home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Hot Shareware 32
/
hot34.iso
/
ficheros
/
NINET
/
SMME153.ZIP
/
DATA.2
/
ReadMe.txt
< prev
next >
Wrap
Text File
|
1998-01-20
|
23KB
|
517 lines
Trend Micro, Inc. January 21, 1997
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ScanMail for Microsoft Exchange Version 1.53 Release Notes
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
INDEX
=============================================
1. Introduction and Overview
2. Release 1.53 Enhancements and Bug Fixes
3. Installation Notes
4. Minimum System requirements
5. The BatchExport Utility
6. ScanMail Features and Default Settings
-Action on Detecting a Virus
-Notification
-Real-time Scanning
-Manual Scanning
-Scheduled Scans
-Virus Pattern File Update
-Log Files
-Incremental Scans
-On Line Registration
7. Installed Files and Registry Key
8. Release History
9. About Trend Micro Inc.
10. Contact Information
=============================================
1. Introduction and Overview
============================================================================
The ScanMail for Exchange anti-virus solution is four-fold:
First, we recommend that the ScanMail administrator run a Manual
scan of all existing mailboxes and public folders to clean
out any viruses that might be saved as a part of a user's
archived mail. Such a scan can typically be completed in a
matter of minutes.
Second, it is a good idea to schedule weekly automatic scans of
archived mail. (You can also schedule the virus-pattern
file to be updated automatically.)
Third, the administrator should configure and engage ScanMail's
real-time e-mail scanning options to prevent viruses from
propagating via e-mail.
Fourth, real-time scanning of all Public Folders is established to
prevent infected files from being posted to the common area.
With real-time scanning enabled, ScanMail can alert the e-mail recipient,
sender, or administrator whenever a virus is detected. Who is notified,
as well as the notification message contents, is also determined by the
ScanMail administrator. ScanMail keeps a comprehensive log of its actions.
For a list and explanation of ScanMail's features, please see Section 6
of this document or refer to the printed material that came with the
software.
2. Release 1.53 Enhancements and Bug Fixes
============================================================================
The enhancements and bug fixes available in this version are cumulative. As
such, installing this version brings the benefits introduced in all previous
versions as well as those introduced with this version. See section 8 of
this document for a full accounting of all enhancements and bug fixes so far.
o Fixed a bug in version 1.5 wherein ScanMail would fail to start
after installation. The problem was found to be a conflict with
version 4.70 of the NT file shalwapi.dll. The conflict has been
corrected.
o Fixed a long-standing bug wherein virus alert notifications were
not being properly sent back to the original sender of the e-mail.
Senders can now reliably be notified if the e-mail the sent was
found to contain a virus.
Bugs Remaining:
o Currently, users cannot interrupt the pattern update process
(PTNUPD) without causing subsequent attempts to update the pattern
file to fail.
Work Around:
~~~~~~~~~~~
Stop the SMAILEX.EXE program and delete the PTNFILE.EXE file,
found in the ScanMail for Exchange working directory. Restart
ScanMail.
o Currently, environments with more than 1500 mailboxes and
insufficient hardware resources may experience the failure
of their Information Store or MTS services.
3. Installation Notes
============================================================================
You can install the complete version of ScanMail for Exchange by entering
the product serial number that came with the product (or contact your Trend
Micro sales representative). Alternatively, you can enter no serial number
to install the 30-day free trial version.
o If you are installing ScanMail for the first time, please refer to
the printed documentation that came with the software.
o If you are upgrading a previous version of ScanMail, please uninstall
your previous version of ScanMail before installing version 1.53.
Note: before installing ScanMail for Exchange, be sure that the following
conditions exist:
1. You have an Exchange Client installed on the same machine
as the Exchange Server, and "log on to network" is enabled
as the default on the client.
2. You have Administrator privileges for the Windows NT Domain
where the Exchange server is located.
3. You are logged in to Exchange from a service account AND have
a mailbox for that account on the server.
How to Check the Status of These Conditions
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1. With the Microsoft Exchange client open, click Tools | Services.
Then, with Microsoft Exchange Server highlighted, click the
Properties button. Click the Advanced tab. A check mark should
appear in the "Use network security during logon" checkbox.
2. Click the NT Start button, then Programs |Administrative
Tools | User Manager for Domains. Double click the Username
you are currently logged in under, then click the Groups button.
In the Member of: window, you must see Administrators. If not,
log off NT and then back on using an account that does have
Administrative privileges.
3. With the Microsoft Exchange Administrator open, double click
the Display Name of the NT account you are using. Check the
Group Membership by clicking the Primary Windows NT Account
button and "Select an existing Windows NT account" Locate your
NT account in the list of names that appears and verify the
privileges.
Complete instructions for installing ScanMail for Exchange can be found
in the User's Guide. Once installed, both ScanMail's real-time e-mail
scanning and monitoring services are automatically started. You will see
the real-time monitor on the desktop.
5. Minimum System requirements
============================================================================
o Intel Pentium 100 or higher
o 64 MEG RAM
o 10 MEG free disk space for the program files
o Exchange Server (English) Version 4.0 or 5.0
o Exchange Client installed on the same Windows NT server
o Windows NT Server version 3.51, with Service packs 4 and 5,
or NT Server version 4.0 (English )
6. BatchExport Utility for Manual Scan
============================================================================
As explained in the User's Guide, whenever you add or remove user mailboxes
from Exchange, ScanMail needs to be apprised of the changes -- mailboxes
that do not appear on ScanMail's list of users are not scanned. After adding
or removing a user mailbox you can rebuild the list by clicking the Refresh
All button on the Manual Scan page.
This process can now be scheduled to take place automatically from ScanMail's
Windows interface. Refreshing the list of user mailboxes daily is typical,
although administrators who find themselves adding and removing user mailboxes
several times a day may want to schedule the refresh to occur more frequently.
Scheduling BatchExports
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
To schedule the refresh frequency from ScanMail's Window's interface, click
Help | Schedule Directory Export from the main menu.
Click the "Automatically restart real-time scan service if there are new
updates" checkbox to have the real-time scanning service stop and restart
whenever the schedule for refreshing ScanMail's list of user mailboxes
is modified.
Since it can take some time to re-build ScanMail's list of user mailboxes,
and to stop and restart the scanning service, we recommend that you don't
schedule automatic refreshes any more often than is necessary. The refreshes
take place at the hourly intervals (6, 8, 12, 24, or none) you specify,
beginning at the designated hour. Click "Update the Schedule List" button
to update the data which appears in the Schedule list window
7. ScanMail for Exchange Features and Default Settings
============================================================================
Action on Detecting a Virus
~~~~~~~~~~~~~~~~~~~~~~~~~~~
By default, when ScanMail detects an infected file in an e-mail attachment
it removes the virus from the file (or "cleans" the file) then forwards it
to the intended recipient(s). Notification of the action is sent to the
ScanMail administrator and any other specified parties. In some cases a
file cannot be cleaned, for example due to corruption, and ScanMail moves
uncleanable files to the VIRUS directory, which is created upon installation.
The administrator can change ScanMail's default action (AUTOCLEAN) upon
detecting a virus. The following actions are available:
o AutoClean - ScanMail automatically cleans infected files. If they
cannot be cleaned, the file is deleted or moved to an isolated
directory (or "quarantined"). Alternatively, infected files that
cannot be cleaned can be "passed" on to the intended recipient
without any action taken.
o Delete - ScanMail automatically deletes infected files. No attempt
is made to clean the file.
o Move - ScanMail moves an infected file to a predetermined location
or e-mails it to the administrator along with a warning. Alternatively,
infected files can be e-mailed to Trend Micro's Virus Hospital for
special treatment.
o Pass - ScanMail ignores infected files, sending them on to the
intended recipient along with a warning message.
Notification
~~~~~~~~~~~~
When a virus is found, ScanMail can automatically send notification(s):
o Notify the intended recipient of the infected e-mail
o Notify the sender of the infected e-mail
o Notify the ScanMail Administrator of the infected e-mail
The notification message that the sender, intended recipient, or admin
receives is user-customizable and contains details about the virus.
Notifications are sent e-mail via the Exchange server (Version 1.5 does
not support notification via message boxes.)
Real-time Scanning
~~~~~~~~~~~~~~~~~~
ScanMail's real-time scanning operates as a Windows NT service and detects
whenever mail messages arrive at the mailbox or public folders. The real-time
monitor is automatically engaged following installation and whenever every
time the NT server is restarted.
Manual Scanning
~~~~~~~~~~~~~~~
Manual scanning is similar to real-time scanning, except that manual scans
require user interaction in order to run. The ScanMail administrator can
select multiple mailboxes for scanning, or specify individual folders within
the mailbox -- for example, the Inbox, Outbox, Sent Items, Deleted Items,
or any other folder. Manual scanning supports the scanning of public folders.
Scheduled Scans
~~~~~~~~~~~~~~~
Scheduled scans can be set to run at predetermined times and frequencies.
Most of the configuration options are similar to those available for the
manual scans, with the main difference being that the individual folders
making up a mailbox cannot be specified for scheduled scans. By default,
all items in the mailbox are scanned.
Virus Pattern File Update
~~~~~~~~~~~~~~~~~~~~~~~~~
ScanMail administrators can have the ScanMail's virus pattern file updated
in a couple of different ways:
o Pattern file updates via Internet (using HTTP)
o Pattern file updates from a UNC path, Mapped Drive,
or Local Drive (including floppy drive)
Both methods of updating the virus pattern file can be scheduled to take
place automatically, at regular intervals.
Incremental Scans
~~~~~~~~~~~~~~~~~
o Incremental Scans allow the ScanMail administrator to perform manual
or scheduled scans of user mailboxes. However, instead of scanning
all mail items during the scan (including those that have been
previously scanned) Incremental Scans can be set to scan only mail
been items that have modified since a specified date or since the
last scan.
Log Files
~~~~~~~~~
ScanMail keeps comprehensive logs of all its actions, including:
o The Event Log - records when the various ScanMail services were
stopped or started (real-time, manual, and scheduled scanning events).
o The Virus Log - records which viruses ScanMail has detected,
including details such as the name of the virus and infected file,
the date, intended recipient, sender, and the action ScanMail took:
clean, delete, move or pass.
o The Pattern Update Log - records when each pattern update occurred
The administrator can have ScanMail save the log files in the default
directory for up to 90 days or schedule them for regular deletion.
On Line Registration
~~~~~~~~~~~~~~~~~~~~
Trend Micro provides convenient means by which users can register ScanMail,
including both Online registration and mail-in certificates.
8. Installed Files and Registry Key
============================================================================
ScanMail for exchange installs the following executable programs, by default
to the C:\Program Files\SMailEx directory:
driveup.exe realscan.exe
instmon.exe rmonitor.exe
InstRTS.exe smailex.exe
pscaneng.exe smailup.exe
pscanmon.exe Lpt$vpn.324 ----this extension may vary
LOG folder VIRUS folder
ScanMail also adds the following folder to your Registry:
HKEY_LOCALMACHINE\SOFTWARE\TREND\SCANMAIL EXCHANGE
9. Release History
============================================================================
VERSION 1.5
ScanMail for Exchange version 1.5 provided the following
enhancements:
o Added support for updating the virus Pattern File through
a proxy server.
From the Update Pattern page, click "Enable proxy," then enter
the port number and IP address of the proxy server.
o Added automatic, real-time scanning of server-to-server public
folder replications. Give ScanMail "Editor" role or greater
for replication scanning.
With real-time scanning, users cannot inadvertently save
infected files to the public folders -- every document is
checked for viruses after being posted. Any viruses already
infecting files in the public folder are detected as the
replication is completed. (Manual scanning is another option.)
Potential Exceptions:
1. Site-to-site replication scanning (NOT server-to-server)
of existing folders designated for Directory Replications.
New folders and messages (added after ScanMail was
installed) can be scanned; existing ones cannot.
2. Scanning replications on public folders hosted by a
remote Exchange server (with no ScanMail installed).
Even if the ScanMail server is granted rights to a
remote site that is hosting a public folder, ScanMail
will not scan the remote public folder, regardless of
permissions. ScanMail local public folder replications.
VERSION 1.4
ScanMail for Exchange version 1.4 provided the following product enhancements
and bug fixes:
o Added support for Incremental manual and scheduled scans.
Incremental manual scans save time by allowing the administrator
to scan only mail that has arrived in a user mailbox since the
last manual (or scheduled) scan or since a specified date.
VERSION 1.3
ScanMail for Exchange version 1.3 provided the following product enhancements
and bug fixes:
o Automated the task of refreshing ScanMail's directory of user
mailboxes so the administrator no longer needs "Refresh" by hand
the ScanMail directory after adding or deleting user mailboxes
(see Version 1.2 below for details).
VERSION 1.2
ScanMail for Exchange version 1.2 provided the following product enhancements
and bug fixes:
o Exchange administrators whose servers contain hundreds or
thousands of user accounts used to experience a delay upon
opening the Manual Scan configuration page. The delay was
due to the time needed to populate the window with the many
user accounts.
ScanMail for Exchange version 1.2 addresses this problem
with the introduction of an export utility designed to speed
and maintain the list of user accounts. After running the
export utility once, users will not experience any delays
when opening the Manual Scan page. Section 5 of this document
provides a detailed explanation of the utility and its use.
o ScanMail now supports the scanning public folders on a
designated NT Server.
o When simultaneously scanning multiple files, the name of a
file being scanned would sometimes get lost. This resulted
in a report of "unknown" in the logs. We have fixed this
error in version 1.2.
o When scanning an infected attachment that is being sent to
to multiple mail accounts, all infected file attachments
are cleaned. Previously, some infected attachments were
"Moved" rather than "Cleaned."
o An error reporting the percentage of mailboxes opened during
a real time scan has been corrected.
o When manually refreshing the list of mailboxes that appears
on the Manual Scan page, a progress bar now appears to indicate
the status of the task. This is most relevant on servers
with thousands of mailboxes.
o Support has been added for NT passwords that use special
characters, for example, spaces.
o When a mailbox appears to be corrupted, the real-time scan
module will make three or more attempts to open it before
abandoning the task. Status of the attempts is displayed on
the monitor.
o Version 1.2 of ScanMail for Exchange employs a new approach
in exporting Exchange directories. Previously, exporting
Exchange directories under ScanMail could trigger an error.
o The speed of exporting directories to ScanMail has been increased.
VERSION 1.1
ScanMail for Exchange version 1.1 provided the following product enhancements
and bug fixes:
o ScanMail now provides mailbox scanning for mail systems migrated
to Exchange from cc:Mail and Microsoft Mail, as well as from
Exchange Server 4.0 to Exchange Server 5.0
o Improved the scanning of public folders that contain replicas
o Mailboxes containing special characters (such as ~,^,%) can
now be reliably scanned
o ScanMail now detects and cleans Macro viruses written in
Microsoft's Excel macro language
o Version 1.1 fixes a problem with scanning after the
administrator is logged off the system
o The reliability of Virus Pattern updates has been improved
o Files with unknown, or corrupted file names can now be opened
by their associated applications following a scan
o Selecting both the Public folder and "Others" option used to cause
a scanning conflict. This problem has been fixed.
o Fixed problem with scheduled scans of specific mailboxes
o ScanMail is now capable of cleaning all forms of the Macro virus
"Concept"
o The Time field of scheduled scans and virus-pattern downloads
no longer accepts invalid user input
o A glitch under "Options" on the Manual Scan page that prevented
WWW addresses from being added has been fixed
10. About Trend Micro Inc.
=============================================================================
Trend Micro is the leading developer of server-based virus protection for
high-performance corporate networks. ScanMail is part of Trend's integrated
gateway-to-desktop enterprise-wide solution. Trend Micro's virus protection
technology is used by Intel, Novell, Netscape, Sun Microsystems, Control Data
Systems, SCO, and WorldTalk as a key part of their server security solutions.
11. Contact Information
=============================================================================
E-mail: trend@trendmicro.com
E-mail: sales@trendmicro.com
Web: www.antivirus.com
Trend Micro Incorporated
Suite 400, 10101 De Anza Bvld.
Cupertino, CA 95014
Toll free: 800-228-5651
Voice: 408-257-1500
Fax:: 408-257-2003
Visit www.antivirus.com to download evaluation
copies of Trend's "Total Solution" virus protection
products.
Copyright 1997, Trend Micro Incorporated.
ScanMail is a trademark of Trend Micro Incorporated.
All other marks are the trademarks or registered
trademarks of their respective companies.