Before installation ensure that the MAILsweeper host is configured with:
Before installation you should determine:
![]() |
If you are using DLL based anti-virus tools these are installed after the MIMEsweeper installation. For more details see page 2-36. |
![]() |
MAILsweeper should be installed by a user with write access to the Windows NT registry (such as a user in the Administrator's group). |
Before starting the installation you should ensure that:
There are several evaluation copies of anti-virus tools on the installation CD-ROM. If you wish to use any of the command line anti virus tools you should install them separately, before proceeding with the setup program.
![]() |
The release notes for MIMEsweeper may provide additional information that is required for the installation to be successful. You should read these before starting the installation. |
Stopping the MAILsweeper services
If you are performing an upgrade you must shutdown the MAILsweeper services before starting the installation, to prevent file access conflicts.2
![]() |
Remember to start the services again, after the upgrade is complete. See page 2-37 for details. |
Alternatively, you can shutdown the MAILsweeper services by entering the following commands at the command prompt:3
net stop MAILsweeper net stop SMTPDS net stop SMTPRS
![]() |
It is strongly recommended that you exit all Windows programs before running the setup program. |
To proceed with the
installation, follow the dialog boxes in the InstallShield setup
program.
The first dialog box you will encounter is the Welcome dialog box, as shown below.
Click on the Next> button to proceed with the installation.
Click on the Yes button to continue.
If you are not performing an upgrade you are presented with a series of dialog boxes like the one shown below, offering configuration options for MIMEsweeper.
Work your way through each of the dialog boxes, typing in or selecting information from each one as required.
Selecting the product components
For an SMTP installation, check the MAILsweeper box and SMTP option, as shown.
The default directory for the installation is C:\MSW, as indicated in the Destination Directory area.
If you wish to change the default directory, click on the Browse... button and select a new directory from the Choose Directory dialog box.
Select the directory path by double-clicking on the folder icons that are displayed in the Directories: area. The selected directory path is shown in the Path: field.
![]() |
If the directory is located on a different drive, change the entry in the Drives: field, by clicking on the down arrow to the right of the field and selecting from the displayed list. |
Specifying the SMTP post offices
The next dialog box prompts you to supply details on the post offices MIMEsweeper will protect.
For SMTP this is the name of your mail domain.
In the dialog box above the name of the mail domain is example.com.
Specifying the email addresses
The address elements are used to specify where Inform messages are sent FROM and TO during disposal:
![]() |
These addresses form the value of
the Server and Administrator
directives, found in the [Main] section of
the mail configuration file, MIMESWP.CFG. See
page 7-11
and page 7-12
for details. |
Check the SNMP Traps box and type in the Community and Target Address information, as follows:
Specifying the anti-virus tool locations
![]() |
There are several evaluation copies of anti-virus tools provided on the installation CD-ROM. These are not automatically installed by the setup software. |
A dialog box is displayed for each anti-virus tool selected, prompting you to provide the location where it has been installed. Some anti-virus tools will also prompt for the version being used (Windows NT or MS DOS). Ensure you have all of this information readily available.
Click on the Browse... button to change the directory shown, using the Choose Directory dialog box. This dialog box is shown on page 2-30.
![]() |
If you are using DLL based validators these should be installed after the MIMEsweeper installation. For more details see page 2-36. |
Check the information displayed and ensure it is correct. If any of the information is wrong, click on the <Back button to locate and change it, otherwise click on the Next> button to proceed.
The file transfer operation now takes place and the new MIMEsweeper installation is copied from the CD-ROM. A program group is created for all the MIMEsweeper components.
Installation of MIMEsweeper is now complete and a default configuration is in place.
![]() |
You should have the licence key readily available when you run the set licence application. |
Alternatively, you can enter the licence at a later time by running the Licence program. See page 4-1 for details.
Finally, click on the Finish button to exit the InstallShield setup program.
![]() |
Some files may not be updated if they were being used by other programs at the time of the installation. These files will be updated the next time the system is started. |
Installing the DLL based anti-virus tools
These anti-virus tools can be found on the MIMEsweeper CD and come with their own instructions for installation.
Starting the MAILsweeper services
After installing MAILsweeper for SMTP you must either reboot the machine or start the MAILsweeper services manually4 via the Services dialog box, accessed as explained on page 2-26.
Alternatively, enter the following commands at the command prompt:
net start MAILsweeper net start SMTPDS net start SMTPRS
(For WEBsweeper, use net start
WEBsweeper
).
[Clean] Edit=AppendIfSpoofEdit=AppendOutwardDisclaimer
Deliver=[AppendOutwardDisclaimer] PerformIf=direction==out AppendToBody=C:\MSW\Config\DISCLAIM.TXT
![]() |
See page 7-34 for more details on the automated editing facility. |
You can disable this facility or modify the wording of the disclaimer, if desired.
To disable this
facility, ensure that the Edit
directive is
commented out in the [Clean]
section, found in the
configuration file MIMESWP.CFG.
[Clean]
Edit=AppendIfSpoof
Edit=AppendOutwardDisclaimer
Deliver=
[Clean]
Edit=AppendIfSpoof
;Edit=AppendOutwardDisclaimer
Deliver=
To modify the wording of the disclaimer, change the contents of the file C:\MSW\Config\DISCLAIM.TXT.5
The default contents are as follows:
***********************************************************
This footnote also confirms that this email message has been swept by MIMEsweeper for the presence of computer viruses.
**********************************************************
If your company uses a DNS server, configure the MAILsweeper machine to use this server if:
To test this, a nslookup for the MX record to an external organisation should yield an answer and a MX record lookup for your own mail domain should yield the address of the SMTP server or gateway.
If there is no DNS server, or the above check fails, then the MAILsweeper machine should use the ISP's DNS server and the MAILsweeper routing.
See page 2-41 for more details on MAILsweeper routing.
![]() |
For a short explanation on DNS and MX records, see Appendix C. |
Depending on the size of your organisation mail will either be delivered to:
If mail is delivered to a host capable of accepting mail, such as a mail relay or proxy firewall, then that host must be configured to forward mail to the SMTP gateway.
![]() |
Some companies may have a complicated sequence of relays for internal mail. However, all mail should be forwarded to the SMTP gateway eventually. |
The sender of the mail message is unaware of the recipients mail topology, all they have is an email address and they rely on the DNS system to resolve the name to an appropriate address to send to.
For example, all mail for example.com may be sent to a machine called gateway.example.com. This translation will be stored within the public DNS system as the companies MX (Mail Exchanger) record.
Therefore, when someone tries to send to fred@example.com, they are actually sending to fred@gateway.example.com.
![]() |
For a short explanation on DNS and MX records, see Appendix C. |
If mail goes through a mail relay or proxy prior to being sent to the SMTP gateway then the delivery mechanism will vary between systems, but typically it will be configured with either:
In cases where neither of these are configured, the mail relay will probably try to use DNS to resolve the name. A problem can arise when the relay uses the same DNS as people outside of the company. This will return the same address as they are on already and cause a mail loop. For this reason and as a security measure, some companies may deploy internal DNS servers to provide resolution for the internal addresses.
To configure MAILsweeper to provide security for incoming messages it is necessary to perform one of the following steps:
Following these steps will ensure that all messages reside on the MAILsweeper host until they can be sent to the proper destination. This can be achieved using the MAILsweeper routing table options, as explained in the rest of this section.
Routing table options are provided by double-clicking on the MAILsweeper Console icon, found in the Control Panel.
A MAILsweeper dialog box is displayed, showing several tabs.
Click on the Routing tab to access the routing table options.
Using the dialog box shown on the previous page, you can configure routing for your mail domain and the associated SMTP gateway.
This is achieved using the following steps:
![]()
By default the routing option is set to Additional, but it can be changed to Force or Default by clicking on the appropriate option button. See page 2-46 for more details on the routing options available.
Each routing table entry can be set with one of:
Force - this option is used to send mail to a particular destination and implies that the system should not perform any DNS MX record checking. However, the system may use DNS to resolve names to addresses.
Default - this option is used to provide a mail route if, after checking the configured DNS system, there are no MX records for this domain.
Additional - this option allows MX records to be returned from the DNS, but also checked with any entries in the routing tables. MX records are sorted on a preference value, which can be any value from 0 to 65535 and are designed to offer a choice of mail route. The lowest preference value is tried first.
For example, a company DNS has two MX records, one for first.host with preference value 10 and one for second.host with preference value 20. It also has an entry in the routing table for third.host , with a preference value of 15. The order of mail routing for this company would be first.host, third.host and lastly second.host.
It is also possible to configure MAILsweeper to send mail on a different SMTP socket. This can be useful for:
It is important to remember that the domains are checked for the best match from top to bottom of the list, so care must be taken when ordering the entries in this list. The ordering can be changed by selecting an entry and clicking on the Up and Down buttons. To remove an entry from the list, select the entry and click on the Delete button.
![]() |
The *.* entry should always be placed at the bottom of the list. |
Usually, this requires that the SMTP gateway or a mail relay is configured to forward all outgoing mail to the MAILsweeper host.
Furthermore, MAILsweeper's delivery service (SMTPDS) should be configured to send mail out to the Internet. Depending on your network configuration, you may not need to make any changes to MAILsweeper, as the DNS server that the MAILsweeper host uses will provide name resolution for outgoing mail and then send it to the Internet.
However, if all outgoing mail must be sent via another mail relay or proxy before it leaves the organisation, you will need to add a routing table entry for the domain *.*. This entry must be added at the bottom of the routing table list, as shown in the dialog box on the previous page.
![]() |
The *.* wildcard can also be implemented with DNS, however it is easier implemented as a routing table entry. |
You can test the DNS and verify that the MAILsweeper host DNS is being used by doing an nslookup.
For example (to check for possible mail looping):
If the MAILsweeper host is msw.example.com, and a force route was not used for this domain, then mail would be delivered to itself and hence cause a mail loop.
A MAILsweeper dialog box is displayed, showing several tabs.
Click on the Dialup tab to access the dial-up options.
![]() |
Before you can configure any of the
features discussed in this section you must first enable
dial-up support by checking the Enable dialup
box. Once dial-up support is enabled, the retry schedule in the Retries dialog box will be ignored, unless the domain is specified for exclusion, see page 2-52 for details on how to exclude domains. You must always exclude your own mail domains so that mail destined for these domains will not be delivered to the ISP. |
Specifying the connection details
The connection details required are:
Type this information into the User name and Password fields of the Dialup Server area.
![]()
Please contact your ISP if you are unsure of the required username and password.
The connection details can be tested using:
C:\RASDIAL Phonebook entry User name Password
Mail can be excluded from delivery to the ISP if it is destined for particular mail domains, for example, your own local domains. You can specify these domain names in the Exclude domains field of the MAILsweeper dialog box, shown on page 2-50.
This field can contain a comma separated list of domain names, optionally containing the wildcard character *. Proceed a domain name with an exclamation mark to indicate that matching domains don't belong in the excluded list. The list is checked from left to right, so if you use a domain preceded with an exclamation mark (an exception), it should appear first.
![]() |
You must always specify your own local mail domains in this field so that mail destined for these domains will not be delivered to the ISP. |
Incoming delivery trigger command
If this is necessary, check the Incoming delivery trigger command box of the MAILsweeper dialog box, shown on page 2-50, and type in the appropriate command line to execute, as supplied by your ISP.
![]() |
Please contact your ISP to establish if a command line is necessary and, if so, what the required command line is. |
For example, if your
ISP stores mail using an SMTP server which supports storing mail
for a remote domain, it will understand the ETRN SMTP
command.
In this case, you should use the following line:
Alternatively the ISP may store your mail using a POP3 mailbox and expect you to download it using POP.
In this case, the popdown utility can be used to retrieve mail from the POP3 mailbox and redirect it to recipients on your local system. For example:
A delivery attempt is made by MAILsweeper every time a dial-up connection is established.
If the delivery attempt is unsuccessful at the scheduled dial-up time, for example, because the ISP mail server is down or inaccessible, MAILsweeper will retain the message and retry later.
You can specify the maximum number of retry attempts MAILsweeper should make. This value is specified in the Outgoing delivery retry field of the MAILsweeper dialog box, shown on page 2-50. The default value is 20.
If the number of delivery attempts exceeds this limit, delivery is abandoned and a non-delivery notification generated.
![]() |
Mail can be excluded from delivery to the ISP if it is destined for any mail domain specified in the Exclude Domains field, see page 2-52 for details. |
A dial-up status area is displayed under the Outgoing delivery retry field of the MAILsweeper dialog box, shown on page 2-50.
This area shows the current status of the dial-up connection.
You can specify the maximum and minimum durations for which a dial-up connection will remain open.
These times are specified, in minutes, using the Dialup connection time area of the MAILsweeper dialog box, shown on page 2-50.
![]() |
Do not reduce the minimum connection time too far, otherwise the ISP's mail server may not have enough time to establish the connection. |
Dial-up schedules are configured via the Dialup schedules area of the MAILsweeper dialog box, shown on page 2-50.
An identical dialog box is displayed for both buttons, showing the current dial-up schedule for that time period.
To add a new dial-up time to the schedule list:
The new time will be inserted into the appropriate place on the schedule list.
![]()
The actual time at which the dial-up occurs may be up to two minutes later than the time specified.
To remove a dial-up time from the schedule list:
For each dial-up time on the schedule list, you can specify whether the dial-up should be conditional or unconditional.
To make a dial-up unconditional check the box to the left of the dial-up time shown on the schedule list. In the following example, the 0205 and 0800 dial-ups are unconditional, the 0000 and 0400 dial-ups are conditional.
It is important to secure the MAILsweeper machine so that:
![]() |
Securing the MAILsweeper machine can be achieved via the Network dialog box. Access this dialog box by double-clicking on the Network icon, found in the Control Panel. |
First, it is necessary to disable forwarding of IP, to stop the MAILsweeper machine acting as a router. This is achieved using the following steps.
Next, disable the WINS client (TCP/IP) binding to the Server service. This disables remote access to shared resources over TCP/IP. Details how to do this are shown on the next page.
![]() |
Care must be taken when disabling the WINS binding as this may effect other network operations, such as logging into NT domains when the only network protocol used is TCP/IP. |
To disable the WINS client (TCP/IP) binding:
1 Remote Access Service is required
for dial-up support only.
2 Also the WEBsweeper service if this is applicable (select the WEBsweeper entry).
3 To shutdown the WEBsweeper service use:
net stop WEBsweeper
4 Also the WEBsweeper service if this is applicable (select the WEBsweeper entry).
5 This directory path assumes the default MAILsweeper installation at C:\MSW.
6 Where NSLOOKUP is specified in your default system path.
msw.support@mimesweeper.comCopyright © 1998, Content Technologies Limited. All rights reserved.