<<<>>> Trend Micro, Inc. February 18, 2010 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Trend Micro(TM) Encryption for Email Gateway Version 5.5 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Notes: This readme file was current as of the date at the top of the page. However, all customers are advised to check Trend Micro's Web site for documentation updates at: http://www.trendmicro.com/download/ Register online with Trend Micro within 30 days of installation to continue downloading new pattern files and product updates from the Trend Micro Web site. Register during installation or online at: http://olr.trendmicro.com Contents ===================================================================== 1. About Encryption for Email Gateway 1.1 Overview of This Release 2. What's New? 2.1 New Message Format Support 2.2 Black List Domain Support 2.3 Performance Improvement 3. Documentation Set 4. System Requirements 5. Installation 6. Post-Installation Configuration 7. Known Issues 8. Release History 9. Contact Information 10. About Trend Micro 11. Third-Party Licensing Agreements ===================================================================== 1. About Encryption for Email Gateway ===================================================================== Encryption for Email Gateway is a Linux-based software solution providing the ability to perform the encryption and decryption of email at the corporate gateway, regardless of the email client, and the platform from which it originated. The encryption and decryption of email on the TMEEG client is controlled by a Policy Manager that enables an administrator to configure policies based on various parameters, such as sender and recipient email addresses, keywords, or PCI compliance. Encryption for Email Gateway presents itself as an SMTP interface and delivers email out over an SMTP to configured outbound MTAs. This enables easy integration with other email server-based products, be them content scanners, mail servers, or archiving solutions. Encryption for Email Gateway is built on patent-pending technology and highly sophisticated elliptic curve encryption algorithms. This ensures that encrypted email can only be read by the intended email recipients. Although very sophisticated, Encryption for Email Gateway solves all the historical problems associated with traditional encryption products such as working offline and easy key management. It is equally useful for one-to-one, one-to-many, and many-to-many communications. 1.1 Overview of This Release ===================================================================== This is the first major release of Encryption for Email Gateway. 2. What's New? ===================================================================== 2.1 Message Format Support Encryption For Email Gateway supports a message encryption format where the message body and all attachments are encrypted together as one file. 2.2 Black List Domain Support Encryption for Email Gateway can prevent the encryption of dedicated email addresses on certain domains. We will add a customer requested black list domain to our Email Encryption Server. Encryption for Email Gateway will query from this server before encryption, and if the email for the encryption address is on the black list for the dedicated partner, the mail will not be encrypted or blocked. 2.3 Performance Improvement Previously, encryption for Email Gateway can rewrite the received email to remove the “\r\n” elements on each line, but that process slowed down the system when handling larger emails. In version 5.5, we fixed this issue and the performance improved. For Encryption for Email Gateway 5.5, it has about 100% performance enhancement comparing to Encryption for Email Gateway 5.0. 3. Documentation Set ===================================================================== In addition to this readme file, the documentation set for this product includes the following: * Trend Micro Encryption for Email Gateway 5.5 Quick Installation Guide. * Trend Micro Encryption for Email Gateway 5.5 Administrator's Guide. 4. Minimum System Requirements Gateway ====================================================================== VMware ESX 3.5/4.0 or ESXi 3.5/4.0 4.1 Minimum System Requirements (Virtual Host) ===================================================================== CPU and Memory: - Intel Xeon or AMD Opteron (supporting VT) - 1GB RAM Required Disk Space: - 10GB available for installation A permanent outbound Internet connection is required to obtain encryption keys on demand. Note: An inbound Internet connection should be avoided for added security. 5. Installation ======================================================================= The installation of Encryption for Email Gateway requires a connection to a VMware Infrastructure Client. Complete the installation and configuration of the VMware ESX/ESXi beforehand to access the ESX Server host, the VMware Server host, or a VirtualCenter. Installation and configuration of this is outside the scope of this guide and our support. However, this information is available for download and free. To begin installation, refer to the Trend Micro Encryption for Email Gateway Quick Installation Guide for more details. For a variety of Deployment options, refer to the Trend Micro Encryption for Email Gateway Administrator's Guide. 6. Post-Installation Configuration ======================================================================= After Encryption for Email Gateway has been downloaded and setup as a virtual appliance, some post-installation configuration is necessary. This information can be found in Chapter 6 of the Trend Micro Encryption for Email Gateway Administrator's Guide. 7. Known Issues ========================================================================= The following are known issues for this release: * The first email sent through TMEEG might fail with the following result: "A message you sent could not be delivered. The following error occurred: Cannot obtain keys. The Key Server cannot be contacted. To resolve this, resend the message." This is known to be an intermittent problem. * If a subdomain registration failed, but the domain succeeded, the Gateway does not recognize an email address of the subdomain as an internal domain. The workaround is to delete the failed subdomain registration from the Manage Domains section. * Some email clients do not transmit the character set for attachments within the MIME data. This means when decryption occurs, the file might not display correctly in the associated application if the character set of the contents is not the current set OS language of the recipient. * During registration you might receive the following message: "Unknown error occurred during registration" This could occur when there is no Internet connectivity. Verify that TMEEG has the correct network settings and is able to access the Internet. * After updating the Encryption for Email Gateway you could receive an "Unexpected Error" message when launching the runtime components. To work around this, use the Restart System Services facility on the System Status page and relaunch the runtime components. * If the database connectivity is lost during an Encryption for Email Gateway operation, the system services might not reconnect to the database successfully. This impacts statistics not being logged to the database, and keys not being persistant or loaded from the database cache. To work around this, use the Restart System Services facility on the System Status page and relaunch the runtime components. * If an email delivery has failed because of an SMTP rejection downstream, the NDR delivery could also fail when the “Attach original message to NDR” option has been selected. * If a user changes the SMTP listening port, the connection to this port will be blocked by the firewall because there is no policy to allow the connection. The user needs to manually add a firewall policy to allow a connection to the webmin. * The Online Help left panel is unable to create folders when using the Apple Safari browser to open the Encryption for Email Gateway Help. To workaround this, open the online Help using the drop box located in the top right of each page of the Encryption for Email Gateway Web console. 8. Release History ========================================================================= TMEEG V5.0 Build, Nov 2008 TMEEG V4.0 Build, May 2008 9. Contact Information ========================================================================= A license to the Trend Micro software usually includes the right to product updates, pattern file updates, and basic technical support for one (1) year from the date of purchase only. After the first year, Maintenance must be renewed on an annual basis at Trend Micro's then-current Maintenance fees. You can contact Trend Micro by fax, phone, and email, or visit us at: http://www.trendmicro.com Evaluation copies of Trend Micro products can be downloaded from our Web site. Global Mailing Address/Telephone Numbers ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ For global contact information in the Asia/Pacific region, Australia and New Zealand, Europe, Latin America, and Canada, refer to: http://www.trendmicro.com/en/about/overview.htm The Trend Micro "About Us" screen displays. Click the appropriate link in the "Contact Us" section of the screen. Note: This information is subject to change without notice. 10.About Trend Micro ========================================================================= Trend Micro, Inc. provides virus protection, antispam, and content-filtering security products and services. Trend Micro allows companies worldwide to stop viruses and other malicious code from a central point before they can reach the desktop. Copyright 2010, Trend Micro Incorporated. All rights reserved. Trend Micro, and the t-ball logo are trademarks of Trend Micro Incorporated and are registered in some jurisdictions. All other marks are the trademarks or registered trademarks of their respective companies. 11. Licensing Agreements ===================================================================== Information about your license agreement with Trend Micro can be viewed at: http://us.trendmicro.com/us/about/company/user_license_agreements/ Third-party licensing agreements can be viewed: - By selecting the "About" option in the application user interface - By referring to the "Legal" page of the Installation Guide or Administrator's Guide