This article describes how to change the colors and the logo of the web portal in NoSpamProxy 10.


You need at least rudimentary HTML knowledge in order to make the adjustments. The corresponding files are located in the directory “%ProgramFiles%\Net at Work Mail Gateway\enQsig Webportal\”.

Find the files “..\Content\Site.css” and “..\Views\Shared\_Layout.cshtml” (here you change for example the logo).

Changing the colors

To edit the colors, first edit the file “Site.css”. There are four relevant places for the color:

header {
margin: 0 auto 0 auto;
border-bottom: 10px solid #C01B1B;
width: 100%;
background-color: white;

This location is where the colored bar in the upper area is modified. Change the value #C01B1B to another value to change the color. To change the thickness of the bar, increase or decrease the value 10px.

.dz-upload {
height: 2px;
background-color: #C01B1B;
width: 0;

This area determines the color of the progress bar as soon as a file is transferred to the Web Portal. With “height” you change the thickness of the bar, with “background-color” you change the color.

.actionRow .button {
background: #C01B1B;
padding-top: 16px;
padding-bottom: 16px;
padding-left: 24px;
padding-right: 24px;
clear: both;
margin: 15px 0 0 0;
color: white;
text-decoration: none;
border: none;

This area determines the appearance of the action buttons, such as the “Login” button. You can change the color with “background” or the size with the four “padding fields”.

.FileName {
color: #C01B1B;
padding: 4px 0 4px 0;

With this setting you change the font color of the list of all already uploaded files.

Changing the logo

To change the displayed logo, edit the file “_Layout.cshtml”. The following line is responsible for displaying the logo:

<img class="logo" src="@Url.Content("~/Content/Images/NoSpamProxy.png")" alt="Logo" title="Logo" />

With this setting you change the font color of the list of all already uploaded files.


To solve (recurring) problems with the interaction of installed on-access virus scanners with the integrated CYREN Premium Antivirus, please configure your virus scanner so that the directories

  • C:\ProgramData\Net at Work Mail Gateway\CYREN
  • C:\ProgramData\Net at Work Mail Gateway\Temporary Files\MailQueues
  • C:\ProgramData\Net at Work Mail Gateway\Temporary Files\MailsOnHold
  • C:\Program Files\Net at Work Mail Gateway\Cyren Integration Service (New)

be excluded from scanning on all systems with the Gateway role or Web Portal installed. Please note that the path is a hidden directory.

On servers with Web Portal installed, the following folder (default path for storing files for the WebPortal) must also be excluded:

  • C:\Program Files\Net at Work Mail Gateway\enQsig Web Portal\.

Otherwise, with some virus scanners, access to the Web Portal may be severely delayed and communication problems may occur.

In addition, an exception should be set on the ctasd.exe process if the on-access virus scanner allows this. (New)


For all Cyren services to function properly, there must be unrestricted access to * A virus scan must not be performed on these connections, as this is where the definitions for the Cyren Premium AntiVirus are downloaded.


If you do not find the path described above, it is most likely an older NoSpamProxy installation that has already been updated several times. In this case, please first check the file C:\ProgramData\Net at Work Mail Gateway\Configuration\Gateway Role.config and look for the entry <storageLocation path= there.

This path is currently used by the Gateway Role.

If you have activated the “File-based virus scan” in the rules, make sure that your scanner is configured to completely delete or quarantine infected files and archives. If the scanner is configured to “Clean”, NoSpamProxy often cannot detect that these have been modified by the installed scanner. Thus, the “File-based virus scan” fails despite successful detection by NoSpamProxy. This occurs especially with archives.


To move versions 10.x and 11.x to another computer, proceed as follows:

  1. Copy the Intranet Role.config and the license.xml to the new computer.
  2. Create the directory “C:\ProgramData\Net at Work Mail Gateway\Configuration” and copy Intranet Role.config and license.xml into it.
  3. Customize the Intranet Role.config.
  4. Install the SQL server.
  5. a) Backup the database files and restore them to the target SQL server OR
    b)Move the database files to the new directory and mount them in the SQL server.
  6. Execute the NoSpamProxy Setup.
  7. Connect the Intranet role to the Gateway role.
  8. Then check all previously set passwords and certificates and reassign the connectors.

The steps in detail

  1. Copy the Intranet Role.config and license.xml to the new computer.
  2. First, stop the NoSpamProxy services on the source computer and then stop the SQL database instance. These can usually be found under the Windows services as “SQL Server (NOSPAMPROXY)”. Then stop all Net at Work Mail Gateway services.
    Copy the Intranet Role.config and license.xml from “C:\ProgramData\Net at Work Mail Gateway\Configuration” to the target computer.
    Please copy ONLY the mentioned files from the directories, otherwise problems could occur during installation.
  3. Create the directory “C:\ProgramData\Net at Work Mail Gateway\Configuration” and copy Intranet Role.config and license.xml into it.
    Customize the Intranet Role.config.
    Open the file with an editor, such as Notepad, and search for the following entry:
    <connectionStrings configProtectionProvider="DataProtectionConfigurationProvider">

    Modify it to look like this:

    Search the file for
    and change entries similar to
    Do the same for the entries
    Save the file.
  1. Install the SQL Server.
    Now install the SQL Server in the version you want starting with SQL Server 2008. Do not forget to install the administration tools, especially SQL Management Studio.
  2. a) Back up the database files and restore them to the target SQL Server.
    With the help of SQL Management Studio you first create a backup of the SQL database “NoSpamProxyAddressSynchronization” on the source server.
    Right-click on the database and select “Task / Backup”. A dialog opens.
    Leave everything there as it is in the standard system and simply add a “disk” and the corresponding path to the backup file in the lower section.
    Then start the backup. Copy the resulting backup file to the target server and restore it.
    To do this, right-click on “Databases” in the SQL Management Studio of the target server and select “Restore Database”. A dialog opens.
    First select “Device” and add a new “File” in the dialog that appears. This file is the backup file that has just been copied. Now start the recovery.
    b) Move the database files to the new directory and mount them in the SQL server.
    The SQL database files are usually located in the path “C:\Program Files (x86)\Microsoft SQL Server\MSSQL.XXXX\MSSQL\Data” or “C:\Program Files\Microsoft SQL Server\MSSQL.XXXX\MSSQL\Data”. You can recognize them by the name that begins with NoSpamProxy.
    Copy both the NoSpamProxyAddressSynchronization.mdf and NoSpamProxyAddressSynchronization.ldf files to the target computer.
    Now move the database files to the desired directory. This does not necessarily have to be the default directory of the SQL server. Then open SQL Management Studio.
    After logging on to the server, right-click Databases and select Add (or Databases and Attach).
    In the following dialog, add the first database file from the desired directory.
    The associated log file is automatically recognized.
  3. Execute the NoSpamProxy Setup.
    Now start the setup of the NoSpamProxy. Be sure to select Advanced Installation.
    When prompted for which SQL Server is used, select that an SQL Server is already installed and set the appropriate connection parameters. The setup then recognizes all further configuration files and adapts them.
  4. Connect the Intranet role to the Gateway role.
    As soon as the setup has been completed successfully, reconnect the intranet role under Gateway Components to the gateway role and, if necessary, to the web portal.
    To do this, delete the existing connections, then restart the Intranet role and reconnect it.
  5. Then check all previously set passwords and certificates and reassign the connectors.
    With the conversion, the device-dependent encrypted passwords were deleted or can no longer be decrypted. This applies in particular to the password for protecting sensitive data, with which the private keys of S/MIME and PGP are protected.
    Set the old password again in the interface to restore access. The same applies to SSL certificates configured in the receive connector.
    Therefore, check all passwords and SSL certificates that were previously stored and reset them.
    In addition, the send and receive connectors must be reassigned to corresponding gateway roles.


The gateway role and the web portal get all information from the intranet role. Therefore, they are simply reinstalled during an upcoming migration.


Office 365-relevant IP addresses

All IP addresses relevant for Office 365 integration in NoSpamProxy can be found at

Learn how to set up Office 365 in NoSpamProxy in our blog post NoSpamProxy integration in Office 365.


This article describes how to configure NoSpamProxy to store the decrypted data in a file before processing it in an email. This can be very helpful when analysing formatting problems related to encryption and decryption.

To create the encryption dump, proceed as follows:

The corresponding setting is made in the file “Gateway Role.config” in the directory “C:\ProgramData\Net at Work Mail Gateway\Configuration\”.

You must first search for the following line in the file:


Below this line, add the following line:

<debugging dumpDecryptedContentToDisk="true"/>

If the section “netatwork.nospamproxy.cryptography” already exists, simply add the following line:

<debugging dumpDecryptedContentToDisk="true"/>

Before you save the configuration file, you must stop the Gateway Role service. Only then can you save the configuration file correctly.

The decrypted contents are now stored in the Temp folder of the Local Service. Usually this is the folder C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp. If the files are not created there, please check the folder C:\Windows\Temp.


This article describes how to create a memory dump on a Windows 2008 Server R2 or later for use by the NoSpamProxy support team.

On the affected server, open the Task Manager and navigate to the Details tab and sort by Names.



Right-click on the corresponding process and select “Create dump file”.

Send the corresponding dump to the NoSpamProxy support team at


From version 11.0

SQL Server 2005 and 2008

Please check the SQL version you are using before upgrading. If Microsoft SQL 2005 or 2008 is still in use, an update to at least SQL 2008 R2, preferably SQL 2014, must be carried out before installing version 11.1. Before the SQL upgrade, stop the NoSpamProxy services in the Windows services to stop the database access. When upgrading, make sure that the bit version matches. SQL 2005 was typically installed in 32-bit.

You can get SQL 2014 Express here:

Upgrade NSP

Please always follow the instructions in the installation manual!

When updating from version 11 to version 11.1, all settings and user information are retained during the update with one exception. The following manual activities must be carried out after the update:

If you have used the “Reverse DNS Check” action, you must reactivate it after the update. You will now find this function on the “Filter” tab.

Furthermore, you should check the completeness of the content filters for security reasons.

From version 10.1

When updating from version 10.1 to version 11.1, all settings and user information are retained during the update.
The group “NoSpamProxy Disclaimer Administrators” is added to use the NoSpamProxy function disclaimer. Please add all users who should manage the templates and rules of the disclaimers to this user group. After upgrading to version 11.1 please check the instructions on the start page in NoSpamProxy and follow the instructions.

Best Practices

If you do not use the Web Portal, please skip this point:

  1. Update all web portals first. The order is not important.
  2. Update all Gateway Roles that are not installed on the same system as the Intranet Role.
  3. Update the system with the Intranet Role last.

Email templates

The templates for automatically created emails are overwritten and should be saved beforehand to be on the safe side. With the new template system you can now make your graphical adjustments directly in the NoSpamProxy interface under “Preferences”. These settings will be kept for future updates or upgrades.


From Version 10

When updating from version 10 to version 10.1, all settings and user information are retained during the update.

From Version 9.2

When updating from version 9.2 to version 10.1, please note the following points.

Automatic user import

The import of ‘Active users’ has been changed to ‘Import all users as active’. This changed the behavior to match the current usage of user accounts in Microsoft Exchange Server.

Actions in rules

The action ‘Manage attachments’ was moved to the ‘Content filter’. The previous settings of the action will be lost and must be reconfigured after the update. The content filter can now manage file names, file types and sizes up to the user level. The configuration is done through the corporate users and the partners. The content filter is described in detail in the user manual.

Email flow in the rules

A rule with a email flow from a ‘corporate email address’ to a ‘corporate email address’ is disabled by the setup. This rule is no longer necessary from version 10, since the function previously covered by this rule is now covered by the default behavior of NoSpamProxy. Please check your rule set and adjust it if necessary.

Improved out-of-office response recognition

For automatic replies from your email server, such as out-of-office replies, you do not need an extra rule from version 10. NoSpamProxy automatically detects if a reply was sent from a company email server and assigns it to the appropriate rule for outbound email traffic.

Email templates

The templates for automatically created emails are overwritten and must be saved beforehand. After installation, you must apply the changes you made to the old templates to the new templates again. Further information is available in the article How to change the Web Portal Design for Version 10 and How to change NoSpamProxy notifications.

Changed behavior for accepting a sender with its own domain

Up to version 9.2 it was possible to allow external senders to use their own email domain via a rule. This is no longer possible. Email servers that want to use your sender domain must now be included in the list of ” corporate email servers “.

If the server cannot be specified, it is also possible to allow each server to use a specific sender address of your domain. However, this increases the risk of fake mails and should only be used as a “last resort”.