Starting with NoSpamProxy version 13, NoSpamProxy informs about the fill level of the database if a Microsoft SQL Express version (max. 10GB per database) is filled by more than 70 percent.

In the following you will find some hints on how to react to a corresponding message in the console.

Warning Levels

NoSpamProxy warns you about a full database in two stages:

When the database is 70% full
  • a message is added to the event log,
  • a message is displayed under Incidents on the NoSpamProxy console start page, and
  • a notification is sent to the set administrator email address.
When the database is 90% full
  • a message is added to the event log,
  • a warning is displayed on the NoSpamProxy console start page under Incidents, and
  • a notification is sent to the set administrator email address.

What are possible reasons for a full database?

  • The configured period of message tracking and its details (monitoring) is too long.
  • There are problems with communication between two or more NoSpamProxy roles.
  • Expired data has not been properly deleted from the database.

How to analyse the database

To find out why the database has reached the respective size, proceed as follows:

  1. Install Microsoft SQL Management Studio on the system on which the affected database is installed.
    Microsoft SQL Management Studio is available free of charge from the Microsoft website.
  2. Start SQL Management Studio.
  3. Log on to the SQL instance where the database is located.
    These instances are usually called (local)\SQLEXPRESS or (local)\NOSPAMPROXY.
  4. After successfully logging on, execute the following SQL queries (depending on the NoSpamProxy role involved); to do this, you only need to change the first row to the following databases:

Intranet Role:
USE [NoSpamProxyAddressSynchronization]

Gateway Role:
USE [NoSpamProxyDB]

Web Portal:
USE [enQsigPortal]

 

USE [NoSpamProxyAddressSynchronization]
GO
SELECT
isnull(t.NAME, 'Total') AS TableName,
s.name as SchemaName,
p.rows AS RowCounts,
CAST(ROUND(((SUM(a.used_pages) * 8) / 1024.00), 2) AS NUMERIC(36, 2)) AS SizeInMB
FROM
sys.tables t
INNER JOIN
sys.indexes i ON t.OBJECT_ID = i.object_id
INNER JOIN
sys.partitions p ON i.object_id = p.OBJECT_ID AND i.index_id = p.index_id
INNER JOIN
sys.allocation_units a ON p.partition_id = a.container_id
LEFT OUTER JOIN
sys.schemas s ON t.schema_id = s.schema_id
WHERE
t.NAME NOT LIKE 'dt%'
AND t.is_ms_shipped = 0
AND i.OBJECT_ID > 255
GROUP BY
ROLLUP(t.Name, s.Name, p.Rows)
HAVING p.rows is not null or (p.rows is null and t.name is null)
ORDER BY
sum(a.used_pages) desc
GO

How can the results be interpreted and solved?

In the output of the SQL script you can find an overview of all existing tables of the database as well as information about their size.

Output of Tables Sizes

Output of Tables Sizes

There are two specific tables that should be empty in normal operation or whose entries should change constantly each time they are called:

  • DataReplication.Artefact

    DB_TableSizes_Artefact

    Table Size of DataReplication.Artefact table

  • MessageTracking.LegacyMessageTrackEntry

    Table Size of Table MessageTrack. Legacy´MessageTrackEntry

    Table Size of Table MessageTrack. LegacyMessageTrackEntry

If data accumulates in these tables but does not degrade, this indicates that problems exist. These must be clarified and solved by the NoSpamProxy support. In this case, please contact the partner responsible for you or – if you have purchased manufacturer support – the NoSpamProxy support directly.

All other scenarios indicate that the storage period for message tracking is too long, which you can edit and reduce in the NoSpamProxy console under Configuration > Advanced Settings > Monitoring. The reduction usually takes up to 24 hours, so that a result is usually not visible until the next day.

It is common that not only the user who originally performed the installation needs to perform updates, but also other administrator accounts. To do this, it is necessary to set up the appropriate permissions for these additional users. The corresponding steps are described below:

  1. Notes
      • All steps apply to all roles of NoSpamProxy; they differ only in the database names.
        • Database Intranet Role: NoSpamProxyAddressSynchronization
        • Database Gateway Role: NoSpamProxyDB
        • Database Web Portal: enQsigPortal
      • Users and user groups (local or in the domain) can be registered.
    • Log on with the user with which the installation was performed.
  2. Install the SQL Management Studio.
  3. Open SQL Management Studio and log on to the local instance  that contains the NoSpamProxy database(s), using Windows authentication.
  4. Expand the Security folder and the Logins folder.
  5. Right-click on the “Logins” folder and select “New Login” from the context menu.
  6. Under “General”, select the user to be added, but keep the “Windows Authentication” item.
    Database Rights - General
  7. Under “Server Roles” tick the checkbox for “sysadmin”.
    Database Rights - Server Roles
  8. Under “User Mapping”, check the corresponding database and additionally activate the role “db_owner”.
    Database Rights - User Mapping
  9. All other settings are optional.
  10. Save the new login and close SQL Management Studio.

To verify access, log on to the system with the added user, open SQL Management Studio, and check whether you can view the database tables. If this works, access is set up.

PDF conversion as part of Content Disarm and Reconstruction (CDR), converts Microsoft Word, Microsoft Excel and PDF documents into secure PDF files by removing any active content. The PDF file can then be opened without any concerns, with the original file either left attached to the email or removed. CDR is a feature in NoSpamProxy Protection and in conjunction with NoSpamProxy Large Files provides an optimal way to disarm unsafe documents and retain the original files.

CDR is configured in the “Content filter actions” and then applied to the corresponding emails via the “Content filters”. A training video on the content filters can be found at https://www.nospamproxy.de/de/support/trainingsvideos/ (German only).

This conversion process is very time-consuming and not all documents can be converted. We have built in a protection mechanism so that the unsafe attachments are not delivered, even if the conversion fails.

  • If only Protection, but not Large Files, is licensed, the email for which the conversion did not work is first stored under “Monitoring > Emails on hold” and the configured administrator is informed. The administrator then has the task of checking the email and can then either download it as an EML file and forward it via Outlook or deactivate/change the content filter for this email for a limited time and force delivery again.
  • If Protection and Large Files are licensed, the original file will be uploaded to the Web Portal if the conversion fails (if desired even if the conversion was successful), but it will be locked there, so that it must also be released by the administrator, deviating from the settings for the successful conversion.
    The email itself is delivered to the recipient, with the corresponding information for downloading, but without the converted PDF file, as this was not possible.

This protective mechanism cannot be changed or influenced.

The filter “Cyren AntiSpam” is available if NoSpamProxy Protection is licensed. This filter does the main work of checking emails for spam regarding content and structure of the email. It generates a Reference ID, which is sent to Cyren when an email is received and checked against a database. If this check reveals no characteristics of spam emails, the email will be accepted. Otherwise, the filter assigns 4 SCL (Spam Confidence Level) points, which in the default settings already rejects the email.

In order to continuously improve the recognition of emails of this type, we have the option of reporting to Cyren emails that have not been recognised as spam or have been incorrectly recognised as spam as false negatives or false positives. To enable us to do so, please send us the necessary information – as indicated below – to the email address spamreport@nospamproxy.de.

Please note:

  • Do not keep emails stored and please do not send us ZIP archives.
  • The false positives and false negatives should always be reported promptly so that further delivery attempts are filtered correctly.
  • Reports should not be older than 7 days.

False Negatives

These are unrecognized spam emails that were delivered by NoSpamProxy in spite of all checks.

  • For the analysis of false negatives, please send us the original email as .eml or .msg files, as it arrived at the recipient’s mailbox, as a direct attachment to a newly written email.
  • It must not be an internally forwarded email, since the headers of the email may no longer be complete, or changed.

False Positives

These are desired emails that have been classified as spam and have therefore not been delivered, but rejected.

  • Please send us the exported message track from message tracking. To export it, go to the NoSpamProxy console under “Monitoring > Message Tracking”, double-click on the corresponding entry so that the details of the message open, and then click on “Export message track” in the bottom left corner of the window. This will save a .XML file up to version 11.1 and a .JSON file from version 12.0. Please send us this exported file.
  • If Cyren AntiSpam is the only filter that takes effect and the partner domain has an applicable trust greater than 50, the email will still be delivered because the trust rating is sufficient. As soon as other filters are added, this is no longer possible.
  • Starting with version 13, you also have the option of activating the file directly from the NoSpamProxy console. To do this, go to “Monitoring > Message Tracking” in the console, mark the corresponding entry in the message tracking and then click on the link “Report as ‘False Positive’ to Cyren” below the list.

This Knowledge Base article describes the integration of the NoSpamProxy Performance Counter in PRTG.

The following performance counters are available on the server with the NoSpamProxy Gateway Role and can be integrated into PRTG.

——————————————————————————————————

\NoSpamProxy Queues(_total)\Currently active

\NoSpamProxy Queues(_total)\Delay notifications sent

\NoSpamProxy Queues(_total)\Network failures

\NoSpamProxy Queues(_total)\Non delivery Reports sent

\NoSpamProxy Queues(_total)\Pending mails

\NoSpamProxy Queues(_total)\Relay notifications sent

—————————————————————————————————–

In PRTG, select the device (Gateway Role Server) and add a “PerfCounter Custom” sensor (right-click).

When searching for the sensor to be created, restrict it via Custom Sensors/Performance Counters.

  • The sensor name can be freely assigned
  • Under “List of Counters” one of the above (cut and paste) must be specified.
  • The interval is inherited from the host by default, but can also be defined (see below).
    Then, click Create.

NoSpamProxy Performance Counter für PRTG

Due to the increasing requirement of the Delivery via queues mode within the incoming send connectors of NoSpamProxy we will discontinue the direct delivery.

What is Delivery via queues?

In this mode, emails are received by NoSpamProxy, checked and then committed directly to the sending server. Only then will emails be forwarded to the downstream systems.
This procedure is particularly important for content filtering and forwarding to Office 365 tenants. It also offers the advantage that of keeping the incoming mails in the queue if the following system is not reachable and forwarding them directly if they can be reached again.

How can it be configured?

Please go to “Configuration > Email routing > Inbound send connectors” and click  “Switch to Delivery via queue”.

 

The following list provides only a small selection of apps able to display PDF Mails correctly.

Windows:

  • Adobe Acrobat Reader (Desktop version, free version available)

Android:

  • Foxit (free version available)
  • xodo PDF (free version available)

iOS:

  • Foxit (free version available)
  • xodo PDF (free version available)
  1. Installing the root certificates:
    In order to verify signed documents, the root certificates used by the trust centers must be installed. You can download a zip archive with the certificates recommended by Secrypt using the following link: http://www.secrypt.de/downloads/6wb8212103bd/secrypt/certificates/secrypt_issuer_certificates.zip
    Unpack the ZIP file into the certificate folder of your digiSeal product on your hard disk.
    If you are using the digiSeal server, please use the configured directories. These can be found in the Administration/Basic configuration/Exhibitor certificate directory section and for each verification process in the Process configuration/Verification/Certificate directory section. Update these directories with the new certificates and restart the processes.
    If you are using digiSeal Reader, you can find the folders here:
    Win 7/Vista: C:\ProgramData\digiseal ****\certificates\issuer_certificates
    Win XP: C:\Documents and Settings\All Users\Application Data\digiSeal ***\certificates\issuer_certificates
  2. Checking the authenticity of the ZIP archive:
    To verify the authenticity of the Zip archive you can use the following signature: http://www.secrypt.de/downloads/6wb8212103bd/secrypt/certificates/secrypt_issuer_certificates.zip.p7s
    The digiSeal reader is available to you free of charge as test software. The authenticity of the ZIP archive is confirmed when the verification has been carried out successfully and the signature has been created by us.