MAILsweeper can create three types of log file, these are:
MAILsweeper can also write to the Windows NT application event log, either during startup or disposal. See page 6-9 for more details.
[MessageLog]
FileRootName=C:\MSW\LOG\NR%05u.LOG
NameType=NumericSeq
[MessageLog]
FileRootName=C:\MSW\LOG\NR%05u.LOG
NameType=NumericSeq
StreamType=UserFile
MaxLevel=Normal
[SystemLog]FileRootName=C:\MSW\LOG\DT%s.LOG
NameType=Date StreamType=SystemFileMaxLevel=Brief
The four levels of logging are:
Brief
- this level gives
only the overall results of processing. Norma
l - this level gives
more detailed results of each stage of processing. Verbose
- this level gives
extended details of each stage of processing. Debug
- this level should only
be used for diagnostic purposes and under instruction
from MIMEsweeper technical support personnel.![]() |
To enable changes made to the MaxLevel directive you must restart the MAILsweeper service. |
The level of information stored in each of the MAILsweeper logs should be controlled carefully. More disk space is used when the logging level is set to one of the higher values. Furthermore, over time the number of log files will build up and this will take up an excessive amount of disk space if not managed. It is recommended you archive and delete the log files on a regular basis. For details on how to archive the system log see page 6-23.
MAILsweeper generates a message log for
every message that it processes. The amount of information
detailed in this log depends on the logging level specified by
the MaxLevel
directive. See page 6-7 for details.
By default, the message log is only saved if the message is quarantined. You can, however, save the message log for all messages, if required. For example, this may be useful for a new installation or on a site where problems are being experienced.
![]() |
Saving a message log for every message may result in an excessive amount of disk space being used, especially if the logging level is set to one of the higher values. |
Whether message logs
should be saved for all messages, or quarantined messages only,
is specified using the SaveMsgLogs
directive, found
in the [Main]
section of the mail configuration
file, MIMESWP.CFG.
[Main]
SaveMsgLogs=FALSE
saves message log files for quarantined messages only. This is the default.
[Main]
SaveMsgLogs=TRUE
saves message log files for all messages.
The location of the
saved message log is specified by the FileRootName
directive. This directive is found in the [MessageLog]
section of the logging configuration file, LOGGING.CFG .1 See page 6-6 for details.
![]() |
To enable
changes made to the SaveMsgLogs directive
you must restart the MAILsweeper service. |
![]() |
MAILsweeper
can also be configured to write to the event log during
disposal. This is achieved using the Event
directive. See page
7-36 for more details. |
Configuration details for the event log are found in the mail configuration file, MIMESWP.CFG.
[Logging] SystemLog=0 ...EventLog=3
[EventLog] EventSource=MAILsweeper StreamType=Appevent MaxLevel=Brief
![]() |
It is recommended that you do not change the configuration details for the event log without assistance from technical support. |
To view the Windows NT application event log (for Windows NT 4.0):2
An Event Dialog box is displayed showing more information about the selected event.
MAILsweeper can be configured to issue SNMP traps to a SNMP Manager at startup and shutdown.
![]() |
MAILsweeper
can also be configured to issue a trap to the SNMP
Manager during disposal. This is achieved using the Trap
directive. See page
7-37 for more details. |
Configuration details for SNMP traps are found in the mail configuration file, MIMESWP.CFG. These details reflect the information entered during installation.
[SNMPTrapConfig] Community=public TargetAddress=195.121.24.11
[Blocked Messages] Location=c:\MSW\QTINE\Blocked\ File=c:\MSW\QTINE\Blocked\Quarntne.lst
(as the quarantine area for messages found to contain a virus.)
[Encrypted Messages] Location=c:\MSW\QTINE\Encrypted\ File=c:\MSW\QTINE\Encrypted\Quarntne.lst
(as the quarantine area for encrypted messages.)
![]() |
Configuration details for the
quarantine areas are found in the mail configuration
file, MIMESWP.CFG. For full details on how to configure the quarantine areas, see page 7-28. |
Messages held in the quarantine areas can subsequently be viewed safely and appropriate action taken, depending on the quarantine reason. For example, if the message contains a virus, the virus can be removed and the message forwarded on to the original recipients. Alternatively, the message can be copied to removable media for further investigation, or simply deleted. You can use MAILsweeper Manager to view and manage the contents of the quarantine areas. See page 6-14 for details.
When a message is released from quarantine you may wish to include some text with the message, explaining the reason for delay. This can be achieved using the automated editing facility, see page 7-34 for details.
MAILsweeper scans the host mail system at predetermined intervals.
You can change the
interval between scans, using the IdleTime
directive.
This directive is
found in the [Main]
section of the mail
configuration file, MIMESWP.CFG.
[Main]
SaveMsgLogs=TRUE
IdleTime=10
Administrator=Admin_Front@FrontDoor
Server=MIMEsweeper@FrontDoor
The value of the IdleTime
directive can be any integer between 10
and 3600
(seconds). The default is 10
.
![]() |
To enable
any changes made to the IdleTime directive,
you must restart the MAILsweeper service.
|
MAILsweeper Manager is a management facility that allows you to:
MAILsweeper Manager can be run locally, that is, when it is located on the same machine as the MAILsweeper service, see below for details
MAILsweeper Manager can also be run remotely, that is, to manage MAILsweeper over the network. To run Manager remotely see page 6-25.
To run MAILsweeper Manager locally (for Windows NT 4.0):3
Alternatively, type MCN at the command prompt.
When Manager starts, the MAILsweeper Manager dialog box is displayed. Initially, this dialog box displays a list of the five most recent messages that MAILsweeper has processed, see the next page for more details on this list.
The MAILsweeper Manager dialog box also shows certain processing information for the current MAILsweeper session, that is:
![]() |
This information can also be displayed by selecting RecentMessages from the drop-down list box associated with the Message Area field. |
The summary information displayed for the Recent Messages area is:
Each item on the list allows you to view the contents of one of the quarantined message areas, except RecentMessages, which displays the last five messages MAILsweeper has processed. See page 6-16 for details.
The dialog box below shows a list of messages currently held in the Blocked Messages quarantine area. See the next page for more details on this list.
The summary information displayed for each quarantined message is:
![]() |
This comment is configurable, see page 7-28 for details. |
Selecting quarantined messages for further processing:
To select a message for further processing click on the message Id.
To select more than one message, hold down the <Ctrl> key while you click on each message Id.
![]() |
Messages in the Recent Messages area cannot be selected for further processing. |
![]() |
If Manager is being run remotely, A: is the drive located on the MAILsweeper machine. This is not the same machine that Manager is being run from. See page 6-25 for details on remote management. |
To release quarantined messages:
The default <Response>
assigned to a released message is Release
. This
follows the Clean
disposal route, meaning that the
message is simply forwarded on to its original recipients with no
further action. The default can be changed if required, by
including a ReleaseDisposal
directive in the
appropriate quarantine configuration section. For example, you
may wish to utilise automated message editing to include a
message indicating the reason for quarantine. See page 7-34 for more
details on automated message editing and page 7-30 for more
details on ReleaseDisposal
.
![]() |
A message should only be released back into the mail system after it has been checked and you are sure it is safe for onward delivery. |
The default <Response>
assigned to a sent message is Release
. This follows
the Clean
disposal route, meaning that the message
is simply forwarded on to its original recipients with no further
action. The default can be changed if required, by including a ReleaseDisposal
directive in the appropriate quarantine configuration section.
For example, you may wish to utilise automated message editing to
include a message indicating the reason for quarantine. See page 7-34 for more
details on automated message editing and page 7-30 for more
details on ReleaseDisposal
.
![]() |
A message should only be sent back into the mail system after it has been checked and you are sure it is safe for onward delivery. |
![]() |
It is recommended that you check the quarantine areas regularly and delete any unwanted messages. This will prevent your disk becoming filled up with old messages. |
To delete quarantined messages:
![]() |
Once a message is deleted from the mail system it CANNOT be retrieved later, so be sure this is what you want to do. |
![]() |
This facility archives the system log files only. Message log and debug log files cannot be archived in this manner. The current (today's) system log file is NOT archived. |
To archive the system log files:
![]() |
If Manager is being run remotely, A: is the drive located on the MAILsweeper machine. This is not the same machine that Manager is running on. See page 6-25 for details on remote management. |
You can stop the MAILsweeper service manually, using MAILsweeper Manager.
To stop the MAILsweeper service:
If you do not exit Manager immediately the MAILsweeper Manager dialog box turns red and displays the following message:
`Unable to communicate with service'
This is because the MAILsweeper Manager can no longer communicate with the MAILsweeper service (as it has been stopped). In this situation Manager will continue attempts to communicate with the MAILsweeper service and will re-establish communications when the service is restarted.
The above message may also be displayed if MAILsweeper Manager and the MAILsweeper service are running on separate machines and the network connection has been broken. In this instance the MAILsweeper service may still be running and communications will be re-established when the network connection is restored.
![]() |
MAILsweeper can also be stopped via the Services dialog box found in the Control Panel, or at the command prompt. For details, see pages 6-2 and 6-5 respectively. |
This remote management interface enables you to manage MAILsweeper over the network, that is, when the MAILsweeper Manager and service are located on different machines.
Remote management allows you to perform all of the same functions as local management. See page 6-14 for details on these functions.
![]() |
When copying messages from the
quarantine areas or archiving the system logs, A:
is the drive located on the MAILsweeper machine. This is not the same machine that Manager is being run from. |
Before you can run Manager remotely, it must be installed on the remote machine.
To install MAILsweeper Manager on the remote machine:
![]() |
One of the dialog boxes asks you to supply a TCP/IP hostname. This is the hostname of the MAILsweeper machine, not the remote machine that Manager is being run from. |
To run MAILsweeper Manager remotely (for Windows NT 4.0):6
![]() |
The other two entries in the MIMEsweeper group allow you to Uninstall Manager or to access the MIMEsweeper manual (in HTML format). |
Alternatively, you can type the following command at the DOS prompt of the remote machine.
where <hostname> is the host name or the IP address of the MAILsweeper machine (this is not the NetBeui hostname).
1 When the message is quarantined,
the log file is also saved in one of the quarantine areas. See page 6-12 for details.
Copyright © 1998, Content Technologies Limited. All rights reserved.