This Knowledge Base article describes the integration of the NoSpamProxy Performance Counter in PRTG.

The following performance counters are available on the server with the NoSpamProxy Gateway Role and can be integrated into PRTG.

——————————————————————————————————

\NoSpamProxy Queues(_total)\Currently active

\NoSpamProxy Queues(_total)\Delay notifications sent

\NoSpamProxy Queues(_total)\Network failures

\NoSpamProxy Queues(_total)\Non delivery Reports sent

\NoSpamProxy Queues(_total)\Pending mails

\NoSpamProxy Queues(_total)\Relay notifications sent

—————————————————————————————————–

In PRTG, select the device (Gateway Role Server) and add a “PerfCounter Custom” sensor (right-click).

When searching for the sensor to be created, restrict it via Custom Sensors/Performance Counters.

  • The sensor name can be freely assigned
  • Under “List of Counters” one of the above (cut and paste) must be specified.
  • The interval is inherited from the host by default, but can also be defined (see below).
    Then, click Create.

NoSpamProxy Performance Counter für PRTG

  1. Installing the root certificates:
    In order to verify signed documents, the root certificates used by the trust centers must be installed. You can download a zip archive with the certificates recommended by Secrypt using the following link: http://www.secrypt.de/downloads/6wb8212103bd/secrypt/certificates/secrypt_issuer_certificates.zip
    Unpack the ZIP file into the certificate folder of your digiSeal product on your hard disk.
    If you are using the digiSeal server, please use the configured directories. These can be found in the Administration/Basic configuration/Exhibitor certificate directory section and for each verification process in the Process configuration/Verification/Certificate directory section. Update these directories with the new certificates and restart the processes.
    If you are using digiSeal Reader, you can find the folders here:
    Win 7/Vista: C:\ProgramData\digiseal ****\certificates\issuer_certificates
    Win XP: C:\Documents and Settings\All Users\Application Data\digiSeal ***\certificates\issuer_certificates
  2. Checking the authenticity of the ZIP archive:
    To verify the authenticity of the Zip archive you can use the following signature: http://www.secrypt.de/downloads/6wb8212103bd/secrypt/certificates/secrypt_issuer_certificates.zip.p7s
    The digiSeal reader is available to you free of charge as test software. The authenticity of the ZIP archive is confirmed when the verification has been carried out successfully and the signature has been created by us.

This article describes how to export the static trust settings.

To extract the static entries from the trust positions, proceed as follows:

  1. Open SQL Management Studio (Express) to manage your Mail Gateway database.
  2. Connect to the database server on which the “NoSpamProxyDB” database is located.
  3. Create a new SQL query for the NoSpamProxyDB by clicking “New query”.
  4. Insert this query into the query / query editor:

USE NoSpamProxyDB;
SELECT Domain, Gravity, LevelOfTrust
FROM DomainTrustEntry
WHERE (Gravity = 0);

Perform the query by clicking on the red exclamation mark.

This query lists all static entries in the domain trust. If you need a program to import into version 7.6, or if you have problems executing these commands, please contact our support team. With this query you can avoid the use of our “Mail Gateway API-Sample” for reading domain trusts.

Please also consider that the static domain trust settings for known email providers are automatically entered by the setup during a new installation.

Emails are a popular medium for distributing malware. While most malicious attachments are reliably detected by the integrated CYREN Antivirus Filter, new malware can occasionally go undetected. With the help of NoSpamProxy, however, it is possible to block potentially harmful attachments, to allow only senders considered trustworthy by the Level of Trust or to quarantine them.

Please note that the quarantine functionality requires a working Web Portal and Large Files license.

Creating a content filter to block, filter or quarantine attachments

  1. Go to Configuration > Content filter > Content filters.
  2. Click Add, enter a name for the filter and click Next.
  3. In the Content filter entries dialog, click Add.
  4. In the Content filter entry dialog, enter a name for the entry and configure the entry according to your requirements.
  5. Click Save and close.
  6. (Optional) Repeat steps 3 and 4 if needed.

Content Filter

Activating the content filter for all inbound emails

  1. Go to People and identities > Partners > Partners > Default partner settings and click Modify.
  2. On the Content filtering tab, for inbound emails select the filter you just created.
  3. Click Save and close.

Selecting the content filter

It is also possible to define your own content filtering for individual senders, e.g. to allow certain attachments from certain senders that are otherwise prohibited.

To do this, adjust the respective content filter according to your requirements and activate it

  • for the entire sender domain (e.g. example.com) or
  • for individual users within a domain (e.g. “support” as part of example.com, i.e. support@example.com).

Please note that these filters will override the global and domain-specific default settings.

List of potentially harmful attachments and recommended procedure

Please note that these are only recommendations of a general nature and are not suitable in every scenario.

Starting with version 11.1 you can automatically release files after a period of time (default 2 hours) after a new scan by the Cyren engine has been performed and returned no positive results. This procedure is especially recommended for attachments to be quarantined according to the list below. Usually, malicious content is detected after 30 minutes at the latest. While the content is not yet detected as harmful when it arrives, this can often be the case after a short time.

List of potentially harmful attachments

In some cases, the NoSpamProxy setup fails due to problems regarding PowerShell RemoteWIN. To resolve this issue the registry needs to be modified.

To do this, open PowerShell and enter

reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v LocalAccountTokenFilterPolicy /t REG_DWORD /d 1 /f​.

If Outlook is configured in such a way that emails remain in the outbox after clicking on Send immediately when connected, a problem can occur if you look at the email again before the fact. In this case, the email is returned to draft mode and must be returned to send mode by clicking Send again before it can be sent.

This is not a specific behaviour with the Outlook Add-in, but a general Outlook behaviour.

Error:

After installing Windows updates on the Windows servers, a growing number of users are reporting that parts of the Outlook Add-in for NoSpamProxy are no longer displayed. However, the add-in seems to be installed correctly and functioning a expected.

With the latest Windows updates, Microsoft has tightened the security settings for access to group policies. As a result, users can no longer retrieve them. Microsoft describes the solution in its Knowledge Base: https://support.microsoft.com/en-us/kb/3163622

 

Error:

Although the configuration for SwissSign is correct under “Cryptographic key providers” and all gateway roles have access to ra.swisssign.net via TCP 443 (https), the following error message appears in the event log when retrieving certificates:

ID: 026f7e58-9be2-4434-b562-11016c181bfd
Created: 12.06.2015 12:15:56
Mail address: Test.Benutzer@nospamproxy.de
Request type: CertificateRequest
Request status: Failed
Failure status: TrustCenterError
Error text: Unexpected error: Message:
An error occurred while sending the request.
Error type:
System.Net.Http.HttpRequestException

Error code: 2148734208
Program location:
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()
at Netatwork.NoSpamProxy.Cryptography.SwissSignCertificateProvider.<EnrollAsync>d__e.MoveNext()

The request was aborted: Could not create SSL/TLS secure channel.

Message:
The request was aborted: Could not create SSL/TLS secure channel.
Error type:
System.Net.WebException

Error code: 2148734217
Program location:
at System.Net.HttpWebRequest.EndGetRequestStream(IAsyncResult asyncResult, TransportContext& context)
at System.Net.Http.HttpClientHandler.GetRequestStreamCallback(IAsyncResult ar)

Subject name:E=test.benutzer@nospamproxy.de, CN=Secure Mail: Gateway Certificate

Cause:

Both in the certificate store of the computer account of one or all gateway roles and in the certificate store of the NoSpamProxy Encryption Gateway there is the pseudo-AutoRAO service certificate for authentication at the service provider SwissSign.

Solution:

  1. Under “Cryptographic key providers” open the configuration for the provider SwissSign. Here you will find the deposited pseudo AutoRAO certificate.
  2. Click on the certificate to display its details. These details are helpful for identifying the correct certificate in the certificate store of the computer account.
  3. Open “mmc.exe” as administrator on the gateway role.
  4. Click File and Add/Remove Snap-in.
  5. Select Certificates and click Add.
  6. A new window appears in which you select the “Computer account”.
  7. Click”Next”.
  8. Select the “Local computer”.
  9. Click  “Finish”.
  10. Return to the snap-in selection and confirm with “OK”.
  11. Navigate to “My certificates” and find the pseudo AutoRAO service certificate.
  12. Select the certificate and delete it.
  13. Restart the affected Windows system of the gateway role.

If necessary, repeat these steps for all other gateway roles.