This Knowledge Base article describes the integration of the NoSpamProxy Performance Counter in PRTG.

The following performance counters are available on the server with the NoSpamProxy Gateway Role and can be integrated into PRTG.

——————————————————————————————————

\NoSpamProxy Queues(_total)\Currently active

\NoSpamProxy Queues(_total)\Delay notifications sent

\NoSpamProxy Queues(_total)\Network failures

\NoSpamProxy Queues(_total)\Non delivery Reports sent

\NoSpamProxy Queues(_total)\Pending mails

\NoSpamProxy Queues(_total)\Relay notifications sent

—————————————————————————————————–

In PRTG, select the device (Gateway Role Server) and add a “PerfCounter Custom” sensor (right-click).

When searching for the sensor to be created, restrict it via Custom Sensors/Performance Counters.

  • The sensor name can be freely assigned
  • Under “List of Counters” one of the above (cut and paste) must be specified.
  • The interval is inherited from the host by default, but can also be defined (see below).
    Then, click Create.

NoSpamProxy Performance Counter für PRTG

  1. Installing the root certificates:
    In order to verify signed documents, the root certificates used by the trust centers must be installed. You can download a zip archive with the certificates recommended by Secrypt using the following link: http://www.secrypt.de/downloads/6wb8212103bd/secrypt/certificates/secrypt_issuer_certificates.zip
    Unpack the ZIP file into the certificate folder of your digiSeal product on your hard disk.
    If you are using the digiSeal server, please use the configured directories. These can be found in the Administration/Basic configuration/Exhibitor certificate directory section and for each verification process in the Process configuration/Verification/Certificate directory section. Update these directories with the new certificates and restart the processes.
    If you are using digiSeal Reader, you can find the folders here:
    Win 7/Vista: C:\ProgramData\digiseal ****\certificates\issuer_certificates
    Win XP: C:\Documents and Settings\All Users\Application Data\digiSeal ***\certificates\issuer_certificates
  2. Checking the authenticity of the ZIP archive:
    To verify the authenticity of the Zip archive you can use the following signature: http://www.secrypt.de/downloads/6wb8212103bd/secrypt/certificates/secrypt_issuer_certificates.zip.p7s
    The digiSeal reader is available to you free of charge as test software. The authenticity of the ZIP archive is confirmed when the verification has been carried out successfully and the signature has been created by us.

This article describes how to export the static trust settings.

To extract the static entries from the trust positions, proceed as follows:

  1. Open SQL Management Studio (Express) to manage your Mail Gateway database.
  2. Connect to the database server on which the “NoSpamProxyDB” database is located.
  3. Create a new SQL query for the NoSpamProxyDB by clicking “New query”.
  4. Insert this query into the query / query editor:

USE NoSpamProxyDB;
SELECT Domain, Gravity, LevelOfTrust
FROM DomainTrustEntry
WHERE (Gravity = 0);

Perform the query by clicking on the red exclamation mark.

This query lists all static entries in the domain trust. If you need a program to import into version 7.6, or if you have problems executing these commands, please contact our support team. With this query you can avoid the use of our “Mail Gateway API-Sample” for reading domain trusts.

Please also consider that the static domain trust settings for known email providers are automatically entered by the setup during a new installation.

In some cases, the NoSpamProxy setup fails due to problems regarding PowerShell RemoteWIN. To resolve this issue the registry needs to be modified.

To do this, open PowerShell and enter

reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v LocalAccountTokenFilterPolicy /t REG_DWORD /d 1 /f​.

If Outlook is configured in such a way that emails remain in the outbox after clicking on Send immediately when connected, a problem can occur if you look at the email again before the fact. In this case, the email is returned to draft mode and must be returned to send mode by clicking Send again before it can be sent.

This is not a specific behaviour with the Outlook Add-in, but a general Outlook behaviour.

Error:

After installing Windows updates on the Windows servers, a growing number of users are reporting that parts of the Outlook Add-in for NoSpamProxy are no longer displayed. However, the add-in seems to be installed correctly and functioning a expected.

With the latest Windows updates, Microsoft has tightened the security settings for access to group policies. As a result, users can no longer retrieve them. Microsoft describes the solution in its Knowledge Base: https://support.microsoft.com/en-us/kb/3163622

 

Error:

Although the configuration for SwissSign is correct under “Cryptographic key providers” and all gateway roles have access to ra.swisssign.net via TCP 443 (https), the following error message appears in the event log when retrieving certificates:

ID: 026f7e58-9be2-4434-b562-11016c181bfd
Created: 12.06.2015 12:15:56
Mail address: Test.Benutzer@nospamproxy.de
Request type: CertificateRequest
Request status: Failed
Failure status: TrustCenterError
Error text: Unexpected error: Message:
An error occurred while sending the request.
Error type:
System.Net.Http.HttpRequestException

Error code: 2148734208
Program location:
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()
at Netatwork.NoSpamProxy.Cryptography.SwissSignCertificateProvider.<EnrollAsync>d__e.MoveNext()

The request was aborted: Could not create SSL/TLS secure channel.

Message:
The request was aborted: Could not create SSL/TLS secure channel.
Error type:
System.Net.WebException

Error code: 2148734217
Program location:
at System.Net.HttpWebRequest.EndGetRequestStream(IAsyncResult asyncResult, TransportContext& context)
at System.Net.Http.HttpClientHandler.GetRequestStreamCallback(IAsyncResult ar)

Subject name:E=test.benutzer@nospamproxy.de, CN=Secure Mail: Gateway Certificate

Cause:

Both in the certificate store of the computer account of one or all gateway roles and in the certificate store of the NoSpamProxy Encryption Gateway there is the pseudo-AutoRAO service certificate for authentication at the service provider SwissSign.

Solution:

  1. Under “Cryptographic key providers” open the configuration for the provider SwissSign. Here you will find the deposited pseudo AutoRAO certificate.
  2. Click on the certificate to display its details. These details are helpful for identifying the correct certificate in the certificate store of the computer account.
  3. Open “mmc.exe” as administrator on the gateway role.
  4. Click File and Add/Remove Snap-in.
  5. Select Certificates and click Add.
  6. A new window appears in which you select the “Computer account”.
  7. Click”Next”.
  8. Select the “Local computer”.
  9. Click  “Finish”.
  10. Return to the snap-in selection and confirm with “OK”.
  11. Navigate to “My certificates” and find the pseudo AutoRAO service certificate.
  12. Select the certificate and delete it.
  13. Restart the affected Windows system of the gateway role.

If necessary, repeat these steps for all other gateway roles.

In some cases, the NoSpamProxy Outlook Add-in is deactivated due to long loading times. This article describes procedures for changing this.

  1. Long loading times
    If you have installed a local virus scanner on the client system, you should exclude the real-time scan for the following directory:
    C:\Users\<<<username of the logged in account>>\AppData\Local\Assembly
    This directory contains the DLL files for the Add-in, which change with every update. Thus the entire directory should be excluded from the real-time scan.
  2. Prevent deactivation, despite long charging time
    You can change the Load Behaviour for the Add-in, ideally to Load Behaviour = 3 in the registry.

Further information

Registry Path = HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Office \ Outlook \ Addins \ Netatwork.MailGateway.OutlookAddIn

MS Technet Articles = https://msdn.microsoft.com/en-us/library/bb386106.aspx#LoadBehavior