GINA Domains

In this menu, the configuration of the web interface(s) for GINA Webmail technology is carried out.

Sections on this page:

Section Domains

List of GINA domains.

The Filter... provides a search function in the column GINA name of the following table. The search term is entered as a character string.

Column	Description
GINA name	List of all GINA domains created on the SEPPmail Secure E-Mail Gateway. By default, only the "[default]" GINA domain exists.
Hostname	Displays the hostname of the corresponding GINA domain as it is entered in the submenu CHANGE GINA SETTINGS FOR Secure GINA Host.
Admin	Displays the admin email address of the corresponding GINA domain as it is entered in the submenu CHANGE GINA SETTINGS FOR Admin.

Column

Description

GINA name

List of all GINA domains created on the SEPPmail Secure E-Mail Gateway.

By default, only the "[default]" GINA domain exists.

Hostname

Displays the hostname of the corresponding GINA domain as it is entered in the submenu CHANGE GINA SETTINGS FOR Secure GINA Host.

Admin

Displays the admin email address of the corresponding GINA domain as it is entered in the submenu CHANGE GINA SETTINGS FOR Admin.

If only one GINA web interface is required, it is sufficient to adapt the "[default]" settings individually.

If several Managed Domains are set-up on the system, the Create new GINA domain function allows additional GINA web interfaces to be configured (see submenu CREATE NEW GINA DOMAIN).

empty

Attention:

With a client-capable installation, it is absolutely necessary to create at least one GINA domain for each customer.

This is set up by clicking on the GINA domain to be configured in the column GINA name (see submenu CHANGE GINA SETTINGS FOR).

The allocation of the corresponding GINA domain to the respective Managed domain is realised in the section Bounce templates of the submenu ADD/EDIT MANAGED DOMAIN in Mail System Managed Domains.

empty

Attention:

The "[default]" GINA domain must be configured in any case since it serves as basis for additional GINA domains if applicable.

Otherwise, sporadic errors of the appliance are to be expected!

Section Settings

General settings of the GINA domains.

Parameters

Description

Use virtual hosting

If several GINA domains are used...

On for all domains

...a separate FQDN is to be used for each GINA domain. This has the effect that each GINA domain also requires a separate certificate. In this case, the corresponding input field for the individual certificate is displayed in the submenu CREATE NEW GINA DOMAIN and/or CHANGE GINA SETTINGS FOR.

Off for all domains

Default setting.

... generally, only one FQDN is used for access. Each additional GINA domain will have a separate folder created for it below this FQDN. By doing so, even when using multiple GINA domains, only one SSL certificate (see menu item SSL) is required for access from the Internet.

Use domain settings

...it can be decided for each GINA domain (see CREATE NEW GINA DOMAIN and/or CHANGE GINA SETTINGS FOR) which version is desired.

empty

Attention:

If an existing system with several GINA domains is subsequently changed to virtual hosting, this is also possible but requires changes under CHANGE GINA SETTINGS FOR Secure GINA host hostname and/or Additional hostnames).

CheckBoxInactive Disable strict SNI check when virtual hosting is enabled

(new in 12.0)

By default, this option is inactive.

By activating this option, the protection against the incorrect activation of a GINA domain, which was introduced with version 11.1.7, can be prevented (error message "403 Forbidden You don't have permission to access this resource. Reason: The client software did not provide a hostname using Server Name Indication (SNI), which is required to access this server.".

Using this option restores the behaviour of version 11.1.6 and older, and it should only be used for a temporary restoration in the event of an error.

CheckBoxInactive Disallow insecure ciphers

By default, this option is inactive.

Enables access to GINA domains even with older clients/browsers (RC4 active). To make full use of the security potential of the appliance, the action should be activated (see Ciphers).

Grace period (in days) after which unregistered GINA accounts are automatically removed

By default, this option is set to "0" and thus deactivated.

With this option, GINA users for whom an account has been generated but who have not yet registered will be deleted automatically. The input field is available for entering the number of days after which non-registered accounts should be deleted.

Clicking on Trigger now will immediately execute the action taking into consideration the set period.

empty

Attention:

When the account is deleted, the user can no longer register and thus no longer read the initial (and, if applicable, any subsequent) GINA email.

empty

Note:

This option is implemented in client-capable systems by means of the setting Customers CUSTOMER MANAGEMENT Retention settings. Therefore, the setting is greyed out in these systems.

Grace period (in days) after which old GINA message metadata is automatically removed. Mails can still be decrypted by recipient if metadata is missing. (set to 0 to disable)

By default, this option is set to "0" and thus deactivated.

With this option, GINA meta data (information on the recipient and their read status) is deleted automatically. The input field is available for entering the number of days after which this information should be deleted.

Clicking on Trigger now will immediately execute the action taking into consideration the set period.

This does not impact the function of the account!

empty

Note:

This option is implemented in client-capable systems by means of the setting Customers CUSTOMER MANAGEMENT Retention settings. Therefore, the setting is greyed out in these systems.

The default setting for this option is 30 days. The login history is kept for this period.

Secure track access

By default, this option is empty and thus deactivated.

With this option, additional information is provided via the inserted link in a GINA read confirmation, e.g. which GINA recipient has read the email and when.

This function is activated by entering the URL for access to the administration interface of the appliance (see System Admin GUI).

empty

Note:

For the correct functioning of this option, it is to be ensured that the sender of the GINA email can access this URL.

For security reasons, access from external networks (in particular the Internet) should not be permitted, however.

The changes made are saved via the Save button.

Section Storage Settings

(new in 14.0.0)

Storage settings for S3.

Parameter	Description
Host	Only has to be entered for a non-Amazon host.
API Key	API Key for the S3 connection.
API Secret	API Secret for the S3 connection.
Bucket name	The default is seppmail.
Download chunk size	Size of chunks used for upload in bytes. The default value is 5242880.

With Connectivity and speed test the connection can be tested.

The changes made are saved via the Save button.

Section SMS passwords

Settings for automatically sending passwords via SMS.

empty

Note:

For generating the SMS, both an internal service in the network of the customer can be used via a corresponding gateway as well as an external service in the Internet. Access to this service is to be granted (see Setting Up The Firewall/Router).

empty

Note:

The standard texts of the SMS service can be customised in the language settings for the GINA domain, see (see Edit translations).

Parameters

Description

RadioButtonActive Disable

Default setting.

The GINA password delivery via SMS is deactivated

RadioButtonInactive Use cell phone / GSM modem attached to appliance

If a hardware appliance is used, a mobile phone or GSM modem capable of sending an SMS can be attached to a USB connection of the appliance. Sufficient reception of the mobile phone/GSM modem is to be ensured.

RadioButtonInactive Use Mail to SMS service

(configuration below)

Here, the access data for the SMS delivery via a Mail to SMS service is entered.

Mail to SMS settings
Mail from:	Depending on the provider, the email sender address registered for this service with the provider or a freely selectable sender name is to be entered here.
Mail address prefix: <PREFIXMobile#>@	Depending on the provider, aside of the recipient’s number, another addition is required which can also be entered here if necessary. This data is provided by the provider of the service. With Deutsche Telekom, for example, this would be 017187654321
Gateway domain: <mobile#>@	Gateway domain for sending SMS. This data is provided by the provider of the service. With Deutsche Telekom, for example, this would be t-d1.sms.de

Put together, an email would be created

from

empty

Attention:

"Mail to SMS" is not recommended for security reasons, as the email to the SMS provider must be transmitted unencrypted!

RadioButtonInactive Use xml service

(configuration below)

Here, the access data for the SMS delivery via a XML service is entered.

Server address:

Server address of a service provider.

This data is provided by the provider of the service.

xml template

This data is provided by the provider of the service. An example of this can be found further below in this section

Additionally, the variables provided are displayed.

Placeholders:

$sms: text message

message text to be transmitted.

$number: cell number including country code (+xx...)

Mobile phone number including country code (+xx...)

hint

Note:

If the number is required in the format 00xx... instead of +xx..., this can be done as follows:

00$countrycode$localnumber

if applicable.

$countrycode: country code, e.g "49"

Country code, for example "49" for Germany

$localnumber: cell number without country code

Mobile phone number WITHOUT country code

and a configuration example:

XML Example:

Server:

https://xml1.aspsms.com

String:

<?xml version="1.0" encoding="UTF-8"?>

<Originator>Secmail</Originator>

<PhoneNumber>00$countrycode$localnumber</PhoneNumber>

</Recipient>

<Action>SendTextSMS</Action>

</aspsms>

empty

Note:

Flashing SMS

By means of the "Flashing SMS" function, a text message is displayed directly on the recipient’s display. The recipient does not have to scroll through the menus of their mobile phone.

However, in this case, the message is not saved and therefore disappears after closing.

RadioButtonInactive Use HTTP GET service

(configuration below)

Here, the access data for the SMS delivery via HTTP Get is to be entered.

Server address:	The SMS provider provides the server for access to the HTTP Get Service.
HTTP Get String	The SMS provider provides the string for access to the HTTP Get Service.

The variables known from the XML configuration are available.

Additionally, the configuration example for the Swiss "chrus" service is displayed.

HTTP GET Example:
Server:	https://www.chrus.ch
String:	/mysms/http/send.php?user=xyz&pwd=xyz&from=Secmail&to=$number&msg=$sms

Access to GINA send password form:

Via this option, access to the password delivery link of the appliance is controlled.

RadioButtonActive Disabled

Default setting.

This is used to disable the password delivery link. Thus, the latter will not appear in the password email sent to the sender of the email with the initial sending of a GINA email.

RadioButtonInactive Available via public GINA GUI

Activates the insertion of the link for the SMS password delivery in the GINA password notification email to the sender.

The changes made are saved via the Save button.

Please enable JavaScript to view this site.

Keyboard Navigation