In this menu, the configuration of the web interface(s) for GINA Webmail technology is carried out.
Sections on this page:
•Domains
•Settings
•Storage Settings
•SMS passwords
Section Domains
List of GINA domains.
The Filter... provides a search function in the column GINA name of the following table. The search term is entered as a character string.
Column
|
Description
|
GINA name
|
List of all GINA domains created on the SEPPmail Secure E-Mail Gateway.
By default, only the "[default]" GINA domain exists.
|
Hostname
|
Displays the hostname of the corresponding GINA domain as it is entered in the submenu Secure GINA Host.
|
Admin
|
Displays the admin email address of the corresponding GINA domain as it is entered in the submenu Admin.
|
If only one GINA web interface is required, it is sufficient to adapt the "[default]" settings individually.
If several Managed Domains are set-up on the system, the Create new GINA domain function allows additional GINA web interfaces to be configured (see submenu ).
|
Attention:
With a client-capable installation, it is absolutely necessary to create at least one GINA domain for each customer.
|
This is set up by clicking on the GINA domain to be configured in the column GINA name (see submenu ).
The allocation of the corresponding GINA domain to the respective Managed domain is realised in the section Bounce templates of the submenu in Managed Domains.
|
Attention:
The "[default]" GINA domain must be configured in any case since it serves as basis for additional GINA domains if applicable.
Otherwise, sporadic errors of the appliance are to be expected!
|
Section Settings
General settings of the GINA domains.
Parameters
|
Description
|
Use virtual hosting
|
If several GINA domains are used...
|
|
On for all domains
|
...a separate FQDN is to be used for each GINA domain. This has the effect that each GINA domain also requires a separate certificate. In this case, the corresponding input field for the individual certificate is displayed in the submenu and/or .
|
Off for all domains
|
Default setting.
... generally, only one FQDN is used for access. Each additional GINA domain will have a separate folder created for it below this FQDN. By doing so, even when using multiple GINA domains, only one SSL certificate (see menu item ) is required for access from the Internet.
|
Use domain settings
|
...it can be decided for each GINA domain (see and/or ) which version is desired.
|
 Disable strict SNI check when virtual hosting is enabled
(new in 12.0)
|
By default, this option is inactive.
By activating this option, the protection against the incorrect activation of a , which was introduced with version 11.1.7, can be prevented (error message "403 Forbidden You don't have permission to access this resource. Reason: The client software did not provide a hostname using Server Name Indication (SNI), which is required to access this server.".
Using this option restores the behaviour of version 11.1.6 and older, and it should only be used for a temporary restoration in the event of an error.
|
Disallow insecure ciphers
|
By default, this option is inactive.
Enables access to GINA domains even with older clients/browsers (RC4 active). To make full use of the security potential of the appliance, the action should be activated (see Ciphers).
|
Grace period (in days) after which unregistered GINA accounts are automatically removed
|
By default, this option is set to "0" and thus deactivated.
With this option, GINA users for whom an account has been generated but who have not yet registered will be deleted automatically. The input field is available for entering the number of days after which non-registered accounts should be deleted.
Clicking on Trigger now will immediately execute the action taking into consideration the set period.
|
Attention:
When the account is deleted, the user can no longer register and thus no longer read the initial (and, if applicable, any subsequent) GINA email.
|
|
Note:
This option is implemented in client-capable systems by means of the setting Retention settings. Therefore, the setting is greyed out in these systems.
|
|
Grace period (in days) after which old GINA message metadata is automatically removed. Mails can still be decrypted by recipient if metadata is missing. (set to 0 to disable)
|
By default, this option is set to "0" and thus deactivated.
With this option, GINA meta data (information on the recipient and their read status) is deleted automatically. The input field is available for entering the number of days after which this information should be deleted.
Clicking on Trigger now will immediately execute the action taking into consideration the set period.
This does not impact the function of the account!
|
Note:
This option is implemented in client-capable systems by means of the setting Retention settings. Therefore, the setting is greyed out in these systems.
|
|
Login history retention period (days) (new in 14.0)
|
The login history is kept for this period. The default setting for this option is 30 days.
If empty or zero, the history is stored indefinitely.
|
SMS history retention period (days)
(new in 14.1)
|
The SMS history is kept for this period. The default setting for this option is 60 days.
If empty or zero, the history is stored indefinitely.
The SMS history can be queried with the Rest end point .
|
Secure track access
|
By default, this option is empty and thus deactivated.
With this option, additional information is provided via the inserted link in a GINA read confirmation, e.g. which GINA recipient has read the email and when.
This function is activated by entering the URL for access to the administration interface of the appliance (see Admin GUI).
|
Note:
For the correct functioning of this option, it is to be ensured that the sender of the GINA email can access this URL.
For security reasons, access from external networks (in particular the Internet) should not be permitted, however.
|
|
The changes made are saved via the Save button.
Section Storage Settings
(new in 14.0.0)
Storage settings for S3.
Parameter
|
Description
|
Host
|
Only has to be entered for a non-Amazon host.
|
API Key
|
API Key for the S3 connection.
|
API Secret
|
API Secret for the S3 connection.
|
Bucket name
|
The default is seppmail.
|
Download chunk size
|
Size of chunks used for upload in bytes.
The default value is 5242880.
|
With Connectivity and speed test the connection can be tested.
The changes made are saved via the Save button.
Section SMS passwords
Settings for automatically sending passwords via SMS.
|
Note:
For generating the SMS, both an internal service in the network of the customer can be used via a corresponding gateway as well as an external service in the Internet. Access to this service is to be granted (see Setting Up The Firewall/Router).
|
|
Note:
The standard texts of the SMS service can be customised in the language settings for the GINA domain, see (see Edit translations).
|
Parameters
|
Description
|
|
 Disable
|
Default setting.
The GINA password delivery via SMS is deactivated
|
 Use cell phone / GSM modem attached to appliance
|
If a hardware appliance is used, a mobile phone or GSM modem capable of sending an SMS can be attached to a USB connection of the appliance. Sufficient reception of the mobile phone/GSM modem is to be ensured.
|
Use Mail to SMS service
(configuration below)
|
Here, the access data for the SMS delivery via a Mail to SMS service is entered.
Mail to SMS settings
|
Mail from:
|
Depending on the provider, the email sender address registered for this service with the provider or a freely selectable sender name is to be entered here.
|
Mail address prefix: <PREFIXMobile#>@
|
Depending on the provider, aside of the recipient’s number, another addition is required which can also be entered here if necessary.
This data is provided by the provider of the service.
With Deutsche Telekom, for example, this would be
017187654321
|
Gateway domain: <mobile#>@
|
Gateway domain for sending SMS.
This data is provided by the provider of the service.
With Deutsche Telekom, for example, this would be
t-d1.sms.de
|
Put together, an email would be created
from
<Mail from:>
to
<Mail address prefix:><mobile number of the password recipient>@<Gateway domain>
|
Attention:
"Mail to SMS" is not recommended for security reasons, as the email to the SMS provider must be transmitted unencrypted!
|
|
Use xml service
(configuration below)
|
Here, the access data for the SMS delivery via a XML service is entered.
Server address:
|
Server address of a service provider.
This data is provided by the provider of the service.
|
xml template
|
This data is provided by the provider of the service. An example of this can be found further below in this section
|
Additionally, the variables provided are displayed.
Placeholders:
|
$sms: text message
|
message text to be transmitted.
|
$number: cell number including country code (+xx...)
|
Mobile phone number including country code (+xx...)
|
Note:
If the number is required in the format 00xx... instead of +xx..., this can be done as follows:
00$countrycode$localnumber
if applicable.
|
|
$countrycode: country code, e.g "49"
|
Country code, for example "49" for Germany
|
$localnumber: cell number without country code
|
Mobile phone number WITHOUT country code
|
and a configuration example:
XML Example:
|
Server:
|
https://xml1.aspsms.com
|
String:
|
<?xml version="1.0" encoding="UTF-8"?>
<aspsms>
<Userkey>xyz</Userkey>
<Password>xyz</Password>
<Originator>Secmail</Originator>
<FlashingSMS>0</FlashingSMS>
<Recipient>
<PhoneNumber>00$countrycode$localnumber</PhoneNumber>
</Recipient>
<MessageData><![CDATA[$sms]]></MessageData>
<Action>SendTextSMS</Action>
</aspsms>
|
Note:
Flashing SMS
By means of the "Flashing SMS" function, a text message is displayed directly on the recipient’s display. The recipient does not have to scroll through the menus of their mobile phone.
However, in this case, the message is not saved and therefore disappears after closing.
|
|
|
Use HTTP GET service
(configuration below)
|
Here, the access data for the SMS delivery via HTTP Get is to be entered.
Server address:
|
The SMS provider provides the server for access to the HTTP Get Service.
|
HTTP Get String
|
The SMS provider provides the string for access to the HTTP Get Service.
|
The variables known from the XML configuration are available.
Additionally, the configuration example for the Swiss "chrus" service is displayed.
HTTP GET Example:
|
Server:
|
https://www.chrus.ch
|
String:
|
/mysms/http/send.php?user=xyz&pwd=xyz&from=Secmail&to=$number&msg=$sms
|
|
Access to GINA send password form:
|
Via this option, access to the password delivery link of the appliance is controlled.
|
|
Disabled
|
Default setting.
This is used to disable the password delivery link. Thus, the latter will not appear in the password email sent to the sender of the email with the initial sending of a GINA email.
|
Available via public GINA GUI
|
Activates the insertion of the link for the SMS password delivery in the GINA password notification email to the sender.
|
Only available if SMS passwords are disabled while some SMS with initials passwords were not delivered yet
|
n GINA user(s) have not yet received their initial passphrase via SMS. Please select one of the following actions:
|
Available options for handling this problem:
•Send remaining sms
•Inform respective senders of GINA mails via email
•Download CSV file providing relevant sender-receiver data (click download button below)
•Do nothing
|
The changes made are saved via the Save button.
