Settings
Runtime settings of Email Gateway Security can be configured under Settings > General.
Retry
When scanning or relaying the email fails (e.g. the internal processing component or the relay SMTP server is not available), Email Gateway Security will retry.
Under Settings > General / Email the retry count and the interval between each attempt can be configured.
Email/Attachment size restrictions
Maximum email and/or attachment size restrictions can be configured under Settings > General / Email.
You can configure a maximum total email size (un-decoded; including the size of all the headers, email bodies and all attachments) by enabling Restrict maximum email size and enter a desired limit.
An attachment size limit can also be configured by enabling Restrict maximum attachment(s) size and enter a desired limit. This setting refers to all the attachments of an email.
By default Email Gateway Security does not apply any restriction on the size of emails or attachments.
Prioritize header charset setting in HTML
Enabling this option forces MetaDefender Email Gateway Security to treat the charset encoding specified in the HTML body's header as the content encoding (used for parsing and sanitization), as opposed to the default, which is to try and extract the charset from the HTML body's <meta> tag.
Example
When Prioritize header charset setting in HTML is enabled, the charset is taken from here:
When Prioritize header charset setting in HTML is disabled, the charset is taken from here:
SMTP servers
Email Gateway Security’s inbound SMTP server port and the SMTP server’s encryption configuration can be found under Settings > Security / SMTP Server Connection Settings.
Email Gateway Security can listen on multiple SMTP ports providing the option to apply different settings for each SMTP port.
Click the
Anti-spam
With the Aggressiveness level Email Gateway Security’s anti-spam component can be configured how eager it should be when looking for (potential) spam.
Enabling the Add analytical email headers Email Gateway Security will add special headers to emails so that later it can track false positive or negative spam.
In the IP allowlist a list of IPv4 addresses can be specified for which anti-spam checks will be bypassed.
Licensing
Automatically assign license to users
Email Gateway Security is capable to automatically discover users and count them for licensing using machine learning techniques. To enable automatic user discovery turn Settings > General / Licensing / Automatically assign license to users on.
Only license users from Active Directory
Email Gateway Security can have a tight integration with Active Directory (or other LDAP based directory services). Enabling Settings > General / Licensing / Only license users from Active Directory will make the product to refuse all recipients (for inbound rules) and senders (for outbound rules) that do not exist in the Active Directory.
Licensing users from Active Directory only can eliminate the risk that non-existing users will be counted for license.
For further details see Installation/Licensing and Configuration/Server profiles.
Synchronize licensed users with Active Directory
Enabling this setting will sync licensed users with users in Active Directory. If certain users have been removed from the Active Directory then those users get unlicensed in Email Gateway Security, too.
Synchronization runs once every day at midday according to the server time.
On-demand synchronization to Active Directory is also available. For details see Operating/User based licensing.
Configuration
Deployment mode
Deployment mode options are used to evaluate/test MetaDefender Email Gateway Security without necessarily affecting your existing email traffic. The following deployment modes are available:
Protection mode
Use this mode when you deploy MetaDefender Email Gateway Security in a production environment. This mode will protect your emails from malicious and untrusted content.** **
Out-of-band monitoring mode
Use this mode ONLY when you want to evaluate MetaDefender Email Gateway Security in an out-of-band scenario. This mode will NOT deliver any processed email. It requires you to send copies of emails to MetaDefender Email Gateway Security for processing.
Inline monitoring mode
Use this mode ONLY when you want to evaluate MetaDefender Email Gateway Security without making modifications to processed emails. This mode will NOT protect your emails from malicious or untrusted content.
A notification message will warn administrators when Email Gateway Security is in a monitoring mode.
Public server address
Settings > General / Configuration / Public server address is the IP or DNS address that will be used in URLs generated by Email Gateway Security (e.g. notifications, reports) to identify this server.
When this field is left empty there won't be any links in the notification and reports to this instance.
When setting this property please be aware that this address may be sent for recipients outside of your company (e.g. in a notification about password protected document).
Login banner
Enabling the Show login banner option a customizable warning text can be displayed in the login screen.
The login banner is text-only, no images or formatted text is supported.
The default banner is:
This system is for use by authorised users only. User activity may be monitored. Users of this system expressly consent to such monitoring and are advised that if such monitoring reveals possible criminal activity, security staff may provide the evidence of such monitoring to law enforcement officials.
The text can be at most 1000 characters long.
By default the banner is not enabled.
Attachment password patterns
When extraction of passwords for encrypted attachments is enabled for a security rule (see the section Encrypted attachments in Advanced Threat Prevention), regular expressions defined in this section are used to attempt to match the passwords.
Email Gateway Security uses Perl Compatible Regular Expressions (PCRE) to match passwords in email bodies.
For details see https://www.pcre.org.