Server, read e/109664.html before installing PureMessage for MicrosoftExchange.Before you begin installation, you should do the following:4 Read the PureMessage for Microsoft Exchange release notes for details of new features andknown issues. The release notes are published at puremessage-for-microsoft-exchange.aspx. Make sure that a backup has been made of the mailboxes and databases.Copyright Sophos Limited
PureMessage for Microsoft Exchange 2013 and 2016 Make sure that the Exchange Autodiscover service is configured correctly. The service is used byPureMessage for Microsoft Exchange during scanning of Exchange stores. For more information,see 119506.aspx. PureMessage for Microsoft Exchange installation may require a restart, so schedule theinstallation for a time when restarting the server will cause the least inconvenience.If you want to use spam blocking: Make sure that you have a valid anti-spam license and download credentials from Sophos so thatyou can download anti-spam updates. Make sure that PureMessage for Microsoft Exchange is installed on a computer with Internetaccess, as anti-spam updates are only available direct from Sophos. If you use Sophos Enterprise Console to protect your PureMessage for Microsoft Exchangeserver, make sure that the server is configured to download anti-spam updates directly fromSophos as described in Preconfiguring updates (page 5).If you are installing PureMessage for Microsoft Exchange on multiple servers, make sure that yourSQL server is set up for remote access. See the PureMessage for Microsoft Exchange release notesfor further details.3.3 Preconfiguring updatesIf you use PureMessage for Microsoft Exchange for spam blocking, it needs to update regularlywith the latest rules for detecting spam. These spam rules can only be downloaded directly fromSophos via the internet.If you are going to install PureMessage for Microsoft Exchange on a computer that does notalready have Sophos Anti-Virus installed, updating will be set up for you and you need take nofurther action. Go to Installing PureMessage for Microsoft Exchange (page 6).If you are going to install PureMessage for Microsoft Exchange on a computer already runningSophos Anti-Virus and managed by Sophos Enterprise Console, you must follow the instructionsbelow.NoteYou will need the username and password that you use for downloads from the Sophos website.1. Go to the computer running Sophos Enterprise Console and start Sophos Enterprise Console.2. Ensure that the computer(s) running PureMessage for Microsoft Exchange are in a group of theirown or have their own policy setting.3. Create an Updating policy (or edit the existing policy) for the group.4. In the Updating Policy dialog box, click the Secondary server tab.5. In the Secondary server dialog box, select Specify secondary server details. Then in theAddress field, click the drop-down arrow and select Sophos. Enter your username and password.6. If necessary, enter proxy details.You have preconfigured updating and are ready to install PureMessage for Microsoft Exchange.Copyright Sophos Limited5
PureMessage for Microsoft Exchange 2013 and 20163.4 Installing PureMessage for MicrosoftExchangeTo install PureMessage for Microsoft Exchange, do as follows:NoteThe following services (and any dependent services) may be stopped and started during theinstallation of PureMessage for Microsoft Exchange: Internet Information Services (IIS) Microsoft Exchange Transport service Microsoft Exchange Frontend Transport service Microsoft Exchange Information Store service Distributed File System Replication (DFSR) service1. Log on to the server as an administrator, based on your environment: If you are in a domain, log on with domain administrative privileges. If you are in a workgroup, log on with local administrative privileges.NoteMake sure you are a member of the Exchange Organization Management group.2. Visit the Sophos product download page at http://www.sophos.com/support/updates/. You willneed credentials to download products and documentation.3. Browse to the PureMessage for Microsoft Exchange page and download the PureMessage forMicrosoft Exchange for Microsoft Exchange installer package you require. Choose Anti-virus andanti-spam or Anti-virus only (as your license permits).4. Using Windows Explorer, browse to your download folder and start the installer package. Theinstallation wizard begins.NoteEnsure that the installer is not run from a network share.5. In the Welcome dialog box, click Next.6. In the License Agreement dialog box, read the agreement. If you agree with the terms, click Iaccept the terms of the license agreement and click Next.7. In the Select Features dialog box, select the components you want to install and click Next.8. In the Choose Destination Location dialog box, you see the default folder where PureMessagefor Microsoft Exchange will be installed. If you want to install it in a different folder, click Browseand select a folder. Click Next.9. In the Sophos Download Credentials dialog box, enter the User name and Password that weresupplied by Sophos.If you access the internet via a proxy, click Proxy Details and enter your proxy settings.Otherwise, click Next.6Copyright Sophos Limited
PureMessage for Microsoft Exchange 2013 and 201610. In the PureMessage Database settings dialog box, specify the database (SQL Server) wherePureMessage for Microsoft Exchange will store reporting data, central quarantine, and policyconfiguration information. Click Next.PureMessage for Microsoft Exchange will automatically detect any local SQL databaseinstances. If a local database instance is detected, you choose it by selecting the Local option.If no database is detected and Local is chosen, then PureMessage for Microsoft Exchange willinstall a local instance of SQL Server Express. To use a database instance located on a differentcomputer, choose the Remote option. The database Browse dialog displays only SQL Serverinstances with the current domain.NoteFor information on how to configure database mirroring, see Appendix F: Database Mirroring(page 37).NotePureMessage for Microsoft Exchange 4.0.4 and later supports TLS 1.2. Using TLS to connectto a SQL Server database requires server side changes, see knowledge base article 132092 .11. In the PureMessage Service Credentials dialog box, click Create and enter a password andconfirm it to create a SophosPureMessage user. If the user account already exists, you will beprompted to enter its password. This account is used by Sophos PureMessage services. ClickNext.12. In the PureMessage Configuration Group dialog box, select a group you want to join or create anew group. Click Next.PureMessage for Microsoft Exchange installations can be grouped together to share the samepolicy configuration and be managed from a single management console. For more information,see PureMessage for Microsoft Exchange Configuration Group (page 9).13. If you are installing PureMessage for Microsoft Exchange on an Exchange server that isconfigured as a mailbox-only role, the PureMessage Mailbox Role Settings dialog box isdisplayed. Select the Exchange transport server which PureMessage for Microsoft Exchangeshould use to send alert email messages. Click Next.14. In the PureMessage Administration Settings dialog box, enter an Administrator email address.PureMessage for Microsoft Exchange will send alerts to this email address. You can change thisaddress later too. Click Next.NotePureMessage for Microsoft Exchange creates a security group in Active Directory calledSophos PureMessage Administrators, which includes all PureMessage for MicrosoftExchange administrators. By default, the current user will be added to this group.15. In the PureMessage Routing settings dialog box, do as follows.a) Enter your company’s email domain(s), such as mycompany.com, in the top panel.NoteYou need not specify sub-domains. When you specify a domain, the sub-domains areincluded automatically.b) Enter the IP addresses of any trusted email relays, such as your ISP’s SMTP server and anyemail gateway server or appliance upstream of your Exchange servers. Click Next.Copyright Sophos Limited7
PureMessage for Microsoft Exchange 2013 and 2016NotePureMessage for Microsoft Exchange uses the upstream relays configuration to determinemail direction. Not configuring an upstream relay can cause PureMessage for MicrosoftExchange to classify mail from upstream relays as internal, and hence skip spam scanningfor those messages. For information on configuring upstream (trusted) relays, see AppendixB: How to configure upstream (trusted) relays (page 30).16. In the Company Information dialog box you can enter details relating to the size, location,and market sector of your company or organization. This valuable feedback helps SophosLabsanalyze email security trends. Click Next.17. In the Start Copying Files dialog box, ensure the settings are correct. If they are not, use theback button to return to previous dialog boxes and change the settings. When they are correct,click Next.18. PureMessage for Microsoft Exchange displays the installation progress and installs SophosAnti-Virus and Sophos AutoUpdate (if not already installed). Sophos AutoUpdate automaticallydownloads updates to virus data and anti-spam rules.NoteIn certain circumstances the installation may require you to restart the server. Theinstallation will continue after restarting.19. When installation is complete, the InstallShield Wizard Complete dialog box is displayed. ClickFinish.If you also want to install a separate PureMessage for Microsoft Exchange administration console,see Installing a PureMessage for Microsoft Exchange console on a separate computer (page 8).NoteIf you have Microsoft Exchange server installed on your network, you may need to disable orexclude files from scanning. For more information see knowledge base article 40065.To start using PureMessage for Microsoft Exchange, see Getting started with PureMessage forMicrosoft Exchange (page 11).3.5 Installing a PureMessage for MicrosoftExchange console on a separate computerThe PureMessage for Microsoft Exchange administration console can be installed on a computerwithout the PureMessage for Microsoft Exchange service in order to manage remote PureMessagefor Microsoft Exchange services.To install PureMessage for Microsoft Exchange console onto a separate computer:1. On the computer where you want to install the console, start the PureMessage for MicrosoftExchange installer.2. In the Welcome dialog box, click Next.3. In the License Agreement dialog box, click I accept if you agree to the terms.4. In the Select Features dialog box, clear the PureMessage Service check box and leave theAdministration Console check box selected. Click Next.8Copyright Sophos Limited
PureMessage for Microsoft Exchange 2013 and 20165. In the Choose Destination Location dialog box, select your preferred destination folder, and clickNext.6. When installing in a workgroup, the PureMessage Service Credentials dialog box will appear.Click Create and enter a password and confirm it to create a SophosPureMessage user. If theuser account already exists, you will be prompted to enter its password. This account is used toconnect to Sophos PureMessage for Microsoft Exchange services. Click Next.7. In the Start Copying Files dialog box, click Next.8. When installation is complete, the InstallShield Wizard Complete dialog box is displayed. ClickFinish.9. Double-click the PureMessage for Microsoft Exchange icon on your desktop to start thePureMessage for Microsoft Exchange administration console.In certain circumstances the installation may require you to restart the server. The installation willcontinue after restarting.3.6 PureMessage for Microsoft ExchangeConfiguration GroupIf several PureMessage for Microsoft Exchange servers are required to implement the same policythen they should be installed to the same PureMessage for Microsoft Exchange group. This isachieved by selecting the same database and PureMessage for Microsoft Exchange group nameduring installation.Once the first PureMessage for Microsoft Exchange server has been installed in a group, thegroup name becomes available from the PureMessage Configuration Group dialog box so thatadditional servers can be easily installed to the same group:Copyright Sophos Limited9
PureMessage for Microsoft Exchange 2013 and 2016All PureMessage for Microsoft Exchange servers in a group should be in the same Windowsdomain or workgroup. If your Exchange servers are in separate domains or workgroups, theyshould be managed separately.For more information on installing PureMessage for Microsoft Exchange to an Exchange cluster,see Appendix A: Deploying PureMessage for Microsoft Exchange clusters (page 27).10Copyright Sophos Limited
PureMessage for Microsoft Exchange 2013 and 20164 Starting and configuring PureMessagefor Microsoft ExchangeThis section tells you how to: Start PureMessage for Microsoft Exchange Configure PureMessage for Microsoft Exchange to acknowledge your mail domain and upstreamtrusted email relay (if not done during installation) Connect to your directory server.4.1 Getting started with PureMessage forMicrosoft ExchangeTo start PureMessage for Microsoft Exchange, do as follows:1. Double-click the PureMessage icon on your desktop.2. In the PureMessage for Microsoft Exchange console, the left-hand pane (console tree) gives youaccess to the features you can configure. The right-hand pane (details) displays information orconfiguration options.If you set up a mail domain and upstream email relay during installation, see Connect to ActiveDirectory (page 12).If you have not yet set up a mail domain, see Set up a mail domain and upstream trusted relay(page 12).Copyright Sophos Limited11
PureMessage for Microsoft Exchange 2013 and 20164.2 Set up a mail domain and upstream trustedrelayFor PureMessage for Microsoft Exchange to determine inbound, outbound and internal mailcorrectly, you should configure your mail domains and any upstream (trusted) relays.For information on configuring upstream (trusted) relays, see Appendix B: How to configureupstream (trusted) relays (page 30).1. In the console tree, click Configuration System and then click Routing.2. In the Routing dialog box, do as follows:a) Click Add, and enter an address in the Mail domains panel, such as mycompany.com.NoteYou need not specify sub-domains. When you specify a domain, the sub-domains areincluded automatically.3.4.5.6.b) To add an upstream trusted relay, click Upstream (trusted) relays.In the Upstream (trusted) relays dialog box, click Add to specify an upstream trusted relayaddress or range of addresses.In the Specify Host IP Addresses dialog box, enter a single IP address or a range of addresses.You can also enter a comment for administrative use and click OK.In the Upstream (trusted) relays dialog box, click OK to save your relay(s).In the Manage changes menu, click Save changes.PureMessage for Microsoft Exchange now recognizes your specified mail domains and upstream(trusted) relays.Now connect to Active Directory. See Connect to Active Directory (page 12).4.3 Connect to Active DirectoryYou can configure PureMessage for Microsoft Exchange to integrate with Microsoft ActiveDirectory. You can then use recipient validation features and create message policies basedon users and groups already configured in the directory server. If you do not need to use thesefeatures, skip this section.NoteTo configure directory server settings when using ADAM/AD LDS, see the PureMessage forMicrosoft Exchange help.1. In the console tree, click Configuration Users and groups and click Active Directory.2. In the Active Directory dialog box, click Detect Active Directory. The directory server settingsshould be filled in automatically. If not, you may need to fill in the directory server settingsmanually.3. Enter the user name and password in the Logon Credentials pane if you are synchronizingwith an instance of ADAM/AD LDS or if you are synchronizing with the Active Directory12Copyright Sophos Limited
PureMessage for Microsoft Exchange 2013 and 2016Global Catalog Server. Otherwise, PureMessage for Microsoft Exchange will log on using theSophosPureMessage service account.4. Click Verify settings. PureMessage for Microsoft Exchange will attempt to log on to yourdirectory server.5. Ensure the Synchronize with Active Directory checkbox is checked. You can then configurePureMessage for Microsoft Exchange to synchronize with Active Directory (refresh its local copy)automatically or periodically.PureMessage for Microsoft Exchange keeps a local copy (cache) of the users and groups fromActive Directory for performance reasons.6. Click Synchronize now to start the synchronization process instantly.If you have selected Automatic synchronization and if a change is made to an entity in ActiveDirectory, it may take about 15 minutes for the change to reflect in PureMessage for MicrosoftExchange.Before you can set up your transport (SMTP) and Exchange store configuration, you need to set upalerts. See Setting up alerts (page 14).Copyright Sophos Limited13
PureMessage for Microsoft Exchange 2013 and 20165 Setting up alertsIn order to receive PureMessage for Microsoft Exchange administrator alerts, you must configurethis feature. You can also set up a template for alerts.5.1 Setting up an address for alerts1. In the console tree, click Configuration System and then click Alert configuration.2. In the Email addresses tab of the Alert configuration dialog box, click Add. Enter theadministrator’s email address in the Send administrator alerts to panel.3. Enter an email address in the Sender email address panel. The email address will be used forsending out alerts and other PureMessage for Microsoft Exchange generated messages.4. Click OK to save your changes.5.2 Setting up a template for email alertsThe default email template for alerts is sufficient for some users’ needs. However, you cancustomize the template as described below.1. In the console tree, click Configuration System Alert configuration and then click the Alerttemplate tab.2. In the Alert subject panel, enter the subject line of the alert. Right-click in the edit panel to viewavailable substitution symbols.Substitution symbols can insert variables such as date or other information specific to themessage.3. In theAlert body text panel, create the main body of your alert. Right-click within the text field toview substitution symbols.4. In the Text fo
If you use PureMessage for Microsoft Exchange for spam blocking, it needs to update regularly with the latest rules for detecting spam. These spam rules can only be downloaded directly from Sophos via the internet. If you are going to install PureMessage for Microsoft Exchange on a computer that does not
Bruksanvisning för bilstereo . Bruksanvisning for bilstereo . Instrukcja obsługi samochodowego odtwarzacza stereo . Operating Instructions for Car Stereo . 610-104 . SV . Bruksanvisning i original
Listing Exchange Exchange Exchange Exchange); Exchange Exchange listing Exchange Exchange listing. Exchange Exchange. Exchange ExchangeExchange Exchange .
10 tips och tricks för att lyckas med ert sap-projekt 20 SAPSANYTT 2/2015 De flesta projektledare känner säkert till Cobb’s paradox. Martin Cobb verkade som CIO för sekretariatet för Treasury Board of Canada 1995 då han ställde frågan
service i Norge och Finland drivs inom ramen för ett enskilt företag (NRK. 1 och Yleisradio), fin ns det i Sverige tre: Ett för tv (Sveriges Television , SVT ), ett för radio (Sveriges Radio , SR ) och ett för utbildnings program (Sveriges Utbildningsradio, UR, vilket till följd av sin begränsade storlek inte återfinns bland de 25 största
Hotell För hotell anges de tre klasserna A/B, C och D. Det betyder att den "normala" standarden C är acceptabel men att motiven för en högre standard är starka. Ljudklass C motsvarar de tidigare normkraven för hotell, ljudklass A/B motsvarar kraven för moderna hotell med hög standard och ljudklass D kan användas vid
LÄS NOGGRANT FÖLJANDE VILLKOR FÖR APPLE DEVELOPER PROGRAM LICENCE . Apple Developer Program License Agreement Syfte Du vill använda Apple-mjukvara (enligt definitionen nedan) för att utveckla en eller flera Applikationer (enligt definitionen nedan) för Apple-märkta produkter. . Applikationer som utvecklas för iOS-produkter, Apple .
SOPHOS PureMessage Anti‐Spam Program The following FAQ's should help clarify some questions you might have about Villanova's new anti‐spam quarantining program. If your question is not answered below, please call the UNIT Helpdesk at 610‐519‐7777 or email support@villanova.edu.
API –1.0.0 System Reads (user accounts, labor codes, and other configruations) Customer Read Equipment Read Equipment Hour Meter Write Product Read Inventory Read Work Order Read / Write Time Read / Write File Read / Write Web hooks for: Work Order status changes Work Order confirmations (tech, customer .
