Define PMM Access Control

As part of configuring PMM, you can control which IP addresses and users have access to the PMM port on your Secure Email Gateway. For security reasons, you should specify the IP addresses or addresses of your PMM user community.

Users with IP addresses outside the specified ranges, or whose mail addresses are not on an Address List on an authenticated mail domain, will be unable to access the portal or manage their held messages.

To configure PMM User access control, Full mode needs to be enabled in order for the Users tab to be visible.

User access rules are defined by Address List on the Users tab. Host access rules are defined by IP address/range on the Hosts tab. These rules will affect the PMM Users when they attempt to access the Portal, or release and delete messages within their digest messages. All access rules are applied in the order specified.

  If there are no rules defined, access is automatically allowed to ALL users or hosts. If a rule is set, the peer will deny access to any user or host without an access rule. You are recommended to add a default rule allowing access for the Anyone Address List in the Users tab, and * (all hosts) in the Hosts tab.

Configure PMM IP address access control

  1. Navigate to System > PMM Settings > Access Control. The PMM Access Control page is displayed.
  2. On the PMM Access Control page, click the Hosts tab to display the Hosts area.
  3. Click New above the table of host names. The Add Host dialog is displayed.
  4. Specify an IP address or address range for which you want to allow or deny access. To specify an IP address range, use one of Closedthese formats.

    Use one of the following formats to define an IP address range:

    nnn.nnn.nnn.*

    nnn.nnn.*

    nnn.*

    You may not specify anything in the address after the asterisk.

  5. Indicate whether the IP address or address range is to be denied or allowed access using the drop-down menu.
  6. Click Add to add the entry to the table.
  7. To add another address or address range, repeat from step 3.
  8. We recommend that you provide a default policy by adding a * entry at the bottom of the table to deny or allow access to all addresses other than those you have allowed or denied specifically.

Configure PMM User access control

  1. Navigate to System > PMM Settings > Access Control. The PMM Access Control page is displayed.
  2. On the PMM Access Control page, click the Users tab to display the Users area.
  3. Click New above the table of Email Addresses. The Add User Address List dialog is displayed.
  4. Select an Address List from the drop-down box.
  5. Select a Client Type from the drop-down menu.
  6. Indicate whether the Address List is to be denied or allowed access using the drop-down menu.
  7. Click Add to add the entry to the table.
  8. To add another Address List, repeat from step 3.

Test User Access

You can test whether a user has access to the Portal Interface.

  1. Navigate to System > PMM Settings > Access Control. The PMM Access Control page is displayed.
  2. Click Test user access in the task panel. The Test User Access dialog is displayed.
  3. Enter a valid User Mail Address.
  4. Click Test Access.
  If you change any configuration or policy settings, you must Apply Configuration for the new settings to take effect. You can do this either from the Changes Made panel, or System > ConfigurationApply Configuration. See Apply new configuration for more information.If you use Peer Gateways (i.e. when multiple Gateways are peered), any configuration changes from a local Gateway can then be applied to all the peers at the same time. See Configure Peer Gateways for more information.