ApplicGate
(v12.0.9091.1083 started 2024-11-20 23:42:13 on VM2)

Enable mail notification for
- expired reverselogon certificates
- expired routing entries and expired groups
- expired OTPlist entries
- OTP and TOTP
- keywords NOTIFYS and NOTIFYT in incoming and forward routing entries
- keyword NOTIFYT when EAS devices are blocked
- keyword LDLD when files have been downloaded
- external programs

Define the group Notify with keywords in the field IPranges as follows:
When updating the group Notify by editing the group table using an editor: ";" must be masked by "\s", "\" must be masked by "\\".
If the update is done via the web interface then there is no masking necessary.
Continuation lines are supported.

ApplicGate inserts RFC822 formatted files into the mail pickup folder.
- The mail sending procedure depends on the value of the keyword RETRY.
- It is recommended to configure the internal mail sending thread (see below).
- Otherwise a separate task (e.g. SendSMTPmail.exe running as scheduled task) must scan the pickup folder and send the mails.

Keywords:
PICKUP:pickupfolder ... Mail pickup folder (will be created automatically if it does not exist)
FROM:senderaddress ... Mail address of sender
CC:recipients ... List of additional recipients (separated by ,) sent as CC (optional)
BCC:recipients ... List of additional recipients (separated by ,) sent as BCC (optional)
REPLYTO:replyaddress ... Address to reply to the sent mail (optional)
DAYS:days ... Number of days before routing entry, group or OTP entry expires to send a warning mail (optional, default is 14, if days <=0 ... no warning mail)
- Currently days is 14.
DAYSC:days ... Number of days before reverselogon certificate expires to send a warning mail (optional, default is 30, if days <=0 ... no warning mail)
- Currently days is 30.
UIDN ... If this keyword exists, notification mails on rule expiration will not be sent if:
- the rule is member of an UID list (within a rule with same main UID where the keyword UIDN has been specified) and
- the expiration time of the rule is equal to the expiration time of the rule where the associated UIDN has been specified.
- This avoids generating unnecessary mails when rules with same main UID expire at the same time.
TEAS:filename Filename of template to be used for EAS blocking mail (optional), the default template can be seen here. A sample HTML template can be seen here.
TEXC:filename Filename of template to be used for reverselogon certificate expiration mail (optional), the default template can be seen here.
TEXG:filename Filename of template to be used for group expiration mail (optional), the default template can be seen here.
TEXR:filename Filename of template to be used for routing entry expiration mail (optional), the default template can be seen here.
TEXO:filename Filename of template to be used for OTP entry expiration mail (optional), the default template can be seen here.
Note: If filename is "no" in keyword TEXC, TEXG, TEXR or TEXO then sending of mail is disabled.
TSTART:filename Filename of template to be used for connection start mail, see keyword NOTIFYS (optional), the default template can be seen here.
TTERM:filename Filename of template to be used for connection termination mail, see keyword NOTIFYT (optional), the default template can be seen here.

Notes on templates:
- If templates are not specified a default built-in template will be used.
- If the extension of the template filename is html, the mail is marked as html content.
- All parameters are inserted at the specified placeholders, e.g. UIDname (first field of keyword UIDN) is inserted where the string %UIDname% is specified.
- If the first line of the template starts with subject: this line will be used as mail subject. In that case an empty line must follow this line in the template!
- If there is no subject in the first line, a default subject will be generated.
- If a rule expires (TEXR) where the keyword UIDN is specified and "last used" data exist within the UID list:
-- The placeholders %LastUsed%, %UIDdetail% and %User% will be filled and the section markers "<!--UID" and "UID-->" will be removed.
-- In all other cases the section starting with "<!--UID" and ending with "UID-->" will be removed (see default template).

Keywords used by the internal mail sending thread:
RETRY:minutes number of minutes to retry sending of emails in case an error has occurred
- If minutes is less than 0 or the keyword does not exist: The the mails will not be sent via the internal thread:
--- A separate task (e.g. SendSMTPmail.exe running as scheduled task) must scan the pickup folder and send the mails.
- If minutes is 0: Mails will be sent immediately by the internal thread but no retries will be done in case of error.
- If minutes is greater than 0: Mails will be sent immediately by the internal thread and sending of failed mails will be retried every specified number of minutes.
--- Failed mails will be stored in the subfolder "Retry". Mails to send One-time passwords are not retried!
MAILHOST:mailhost!port mailhost is an IP address or name where the mails will be sent, port is an optional TCP port (default is 25)
USER:username username for logon to the mailhost (optional)
PASSW:password password for logon to the mailhost (optional), must be specified if username has been specified
TLS forces TLS encrypted connection to the mailhost via STARTTLS
NOCHECK disables the checking of the certificate used by the mailhost in case STARTTLS is used
LOGFILE:filename filename is the name of a file to log mail sending (optional, same content as general log file)

Example of group Notify:
 GroupName;IPranges                                          ;Comment
Notify ;PICKUP:"C:\MailPickup",FROM:appgw@mydomain.com ;my comment
;REPLYTO:abc@mydomain.com,UIDN

Routing entry, Group and OTP entry expiration:
Specify an SMTP address (in field eMail, field responsibleEmail in OTP entry) for each routing entry, group or OTP entry where notification mails should be sent.
Then the application gateway sends mails when the routing entry, group or OTP entry expires and some days in advance (default is 14 days).
The number of days for can be specified using the keyword DAYS (see above).

For mail testing see Send-Mail Support.

Usage of mail notification by external programs:
Any program can insert files formatted according to RFC822 into the pickup folder. Following attributes are supported:
- from, to, cc, bcc, reply-to, subject, attachments
- multiple to, cc, bcc and reply-to lines may be specified, multiple addresses within one line mail must be separated by comma
- attachments: comma separated list of names of files to be sent as attachments
If the extension of the inserted file is html, the mail is marked as html content.
If the RFC822 file name contains the string "_noretry_" there are no retries when the mail could not be sent at the first try.

Example:
from:x@xxx.cc
to:contact@applicgate.com
attachments:C:\Z\x.txt
subject:Test

Mail body text
After the file has been inserted into the pickup folder the mail thread must be activated via the command mailst, e.g.using HttpGet.exe
Or if the programs has been started via the STARTP or STARTG keyword: Option M can be used to activate the mail thread.

Spam handling by the internal mail thread:
- The optional file SpamKw.txt (in the default directory, UTF8) can be filled with comma separated words. If such a word is found in the mail body the mail will be marked as spam.
- Additionally if the mail server responds with an error message that contains the word spam the mail will be mark as spam.
- Mails maked as spam will be stored in the subfolder "Spam".

ApplicGate Logo  reinhold.leitner@applicgate.com (C) November 2024
www.applicgate.com