Skellig Onboarding Demo Script
Email Sent to the Demo Folder:
Hi Rebecca,
Your system is now ready, and this email has all the information you need to log in and start protecting your domains. Follow our Quick Setup steps to log in, update security settings and add your domains. You will need:
• Your SpamTitan Login page: https://demo-smtp-ui.titanhq.com/
• Username: rspringett@demo.com
• Password: 6@1;)AYoJ;ODfFLs5;gf
To set up, you will also need the following:
MX Records:
• demo-smtp-mx1.titanhq.com
• demo-smtp-mx2.titanhq.com
IP Addresses:
• 18.228.13.79
• 18.119.272.190
• 18.255.16.251
• 3.19.179.12
• 3.31.265.121
You can follow the below guide to help you get set up:
https://helpdesk.spamtitan.com/support/solutions/articles/4000189633-customer-setup
Office 365 user?
If you have a heavy mail flow, Microsoft may enforce rate limiting on your new IPs. To avoid significant mail delays, it is recommended that:
1. You set your MX records to include SpamTitan and your Office 365 mail server FQDN at equal priority for 1-2 days. That will allow the warm-up period to complete, and you can then switch to SpamTitan only.
2. Tell Office 365 to trust your SpamTitan IPs - see https://support.titanhq.com/en/59681-ensuring-your-email-is-not-marked-as-spam-in-office-365.html
You can find other helpful info in our MSP Admin Guide.
Thanks,
Kind Regards,
Introduction:
SpamTitan is our Mail filtering product offering you advanced spam protection by blocking spam, viruses, malware, ransomware and links to malicious websites from your mails.
Step 1: Log in and Update Security Settings.
You should have received an email from your account manager containing Account details, log in credentials, IP addresses and MX records. This email is necessary to get your started with SpamTitan, to allow it to start filtering your mail.
Retrieve the link to your New SpamTitan account and your log in details. Use this to access your new account. Now I am logged into my new account to start the set up. Before moving on, I am going to update my password to protect the security of my account.
To do this I am going to go the Profile in the top right-hand corner. I am going to Select Security. I will enter in my new password and Click Save.
Step 2: Add your Domains.
Now that is completed, I am going to move onto the first set up step, adding a domain. For SpamTitan to accept email for a domain and filter it, that domain must first be added to SpamTitan. To add a domain, I am going to do this from my overview page, which is the default page that will be shown when I log in.
Here, I am going to scroll down and click "Add Domain". I am going to fill in all these details in relation to my domain I want filtered by SpamTitan.
First I am going to enter in the domain name (demo123.com). The destination server, is the name of the mail server SpamTitan will be sending your mail to once we have analysed it. If you are using office 365 as your mail server, the syntax is always the same. It will be demo123-com.mail.protection.outlook.com. The port, by default is 25, this is the port mail is transferred on, so lets keep it the same.
All the settings you ca toggle on or off here, lets go through them one by one.
MX Look up is in reference to outbound mail filtering, which we will not be doing, so lets leave that off.
RBL Checks is in reference to Public Black Lists. When this is enabled, we check these Public Blacklist for the sending IP, if this sending IP is on a blacklist, this means they are a known spammer, so we will block mail from this IP.
SPF Checks, this protects you're domains from spoofed mails, meaning we will block mails where someone is protecting to be sending from a trusted domain but its actually not.
Greylisting is a technique we use to block spam. We look for a triplet, which is referencing the sending IP, sending Domain and Recipient Domain. If these three have never been seen together before, then we will temporarily defer the mail. Spammers, will not re-send this mail, but legit senders will always resend it. This is a great tool for blocking generic spam and marketing mail, however, when first enabling we can see a delay in receiving mail. In this case we recommend leaving this off for a few days until you are happy using the filter, and then enabling this feature.
Recipient Verification is in reference to who is a valid mail box on your Mail server. If someone is trying to send a mail to a mailbox that does not exist, we will reject this attempt. If you are using office 365 as your mail server you can chose Dynamic Recipient Verification, this type is also support on Exchange and most Unix based mail server. The other options you have are also LDAP, List meaning you list who is valid, or regular expression, meaning you can configure a regular expression for all your mailboxes. Again, here we recommend to finish your testing and ensure mail is flowing fine before enabling this.
Once you have reviewed all these settings you can click Add Domain.
Step 3: Test Connectivity to your Mail Server.
Once you have added your domain, a new page for configuration will appear. What we want to do next is test the connectivity between the SpamTitan and the destination sever that we entered. To do this, I am going to click on Domain Configuration under the domain we entered.
On this page, find the button "Send Test Mail" and click on it. On the pop up window, enter in an email address that exists on the domain that you have access to, and click "Send".
When this has been done, wait for a mail to come into your inbox. This may have gone to your junk folder, so be sure to check there. Once you have received this mail, this means SpamTitan is able to relay mail for your domain and you can move onto the next step.
If you have not recieved this, make sure you are not currently using any Mail filtering service that may have blocked it. Also ensure, if you have any connectors in place, that the mail will be rejected if you are only accepting mail from these IPs, so look into disabling these connectors while you test with SpamTitan.
Step 4: Edit your Domain Policy and Enable Quarantine Reports.
Now we have successfully connected to our mail server, we can proceed with the set up. We have added our domain to the SpamTitan system, so lets review the policy associated with the domain.
I am going to go to Policies on the left hand side bar here. Notice how I am in the specific domain settings since I was in the domain configuration page. If want to go to all domain policies and chose what domain, I can click on the drop down menu on the top left hand corner, and click on all domains. This will take me back to the Overview page. From here, I can go to Policies < Domain Policies. I can see a list of different domains and their policies.
To edit the domain policy, I just click on the little edit button under the Actions column. This will open a new page for me with additional domain configuration settings.
Lets go through the different settings available for your to utilise.
Spam Filtering.
Mark as Spam when score is greater than - This is what the threshold is for mail before it is considered as spam. Default setting is 5, but can be adjusted accordingly and by decimals.
Spam Should be - There are three available options
Quarantine(default): spam is held in quarantine to be review by the user of the admins.
Passed (Tagged): Spam is passed along to the recipient's inbox, but is tagged as spam. This does NOT block the address nor does it add it to the allow list.
Rejected: Permanently rejects mails if marked as spam, not recommended as mails are not recoverable.
Discard Spam Scoring Above - Any message that scores above this is automatically rejected, meaning the mail will be removed from the system. The default is set to 999, but this can be adjusted by the Admin.
Send NDR - If checked on, delivery status notification is generated for any email that is quarantine. We recommend leaving this off as when enabled can cause backscatter leading to a blacklisted IP.
Add X-Spam Headers to Non-Spam Emails – When enabled, this adds additional headers to the email that give the result of the spam analysis (headers added are X-Spam-Status and X-Spam-Score). Only added to inbound messages.
Virus Filtering.
This will scan emails for any viruses that have been sent. You have the same options here as the Spam filtering in terms of what should be done with emails once a virus has been found. You can also enable sandboxing to store the virus mails for further analysis.
Attachment Type Filtering.
This is in reference to analysis of emails that contain attachments. Again, similar settings here on what should be done with an email where a banned attachment is found.
Quarantine Reports.
This is a report that gets sent out to all users, containing a list of all mails that SpamTitan has blocked for that user. We highly recommend enabling this setting for users to allow them to access mails that have been blocked if they need to. This is also a good demonstration of all the good work SpamTitan is doing to block spam mails for you.
If you click enable on this feature, you can set the frequency of the report, the most popular would be daily. You can also set what the report contains. SO you can have the report contain everything, or only new items since the last report was sent out, I would recommend this setting for your users.
By default we also wont include mails that score above 999 in the spam filtering section in the reports.
You can set this to run maximum once per day for all your users, but you do have the ability to manually push out a report under the tabs Reporting < On Demand. All your users also have the ability to request a report in a link from the previous report.
Archiving.
Finally, the last setting is archiving, which stores all clean email from the last 7 days in the quarantine. This setting is completely your decision if you want to enable this.
Once you are happy with all these settings, click "Save Changes" at the bottom of the page.
Step 5: Change your MX records.
All your configuration within the SpamTitan Account is now complete. We have only 2 more steps left.
The next step is changing your MX records. What this means is that now all mail will be directed to your SpamTitan account. You may need your domain administrators help with this if you are unsure where your MX records are hosted. To change over your MX records, you will need to go to your hosting provider of your DNS records, for example like Office 365 or GoDaddy are two very common ones.
Lets go and review the email that came from our account manager. In this email you can see two MX records listed. We are going to take note of these are these are the MX records we will be changing to.
In your hosting provider, you want to add two new records, which are the two records in the email, and you are going to give these two records equal priority of the highest value, which is 0.
For your existing MX records, you are going to edit this to give it the priority of 10. Meaning all mail will failover to your old MX records if there is a mail delivery failure with SpamTitan.
We recommend observing this change and ensure mail is flowing through SpamTitan correctly for 24 hours. After 24 hours, that is when you can move to the final step.
Step 6: Lock down Your Mail server.
After 24 hours of mail flowing successfully through the SpamTitan Filter, we want to now remove the old MX record completely and then lock down your mail server. This means, we want to set your mail server to only accept mail from the SpamTitan system this prevents senders from bypassing the SpamTitan.
During this demonstration, I am going to follow documentation since this is already in place for my account. This will be for Office 365 customers. Lets open up this documentation from our docs portal.
Once the old MX records has been removed, and you are not only using SpamTitan MX records, we are going to set up connectors in Office 365.
First, you are going to log into your Office 365 Exchange Admin Centre.
Next I am going to browse to Mail Flow < Connectors, this will be on the left hand pane of the screen.
I am going to click "Add a Connector". In the window that appears, in am going to chose "Connect From" - "Partner Organisation"
If you look to the section just below that, you will see "Connection to", here it will be auto-selected to "Office 365". Click next then at the bottom of that screen.
On the next screen, enter in the name of the connector, make sure this includes SpamTitan so you know what this connector is in reference to at a later time. Click next then at the bottom of that screen.
The next window with be the Authenticating window. This is where we specify who this connector will effect. You will want to select "By verifying that the sender domain matches one of the following domains." In the text box that is there under this option, enter in * and click the plus button. Once the * has been added, click Next at the bottom of that page.
The next windows is regarding to security restrictions. Here you want to make sure the box for "Reject email messages if they aren't sent over TLS. We also want to ensure we select "Reject email messages if they aren't sent from within this IP address range". In this text box, we will want to enter in the 5 IPs that are listed in the email you received from your account manager. You will need to add them one by one. Click next then at the bottom of that screen.
Here we can review the connector, review all the settings we chose and click create connector. The connector is now live.