St rat Comodo KoruMail Software Version 6.0 Admin Guide Guide Version 6.4.020317 Comodo Security Solutions 1255 Broad Street Clifton, NJ 07013 Comodo KoruMail – Admin Guide Table of Contents 1 Introduction to KoruMail Messaging Gateway........................................................................................................5 2 Installing the Appliance.........................................................................................................................................7 2.1 Prerequisites................................................................................................................................................7 2.2 Deployment in Data Centers.........................................................................................................................7 3 Accessing the Appliance.......................................................................................................................................8 3.1 Accessing via CLI Console...........................................................................................................................8 3.2 Accessing via Web Console.......................................................................................................................11 3.3 The Main Interface .....................................................................................................................................12 4 The Dashboard...................................................................................................................................................13 4.1 System Usage Graphics.............................................................................................................................15 4.2 About Software...........................................................................................................................................18 4.3 Changing your Password............................................................................................................................25 5 User Management..............................................................................................................................................26 5.1 Managing Administrative and End Users.....................................................................................................26 5.1.1 Managing Administrative Users..........................................................................................................28 5.1.2 Managing End Users..........................................................................................................................33 5.2 Managing Groups.......................................................................................................................................35 6 System Configurations........................................................................................................................................39 6.1 Network Configuration................................................................................................................................41 6.1.1 Interfaces...........................................................................................................................................42 6.1.2 Network Settings................................................................................................................................45 6.1.3 Network Time Protocol (NTP).............................................................................................................46 6.1.4 Timezone...........................................................................................................................................46 6.1.5 Static Routes......................................................................................................................................49 6.1.6 Simple Network Management Protocol (SNMP)..................................................................................52 6.2 Services.....................................................................................................................................................53 6.3 License.......................................................................................................................................................55 6.4 Configuring System Settings.......................................................................................................................61 6.4.1 System General Settings....................................................................................................................62 6.4.2 Cache Settings ..................................................................................................................................62 6.4.3 Session Settings................................................................................................................................65 6.4.4 GUI Customization.............................................................................................................................66 6.4.5 System Backup .................................................................................................................................67 6.4.6 System Restore..................................................................................................................................70 6.4.7 Log Upload Settings...........................................................................................................................72 6.4.8 Postmaster Settings...........................................................................................................................73 6.4.9 SMTP TLS Settings............................................................................................................................73 6.4.10 Update Database ............................................................................................................................74 6.4.11 Syslog Server...................................................................................................................................76 6.5 Logs...........................................................................................................................................................76 6.5.1 Log Files............................................................................................................................................77 Comodo KoruMail – Admin Guide | © 2017 Comodo Security Solutions Inc. | All rights reserved. 2 Comodo KoruMail – Admin Guide 6.5.2 Purge Files.........................................................................................................................................79 6.5.3 Tools..................................................................................................................................................80 6.5.4 Check Connectivity.............................................................................................................................84 6.5.5 Clear SMTP Queue............................................................................................................................92 6.6 System Usage Statistics.............................................................................................................................93 7 SMTP Configuration..........................................................................................................................................102 7.1 SMTP (Send E-Mail Protocol) Settings......................................................................................................103 7.1.1 General Settings...............................................................................................................................104 7.1.2 Advanced Settings............................................................................................................................105 7.1.3 Outbound Delivery Queue................................................................................................................107 7.2 Manage Domains......................................................................................................................................110 7.2.1 Managing Domain Names.................................................................................................................111 7.2.2 Managing Domain Routes................................................................................................................119 7.2.3 Managing Smart Hosts.....................................................................................................................125 7.2.4 Default Domain Routing...................................................................................................................129 7.3 KoruMail SMTP AUTH Connector............................................................................................................130 7.3.1 SMTP Authentication Settings..........................................................................................................130 7.3.2 Block Users......................................................................................................................................133 7.3.3 Anomaly Detection...........................................................................................................................139 7.4 LDAP/Local DB/My SQL User Database...................................................................................................141 7.4.1 LDAP Profile.....................................................................................................................................141 7.4.2 Local DB Users................................................................................................................................145 7.4.3 My SQL User Database....................................................................................................................151 7.5 Greylist.....................................................................................................................................................154 7.5.1 Greylist Ignored IP Addresses/Domains............................................................................................155 7.6 Managing RBL Servers.............................................................................................................................157 7.7 Disclaimer.................................................................................................................................................161 7.8 SMPT Relay.............................................................................................................................................162 7.9 DomainKeys Identified Mail (DKIM)...........................................................................................................162 7.10 Outgoing SMTP Limits............................................................................................................................165 7.11 Incoming SMTP Limits............................................................................................................................172 8 Modules............................................................................................................................................................178 8.1 Anti-spam.................................................................................................................................................178 8.1.1 Anti-spam General Settings..............................................................................................................179 8.1.2 Authorized Trainers..........................................................................................................................180 8.1.3 Advanced Anti-spam Settings...........................................................................................................182 8.1.4 Bayesian Training.............................................................................................................................182 8.1.5 Content Filter....................................................................................................................................183 8.1.6 Signature Whitelist...........................................................................................................................185 8.2 Anti-Virus..................................................................................................................................................188 8.2.1 Anti-Virus General Settings...............................................................................................................189 8.2.2 Advanced Anti-Virus Settings............................................................................................................189 8.3 KoruMail Reputation Network (KRN).........................................................................................................191 Comodo KoruMail – Admin Guide | © 2017 Comodo Security Solutions Inc. | All rights reserved. 3 Comodo KoruMail – Admin Guide 8.4 Anti-Spoofing............................................................................................................................................192 8.5 SMTP IPS/FW .........................................................................................................................................197 8.5.1 SMTP IPS General Settings.............................................................................................................198 8.5.2 Whitelist IP Addresses......................................................................................................................200 8.5.3 Blocked IP Addresses.......................................................................................................................202 8.5.4 Rate Control.....................................................................................................................................206 8.6 Auto Whitelist............................................................................................................................................207 8.7 Data Leak Prevention (DLP) ....................................................................................................................208 8.8 Promotional..............................................................................................................................................209 8.9 Attachment Verdict System.......................................................................................................................209 9 Profile Management..........................................................................................................................................211 9.1 Adding and Configuring a New Profile.......................................................................................................213 9.2 Editing a Profile........................................................................................................................................236 9.3 Deleting a Profile......................................................................................................................................237 10 Reports...........................................................................................................................................................238 10.1 Mail Logs Report.....................................................................................................................................239 10.2 SMTP Queue Report..............................................................................................................................248 10.3 Delivery Logs Report..............................................................................................................................249 10.4 SMTP-AUTH Logs Report.......................................................................................................................250 10.5 Summary Reports...................................................................................................................................252 10.6 Domain Reports......................................................................................................................................261 10.7 Attachment Verdict Reports.....................................................................................................................265 11 Quarantine & Archive.......................................................................................................................................266 11.1 Quarantine & Archive Settings.................................................................................................................267 11.1.1 Quarantine & Archive General Settings...........................................................................................267 11.1.2 Email Reports Settings...................................................................................................................268 11.2 Quarantine Logs.....................................................................................................................................270 11.3 Archived Mails.........................................................................................................................................279 About Comodo......................................................................................................................................................288 Comodo KoruMail – Admin Guide | © 2017 Comodo Security Solutions Inc. | All rights reserved. 4 Comodo KoruMail – Admin Guide 1 Introduction to KoruMail Messaging Gateway With unsolicited emails increasing with each passing day, employee mail boxes are flooded with spam messages that contain viruses, phishing links and more. Productivity can decline as individuals waste valuable time sorting genuine mails from junk. If a user opens a malicious attachment or visits a fraudulent website then organizations may find their network compromised or infected. Comodo's KoruMail Messaging Gateway is an antispam and threat prevention appliance that uses advanced filtering technologies, antivirus scanners and content analysis engines to quietly and effectively prevent unsolicited mail from entering your network. Key Features • LDAP control • RBL (Realtime Blocking Lists) • MX • Reverse DNS • White / grey / black lists, add titles which are industrially proven filtering techniques • SRN Reputation Network • Active Directory Integration • Quarantine Reporting, Quarantine Webmail • Reporting Guide Structure This guide is intended to take the user through the installation, configuration and use of Comodo KoruMail. • Introduction to KoruMail Messaging Gateway • Installing the Appliance • Accessing the Appliance • Accessing via CLI Console • Accessing via Web Console • The Main Interface • The Dashboard • System Usage Graphics • About Software • Changing your Password • User Management • Managing Administrative and End Users • Managing Groups • System Configurations • Network Configuration • Services • License • Configuring System Settings Comodo KoruMail – Admin Guide | © 2017 Comodo Security Solutions Inc. | All rights reserved. 5 Comodo KoruMail – Admin Guide • Logs • Tools • System Usage Statistics • SMTP Configuration • SMTP (Send E-Mail Protocol) Settings • Manage Domains • Surgate SMTP AUTH Connector • LDAP/Local DB/My SQL User Database • Greylist • Managing RBL Servers • Disclaimer • SMPT Relay • DomainKeys Identified Mail (DKIM) • Outgoing SMTP Limits • Incoming SMTP Limits • Modules • Anti-spam • Anti-Virus • KoruMail Reputation Network (KRN) • Anti-Spoofing • SMTP IPS/FW • Auto Whitelist • Data Leak Prevention (DLP) • Anti-Phishing • Promotional • Profile Management • Adding and Configuring a New Profile • Editing a Profile • Deleting a Profile • Reports • Mail Logs Report • SMTP Queue Report • Delivery Logs Report • SMTP-AUTH Logs Report • Summary Reports • Domain Reports • Attachment Verdict Reports • Quarantine & Archive • Quarantine & Archive Settings • Quarantine Logs • Archived Mails Comodo KoruMail – Admin Guide | © 2017 Comodo Security Solutions Inc. | All rights reserved. 6 Comodo KoruMail – Admin Guide 2 Installing the Appliance • Prerequisites • Deployment in Data Centers 2.1 Prerequisites Please ensure the following conditions are met before installing the KoruMail appliance: 1. The source IP of incoming mail traffic should not be changed by other devices. If the incoming emails are routed via a load balancer to KoruMail then make sure the balancer's settings are configured not to change the source IP. Else IP based filtering will not work properly. 2. An A and MX records should be entered for korumail.domain.com 3. For the protected domains, only one MX Reverse DNS record should exist and it must point to KoruMail. Otherwise, spam and viruses will pass from other servers in MX records without being filtered via KoruMail. Also, if possible SMTP port 25 should not be accessible from outside for the emails to be protected by KoruMail. Spammers can keep MX records in their memories before KoruMail installation and they can send spam/virus directly to actual mail server by-passing KoruMail. 4. Firewall should be permitted as follows: Traffic to KoruMail: 1. Port 8080 and port 8443 (GUI interface and quarantine reports) must be open from outside to KoruMail 2. Port 25 must be open from outside to KoruMail 3. Port 22 should be open for KoruMail Support Center (78,186,198,152) to remote access Traffic from KoruMail: 1. All connections to the outside must be accessible 2.2 Deployment in Data Centers Note the following points before starting: 1. Switch off the appliance then unplug the AC power cable 2. Remove all the cables and communication tools plugged into the device 3. Empty static electric on your body You must place the appliance into rack cabinet with the rail-kit. Before starting to use KoruMail appliance, check the following: 1. Power and network cables have been plugged in 2. Device's network settings have been done properly as explained in the section Accessing via CLI Console After completing the above steps you can do all other configurations in detail explained in the section System Configuration. Comodo KoruMail – Admin Guide | © 2017 Comodo Security Solutions Inc. | All rights reserved. 7 Comodo KoruMail – Admin Guide 3 Accessing the Appliance KoruMail’s default IP address is 10.0.0.123 and you can use this to access the appliance for initial configuration. Default username is ‘admin’. For password please contact Comodo sales representative. There are two ways to access the appliance: 1. Text menu-based CLI (Command Line Interface) console 2. Graphic-based web management console 3.1 Accessing via CLI Console If it is not accessible from your network, then the easiest way to access the console is by using the command line interface. You can perform basic operations from this interface. The remaining network settings on the appliance can be done remotely via a web browser. The CLI username is 'shell' and the password is 'surgateshell'. You will be asked to change the password after first login. After logging-in in with your new password, the following menu will be displayed. Comodo KoruMail – Admin Guide | © 2017 Comodo Security Solutions Inc. | All rights reserved. 8 Comodo KoruMail – Admin Guide All the functions of the appliance cannot be configured via the CLI and only limited important tasks can be performed in the following order: 1. Network configuration 2. Reboot 3. Halt 4. Pinging a host to check whether the network access is exist 5. Restarting the web management console 6. Changing CLI password 7. Changing the password for web management console 8. Displaying the network configuration 9. Displaying the network interface As an example, the following screenshot shows how to make network configuration. Comodo KoruMail – Admin Guide | © 2017 Comodo Security Solutions Inc. | All rights reserved. 9 Comodo KoruMail – Admin Guide Comodo KoruMail – Admin Guide | © 2017 Comodo Security Solutions Inc. | All rights reserved. 10
Description: