ESATINFORMER

The XWall Companion Product

A Program by

David Fowler, Sidebit

V1.32 - January 29, 2009

Distribution and Support by

Ceratec Inc.

ESATInformer designed for XWall virtually eliminates the "false positive" problem. Daily reports are sent to the email system administrator and all selected users. These reports summarize the spam problem and list each users blocked messages. Using these reports, users can request delivery of any false positives. The request is handled automatically with a summary report sent to the email administrator. With the "false positive" problem out of the way, the XWall spam filters can be tightened to all but completely eliminate spam.
Table of Content

License Agreement. 5

Intro. 7

Tech Support 7

Sales & Distribution. 7

Program Installation. 10

Download. 10

The Wizard. 12

Required Information. 12

The Wizard - Step by Step. 13

Configuring ESATInformer. 16

ESATAdmin. 17

Admin Buttons. 17

How to use the Admin module. 18

User List 20

Test your ESAT Setup. 22

Generate Manual Reports. 22

ESAT Test Mode. 23

ESAT Rollout 23

Advanced Settings. 24

POP3 settings. 24

Change Report to use Email 25

POP3 Retrieval Keys & Examples. 26

WEB Retrieve Option. 27

Web Retrieval keys & Examples. 28

ESATRetriever 29

ESAT Scheduling. 30

Advanced Scheduling. 31

How to Schedule Multiple Reports. 33

Reports for Partial Days. 34

License Installation. 35

Language or User Text Files. 36

Reference Guide. 38

Key Values. 38

ESATInformer Keys. 39

ReportFormat 39

XWallStatisicsPath. 39

UserEmailOverride. 41

InformerReportLinkFormatter 41

RetrieveRequestFormatter 42

AdminSubjectFormatter 43

UserSubjectFormatter 43

MaxSubjectChars. 43

MaxSenderChars. 44

UserSummaryMaxCount 44

AllowRetrieveAttBlock. 44

IncludeRetrieveReport 44

IncludeQuickLinks. 45

IncludeSMTPBlocksInUserReport 45

EmailAdminSummary. 47

XWallHistoryPath. 47

SubjectPrefix. 47

KeepRequestRecords. 47

LicenseCheckServer 53

LicenseCheckPort 54

Troubleshooting & FAQ.. 55

How do I install the ESAT License Key?. 55

How do I update or upgrade ESAT?. 55

Why are the Quicklinks in the Admin report not working?. 55

Why does ESATAgent show stopped but runs anyway?. 55

Why does Port 5050 work for WebAgent internally but not outside?. 56

How about potential security risks of the web retrieval method?. 57

Exception: Message file does not exist 57

Why does ESAT not pickup retrieve request after upgrading?. 57

License check error, too long since last online validation. 58

Why are my User reports not being sent at the set time?. 58

Do you have some command line examples?. 58

ESAT simply refuses to run at the scheduled time. 59

When I click the 'R' I get a blank message. 59

I get a Message File Does not Exist! error 60

Why can’t I see the retrievals in the Admin report?. 61

How do I enable the Archive in XWall?. 61

How do I not show unretrievable messages in the user report?. 61

I have one user who wants a spam report every hour. 61

License Agreement

IMPORTANT: READ CAREFULLY – This End User License Agreement ("EULA") is a legal agreement between you (either an individual or a single entity) and Sidebit for the ESATInformer and related software products ("SOFTWARE") and may include associated media, printed materials, "online" or electronic documentation, and Internet-based services. YOU AGREE TO BE BOUND BY THE TERMS OF THIS EULA BY INSTALLING, COPYING, OR OTHERWISE USING THE SOFTWARE. IF YOU DO NOT AGREE, DO NOT INSTALL, COPY, OR USE THE SOFTWARE.

ESATInformer and related software tools are copyrighted 2003 by SideBit.Com.

General

Sidebit grants you a license to use the software under the terms and conditions set forth in this EULA.

Installation and Use. Except as otherwise expressly provided in this EULA, you may install, use, access, display and run only one (1) copy of the SOFTWARE on a single computer at a single location running a single instance and servicing a single XWall server as long as the licensee complies with the terms of this license.

Reservation of Rights. Sidebit and its suppliers reserve all rights not expressly granted to you in this EULA.

Limitations on Reverse Engineering, Decompilation and Disassembly. You may not reverse engineer, decompile, or disassemble the SOFTWARE, except and only to the extent that such activity is expressly permitted by applicable law notwithstanding this limitation.

Separation of Components. The SOFTWARE is licensed as a single product. Its component parts may not be separated for use on more than one computer.

Termination. Without prejudice to any other rights, Sidebit may cancel this EULA if you do not abide by the terms and conditions contained herein. In such event, you must destroy all copies of the SOFTWARE and all of its component parts.

Tademarks. This EULA does not grant you any rights in connection with any trademarks or service marks of Sidebit or its suppliers.

THIS SOFTWARE CONTAINS TECHNOLOGICAL MEASURES THAT ARE DESIGNED TO PREVENT UNLICENSED OR ILLEGAL USE OF THE SOFTWARE. The license rights granted under this EULA are limited to the first thirty (30) days after you first run the SOFTWARE, "Demo Mode", unless you purchase a valid instalation key. With a valid instalation key the license rights granted under this EULA are limited to the lifetime of the software. These security measures may include collection of information necessary to notify the user of potential violations of this EULA. This informaiton is used only to prevent unlicensed or illegal use of the software.

INTELLECTUAL PROPERTY RIGHTS. All title and intellectual property rights in and to the SOFTWARE (including but not limited to any images, photographs, animations, video, audio, music, text and "applets," incorporated into the SOFTWARE), the accompanying printed materials, and any copies of the SOFTWARE, are owned by Sidbit or its suppliers. The SOFTWARE is licensed, not sold.

DISCLAIMER OF WARRANTIES. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, SIDEBIT PROVIDES TO YOU THE SOFTWARE, AND SUPPORT SERVICES (IF ANY) AS IS AND WITH ALL FAULTS; AND SIDEBIT AND ITS SUPPLIERS HEREBY DISCLAIM ALL OTHER WARRANTIES AND CONDITIONS, WHETHER EXPRESS, IMPLIED OR STATUTORY, INCLUDING, BUT NOT LIMITED TO, ANY (IF ANY) IMPLIED WARRANTIES, DUTIES OR CONDITIONS OF MERCHANTABILITY, OF FITNESS FOR A PARTICULAR PURPOSE, OF RELIABILITY OR AVAILABILITY, OF ACCURACY OR COMPLETENESS OF RESPONSES, OF RESULTS, OF WORKMANLIKE EFFORT, OF LACK OF VIRUSES, AND OF LACK OF NEGLIGENCE, ALL WITH REGARD TO THE OS COMPONENTS, AND THE PROVISION OF OR FAILURE TO PROVIDE SUPPORT OR OTHER SERVICES, INFORMATION, SOFTWARE, AND RELATED CONTENT THROUGH THE OS COMPONENTS OR OTHERWISE ARISING OUT OF THE USE OF THE OS COMPONENTS. ALSO, THERE IS NO WARRANTY OR CONDITION OF TITLE, QUIET ENJOYMENT, QUIET POSSESSION, CORRESPONDENCE TO DESCRIPTION OR NON-INFRINGEMENT WITH REGARD TO THE OS COMPONENTS.

EXCLUSION OF INCIDENTAL, CONSEQUENTIAL AND CERTAIN OTHER DAMAGES. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL SIDEBIT OR ITS SUPPLIERS BE LIABLE FOR ANY SPECIAL, INCIDENTAL, PUNITIVE, INDIRECT, OR CONSEQUENTIAL DAMAGES WHATSOEVER (INCLUDING, BUT NOT LIMITED TO, DAMAGES FOR LOSS OF PROFITS OR CONFIDENTIAL OR OTHER INFORMATION, FOR BUSINESS INTERRUPTION, FOR PERSONAL INJURY, FOR LOSS OF PRIVACY, FOR FAILURE TO MEET ANY DUTY INCLUDING OF GOOD FAITH OR OF REASONABLE CARE, NEGLIGENCE, AND ANY OTHER PECUNIARY OR OTHER LOSS WHATSOEVER) ARISING OUT OF OR IN ANY WAY RELATED TO THE USE OF OR INABILITY TO USE THE SOFTWARE, THE PROVISION OF OR FAILURE TO PROVIDE SUPPORT OR OTHER SERVICES, INFORMATION, SOFTWARE, AND RELATED CONTENT THROUGH THE SOFTWARE OR OTHERWISE ARISING OUT OF THE USE OF THE SOFTWARE, OR OTHERWISE UNDER OR IN CONNECTION WITH ANY PROVISION OF THIS EULA, EVEN IN THE EVENT OF THE FAULT, TORT (INCLUDING NEGLIGENCE), MISREPRESENTATION, STRICT OR PRODUCT LIABILITY, BREACH OF CONTRACT OR BREACH OF WARRANTY OF SIDEBIT OR ANY SUPPLIER, AND EVEN IF SIDEBIT OR ANY SUPPLIER HAS BEEN ADVISED OF THE POSSIBILTY OF SUCH DAMAGES.

LIMITATION OF LIABILITY AND REMEDIES. NOTWITHSTANDING ANY DAMAGES THAT YOU MIGHT INCUR FOR ANY REASON WHATSOEVER (INCLUDING, WITHOUT LIMITATION, ALL DAMAGES REFERENCED ABOVE AND ALL DIRECT OR GENERAL DAMAGES IN CONTRACT OR ANYTHING ELSE), THE ENTIRE LIABILITY OF SIDEBIT AND ANY OF ITS SUPPLIERS UNDER ANY PROVISION OF THIS EULA AND YOUR EXCLUSIVE REMEDY FOR ALL OF THE FOREGOING SHALL BE LIMITED TO THE GREATER OF THE ACTUAL DAMAGES YOU INCUR IN REASONABLE RELIANCE ON THE SOFTWARE UP TO THE AMOUNT ACTUALLY PAID BY YOU FOR THE SOFTWARE OR U.S.$5.00. THE FOREGOING LIMITATIONS, EXCLUSIONS AND DISCLAIMERS SHALL APPLY TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, EVEN IF ANY REMEDY FAILS ITS ESSENTIAL PURPOSE.

XWall is a trademark of DataEnter.

Intro

ESATInformer processes the XWall data files and creates a statistical report called Admin Report. ESAT emails periodically report to specified users. These individual reports list the spam caught by XWall for the particular user. The messages can (if received) be retrieved by the users without any help from an administrator.

Tech Support

Get online support via our Forum, Help Desk or Knowledge Base. Please visit http://www.esatinformer.com

You can get answers by email. Send your inquiry to: support@ceratec.net

Phone support is available by calling +1 (512) 285 2620 GMT-6

Sales & Distribution

Ceratec Inc.

207 Whipperwill Lane

Elgin, TX 78621

United States

Phone: +1 512-285-2620

Fax: +1 714-242-1688

Email: sales@ceratec.net

Installation

This manual covers the installation of ESATInformer and its basic use. The modules of ESATInformer are command line based and can be used in many different ways. We recommend visiting our web site and forum for the latest information.

Pre-Requisites

Hardware

Any NT/2000/XP workstation or server. We recommend 512+Megs of memory if you have more than 100 users.

Software

Your system needs to have Microsoft .NET framework 1.1 installed.

XWall

Statistics: In the XWall Admin program go to OPTIONS -> GENERAL-> STATISTICS. Add a check mark to the “Write Statistics File" and "Write SMTP blocking statistics file" and you may specify a path.

Both files MUST be in the same folder. Remember that path. You will need it in a few minutes. ESATAdmin will call this the Informer key. XWallStatisticPath

XWall History (Archive): XWall must keep an archive of all messages. Go to OPTIONS-> GENERAL->HISTORY. Put a check mark on the box "Keep message file".

You may want to limit the archive to 7-21 days if your storage situation is limited. If you do not specify a path, XWall will create a folder in the c:\xwall folder called HIST-IN and HIST-OUT. ESATAdmin will call this the Retriever key XwallHistoryPath.

ESAT can process retrieval requests over the web or via email. Please choose one of the options and prepare accordingly.

Web Retrieval

ESATAgent has a built-in mini web server to receive the retrieve request. There are some things to consider when choosing the web retrieve option.

The host name of the ESAT machine must resolve for external and internal users. You may need to add the host name to your DNS server.

You need to open a port, typically 84, on the ESATInformer machine and your router, and point it to the machine running ESAT.

Mail Retrieval

ESATAgent can retrieve requests by email. If you choose this option, ESAT needs a POP3 mailbox on a mail server. ESATAgent will ask for the keys:

POP3Server

POP3User

POP3Password

ESATAgent does not support encrypted passwords or secure POP3.

Program Installation

Download

Download the current version of ESATInformer from http://www.esatinformer.com

In addition to the ESATInformer program, you will find support programs and beta releases.

Run the Installer

The installation is simple. Unpack the zip file and run the ESATInformerInstaller. If you do not have the .Net environment installed the process will abort.

The input screen will ask you to select a location. We recommend the default location and to install it for all users.

Continue the install by acknowledging your settings by pressing “Next” a couple times.

ESATInformer program installation is complete and you are ready to configure it.

The ESATInformer package includes four programs: Informer, Agent, Retriever and Admin. Together these utilities give you a fully automatic blocked message retrieval and report system.

If you upgraded from a previous version check the Upgrade Info page.

The Wizard

The ESATInfomer package installation is complete and ready to be configured. Click Quick Start to launch the Wizard.

The wizard requires basic information to setup the ESATinformer defaults. If you like to use the retrieval option via email (POP3) you need to set the keys after you finished the wizard.

Required Information

· SMTP SERVER = your Exchange Server

· SMTP PORT = The SMTP port your mail or Exchange Server uses (usually 24)

· ADMIN EMAIL = Your Email address, not the spam mail box

· Retrieve Option Web

o WEB IP Address = the IP address of the machine running ESAT

o WEB Port = the port the ESAT web should use

o Web Hostname = Official host name of the ESAT machine

The Wizard - Step by Step

Step 1 - The Administrator Email address will receive the Admin and Exception (error) reports.

Step 2 – Mail server information. Enter the IP address or your mail server (localhost if ESAT runs in the same machine). If you send the spam reports through XWall do not forget the exclude the ESAT email address.

Step 3 - Web Retrieval. Leave the IP set to 0.0.0.0 (= bind all addresses) unless you have a good reason. The server address equals the host name of the machine. You can use any available port but we recommend not using port 80, 21 and other often-used ports.

Step 4 – XWall file locations. Use the browse button to set the location of the XWall stats folder and history folder.

Step 5 – Write Configuration. Click the button to write the ESAT config files. If you made a mistake, you can press the Quick Start again.

Configuring ESATInformer

The Wizard takes care of the basic parameters. To customize or to edit settings you need to start the ESATAdmin.

The install process creates the ESATAdmin menu and puts an icon on your desktop.

The modules Informer, Agent and Retriever are command line based. The Admin or scheduled events launch them. These modules do not show in the menu or on the desktop.

ESATAdmin

ESATAdmin is the utility to set all the key values, manually generate reports and manually retrieve messages.

Admin Buttons

q HELP - Brings up the Table of Contents at www.esatinformer.com. The website contains the latest information about ESAT products.

q INFORMER - Launches manual informer reports

q RETRIEVER - Retrieves messages manually. You need to know the message file name.

q AGENT - Launches ESATAgent; Makes or removes the ESATAgent Service. Note: the Agent or the Agent service must run all the time for ESATInformer to send out reports and processing requests.

q USER - Adds or edits the USERLIST.DAT file. This file determines who gets user reports

q LICENSE - Once you purchase a license, you enter it here.

q SAVE – Saves the latest configuration changes.

q EXIT - Exits ESATAdmin. The Agent will keep running - do not shut it down.

How to use the Admin module

To edit the configuration keys click the “+” next to ESATInformer, ESAT Agent or ESATRetriever modules. The help text explains each key value and the typical options.

General Fields show up in all modules. We added a copy option so you do not have to enter them repeatedly.

User List

The user list file determines who gets a report. The structure can be very basic. ESAT by default looks just for one email address per line. Therefore, you can use the list generated by Exchimp.exe and such. Any additional information is ignored.

ESATInformer does support combined reports. If a user has more then one address you may combine them to one report. In this case, the line for those users would look like this:

John Doe:john.doe@domain.com;jonny@domain.com;jd@xyz.com

john.doe@domain.com would get the reports from the other addresses all in one report.

Example: Simple USERLIST.TXT Example

pthomas@domain.com
pthomas@somedomain.com

Example: Combined USERLIST.TXT Example

Peter Thomas:pthomas@domain.com;support@esdomain.com Wayne Doe:wdoe@domain.com;sales@wdomain.com
ESATAgent Service or Application

The ESATAgent is the module that brings is all together. It tells the Informer to send out reports. It picks up the requests and sends them to the ESATRetriever.

In order to have ESAT send out reports automatically and process retrieve requests the Agent must be running all the time. We recommend making the Agent a service. Click Agent, install the service and start it.

Please note: If ESAT has to access file over a network path the service must be made a user service with sufficient rights to read the files.

We recommend uninstalling agent before updating and re-installing the agent after the update.

Test your ESAT Setup

Your ESAT is now ready to create reports. Start ESATAdmin and do some test reports.

Generate Manual Reports

You can create reports manually at any time. Start the ESATAdmin, click the Informer button and the report generator window will pop-up.

q Date: Choose the date of the report

q Type: Options Admin -To create only an Admin Report

§ Single - To create a single User Report

§ User - To create reports for all Users

§ All - To create Admin and all User Reports

q User: Choose the email address for creating a users report

q Output: Display – To display the report on the screen

§ File – To save the report to a file.

§ Email – To email the report.

q Output TO – blank = default email address

§ Or enter an email address

ESAT Test Mode

The test mode allows you to test ESAT settings without sending numerous reports to the users. Instead, ESAT is sending all user reports to the admin.

ESAT Rollout

Once you verify that the test reports are correct your ESATInformer is ready to put in production. However if you just started the XWall archive you may want to wait a full day before sending reports to users.

Remember you need to have the message in the archive in order for ESAT to retrieve it. If they users request messages that are listed in the SR and SP statistics files but Xwall did not keep an archive at that time you will receive numerous exception reports.

Advanced Settings

These settings may not be needed for the initially ESAT Informer launch.

POP3 Retrieve Option

Skip this section if you want to setup Web retrieval.

The POP3 retrieve process is completely email based. The user clicks the blue R and the default mail program will open a message to ESATInformer with a command line in the body. ESAT Agent will decode that message and send the client the retrieved email in original form. It's so original we actually had to add a [Retrieved] in the subject line so people would realized that it's the retrieved message.

POP3 settings

In order to receive the user request ESATAdmin needs a POP3 box on your mail server. You need to create a Pop3 account for ESATAgent and enter the access information for the POP3 account in the Agent config file in the admin program.

ESATAgent does not support encrypted passwords or SSL POP3 connections.

ESATAgent picks up the request from the Pop3 mailbox at scheduled intervals. The schedules are set in the RUNINTERVAL field. Typically it’s set to 300 seconds

Change Report to use Email

In order for the report to embed the mail options in the reports you need to edit the InformerreportlinkFormatter and RetrieveRequestFormatter. The keys are in the ESATInformer config file.

Example: (there is no line break in the config string)

Mailto:YourAgentEmail@YourDomain.com?subject=ESATAgent Command&body=[cmd]informer run, {3}, single, {1}[cmd]

Example: (there is no line break in the config string)

Mailto:esatagent@domain.com?subject=ESATAgent Command&body=[cmd]Retrieve Message Request, {1}, {2}, {3}, {4}[cmd]

POP3 Retrieval Keys & Examples

ESATInformer KEYS

RetrieveRequestformatter:Mailto:esatagent@yourdomain.com?subject=ESATAgent Command&body=[cmd]Retrieve Message Request, {1}, {2}, {3}, {4}[cmd]

InformerReportLink: Mailto:esatagent@yourdomain.com?subject=ESATAgent Command&body=[cmd]informer run, {3}, single, {1}[cmd]

Please note the POP3 option has comma separators for the arguments

ESATAgent KEYS

RunInterval:300

EnablePOP3: YES

Pop3Server: 192.168..1.10 or mail. yourdomain.com (basically the IP or host name of your exchange server

Pop3User: esatagent or esatagent@yourdomain.com (whatever the Pop server requires)

Pop3Port: 110

WEB Retrieve Option

Skip this section if you setup retrieval via Email (POP3 retrieval)

Some email programs have problems opening upon a Mailto: link. One of these is Outlook Web Access. It will not open as the default mail client and therefore does not work unless the client machine is correctly setup for that situation. In order to make OWA work for everybody and anywhere ESAT offers a WEB interface provided by the Agent.

In order to use the WEB interface you need to change the RetrieverRequestformatter from Mailto: to http://. and set the WebIPAddress and the web port. In the screenshots we set the web port to 5050.

Web Retrieval keys & Examples

ESATInformer KEYS

RetrieveRequestformatter:http://mail.veriance.com:5050/Retrieve.cmd?args={5} {1} {2} {3} {4}

InformerReportLink: http://mail.veriance.com:5050//Informer.cmd?args={5} {3} single {1}

Please note: unlike the POP3 option the web option does not have comma separators for the arguments

ESATAgent KEYS

RunInterval:300

EnablePOP3: NO

WebIPAddress:69.57.144.79 ( to bind it to all NICs in your machine set it to 0.0.0.0)

Web Port: 5050 (this needs to correspond with the ESATInformer Keys)

ALL PORT REFERENCS MUST BE SET TO THE SAME PORT NUMBER.

If you have trouble with 5050 try other ports. 84 is a good choice too.

ESATRetriever

The EsatRetriever module retrieves the requested messages from the XWall archive. The key XWallHistoryPath points the retriever to the folder where Xwall stored the message. If it is incorrect, retriever cannot find the message.

If ESAT resided on the same machine as XWall, you can compare the path to the XWall history path setting in the XWall Admin. The paths should be the same up to the \HIST-IN\ part. XWall will not show it while ESAT needs to show it.

Example:

Setting in XWall: C:\XWall\Archive

Setting in ESAT: C:\XWall\Archive\HIST-IN\

If you just installed ESAT and have trouble retrieving check these point

q Do you have XWall enabled to keep the history?

q Is your XWallHistoryPath Key correct?

q If you just turned on the history and had the stats already set, your uses may try to retrieve messages XWall did not store.

If it is a working installation usually, the users request a message that it too old.

ESAT Scheduling

ESATInformer has the basic report scheduling built-in. The reports are send out some time after midnight but before the users get to work.

You can use the Microsoft Scheduler to send additional reports throughout the day. However, please consider some users may end up getting more reports them spam if you send a report every few hours.

Example: This schedule runs 2 minutes after midnight. ESATInformer must always run AFTER midnight to get a complete report for the entire day. The reports will be ready for your users when they get to work in the morning.

Advanced Scheduling

If you plan on multiple reports per day you use the MS scheduler included in all modern Microsoft Windows platforms Using the scheduler is an easy and convenient way to setup multiple events like user reports at different times of a day.. Here is an example based on Windows 2000 Server.

The Microsoft Scheduler is in the Microsoft Windows Control Panel. The examples below show two ESAT events.

The first replaces report includes the hours from midnight to 1:00PM. Agent emails it at 1:02 PM

The second report covers 1:00 PM to midnight and Agent emails it a couple minutes after midnight.

Since the MS scheduler initiates the user reports, we also added the argument Admin to the key InformerArgs so the Agent only creates the Admin report after midnight.

How to Schedule Multiple Reports

q Goto the control panel and click on "Schedule a task"

q Click on add a task

q Browse to the location of ESATInformer and select the pro\gram the default path is c:\program files\sidebit\esatinformer

q Select ESATInformer

q Schedule daily

q Schedule for 12:05AM

q Select the user the Scheduler should run the application under

q Check the Advanced setting flag and click next

q You should see the scheduled task highlighted "C:\program files\sidebit\esatinformer.exe"

q Add auto to the line but make sure you leave the end quote where is is. "C:\program files\sidebit\ESATInfoermer\ESATInformer.exe" auto

q Accept the schedule and save

q Wrong syntax:

"C:\program files\sidebit\ESATInformer\ESATInformer.exe auto "

q Correct syntax:

"C:\program files\sidebit\ESATInformer\ESATInformer.exe" auto

You may execute ESATInformer at additional occasions using the Microsoft Scheduler.

Reports for Partial Days

You can send multiple User reports showing different sections of the day. These reports need to be scheduled via a scheduler.. XWall starts a new SR file every Midnight Typically ESATInformer processes the entire file. In order not to send the same information over and over you need to give the argument a time slice code.

The time code is a 4-digit number. The first 2 digits represent the starting hour, the second pair is the ending hour. Military time is used. The example below shows a report sent at midnight, 8:00AM, 1:00PM and 4:00PM. ESAT sends the admin report as usual right after midnight. The user reports are scheduled in an external scheduled typically the MS scheduler.

AT 00:05 Run ESATInformer Yesterday-1624

"C:\program files\sidebit\ESATInformer\ESATInformer.exe" yesterday-1624 user

AT 08:05 Run ESATInformer Today-0008

"C:\program files\sidebit\ESATInformer\ESATInformer.exe" today-0008 user

AT 13:05 Run ESATInformer Today-0813

"C:\program files\sidebit\ESATInformer\ESATInformer.exe" today-0813 user

AT 16:05 Run ESATInformer Today-1316

"C:\program files\sidebit\ESATInformer\ESATInformer.exe" today-1316 user

Limitations: You cannot send a report using a time slice from 5:00 PM to 8:00AM. The date for that request is contained in 2 SR files.

Set the InformerArgs key in ESATAgent to auto admin so it sends only the admin report for the complete day instead an additional full user report. The scheduler handles all the user reports.

License Installation

In order to have a valid license you need to enter the license key and company name as listed in the License To: field of the email you received from Ceratec. The License windows opens when you press LICENSE at the bottom of the ESATAdmin.

Language or User Text Files

The ESAT user report text parts can be edited or replaced. The two files are named by the UserHeaderFile and UserfooterFile keys. If you send out a Zero Spam message, you need to edit the file named by the UserZeroSpamFile key. The files are simple HTML.

The appearance of the reports can be changed by editing the .CSS files in the ESATInformer folder. There are style sheets for the admin and user report.

Update ESATInformer

q Download the latest version of ESATinformer from http://www.esatinformer.com/download

q Backup your current installation

q Check the Web site for upgrade instructions

q Uninstall the old ESATInformer before installing the new version.

q Delete the CCS files in the ESATInformer folder

q Install the new ESATInformer

q Click on UPDADE (If you click on the wizard it will over write your configuration!)

q After every update of ESATInformer run the program once from the command line to update your config with the new keys. After completion, you may modify the config file to your needs with the ESATAdmin.

All your settings are safe. They are not deleted by the program uninstall.

Reference Guide

Key Values

ESATInformer uses three config files.

ESATInformer.exe.config

ESATAgent.exe.config

ESATRetriever.exe.config

These files are located by default in c:\Program Files\sidebit\Esatinformer

ESATInformer Keys

ReportFormat

This option specifies which format will be used for generating the email reports. Use "HTML" if you can, as this produces visually impressive results.

The generated HTML reports use cascading style sheets that can be customized by editing the ESATInformerReportAdmin.css and ESATInformerReportUser.css files.

If for any reason your users cannot handle HTML messages, set the ReportFormat to "Text”.

Example: HTML

Text

XWallStatisicsPath

This key specifies the full path to the directory where XWall stores the SR statistical files. Include the trailing "\" in the path name.

Example: c:\xwall\logs\

\\mailserver\logs\

ShowStorage

This key controls whether or not the retrieve links are included in a user report. If you have XWall setup to keep the messages in an archive and you want to allow your users to retrieve messages via the user report, then set this option to "yes".

Example: Yes

ShowUserDomains

This key controls whether or not reports include the full email address or just the user name portion. Set This key to "No" to show just the user names. Use "Yes" to get the full email address. If the email address is longer then the column space allotted it will be truncated. Setting this option to "No" can make the reports look better, especially if you have a long domain name.

Example: Yes

UserListFile

This key specifies the file of user email addresses to be included in the reports. This parameter can either be set to "None" or it can point to a text file. If it's set to "None" then all the recipients found during log file processing are included in the user email status reports. If this parameter specifies a valid file, then the users are filtered so that only those listed in the file are sent reports. The file is a simple text file with one line for each user. The email address must be all lower case and must match exactly with the email address in the SR log files.

Example: none

userlist.txt

(Please note: file must be in the ESATInformer folder)

UserHeaderFile

This key specifies the file that is included at the beginning of each user report. This is a good place to explain to users why they are receiving the message. The file is plain text.

Example: userfooter.txt

(Please note: file must be in the ESATInformer folder)

UserZeroSpamFile

This key specifies the filename of the file containing the body text of the zero-spam report that will be sent to users who had no blocked messages. This feature insures that all users know that messages were not blocked.

If you wish to disable the sending of zero-spam reports, set this option to “none”.

Example: userZeroSpam.txt

none

(file must be in the ESATInformer folder)

UserEmailOverride

This key can be used to override the normal destination of emailed reports. The messages that would have been sent to the user addresses are instead sent to the specified address.

Be careful with this setting, as each of your users might trigger a spam report message.

The key can be set as follows:

No = Do not override user email addresses. Messages will be sent to normal user accounts.

Yes = Override all user messages so that they are sent to the admin address.

Email = Override all user messages so that they are sent to the specified email address. Use ; to separate multiple addresses.

Example: Yes

John.Smith@yourdomain.com

InformerReportLinkFormatter

This key specifies the string generated by the "User Links" process for Informer runs in a user report. If the "IncludeUserLinks" config option is enabled, a list of links which allow the user to request an Informer run are included in the normal user report. The "InformerReportLinkFormatter" string is used to format the links generated by the automated "User Links" process.

You can do web based or email based Informer report request. Use a formatter like the ones shown in the examples below.

Control of this formatter is provided so you could implement either Web or EMail based request. It is also possible to integrate Informer into your own script based system using this formatter. If you are not implementing a custom system, use either the Web or EMail based strings shown in the examples below. Be sure to replace the host name or email address as necessary for your system. You can refer to the online documentation for further information regarding this string.

Example for web based retrieve:

http://yourserver:5050/Informer.cmd?args={5} {3} single {1}

Example for email based retrieve:

Mailto:ESATAgent@esatinformer.com?subject=ESATAgent Command&body=[cmd]informer run, {3}, single, {1}[cmd]

Placeholders are used for several context sensitive parameters. The string below is used for the automated process. The "{1}" is a place holder for the users Email address. Other place holders are listed below.

{1} Users Email Address

{3} Log Date Code

{5} Code for web request

RetrieveRequestFormatter

This key specifies the string generated for Retrieve request in a user report. Each mail record generated for a user report that is retrievable includes a link icon (R Icon). This "RetrieveRequestFormatter" string controls how this link is generated.

You can do web based retrieve request. Use a retrieve formatter like the one shown in the examples below.

Example for web based retrieve:

http://yourserver:5050/Retrieve.cmd?args={5} {1} {2} {3} {4}

Example for email based retrieve:

Mailto:ESATAgent@esatinformer.com?subject=ESATAgent Command&body=[cmd]Retrieve Message Request, {1}, {2}, {3}, {4}[cmd]

{0} Admin Email Address

{1} Users Email Address

{2} History File Name

{3} Log Date Code

{4} Block Reasons

{5} Code for web request

AdminSubjectFormatter

This key specifies the text used for the subject line in user reports. The string can contain any desired content. Placeholders are used for several context sensitive parameters.

Example: Admin Report for: {0} {1}

The "{0}" is a place holder for the users Email address. Other place holders are listed below.

{0} Date - Example: Thu, Dec 30 2004

{1} Time slice - Example: 00:00 - 13:00

UserSubjectFormatter

This key specifies the text used for the subject line in admin reports. The string can contain any desired content. Placeholders are used for several context sensitive parameters.

Example: Spam Report for {0}: {1} {2}

The "{0}" is a place holder for the users Email address. Other place holders are listed below.

{0} Users Email Address - Example: user@yourdomain.com

{1} Date - Example: Thu, Dec 30 2004

{2} Time slice - Example: 00:00 - 13:00

MaxSubjectChars

Each line in a user report created by ESATInformer contains the email address of the sender and the subject field of the blocked message. This option specifies a maximum character limit for that subject field. The value zero equates to no limit.

Example: 30

MaxSenderChars

Each line in a user report created by ESATInformer contains the email address of the sender (sender field) and the subject of the blocked message. This option specifies the maximum character limit for that sender field. The value zero equates to no limit.

Example: 20

UserSummaryMaxCount

This key limits the number of users listed in the admin report’s user summary. The value zero equates to no limit.

Example: 50

AllowRetrieveAttBlock

This key specifies whether a user is allowed to retrieve messages that were blocked due to dangerous attachments.

Warning! In order to have a valid archive XWall placed a copy of the message into the archive first and then scans the message for viruses and spam. If you enable retrieval of blocked attachments, you could be allowing your users to retrieve infected files.

Example: Yes

IncludeRetrieveReport

This key specifies whether the Admin report includes a Retrieve Request Summary table.

Example: Yes

IncludeQuickLinks

This key specifies whether a quick links bar is included in the admin report. The quick link bar makes it easy to jump around in the admin report.

Example: Yes

IncludeSMTPBlocksInUserReport

This key specifies whether or not to include the SMTP block records in the user report.

Example: Yes

IncludeUserLinks

This key specifies whether or not to include Mailto links for past spam reports in the user report.

Example: Yes

AgentEmail

The email address used by Agent to pickup commands. This should match the email address in your Retriever request formatter.

Example: ESATAgent@yourdomain.com

AgentSubject

This key specifies the subject line used for the user spam report request. This must match the value you have set in the Agent config file for the subject key for the request to be processed.

Example: ESATAgent Command

HelpURL

This Key specifies the landing page (web site) if a user clicks the help/info on the bottom of the user report. By default, they are directed to a special help page on the ESAT site. You can replace that link with a URL pointing to a page on your site.

Example: http://www.esatinformer.com/help/userhelp.htm

http://www.yoursite.com/help

Retriever Keys

EmailAdminSummary

This key specifies whether the admin receives a summary report each time a user sends a retrieve request.

Set this option to “No” if you plan to review the retrieve requests via the Retriever log file Retriever.csv.

Example: Yes

XWallHistoryPath

This key specifies the root directory of the XWall archive where Retriever will pick up messages to resend. This is the path to XWall's HIST-IN folder.

Example: c:\xwall\HIST-IN\

\\mailserver\xwall\hist-in\

SubjectPrefix

This key specifies a prefix for a retrieved message's subject line. This may help the receiver identify the requested message. Use "" to disable.

Example: [Retrieved]

KeepRequestRecords

This key specifies whether or not retrieve request data is stored in a CSV log. The file includes Date, Time, Msg Date, File, Block Reasons, Send To, Orig To, Orig From, and Orig Subject.

The file name will be date coded, ESATRetriever.<datecode>.csv. For example, ESATRetriever.040215.csv.

This log can be used by Informer to create retrieval reports.

Example: Yes

ESATAgent Keys

RunInterval

]This key specifies the number of seconds to wait between checks of the Agent POP3 account. 300 seconds = 5 minutes.

Example: 300

500

InformerProgram

This key specifies the path and filename of ESATInformer’s executable. The program typically resides in the same folder as Agent, so the example below should work correctly in most cases.

Example: ESATInformer.exe

InformerRunTime

This key schedules when to run ESATInformer. The time is entered in the 24-hour (military) format. This can be set to "none" to disable the Informer scheduling.

Example: 00:05:00

EnablePOP3

This key controls whether or not Agent connects to a POP3 account to look for commands. If you are using the HTTP retrieve feature you probably do not need to have a POP3 account.

Example: No

Yes

InformerArgs

This key specifies the argument passed to Informer. Normally, this is set to "auto" which makes Informer automatically figure out the correct log file date. Refer to online ESATInformer help for more information and arguments.

Example: auto

auto admin

POP3Server

This key specifies the address of the POP3 server for the Agent account. If the server is on the same system as ESATInformer it's usually localhost.

Example: localhost

pop.yourdomain.com

127.0.0.1

192.168.1.22

POP3Port

This key specifies the port number utilized by the POP3 server. The default POP3 port is 110.

Example: 110

POP3User

This key specifies the username of the POP3 mail account. ESATAgent will monitor this account for commands.

Example: username

POP3Password

This key specifies the password for the POP3 mail account.

Example: password

SubjectKey

This key specifies the key subject line Agent will accept for command messages. If a message’s subject line does not exactly match the key subject line, it is ignored. In any case, if the subject text matches the key subject line, the message is parsed for Agent commands.

Example: ESATAgent Command

RetrieveHandler

This key specifies the path and file names for the Retriever program. The program typically resides in the same folder as Agent, so the example below should work correctly in most cases.

Example: EsatRetrieve.exe

CommandDelimiter

This key allows you to use a command string of your choice. We recommend leaving the default [cmd]. However, if for some reason something in your email system filters out this string, you may change it to a different one.

Example: [cmd]

[xyz]

WebIPAddress

Specifies the web server IP address where Agent will listen for retrieve request. Use 0.0.0.0 to bind to all available IP addresses.

Example:

0.0.0.0

192.168.100.1

sidebit.com

WebPort

This key specifies the port number where Agent will listen for retrieve request.

Example: 84

5050

General Keys

AdminEmail

The email address used for the administrator reports. You can enter multiple addresses using a ";" (semicolon) as a separator. Do not use any spaces.

Examples:

Single address admin@yourdomain.com

Multiple addresses admin@yourdomain.com;otheradmin@yourdomain.com

EmailFrom

The email address displayed in the "From" field in the report message headers. This address also serves as the reply-to address; it is where user responses to the generated reports will be sent.

The email address can be entered in the basic form, user@domain or in the friendlier form, "Name" <user@domian> Note that the quotes and <> are required for proper address parsing.

Examples: admin@yourdomain.com

"ESATInformer" esatinformer@yourdomain.com

SmtpServer

Enter the URL or IP address of the SMTP mail server that will deliver the reports. Some of the user reports contain spam words. Because of this, you should send these mails to your Exchange server rather than XWall. If you do not, XWall may filter these user reports.

Examples: smtp.yourdomain.com

mail.yourdomain.com

Localhost

127.0.0.1

192.168.1.32

SmtpPort

This is the port used for the connection to the SMTP server. The default for an SMTP server is port 25.

Exchange is typically set to port 24 if Exchange and XWall are on the same machine. Since the ESAT reports may contain spam terminology, we recommend these mails be sent to your Exchange server rather than to XWall. If you do not, XWall may filter these user reports.

Example: 24

SmtpDomain

When contacting the SMTP mail server, this is the domain that will be reported as the source of the email messages.

Example: yourdomain.com

SmtpRetryCount

Informer will retry failed SMTP attempts a limited number of times. This configuration file setting controls that number. If all the retry attempts fail then Informer will attempt to send an admin exception report. After sending this report, ESATInformer will shut down.

Example: 3

SmtpRetryDelay

This key specifies the amount of time (in seconds) to wait between retries.

Example: 10

300

LicenseCheckServer

Specifies the URL used for the license check server. Without a valid server name here, the ESAT programs will eventually shut down.

Example: esat.engia.net

This is the only valid value for this field at this time.

LicenseCheckPort

Specifies the IP port used for the license check server. Without a valid port number, the ESAT programs will eventually shut down. Normally port 80 is used. If your system blocks port 80, try port number 1482.

Example: 80

1482

(These are the only valid values for this field at this time.)

Troubleshooting & FAQ

These are some questions and answers found in the ESAT Knowledgebase.

How do I install the ESAT License Key?

A few things to consider when entering the key code:

The "License To" field must be typed in EXACTLY as in the license Email.

All key codes are in UPPER CASE.

There is no "O" (the character o) in the keycode only 0 (zero).

Don't mix up the fields

How do I update or upgrade ESAT?

When you upgrade to a new version from an old one, stop the agent and uninstall the agent in the ESAT admin panel. Then go and uninstall ESATInformer (add /remove programs) and install the new version. Your settings are preserved.

Sometimes there is a new style sheet that goes with the new version. If that's the case make sure you delete the old CSS files before installing the update.

Why are the Quicklinks in the Admin report not working?

Outlook uses a light version of IE to render html email. This light version does not handle anchor links within the document correctly. If the report was saved as HTML or was generated directly to file, then IE would open and view in "full" mode with support for anchors.

Why does ESATAgent show stopped but runs anyway?

Try the following: Shut down the stand alone agent.

Use the admin tool to uninstall the agent service.

Restart the computer and confirm that Agent is not shown as a service, running or otherwise.

Go to the install directory and delete or rename the ESATAgent.log file.

Something probably got confused the first time you tried to install Agent. If you can get it uninstalled as a service and start clean, the problem will be fixed.

Why does Port 5050 work for WebAgent internally but not outside?

You need to allow tcp over port 5050 (or whatever alternate port you are using) on your firewall. The biggest problem with the external versus internal usage is that the URL in the reports does not change--thus you MUST use the same addressing internally versus externally (so you cannot use IP numbers).

In order for the addressing to be the same internally and externally, you must duplicate your external DNS setting for the retrieval URL internally. In other words, set up the retrieval URL to work with a valid EXTERNAL URL from the BEGINNING--even internally.

This will correct most situation.

If you use a separate internal domain naming structure internally versus externally (we do), then you have to work around that...

Example: retrieval URL = http://spam.domain.com:5050/etc.

Set up either a host file on every internal client that maps this host name (spam.domain.com) to the correct internal server address; OR (as we did) create a second internal DNS zone for that external domain and add a host entry for the correct internal server address.

It does work, because we switched over to these 2/3 weeks ago. And that is publishing the server through 2 back to back ISA firewalls

(This is not necessarily a "full" explanation but should give you enough guidance to decide whether it is a solution for your situation.)

Can I run WebAgent on a server with IIS already installed?

There should be no issue running WEBagent, ESAT web based retrieval and having IIS running on the same machine. Typically ESAT uses port 5050 or 84 so it's not getting in IIS territory. But make sure your firewall allows the web requests to pass through.

How about potential security risks of the web retrieval method?

Agent opens up a socket at the specified port and listens for an HTTP request. Currently it only allows for Retrieve and Informer request. All other request are answered with an error.

The HTTP server features are very limited and do not rely on any services from IIS or any other server components. This service was created using .net sockets therefore it should be reasonable secure and covered by Microsoft updates if any issue surfaces.

Exception: Message file does not exist

If you get that error on an established installation, it is most likely a request for a message is no longer available on the server. The availability is directly controlled by how many days of archive (history) you keep in XWall.

If you have the problem on a new install, check the path the exception report shows for the message file and compare see it that matches the actual location on the drive.

I noticed a few exception reports showing that the WEBRetrieval key showed our server as we list in our example. Make sure you list YOUR SERVER in your setup not ours.

Why does ESAT not pickup retrieve request after upgrading?

if you update ESATInformer from a 1.25 or older version and use the POP3 retrieval method the POP option will be turned off.

You need to go to the ESATAdmin under the ESATAgent tree and set POP3 to YES

License check error, too long since last online validation

ESAT needs to be able to do a license check on port 80 or 1482. If for some reason you cannot have port 80 available.

Please set the port key in ESATAdmin for all 3 programs to 1482 and have the port available.

Why are my User reports not being sent at the set time?

There are three Agent config options that need to be set correctly to get the automated Informer run to happen.

"InformerProgram" should point to the ESATInformer.exe program
"InformerRunTime" should be a time in hh:mm:ss format
"InformerArgs" should be a valid command line for ESATInformer. Try setting this to just "auto"

Make sure that the user account used by the Agent service has permission to run ESATInformer.

Also, do you have the link to the SR files mapped such as 'F:Stats' or 'xwallserverstats' ? The F:Stats may not be available to the agent service.

Do you have some command line examples?

ESATInformer Auto
Generate both admin and user reports, deliver them via email to the standard addresses.

ESATInformer Auto Admin
Generate only the admin report. Deliver it via email.

ESATInformer Auto Admin File xyz.htm
Generate only the admin report. Create it as a file named xyz.htm.

ESATInformer Auto Single johndoe@yourdomain.com Email anotheruser@yourdomain.com
Create a report for the specific user, email it to another user.

ESATInformer Auto Single johndoe@yourdomain.com File D:esat
Create a report for the specific user, report to file and file location

ESAT simply refuses to run at the scheduled time.

Make sure the Agent is not running when you make the change. If you want to run it at 5AM you would enter 05:00:00 not 00:05:00. Don't forget to SAVE the change.

When I click the 'R' I get a blank message

Esat will create a message to ESATAgent asking for the message you want retrieved. Using the defaults the message is addresses to ESATAgent, the subject is ESATAgent Command and the text in the message body starts and ends with [cmd] .

IF you do not see any body text check your RetrieveRequestFormatter key. Load ESATAdmin, open the ESATInformer tree and look for the key about 10 keys down. Look for the String ....... ESATAgent Command&body. Maybe your string reads EASTAgent Command&body.

If so remove the amp; close the key and save your settings. Double check if the amp is gone. Once confirmed re-run the user reports.

I get a Message File Does not Exist! error

If you are running Xwall and ESAT on the same machine:

Double-check the path where your messages are stored. Xwall could be set up so the messages are stored in C:XWalllogshist-in. ESAT Reporter could be set up so that it is pointing to C:XWallhist-in. Miss matched directories will not work.

If running via networked machines, check:

What account do you have ESAT operating under? It is highly likely that the account ESATAgent is running under is "Local System". This means that a mapped drive (or even a UNC path) will not work as that account does not have rights to network resources. To continue running in this type configuration, you would need to:

    1) Create a Domain User account (say "ESATAgentServiceAccount")
    2) On the system running ESAT do the following:
        a. Grant "mydomainESATAgentServiceAccount" Full control to the ESAT installation folder.
        b. In Services, change the Log On for the ESATAgent service to the "mydomainESATAgentServiceAccount" user. You should get a             statement that says something about granting this account rights to login as a service - that is needed.
        c. Set the XWallHistoryPath in ESATAdmin to the UNC path to the share that your X: drive had been pointing to. Something like:
            myxwallserverhistorysharelogsHIST-IN

If you are running ESAT on the XWall server:
        a. Verify/Add the "mydomainESATAgentServiceAccount" has "Access through the network" rights in the Local Security Policy.
        b. Add this user account to the share you created (what X: was mapped to...) with Read rights.
        c. Give this account Read rights to the HIST-IN folder structure.

I have trouble with ESATInformer & Windows scheduler.

While ESATAgent schedules the basic ESATInformer runs, you may wish to add others by using the MS scheduler. The scheduler may not be available in Windows NT. Make sure the scheduler executes the program. A common mistake is to put the 'auto' switch inside the quotes.

Wrong syntax:

"C:program filessidebitESATInfoermerESATInformer.exe auto "

Correct syntax:

"C:program filessidebitESATInfoermerESATInformer.exe" auto

Why can’t I see the retrievals in the Admin report?

All you need to do is set "IncludeRetrieveReports = YES" in the Informer keys.

How do I enable the Archive in XWall?

In the XWall Admin go to OPTION-> GENERAL-> HISTORY. Put check mark next to "KEEP COPY MESSAGE FILES"

If you are limited by space on your hard drive you can limit the size of the archive by a number of days. Also the archive can now be moved to a different folder or drive. Exclude the archive in you virus scanner.

Why is my ESATAgent not processing a request?

These are some of the causes of why your users do not get a report. . Most people have problems with the "[cmd]" and the comma and spaces issue in the RetrieveRequestFormatter key.

Often the issue is the use of the "&" sign. You need to combine the & with amp.

Command& - Correct
Command& - Incorrect

How do I not show unretrievable messages in the user report?

Look for the IncludeSMTPBlocksInUserreports and set it to NO

I have one user who wants a spam report every hour.

That is no problem. Find the IncludeUserLinks key in the Informer table and set it to YES. The user can ask for an UP-to-the-Minute report as often as he likes.

However, ESAT has to process the entire log every time a report is created. That is no issue for <100 users. If you have thousands of users, ESAT may take several minutes to process the request and will put a high load on the CPU.