<<<<<<<<<<<<<>>>>>>>>>>>>>>> Trend Micro, Inc. May 2007 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ InterScan(TM) Messaging Security Suite (IMSS) for Solaris, Version 7.0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Contents ================================================== 1. About InterScan Messaging Security Suite 2. What's New 3. Document Set 4. System Requirements 4.1 Supported Distributions 5. Installation 6. Post-Installation Configuration 6.1 Changing the Server IP Address 6.2 General Information 7. Uninstallation 8. Known Issues 9. Release History 10. Contact Information 11. About Trend Micro 12. Licensing Agreements 12.1 The OpenSSL Agreement 12.2 The Apache Software Foundation 12.3 The Apache Software Foundation (Tomcat) 12.4 Postfix 12.5 Mozilla 12.6 Postgre SQL ================================================== 1. About InterScan(TM) Messaging Security Suite ========================================================================= InterScan Messaging Security Suite (IMSS) is a policy-based virus protection and content security solution for the SMTP gateway to prevent virus outbreaks and protect enterprise security integrity. The solution's customizable routing and relay restriction features are easy to deploy and inter-operate with existing messaging environments. 2. What's New ========================================================================= IMSS includes the following new and updated features: * ACL-Styled Centralized Policy: A single IMSS policy with LDAP support helps you configure filtering settings that apply to specific senders and receivers based on different criteria. * Centralized Logging and Reporting: A consolidated, detailed report provides top usage statistics and key mail usage data. Centralized logging allows administrators to quickly audit message-related activities. * Centralized Archive and Quarantine Management: An easy way to search multiple IMSS quarantine and archive areas for messages. * Scalable Web User Quarantine Access: Multiple Web EUQ servers offer your users the ability to view saved email messages that were tagged as spam. The customizable Web EUQ login interface comes with NTLM login support. Together with EUQ digest, IMSS will help lower the cost of helpdesk administrative tasks. * Multiple Spam Prevention Technologies: Three layers of spam protection: - Network Reputation Services filters spam senders at the connection layer. - IP Profiler helps protect the mail server from attacks with smart profiles (SMTP IPS). - Trend Micro anti-spam engine accurately detects and removes unwanted mail. * Delegated Administration: LDAP-integrated account management, which allows users to assign administrative rights for different configuration tasks. * Easy deployment with Configuration Wizard: An easy-to-use configuration wizard to get IMSS up and running right out of the box. * Advance MTA functions: Opportunistic TLS, domain based delivery, and other MTA functions help IMSS handle email efficiently with security. * Migration: Easy upgrade process ensures that settings can be transferred with minimum effort during setup. * Mail auditing and tracking: Detailed logging for all messages to track and identify message flow related issues. * Multiple EUQ support: Install a primary EUQ server and additional secondary servers (up to a total of 8) for load balancing. 3. Document Set ========================================================================= The documentation set for this product includes: Readme.txt files -- version enhancements, basic installation, known issues, and release history. There is one readme for IMSS and one for Spam Prevention Solution, which includes IP Profiler. Getting Started Guide -- product overview, installation planning, installation and configuration instructions, and basic information intended to get you "up and running." Online Help -- detailed configuration information. Knowledge Base -- a searchable database of known product issues, including specific problem-solving and troubleshooting topics at http://solutionbank.trendmicro.com 4. System Requirements ======================================================================== Recommended System Requirements ---------------------------------------------------------------------- The recommended system requirements for installing IMSS with Spam Prevention Solution (SPS), which includes Network Reputation Services, IP Profiler, and the Trend Micro Anti-Spam Engine: Operating system: SPARC Solaris 8, 9, 10 CPU: - UltraSPARC IIIi 1.0 GHz or above Memory: - 2GB RAM Disk space: - 10GB disk space for mail storage - 50GB or more for the Admin database - 20GB or more for the EUQ database - 40GB or more for the working quarantine folder These recommendations are based on 500,000 email messages/day, a 50% quarantine rate, and logs preserved for a month. Swap space: - The swap space should be 4 times the physical memory size. NOTE: Each IMSS child process consumes 120MB of memory. Therefore, for better performance, enough physical and virtual memory should be allocated to handle peak traffic. For example, a machine with 2GB of physical memory and 8GB of swap space might be able to allow 75 child processes to be created. This also depends on the other application's memory usage. IMSS can then simultaneously handle 75 incoming connections from upstream MTA. Minimum System Requirements ---------------------------------------------------------------------- The minimum requirements for installing IMSS are: CPU: - UltraSPARC II 650Hz Memory: - 1GB RAM Disk space: - 1GB for mail storage - 20GB for the Admin database - 10GB for the EUQ database - 1GB for the working quarantine folder Swap space: - 4GB swap space At least 500MB of free disk space is required for installation. However, more disk space might be needed depending on message volume and certain IMSS settings. General System Requirements ---------------------------------------------------------------------- Browser: Internet Explorer 6 SP1, Internet Explorer 7 or Firefox 1.5 Postgre SQL: Version 7.4.8 or above LDAP servers: Microsoft Active Directory 2000 or 2003 IBM Lotus Domino 6.0 or above Sun One LDAP MTA: Postfix for IMSS only: 2.1 or above Sendmail: 8.2 or above Qmail: 1.0.3 or above Patches for Solaris 10: - Patch 118833-36 is required if you have installed patch 119689 on Solaris 10. Patch 118833-36 also requires the following patches: * 118918-13 * 119042-09 * 119254-36 * 119578-30 * 120900-04 * 121133-02 Solaris Packages: Install the following before installing IMSS: * SUNWlibC for Solaris 8 and Solaris 9 Install the following if you intend to install IP Profiler: * Bash Shell * BIND version 9.x or above Note: IMSS 7.0 Solaris is bundled with BIND 9.4.0 Install the following if you intend to install Network Reputation Services (NRS): * SUNWcsu on Solaris 8 and Solaris 9 * SUNWbind on Solaris 10 Install the following if you intend to install PostgreSQL: * SUNWzlib on Solaris 8 and Solaris 9 * SUNWcstu on Solaris 10 Install the following if you intend to use Control Manager agent: * SUNWcsl or SUNWcslx on Solaris 8 and Solaris 9 * SUNWcsl or SUNWcslr on Solaris 10 * Patch 2 and Hot fix 1430 or later for Control Manager server 4.1 Supported Distributions ====================================================================== The following Solaris distributions are supported in this release: - SPARC Solaris 8, 9, 10 5. Installation ======================================================================== For installation or migration instructions, see the IMSS 7.0 Getting Started Guide. For path names, IMSS supports only US-ASCII characters. After installation, by default, the IMSS server is not an Open Relay. If you are installing IMSS and have an existing installation of PostgreSQL, you may be prompted for your database user name and password multiple times. IMSS for Solaris can install Postfix for you during IMSS server installation if there is no MTA on the target computer. If you already have your MTAs installed and operational, verify that the MTA settings are correct. If you activate SPS, SPS scanning will be enabled by default. Activating SPS also activates IP Filtering. You can enable or disable IP Filtering at a later time from the Web console. 6. Post-Installation Configuration ======================================================================== For path names, IMSS supports only US-ASCII characters. Notification settings include a "Preferred charset" parameter to support multilingual notification messages. The IMSS Web console can be accessed remotely by typing "https://" 6.1 Changing the Server IP Address ====================================================================== If the IP address of the IMSS computer changes, restart IMSS to change the old IP address to the new one. The SMTP IP address is written in Postfix's main.cf file, so look for "inet_interfaces". For the IMSS POP3 IP address, look for "proxy_pop3_server_ip" in the imss.ini file. 6.2 General Information ====================================================================== As a security precaution, the Web console times out after several minutes of inactivity and returns you to the logon page. When this happens, re-enter your console password and press "Enter". In the .ini file, under [email-scan], there is a parameter called BypassMessagePartial = yes. If you change this parameter to "no," for every partial message, the IMSS daemon will reject this message and a non-deliverable receipt (NDR) error message is returned to the sender. The receiver will not get the partial message. Trend Micro recommends that you do not change the default ("yes") setting. 7. Uninstallation ========================================================================= To uninstall IMSS 7.0, run the same installation script that you ran to install. See the Getting Started Guide for details. 8. Known Issues ========================================================================= The following describes known issues in this release: 8.1 IMSS attempts to convert characters to UTF8 when the subject line of an email message has no charset information, uses special characters (such as ©Z¡¢¢á,¢¦, ¢Ú), or uses double byte characters. If the conversion to UTF8 is not successful: - The log will contain garbage characters. - IMSS quarantines the email message and the subject field shows the message "Unsupported charset non UTF-8" if you attempt to view the message through the Web console. 8.2 If you are using Trend Micro Control Manager (TMCM) to manage IMSS and you attempt to query the actions taken on email messages that violated IMSS rules, you will be able to query only two actions at once. 8.3 IMSS 7.0 adds several new actions, such as "hand off", "tag", and "archive", all of which appear as "Unknown" if you view them from the Trend Micro Control Manager (TMCM) console. 8.4 To view the IMSS 7.0 Web console with Internet Explorer on a computer running Windows 2003, do the following: 1. From the Internet Explorer menu, select: Tools > Internet Options > Security > Trusted Sites > Sites 2. Add the IP address of the computer on which IMSS is installed. 8.5 If you want to use the existing IMSS 5.7 database server to install the IMSS 7.0 admin database or EUQ database, you need to modify the access control of PostgreSQL as follows: 1. vi /var/imss/pgdata/pg_hba.conf 2. Modify "255.255.255.255" on line 60 to "255.255.255.0" 3. Modify "ffffff00" on line 63 to "255.255.255.0" 4. Save the changes. 5. /opt/trend/imss/script/dbctl.sh stop 6. /opt/trend/imss/script/dbctl.sh start 9. Release History ========================================================================= IMSS 5.0 - 2003 IMSS 5.1 - 2003 IMSS 5.5 - 2004 IMSS 5.7 - 2005 IMSS 7.0 - 2007 10. Contact Information ========================================================================= Trend Micro provides technical support, virus pattern downloads, and program updates for one year to all registered users, after which you must purchase renewal maintenance on an annual basis to continue receiving these services. You can contact Trend Micro by fax, phone, and email, or visit us at www.trendmicro.com. Evaluation copies of all Trend Micro's products can be downloaded from our Web site. Trend Micro Incorporated 10101 N. De Anza Blvd. Cupertino, CA 95014-9985 Tel: +1-408-257-1500 1-800-228-5651 Fax: +1-408-257-2003 Online resources ~~~~~~~~~~~~~~~~ Email: info@trendmicro.com sales@trendmicro.com Web: http://www.trendmicro.com Knowledge Base: http://solutionbank.trendmicro.com 11. About Trend Micro ========================================================================= Trend Micro, Inc. provides centrally controlled server-based virus protection and content-filtering products and services. By protecting information that flows through Internet gateways, email servers, and file servers, Trend Micro allows companies worldwide to stop viruses and other malicious code from a central point before they can reach the desktop. 12. License Agreements ========================================================================= 12.1 OpenSSL: ===================================================================== Copyright (C) 1998-2001 The OpenSSL Project. All rights reserved. Version 0.9.7g is included in IMSS 7.0 Solaris installation package. 12.2 Apache: ====================================================================== Copyright (C) 1997-2001 The Apache Software Foundation. All rights reserved. Version 2.0.59 is included in IMSS 7.0 Solaris installation package. 12.3 Tomcat: ====================================================================== Copyright (C) 2000 The Apache Software Foundation. All rights reserved. Version 5.5.15 is included in IMSS 7.0 Solaris installation package. 12.4 Postfix: ====================================================================== Copyright (C) 1997, 1998, 1999, International Business Machines Corporation and others. All rights reserved. Version 2.3.8 is included in IMSS 7.0 Solaris installation package. 12.5 Mozilla: ====================================================================== The contents of this file are subject to the Netscape Public License Version 1.1 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.mozilla.org/NPL/. For a complete copy of the license for each of these products, see the online help. 12.6 Postgre SQL: ======================================================================= PostgreSQL is distributed under the classic BSD license. Basically, it allows users to do anything they want with the code, including reselling binaries without the source code. The only restriction is that you not hold us legally liable for problems with the software. There is also the requirement that this copyright appear in all copies of the software. Here is the actual BSD license we use: PostgreSQL Data Base Management System Portions Copyright (c) 1996-2006, PostgreSQL Global Development Group Portions Copyright (c) 1994-1996 Regents of the University of California Version 8.1.5 is included in IMSS 7.0 Solaris installation package. Permission to use, copy, modify, and distribute this software and its documentation for any purpose, without fee, and without a written agreement is hereby granted, provided that the above copyright notice and this paragraph and the following two paragraphs appear in all copies. IN NO EVENT SHALL THE UNIVERSITY OF CALIFORNIA BE LIABLE TO ANY PARTY FOR DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES, INCLUDING LOST PROFITS, ARISING OUT OF THE USE OF THIS SOFTWARE AND ITS DOCUMENTATION, EVEN IF THE UNIVERSITY OF CALIFORNIA HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. THE UNIVERSITY OF CALIFORNIA SPECIFICALLY DISCLAIMS ANY WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE SOFTWARE PROVIDED HEREUNDER IS ON AN "AS IS" BASIS, AND THE UNIVERSITY OF CALIFORNIA HAS NO OBLIGATIONS TO PROVIDE MAINTENANCE, SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS