As soon as certificates and their certificate chains are used for the email signature or encryption, they usually have to be checked for validity. It is important to note that certain basic requirements must be met for a final certificate to be considered valid:
The certificate itself including its complete certificate chain is stored in the certificate store of NoSpamProxy.
The revocation check of the final certificate and all intermediate certificates contained in the certificate chain was successful.
Please note that the check is preferably carried out on the basis of the Online Certificate Status Protocol. If the respective certificate does not offer this, the check via certificate revocation list (CRL) is used. When retrieving the CRL of each certificate, three things must be fulfilled:
The CRL can be retrieved from all gateways.
The CRL itself is still valid.
The affected certificate is not included in the certificate revocation list.
Point 2 can be checked by a simple retrieval (in the case of a list linked via HTTP) via browser and subsequent opening using Windows on-board tools. Please bear in mind any proxy settings that may apply.
The easiest way to carry out the check is with the help of an automated script. To use this script, you must log on to the system on which the Intranet Role is installed. Execute the script there. Use either the PowerShell command line or the PowerShell ISE.
After executing the script, you will be asked for the thumbprint of the certificate to be checked. This can be found in the Activities section of the message track of the email in question. In said area, you will find the name of the applicant as a link. There you will find the thumbprint of the certificate, which you can copy by right-clicking.
https://www.nospamproxy.de/wp-content/uploads/2015/07/makefg1.png256256Technik NoSpamProxyhttps://www.nospamproxy.de/wp-content/uploads/2015/03/logo.pngTechnik NoSpamProxy2021-05-10 11:16:562021-05-10 13:15:57Problems related to certificates for email signature, email encryption or receiving signed emails
On our download page we offer you different versions of NoSpamProxy. These versions differ – even within one release cycle – due to different test strategies.
Regular channel
The versions in the regular channel usually include new functions in addition to bug fixes. Since all functions are extensively tested, these versions have a longer throughput time in quality assurance. In addition, these versions are deployed as productive installations to selected users about four weeks before release.
Fast channel
These versions contain only bug fixes, which is why the throughput time in quality assurance is shorter. The tests are limited to the basic functions including installation and update. In addition, the functions that have received an error correction are tested. After the quality assurance tests, these versions also run as productive installations for about two weeks before being released to selected users.
Beta versions
These versions are deployed before a release and contain new or changed features. The deployment phase is announced via our blog, where all partners and end users have the opportunity to register for such a version.
Beta versions may not be used in productive environments!
Other versions
For individual customers, we release versions at irregular intervals that are specially tailored to them. These versions are not released publicly, but are only distributed to the respective customers.
https://www.nospamproxy.de/wp-content/uploads/2015/07/makefg1.png256256Technik NoSpamProxyhttps://www.nospamproxy.de/wp-content/uploads/2015/03/logo.pngTechnik NoSpamProxy2021-05-10 06:45:302021-05-10 12:40:40Information on different NoSpamProxy versions
This article provides an overview of the minimum requirements that must be met in order to run NoSpamProxy.
Note: In order for you to receive support services,
the listed requirements must be fulfilled and
a corresponding manufacturer support contract must be in effect.
We do not guarantee the completeness of the following information on third-party products. In any case, make sure to check the manufacturer’s pages for updates!
General requirements
A corporate email server, either in the company network or in the cloud.
NoSpamProxy can NOT be operated using the combination “Domain Controller + Exchange + NoSpamProxy” on one single system, because the operation of Exchange on a domain controller is prohibited. See Exchange Server Supportability Matrix.
NoSpamProxy can be installed on a system in parallel with the email server. However, this combination is not recommended, because of duplicate port assignments (mostly ports 25, 443 and 6060/6061), which can cause problems during operation. We recommend to always change the ports of the email server in case of parallel operation, so that NoSpamProxy can be reached from outside via the standard ports.
NoSpamProxy uses the following standard ports:
Port 6060/6061 TCP
internal communication between the Intranet Role and the Gateway Roles
Port 25 TCP
SMTP
inbound and outbound
modifyable
also used by Exchange during parallel operation
Port 443 TCP
SSL
internal and external communication with the Web Portal
modifyable
Port 465 TCP
POP3
to retrieve POP3 messages
no support for NoSpamProxy Protection
Hardware requirements
The following specifications are minimum requirements. The recommended configuration depends on the email volume and the use of individual NoSpamProxy functions.
4GB RAM
2 processor cores
virtualized or physical
Hard disk space
should be discussed individually with the support or presales team
If Intranet and Gateway Role are operated on one single system with no Web Portal present, 100GB should be sufficient.
Supported NoSpamProxy versions
The following versions are currently covered by our support:
Version 13.2
Version 13.1
Version 13.0
Version 12.2
Version 12.1 (no longer supported with release of version 14)
Version 12.0 (no longer supported with release of version 14)
Version 11.1 (no longer supported with release of version 14)
NoSpamProxy Outlook Add-In
Outlook 2010 and later
Microsoft Operating Systems
Microsoft Windows Server 2019
Microsoft Windows Server 2016
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2012 (no longer supported with version 14)
Microsoft Windows Server 2008 R2 (no longer supported with version 14)
Microsoft .NET Framework
.NET Framework 4.8, supported as of NoSpamProxy version 13, mandatory as of version 14
.NET Framework 4.7.2, mandatory supported from NoSpamProxy 12.2 onwards
.NET Framework 4.6.2, supported up to version 12.1 and older
.NET Framework 4.5.7, supported up to version 11.1 and older
Microsoft SQL Server Express Version
Microsoft SQL Server 2019 Express Version (supported for Windows Server 2016 and above)
Microsoft SQL Server 2017 Express Version (supported for Windows Server 2012 R2 and Windows Server 2016)
Microsoft SQL Server 2014 Express Version (no longer supported with version 14)
Microsoft SQL Server 2012 Express Version (no longer supported with version 14)
Microsoft SQL Server 2008 R2 Express Version (no longer supported with version 14)
For details on supported combinations, please refer to the official Microsoft pages for each product.
Microsoft SQL-Server Standard/Enterprise
Microsoft SQL-Server 2012 SP4 and later
Microsoft SQL-Server 2012 SP3 and older (no longer supported with version 14)
Visual Studio Tools for Office 2010 Runtime or higher is required to install the Outlook Add-In.
Further notes
Make sure that any third-party applications you use that connect to NoSpamProxy are covered by their respective manufacturer’s support. If this is not the case, the NoSpamProxy support team will not be able to provide support.
Make sure that the necessary exceptions are set in the local Windows Defender (and other AV scanners used) to allow NoSpamProxy to run smoothly.
If you have installed NoSpamProxy and Microsoft Exchange on the same server, make sure that the respective version of the framework is supported by Exchange before installing or updating the Microsoft .NET framework. An overview of supported versions is provided in the Exchange Server Supportability Matrix.
Further details about the installation of the add-in can be found in the Outlook Add-In Installation and Group Policy manual. There, the installation with the MSI file for software distributions is also addressed.
The Cyren IP Reputation filter is available if NoSpamProxy Protection is licensed. This filter performs the check of the IP address of the sending system, classifies it according to the classification received from Cyren and assigns corresponding SCL points:
No known risk (0 SCL points)
Medium risk (1 SCL points)
High risk (3 SCL points)
Depending on the setting of the evaluation criteria and additional classifications of the other filters in the applied rule, an IP address can thus lead to the rejection of the emails. This rejection can already take place during the envelope phase, so that further information – for example, the subject – is no longer transmitted.
NoSpamProxy has no influence on these evaluations. However, every affected sender can have their IP address and its classification checked and adjusted via the Cyren support page.
https://www.nospamproxy.de/wp-content/uploads/2015/07/makefg1.png256256Technik NoSpamProxyhttps://www.nospamproxy.de/wp-content/uploads/2015/03/logo.pngTechnik NoSpamProxy2021-04-20 08:27:122021-04-29 14:20:31Detection of IP addresses by the Cyren IP Reputation filter
The Cyren Premium AntiVirus scanner is part of the Malware Scanner action and can be used if NoSpamProxy Protection is licensed. Cyren Premium AntiVirus checks attachments that are attached to an email. In doing so, it carries out two basic checks:
Local checks against definitions
The definitions are regularly downloaded from the Cyren servers. In case of access problems to the Cyren servers, the definitions must not be older than two days.
During the check, the attachment is placed in the directory C:\ProgramData\Net at Work Mail Gateway\Cyren\Temp, checked and deleted again.
Live checks – Zero Hour Protection
Check for conspicuous attachments in the recent past. A hash value is generated and sent to Cyren, which then sends a response with the corresponding classification by Cyren.
Unlike with the Cyren AntiSpam filter, the NoSpamProxy support has no way of influencing this behaviour in the case of a misclassification. In the case of misclassifications – i.e. false positives or false negatives – the sender or the recipient of the email must always contact Cyren and have this corrected accordingly.
A description of the process can be found on the respective Cyren support page.
In case of local problems or missing definitions, please refer to the Knowledge Base article Cyren Engines – Troubleshooting
Note
To ensure parallel operation with other locally installed virus scanners on the gateway role, please refer to the Knowledge Base article How to configure on-access virus scanners and define the exceptions as described!
Below you will find information on using the Sandbox Service in NoSpamProxy. For general information on how a cloud sandbox works, licensing or data protection, see Informationen zum NoSpamProxy Sandbox-Service (German only).
Note
Since 2018, we strongly recommend NoSpamProxy customers to take a whitelisting approach to content filtering (see our article on email firewalls). This recommendation applies in particular to the use of the NoSpamProxy Sandbox service.
An example: Even if an “executable file for Windows” is supported by the sandbox, the question arises whether one wants to allow this potentially dangerous file type for one’s own company at all. In this case, it makes more sense to generally reject this file type and thus also save the upload to the sandbox.
If a file is classified as unsuspicious by the sandbox service, the respective email will be delivered.
Sandbox-Hashabfrage
Sandbox hash query
The retrieval of the hash values from the sandbox database can be carried out without restriction and without deduction of purchased licences. For this purpose, the corresponding check mark Query the sandbox if the attachments of inbound emails are known to be malicious must be ticked.
This check can be applied to all file types.
Sandbox upload
File uploads are limited to 20 files per user and month.
This value is the total value of permitted uploads; there is no strict user check. This means, for example, for a 50-user licence that the respective NoSpamProxy installation may upload 1000 files to the sandbox in one month. Costs may be incurred if the limit is exceeded.
To limit the sandbox check to individual file types, an additional content filter action should be created that is only applied to certain file types.
To enable uploading, the option Upload unknown files to the sandbox for analysis must be activated.
Supported file types
Executable files
Executable files for Windows
Office – Word
<all>
Office – Excel
<all>
Office – PowerPoint
<all>
Video
Adobe Flash (SWF)
Adobe Flash Video (FLV)
Text
Rich Text Format
Rich Text Format with OLE objects
PDF
PDF with URLs
Archives and compressed files
ZIP-compressed file
GZIP-compressed file
TAR archive
GZIP-compressed TAR archive
7Zip-compressed file
Scripts (Configuration via file names)
.js
.vbs
.wsf
.ps
.py
.hta
.perl
.php
.sh
Delivery delay
If a file has to be uploaded to the sandbox (sandbox upload), the email will not be accepted initially and temporarily rejected so that the sending email server delivers it again.
The temporary rejection is applied here because the analysis on the sandbox array takes a certain amount of time, but should be completed after a regular 5 minutes when a new delivery attempt is made.
This will result in a delivery delay for the respective emails which must be taken into account accordingly. We therefore recommend that you check exactly which files should really be sent to the sandbox. Note the following option if time-critical processes or mailboxes exist in your company:
Is a sandbox hash query sufficient instead of a complete analysis (sandbox upload)?
It is possible to create different actions in the content filter to configure different actions for a content filter entry for “Trusted emails” and “Untrusted emails” between a sandbox upload and a sandbox hash query.
Office documents can be converted into a secure PDF document by NoSpamProxy Content Disarming if necessary.
https://www.nospamproxy.de/wp-content/uploads/2015/07/makefg1.png256256Technik NoSpamProxyhttps://www.nospamproxy.de/wp-content/uploads/2015/03/logo.pngTechnik NoSpamProxy2021-04-19 15:15:062021-04-29 14:00:40Information on using the NoSpamProxy Sandbox Service
Monday to Friday from 9am to 5pm CET.
Deviating support availability information will be communicated via our blog, forum or in the opening email for tickets.
Response times
Next business day at the latest, but usually within four hours during regular support hours.
Priorities are set and monitored by the support team, enabling a faster response to critical issues.
If you contact us
All end customers who have concluded a valid manufacturer support or comparable contracts with Net at Work GmbH are entitled to support. End customers who have not purchased manufacturer support must open a ticket via their reseller/service provider or apply for chargeable support via our sales department.
In case of queries regarding existing tickets, please have the ticket number ready. You will find this in the subject of the opening email or in the ticket communication, represented as “NAW-xxxxx-ZxZxZx” (x is a number, Z is a letter).
If you open a new ticket by email, please refer to the Knowledge Base article Troubleshooting in case of problems. Please include all necessary information.
If you open a ticket by phone or via the contact form, please submit additional information if needed after you have received the opening email.
Please note: The more information you provide us with at the time of opening, the more targeted and faster we can respond to your request.
It is possible that the Cyren engines used generate error messages that are not traceable to the engines themselves, but to communication problems with Cyren data centers.This article shows you ways to test the communication and function.
Details about the three Cyren engines in NoSpamProxy
NoSpamProxy currently has three Cyren engines that are active, depending on the configuration and licensed modules.
Cyren AntiSpam and Cyren Premium AntiVirus (ctasd)
Program folder: C:\Program Files\Net at Work Mail Gateway\Cyren Integration Service
Program file: ctasd.exe
Configuration folder: C:\ProgramData\Net at Work Mail Gateway\Cyren
Configuration file: ctasd.conf
Service name: NetatworkMailGatewayCyrenService
Service display name: NoSpamProxy – CYREN Service
Definitions folder: C:\ProgramData\Net at Work Mail Gateway\Cyren\Definitions
Is a web proxy required for Internet communication in your company and is it registered according to the knowledge base article How to configure CYREN services?
This must be checked and re-entered after each NoSpamProxy Update/Upgrade.
Always edit the newly created file, never overwrite it with an old version of the file.
Is it possible to communicate with and/or without web proxy to all mentioned external systems of Cyren?
Are there any exceptions on the firewall to access allsub-domains from ctmail.com? These connections must not be used for virus scanning, content filtering, or other checks!
Are there any error messages when the services are running interactively via the command prompt (CMD)? To run interactively, please follow these stepsaus and attach a screenshot of the request’s communication to support.
Stop each service from Microsoft Windows services.
Open a prompt with administrator privileges.
Run the command for the service, to be tested. Use the path to the corresponding executable if you do not have NoSpamProxy installed in the default directory
Ctasd CMD > “C:\Program Files\Net at Work Mail Gateway\Cyren Integration Service\ctasd.exe” -c “C:\ProgramData\Net at Work Mail Gateway\Cyren-ctasd.conf” -i
Ctipd CMD > “C:\Program Files\Net at Work Mail Gateway\Cyren Integration Service\ctipd.exe” -c “C:\ProgramData\Net at Work Mail Gateway\Cyren-ctipd.conf” -i
Ctwsd CMD > “C:\Program Files”Net at Work Mail Gateway\Cyren Integration Service\ctwsd.exe” -c “C:\ProgramData\Net at Work Mail Gateway\Cyren-ctwsd.conf” -i
Copy the output or take a screenshot of the output.
If you have checked all these points, please open a support ticket with the information attached so that more logs can be created for analysis.
Problems related to certificates for email signature, email encryption or receiving signed emails
How-tos 13.xAs soon as certificates and their certificate chains are used for the email signature or encryption, they usually have to be checked for validity. It is important to note that certain basic requirements must be met for a final certificate to be considered valid:
Please note that the check is preferably carried out on the basis of the Online Certificate Status Protocol. If the respective certificate does not offer this, the check via certificate revocation list (CRL) is used. When retrieving the CRL of each certificate, three things must be fulfilled:
Point 2 can be checked by a simple retrieval (in the case of a list linked via HTTP) via browser and subsequent opening using Windows on-board tools. Please bear in mind any proxy settings that may apply.
Please also refer to the knowledge base article How to configure a web proxy.
The easiest way to carry out the check is with the help of an automated script. To use this script, you must log on to the system on which the Intranet Role is installed. Execute the script there. Use either the PowerShell command line or the PowerShell ISE.
After executing the script, you will be asked for the thumbprint of the certificate to be checked. This can be found in the Activities section of the message track of the email in question. In said area, you will find the name of the applicant as a link. There you will find the thumbprint of the certificate, which you can copy by right-clicking.
Information on different NoSpamProxy versions
Update Information 12.x, 13.xOn our download page we offer you different versions of NoSpamProxy. These versions differ – even within one release cycle – due to different test strategies.
Regular channel
The versions in the regular channel usually include new functions in addition to bug fixes. Since all functions are extensively tested, these versions have a longer throughput time in quality assurance. In addition, these versions are deployed as productive installations to selected users about four weeks before release.
Fast channel
These versions contain only bug fixes, which is why the throughput time in quality assurance is shorter. The tests are limited to the basic functions including installation and update. In addition, the functions that have received an error correction are tested. After the quality assurance tests, these versions also run as productive installations for about two weeks before being released to selected users.
Beta versions
These versions are deployed before a release and contain new or changed features. The deployment phase is announced via our blog, where all partners and end users have the opportunity to register for such a version.
Beta versions may not be used in productive environments!
Other versions
For individual customers, we release versions at irregular intervals that are specially tailored to them. These versions are not released publicly, but are only distributed to the respective customers.
These versions also go through quality assurance.
System Requirements
Update Information 11.1, 12.x, 13.xThis article provides an overview of the minimum requirements that must be met in order to run NoSpamProxy.
Note: In order for you to receive support services,
We do not guarantee the completeness of the following information on third-party products. In any case, make sure to check the manufacturer’s pages for updates!
General requirements
NoSpamProxy uses the following standard ports:
Hardware requirements
The following specifications are minimum requirements. The recommended configuration depends on the email volume and the use of individual NoSpamProxy functions.
Supported NoSpamProxy versions
The following versions are currently covered by our support:
NoSpamProxy Outlook Add-In
Microsoft Operating Systems
Microsoft .NET Framework
Microsoft SQL Server Express Version
For details on supported combinations, please refer to the official Microsoft pages for each product.
Microsoft SQL-Server Standard/Enterprise
Microsoft Report Viewer
Microsoft Report Viewer 2010 is required to install the Intranet Role.
Microsoft Visual Studio Tools for Office
Visual Studio Tools for Office 2010 Runtime or higher is required to install the Outlook Add-In.
Further notes
Detection of IP addresses by the Cyren IP Reputation filter
How-tos 12.x, 13.xThe Cyren IP Reputation filter is available if NoSpamProxy Protection is licensed. This filter performs the check of the IP address of the sending system, classifies it according to the classification received from Cyren and assigns corresponding SCL points:
Depending on the setting of the evaluation criteria and additional classifications of the other filters in the applied rule, an IP address can thus lead to the rejection of the emails. This rejection can already take place during the envelope phase, so that further information – for example, the subject – is no longer transmitted.
NoSpamProxy has no influence on these evaluations. However, every affected sender can have their IP address and its classification checked and adjusted via the Cyren support page.
Further information
Attachment detection by Cyren Premium AntiVirus
How-tos 10.x, 11.x, 12.x, 13.x, 9.2The Cyren Premium AntiVirus scanner is part of the Malware Scanner action and can be used if NoSpamProxy Protection is licensed. Cyren Premium AntiVirus checks attachments that are attached to an email. In doing so, it carries out two basic checks:
Unlike with the Cyren AntiSpam filter, the NoSpamProxy support has no way of influencing this behaviour in the case of a misclassification.
In the case of misclassifications – i.e. false positives or false negatives – the sender or the recipient of the email must always contact Cyren and have this corrected accordingly.
A description of the process can be found on the respective Cyren support page.
In case of local problems or missing definitions, please refer to the Knowledge Base article Cyren Engines – Troubleshooting
Note
To ensure parallel operation with other locally installed virus scanners on the gateway role, please refer to the Knowledge Base article How to configure on-access virus scanners and define the exceptions as described!
Further information
Information on using the NoSpamProxy Sandbox Service
Settings 13.x, 13.xBelow you will find information on using the Sandbox Service in NoSpamProxy. For general information on how a cloud sandbox works, licensing or data protection, see Informationen zum NoSpamProxy Sandbox-Service (German only).
Note
Since 2018, we strongly recommend NoSpamProxy customers to take a whitelisting approach to content filtering (see our article on email firewalls). This recommendation applies in particular to the use of the NoSpamProxy Sandbox service.
An example: Even if an “executable file for Windows” is supported by the sandbox, the question arises whether one wants to allow this potentially dangerous file type for one’s own company at all. In this case, it makes more sense to generally reject this file type and thus also save the upload to the sandbox.
If a file is classified as unsuspicious by the sandbox service, the respective email will be delivered.
Sandbox-Hashabfrage
Sandbox hash query
The retrieval of the hash values from the sandbox database can be carried out without restriction and without deduction of purchased licences. For this purpose, the corresponding check mark Query the sandbox if the attachments of inbound emails are known to be malicious must be ticked.
This check can be applied to all file types.
Sandbox upload
File uploads are limited to 20 files per user and month.
This value is the total value of permitted uploads; there is no strict user check. This means, for example, for a 50-user licence that the respective NoSpamProxy installation may upload 1000 files to the sandbox in one month. Costs may be incurred if the limit is exceeded.
To limit the sandbox check to individual file types, an additional content filter action should be created that is only applied to certain file types.
To enable uploading, the option Upload unknown files to the sandbox for analysis must be activated.
Supported file types
Delivery delay
If a file has to be uploaded to the sandbox (sandbox upload), the email will not be accepted initially and temporarily rejected so that the sending email server delivers it again.
The temporary rejection is applied here because the analysis on the sandbox array takes a certain amount of time, but should be completed after a regular 5 minutes when a new delivery attempt is made.
This will result in a delivery delay for the respective emails which must be taken into account accordingly. We therefore recommend that you check exactly which files should really be sent to the sandbox. Note the following option if time-critical processes or mailboxes exist in your company:
Support Information
Troubleshooting contact, erreichbarkeit, information, kontakt, reaction, reaktionszeit, support, timeBelow you will find general information about our support services.
For further details, please refer to the Allgemeinen Geschäftsbedingungen (AGB)
Contact
Phone: +49 (5251) 304 636
Email: support@nospamproxy.de
Contact form: Support request
Support hours
Monday to Friday from 9am to 5pm CET.
Deviating support availability information will be communicated via our blog, forum or in the opening email for tickets.
Response times
Next business day at the latest, but usually within four hours during regular support hours.
Priorities are set and monitored by the support team, enabling a faster response to critical issues.
If you contact us
All end customers who have concluded a valid manufacturer support or comparable contracts with Net at Work GmbH are entitled to support. End customers who have not purchased manufacturer support must open a ticket via their reseller/service provider or apply for chargeable support via our sales department.
In case of queries regarding existing tickets, please have the ticket number ready. You will find this in the subject of the opening email or in the ticket communication, represented as “NAW-xxxxx-ZxZxZx” (x is a number, Z is a letter).
If you open a new ticket by email, please refer to the Knowledge Base article Troubleshooting in case of problems. Please include all necessary information.
If you open a ticket by phone or via the contact form, please submit additional information if needed after you have received the opening email.
Please note: The more information you provide us with at the time of opening, the more targeted and faster we can respond to your request.
Cyren Engines – Troubleshooting
Troubleshooting 10.x, 11.x, 12.x, 13.x, 9.2It is possible that the Cyren engines used generate error messages that are not traceable to the engines themselves, but to communication problems with Cyren data centers. This article shows you ways to test the communication and function.
Details about the three Cyren engines in NoSpamProxy
NoSpamProxy currently has three Cyren engines that are active, depending on the configuration and licensed modules.
Cyren AntiSpam and Cyren Premium AntiVirus (ctasd)
Cyren IP Reputation (ctipd)
Cyren URL Categorization (ctwsd)
Note: All paths are the default paths and may differ from your installation.
Troubleshooting
In the following section you will find a small checklist, which you should always check before the first request to the support
CMD > “C:\Program Files\Net at Work Mail Gateway\Cyren Integration Service\ctasd.exe” -c “C:\ProgramData\Net at Work Mail Gateway\Cyren-ctasd.conf” -i
CMD > “C:\Program Files\Net at Work Mail Gateway\Cyren Integration Service\ctipd.exe” -c “C:\ProgramData\Net at Work Mail Gateway\Cyren-ctipd.conf” -i
CMD > “C:\Program Files”Net at Work Mail Gateway\Cyren Integration Service\ctwsd.exe” -c “C:\ProgramData\Net at Work Mail Gateway\Cyren-ctwsd.conf” -i
If you have checked all these points, please open a support ticket with the information attached so that more logs can be created for analysis.