Symantec™ Messaging Gateway 9.5 Command Line Reference Guide
Contents
1. EXAMPLES Command reference 57 malquery Example 1 Search for an email based on the following criteria m Start date is between July 4 2008 2 00 P M and date of July 4 2008 11 59 P M in GMT time m Recipient is dale company com m Subject contains the words check this out m Maximum output is 500 results m Write results to file tmp results xml malquery g 1215140340 1215212340 e RCPTS dale company com e SUBJECT check this out m 500 o tmp results xml Example 2 Search for an email based on the following criteria m Start date is between July 4 2009 11 00 P M and date of July 4 2009 11 59 P M m Recipient is dale company com m The audit ID of uid number m Maximum output is 500 results m Write results to file tmp results xml malquery 1 200907042300 200907042359 e RCPTS dale company com uid uid number m 500 o tmp results xml Example 3 Search for an email based on the following criteria m Start date is between July 4 2009 11 00 P M and date of July 4 2009 11 59 P M m Recipient is dale company com m Subject contains the quoted printable encoding words that return the email messages that match the word red in the subject For example red roses m Maximum output is 500 results m Write results to file tmp results xml malquery 1 200907040000 200907090000 e RCPTS dale company com q SUBJECT red m 500 o tmp results xml 58 Command referenc2. Use the following commands to navigate through the help pages f or SPACE Forward one screen Backward one screen pattern Search for a word or pattern Go to the beginning of the document OPTIONS ARGUMENTS Command reference 43 help Go to the end of the document Exit from the document and display the command prompt Display additional information about navigating the help pages list 1 Display a list of all the available commands command Display help for the specified command If you do not specify a command help for the help command is displayed this page Specify one of the following commands agent config Configures the agent that connects hosts to the Control Center cat Standard Linux command to view a file cc config Configures the logging and network access to the Control Center clear A standard Linux command to clear the screen db backup Back up the Control Center database db restore Restores the Brightmail databases to an appliance from previously created backups on the appliance or from remote locations with FTP SCP and HTTP delete Clear logs configuration information and data diagnostics Generate diagnostics package 44 Command reference help dns control Control the local DNS cache grep A standard Linux command to search in files for text or a regular expression help Display help for individual commands or display all available commands ifconfig A stand
3. When you apply this to the Control Center log cc config writes the command line parameters to the log4j properties file It then restarts the Control Center compliancelog Change the rollover frequency of the Content Filtering log database List optimize validate or repair the database tables that the Control Center uses Ensure that you validate the database using the cc config database check command before updating your Symantec Messaging Gateway If there are any errors in the tables repair the erroneous tables using cc config database repair tableName command and then update your Symantec Messaging Gateway http Turn on or off access to the Control Center using HTTP and port 41080 18 Command reference cc config OPTIONS If http access is off you cannot access the Control Center with a URL that starts with http If http access is on you can access the Control Center with a URL that starts with http To access the Control Center using http append 41080 to the URL Regardless of the http setting you can always access the Control Center with a URL that starts with https Unlike HTTPS HTTP is not a secure protocol so the communication between your Web browser and the Control Center could be monitored by a third party port 443 Turn on or off access to the Control Center using HTTPS and port 443 the standard SSL secured port for Web servers When port 443 access is off you must append 414
4. crash info n a Collect the latest n core directories excluding the core files in those directories for the following processes mta bmagent imrelay bmserver conduit jlu controller dds The valid range for n is 1 through 9 999 edm o Collect the exact data match EDM record sets find other cores d Discover any core file outside of data scanner jobs and move them to data scanner jobs other Command reference 35 diagnostics If Symantec Messaging Gateway discovers and moves any core files an email notification is sent to the administrators that are specified to receive alerts If not no email notification is sent You can use this option with the delete cores command to clean up core files on your product Run this command first to move the core files that are not in the jobs directory to the jobs directory Then use delete cores to delete the core files If f ind other cores is the only data collection option specified a URL is not required No diagnostics package is generated force f Force diagnostics to run even if a diagnostics collection that is started from the user interface is still in progress If a package creation is in progress the existing diagnostics collection fails gcore g component Generate a core image of the specified component and download it You can use this option to capture necessary data regarding a hung or spinning component before restarting the co
5. Ifyou attempt to restore a backup to an appliance other than the one on which it was created you must reboot the appliance Stop the Control Center while this operation runs Restart it when the restore has completed 26 Command reference db restore OPTIONS ARGUMENTS SEE ALSO force f Force a restore even when the version of appliance software in the backup file differs from the software that is currently on the appliance list 1 List the backup files that are stored on the appliance help h Display this message Specify file with one of the following formats If the file is stored on a remote computer specify the directory path to the file file ftp scp Type the file name without the FTP or SCP prefix to specify a backup that is stored locally user password port path Copy files from their remote location with FTP Logon is attempted with the user name and password credentials that you provide on the command line If special characters are included in the password enclose the password in single quotes If the special characters in a password include a single quote you can use the double quote instead If no credentials are specified anonymous logon is used Error checking ensures that the copies are complete username host path Copy the backup file from its remote location with SCP A complete path file name and user name are required when you specify a backup
6. The ifconfig command displays the status and configuration of network interfaces and can make temporary changes to interface configurations Typehelp ifconfig on the command line for more information about the options available for ifconfig The information that is displayed may contain references to commands that are not available on Symantec Messaging Gateway This command is a standard Linux command that has not been modified iostat DESCRIPTION Command reference 49 iostat iostat a standard Linux command to display CPU and device load The iostat command monitors system input output device loading by observing the time devices are active in relation to their average transfer rates Type help iostat on the command line for more information about the options available for iostat The information that is displayed may contain references to commands that are not available on Symantec Messaging Gateway This command is a standard Linux command that has not been modified ad Command reference ldapsearch ldapsearch DESCRIPTION ldapsearch a standard Linux command to query an LDAP directory The ldapsearch command searches in the LDAP source that you specify and displays matching records Type help ldapsearch on the command line for more information about the options available for ldapsearch The information that is displayed may contain references to commands that are not available on Symantec Messaging Gateway T
7. help help Display help for individual commands or display all available commands help list command The help command displays a list of available commands on the product If you specify a command name the help command displays help for that command The help for commands is presented in Linux man page format These help pages use the following Linux man page conventions Do not type the brackets parenthesis or pipe symbol when you run a command Brackets The options and the arguments that are listed within square brackets are optional The options and the arguments that are not listed within square brackets are required Parenthesis The options and the arguments that are listed within parenthesis are required but are mutually exclusive A pipe symbol separates the mutually exclusive options or arguments Pipe The pipe symbol indicates the options or arguments that are mutually exclusive For example e pattern f file means that you can specify e patternor f file but not both Colored italic or underlined text Text that is italic colored or underlined indicates that you should substitute that text with specific text When you type help commana the terminal or terminal software that you use to access the command line determines how this text appears When you view help pages in a PDF or in the online help this type of text is italic option o Some command options are available in long a
8. install notes update help You can perform the following tasks with the update command m Check for new software updates m Download software updates m Install software updates m List the available software updates for download or installation Before you update the software ensure that your appliance does not perform any tasks that if disrupted could cause problems after you reset the system help h Display this message version vV Specify a software update version number for the download install or notes arguments Use update list to determine what versions are available for the version option check Perform a test update The test update demonstrates what happens if you choose to perform a software update Running update check does not update your appliance software EXAMPLES SEE ALSO Command reference 93 update download Download but do not install a software update After you download a software update you can install it by typing update install If you do not specify a version the latest software update is downloaded If your Internet connection to the Symantec software update servers is not reliable try downloading as a separate step from installing install Download and install a software update If you do not specify a version the latest software update is installed on your appliance Hist Display the available software updates notes Display the software update notes If you do n
9. ALSO more a standard Linux command to page through a text file The more command displays the contents of plain text files one screen at a time Press Space to view the next screen Use the 1ist command to list the files that more can display You can run the output of another command to more to view the output one screen at atime After the command that you are running type the pipe symbol and then more See the example below Type help more on the command line for more information about the options available for more The information that is displayed may contain references to commands that are not available on Symantec Messaging Gateway The more command is a standard Linux command that has been modified to only display the files that the 1ist command shows Example 1 Display BrightmailLog 1log one screen at a time more data logs bcc BrightmailLog log Example 2 Examine the output of List top one screen at a time list top more See list on page 51 Command reference 67 mta control mta control SYNOPSIS DESCRIPTION ARGUMENTS mta control control the MTA processes and backup and restore mail queues mta control queue command mta control pause mode mode The mta control command lets you query MTA queues and control specific elements within MTA message processing For example you can flush message queues Note Do not use the tilde character when you specify output file names paths pa
10. agent after modifying the IP address list or log level status s Display the allowed IP address list and current log level 16 Command reference cat cat DESCRIPTION SEE ALSO cat standard Linux command to view a file The cat command displays the contents of plain text files The more command can be more useful than cat for listing long files or multiple files Type help cat on the command line for more information about the options available for cat The information that is displayed may contain references to commands that are not available on Symantec Messaging Gateway The cat command is a standard Linux command that has been modified to only display the files that the 1ist command shows See list on page 51 See more on page 66 cc config SYNOPSIS DESCRIPTION ARGUMENTS Command reference 17 cc config cc config configures the logging and network access to the Control Center cc config help status cc config cclog level level cc config compliancelog days days cc config database status check tableName repair tableName optimize tableName cc config http on off cc config port 443 on off The cc config command lets you modify the selected settings that the Control Center uses These settings include Content Filtering Audit logs port 443 access and more cclog Change the log level of the main Control Center log BrightmailLog log
11. file delete file data logs bcc BrightmailLog log Example 2 Delete all messages in the Spam Quarantine 32 Command reference delete delete spamquarantine Example 3 Delete all Control Center database backup files that are stored on the appliance except for the three most recent backup files delete purge 3 database SEE ALSO See cat on page 16 See list on page 51 See more on page 66 Command reference 33 diagnostics diagnostics SYNOPSIS DESCRIPTION OPTIONS diagnostics generate diagnostics package diagnostics options url The diagnostics command generates a diagnostic package that Symantec Support can use to analyze problems with the product You should specify a valid URL unless you use the find other cores option If you specify a valid URL but do not specify the data collection options diagnostics uses the following parameters by default config crash info 5 logs 100000 When the user name or password are part of the URL write them in quotes if they have any special shell characters in them The password can be specified in the URL or at the password prompt An example of the URL syntax is as follows scp user password host port path If you specify a path that ends with a forward slash the diagnostics file is written to the path that you specify with the default file name If you specify a path that does not end with a forward slash the backup file is written with th
12. gt quoted printable string q m max results I index_max o output_file v DESCRIPTION You can track messages in the Control Center by querying the Message Audit Logs Alternatively you can use the malquery command line command to track messages Use malquery instead of the Control Center for complex queries or queries where you expect voluminous data The malquery command only returns data for the Scanner that you are logged into Enabling Message Audit Logging results in approximately 800 bytes of audit logs per message Message Audit Logging can cause performance and storage problems if your site receives more than 1 000 000 messages per day Audit logs older than the current day are rolled over to a filename appended with the local date in the form yyyymmdd Audit logs older than the default retention period of 30 days are deleted The output from malquery is in xsd format for example lt malResults count message result count gt lt message UID uid gt lt events gt lt event time utc name event id gt parameters lt event gt lt event time utc name event id gt parameters lt event gt lt event time utc name event id gt parameters lt event gt lt event time utc name event id gt parameters lt event gt lt events gt lt message gt lt malResults gt OPTIONS Find email messages that contain the events that match the specified criterion 56 Command reference malquery Exam
13. monitor the update 1og log file If you see information being written to update log periodically it usually means that the update is proceeding normally tail f update log See list on page 51 90 Command reference telnet telnet DESCRIPTION telnet a standard Linux command to connect to a remote computer The telnet command lets you log into the command line of another computer on your network from the appliance Type help telnet on the command line for more information about the options available for telnet The information that is displayed may contain references to commands that are not available on Symantec Messaging Gateway This command is a standard Linux command that has not been modified traceroute DESCRIPTION Command reference 91 traceroute traceroute a standard Linux command to view the path taken by network packets The traceroute command displays the network route to the given hostname or IP address Type help traceroute on the command line for more information about the options available for traceroute The information that is displayed may contain references to commands that are not available on Symantec Messaging Gateway This command is a standard Linux command that has not been modified 92 Command reference update update SYNOPSIS DESCRIPTION OPTIONS ARGUMENTS update update the appliance software update check list update version number download
14. mta control queue bad msg export queue ID Specify the URL as described for the export msg by id component m bad msg delete queue ID Delete the message 70 Command reference mta control EXAMPLES bad msg bypass queue ID Submit the message for delivery to the original recipients and bypass scanning bad msg forward queue IDaddress Submit a copy of the message for delivery to the given address and bypass scanning The original bad message remains in the bad message queue bad msg retry queue ID Retry scanning the message as if it were new The six pause modes affect email scanning scan acceptance accept and delivery delivery Each pause mode sets scanning acceptance and delivery to a particular state as described below regardless of the previous state of scan accept and delivery Pause modes are as follows status Display the current pause mode status If you type mta control pause mode mta control displays the pause mode status pause accept Set scan to running and set accept to paused The delivery state is not affected by pause accept pause deliver Set delivery to paused The accept and scan states are not affected by pause deliver This is equivalent tomta control delivery stop pause scan Set scan to paused and set accept to running The delivery state is not affected by pause scan resume accept Set scan to running and set accept to running The delivery state is not affected by r
15. you do not need them list top SEE ALSO See cat on page 16 See delete on page 27 See more on page 66 mallog SYNOPSIS DESCRIPTION OPTIONS Command reference 53 mallog mallog list backup or restore Message Audit Logs mallog list mallog backup restore url The mallog command backs up and restores Message Audit Log data that resides on the Scanner The mallog command also lists the Message Audit Log files on the Scanner To view message activity in the Message Audit Logs use the Control Center or the malquery command Available log files include the following E data logs scanner audit_bmengine_log E data logs scanner audit_mte_log E data logs scanner audit_mta_log Note When you run mallog backup Or mallog restore email processing stops while these commands run No inbound email or outbound email is delivered during this time If your organization s email availability policies are strict it may be appropriate to only run these commands during off hours backup url Create a backup of all of the message tracking logs that are in tar gz format and upload the resulting file to the specified URL Note This option suspends mail processing while the command is executed list List individual message tracking logs on the file system and their timestamps and sizes 54 Command reference mallog SEE ALSO restore url url Restore message tracki
16. 43 to the URL when you use an https URL to access the Control Center When port 443 access is enabled you do not need to append the port number for an https URL to access the Control Center check c Check the given database table If no table name is specified then check all tables days d Set the number of days to keep logs before they roll over help h Display this message level L Set the log level The log levels are listed below from least verbose to most verbose and each level includes the previous level For example if you specify the errors level only the most urgent log messages are stored If you specify the debug level errors warnings information and debug level log messages are stored Specify one of the following log levels m errors m warnings m information m debug off Disable a feature Command reference 19 cc config on Enable a feature optimize o Optimize the table so it takes less space on disk If no table name is specified then optimize all tables repair r Repair the given database table If no table name is specified then attempt a repair operation on all damaged tables status s Display the current log settings and port statuses 20 Command reference clear clear clear standard Linux command to clear the screen SYNOPSIS clear DESCRIPTION The clear command erases all of the text on the screen and displays t
17. Reroute messages from src route to dst route delete msgs by sender perl regexp Delete from the queue all messages with an envelope sender that matches the given Perl regular expression case insensitive delete msgs by rcpt perl regexp Delete from the queue all messages with an envelope recipient that matches the given Perl regular expression Note that this deletes the entire message not just the recipient case insensitive delete msg by id queue ID Delete the message with the given queue ID from the queue Note that the ID is only unique per queue delete all msgs Delete all messages from the queue import queues url Import an entire mail queue from backup Specify a11 for the queue Ensure that the MTA is running before importing a mail queue To start the MTA runmta control all start Specify the URL as described for the export msg by id component export queues url Back up the mail queue to a URL Specify a11 for the queue Ensure that the MTA is stopped before exporting the mail queue To stop the MTA run mta control all stop Specify the URL as described for the export msg by id component Command reference 69 mta control m export msg by id queue ID url Export the message with the given queue ID from the queue and save it to the specified URL If you do not specify a URL the message data is displayed on the screen If you do not specify the FTP password mta control prompts you for the password If you spe
18. Symantec Messaging Gateway 9 5 Command Line Reference Guide powered by Brightmail vi Symantec The software described in this book is furnished under a license agreement and may be used only in accordance with the terms of the agreement Documentation version 9 5 0 Legal Notice Copyright 2011 Symantec Corporation All rights reserved Symantec the Symantec Logo Brightmail the Brightmail logo BLOC BrightSig The Anti Spam Leader Probe Network and Norton Anti Virus are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U S and other countries Other names may be trademarks of their respective owners This Symantec product may contain third party software for which Symantec is required to provide attribution to the third party Third Party Programs Some of the Third Party Programs are available under open source or free software licenses The License Agreement accompanying the Software does not alter any rights or obligations you may have under those open source or free software licenses Please see the Third Party Legal Notice Appendix to this Documentation or TPIP ReadMe File accompanying this Symantec product for more information on the Third Party Programs The product described in this document is distributed under licenses restricting its use copying distribution and decompilation reverse engineering No part of this document may be reproduced in any form by any mean
19. a tabbed format and written out to file data monitor mta_mon SEE ALSO Command reference 65 monitor monitor proc mta interval 3 count 1000 tab output mta_mon Example 3 Collect the average load of the afasnmpd service on the system every 3 seconds 1000 times Display the average load on the system from the MTA process in a tabbed format and saved to file data monitor snmp_mon Normally no output appears on the screen because of the q option monitor proc afasnmpd interval 3 count 1000 tab q o snmp_mon Example 4 Check one time the percent of available CPU time and the memory that the LiveUpdate service uses Save the result to file data monitor liveupdate_mon monitor proc liveupdate output liveupdate_mon Example 5 Check one time the percent of available CPU time and the memory that the monitor service consumes Save the result to file data monitor monitor_mon in tabbed format monitor proc monitor output monitor mon tab Example 6 Check the percent of available CPU time and the memory the stunnel service consumes Save the result to file data monitor stunnel _mon intabbed format Normally no output appears on the screen because of the quiet option monitor proc stunnel output stunnel_mon tab quiet See cat on page 16 See delete on page 27 See list on page 51 See more on page 66 See tail on page 87 66 Command reference more more DESCRIPTION EXAMPLES SEE
20. an use the double quote instead Passwords containing single and double quotes are not valid If no user name and password are specified an anonymous login is used SCP Use the following format scp user host path You must specify a user name The db backup command prompts you for the password gzip 9 Use the gzip compression algorithm instead of the default bzip2 compression algorithm The gzip algorithm performs less efficient compression than bzip2 list I List existing backups on the appliance help h Display this message nocompress n Do not compress the backup file Use this option if you want to visually scan the file contents purge p Purge backups Use the purge option to delete old backup files that match the parameters that you specify To delete all but the number most recent backups of a type and schedule combination specify purge backup number along with the type and schedule Specify purge backup 0 to delete all backups of a type and schedule combination To delete a specific file specify file file along with purge See examples 5 and 6 EXAMPLES Command reference 23 db backup schedule s schedule The schedule name to include in the backup file name If you specify a schedule name db backup does not create automatic backups at that interval The schedule that you specify only names the backup file with that name The schedule names differentiate ba
21. ard Linux command to configure network interfaces iostat A standard Linux command to display CPU and device load ldapsearch A standard Linux command to query an LDAP directory list Display the file names of all files that certain commands can act on mallog List backup or restore Message Audit Logs malquery Query Message Audit Logs monitor View and record information about Brightmail specific processes more A standard Linux command to page through a text file mta control Control the MTA processes and backup and restore mail queues netstat A standard Linux command to view network connections nslookup A standard Linux command to query DNS servers password Change your administrative password ping A standard Linux command to test for a response from a remote computer reboot Reboot the appliance HISTORY Command reference 45 help route A standard Linux command to show and manipulate the IP routing table rpmdb Manage and repair the RPM database service A standard Linux command to start or stop services show Display system information shutdown Shut down the appliance without rebooting sshd config Configure which addresses can SSH to the appliance tail A standard Linux command to view the end of a file telnet A standard Linux command to connect to a remote computer traceroute A standard Linux command to view the path that network packets take update Update the appl
22. cify a path that ends with Symantec Messaging Gateway stores the file in that location using a default file name Otherwise Symantec Messaging Gateway stores the file with the file name that you specified in the path The URL syntax is as follows scp user host path user is prompted for password ftp user password host port path ftp user host port path Put a double quote character before and after the URL If any part of the URL contains special characters such as full or double quotes put a backslash before each special character m query queue Query the message queue The following optional parameters are accepted m sender_match perl regexp m rcpt_match perl regexp m deferred selects the messages that are deferred m include_subject m start N limit N m format neat xml The parameters sender_match rcpt_match and deferred are logically ANDed together if present The intermediate result set after applying these matches is sorted by date and then the start and limit are applied start messages are skipped and then limit messages are returned The default is to show all messages in neat format which is meant to be human readable m bad msg list List the times and IDs of messages in the bad message queue The queue is either inbound or outbound m bad msg export queue ID url Export or display the message See export msg by id for URL format To display the message on the screen type
23. ckups See backup and purge for more information Use the backup feature in the Control Center to create automatic scheduled backups The following schedules are available manual Label this backup a manual backup This option is the default daily Label the backup a daily manual backup weekly Label the backup a weekly manual backup monthly Label the backup a monthly manual backup type t type The type of backup to create Each backup type has two aliases that are alternate short versions of the backup type See example 4 The following types are available full Perform a full backup aliases 1 This option is the default config incidents Back up configuration and content filtering incident data aliases ci 2 config incidents reports logs Back up configuration content filtering incident report and log data aliases cirl 3 Example 1 Save a full backup on the appliance with the default schedule of manual and the default type of fu11 The newest five backups with a schedule of manual and type of fu11 are kept including the backup just created and the rest of the backups matching that combination are deleted db backup Example 2 24 Command reference db backup SEE ALSO Save a full backup on a remote server with SCP The database backup file in the format db backup brightmail date time full manual tar bz2 is copied to 192 168 2 42 in the tmp directory through SCP Log on to the SCP server w
24. cludes the following system identifiers user sys wait memt memu memf Database Identifiers These identifiers denote the size of the Control Center database the size of its various quarantines and how many messages they contain The identifiers are as follows q q Q Q Q q a a b size The total size of the Control Center database in kilobytes b _qsize The size of the Spam Quarantine directory kilobytes b qqty The number of messages in the Spam Quarantine b vsize The size of the Suspect Virus Quarantine directory in kilobytes v_vqty The number of messages in the Suspect Virus Quarantine b csize The size of the content incident directories b _cqty The number of messages in the content incident quarantine atabase A convenience identifier that includes all the database identifiers Command reference 63 monitor Disk identifiers The disk identifiers provide information on disk utilization on the partitions that the administrator controls The identifiers are as follows data_used The percentage of data that is being used data_free The amount of free space in data in kilobytes opt_used The percentage of opt that is being used opt_free The amount of free space in opt in kilobytes other_used The percentage of opt that is being used for example 20 other free The amount of space available on opt in kilobytes disk A convenience identifier that i
25. d other hostname com 1 2 3 4 Matches a specific IP address 1 2 Matches any IP address starting with 1 2 1 2 3 0 255 255 255 0 Matches any IP address within the 1 2 3 subnet The EXCEPT keyword can be used to exclude a subset of addresses For example hostname com EXCEPT forbidden hostname com You can specify one of the following keywords instead of a host name or IP address for the address parameter Use the KNOWN and UNKNOWN keywords with care since they depend on DNS service m ALL Matches any address m LOCAL Matches any host whose name does not contain a dot character m KNOWN Matches any host whose name and address are known m UNKOWN Matches any host whose name or address are unknown tail SYNOPSIS DESCRIPTION OPTIONS Command reference 87 tail tail a standard Linux command to view the end of a file tail f help log name The tail command is part of the standard Linux command set which shows the last 50 lines of the named log file However this command is modified in the following ways Only the and help options that are described here are available If a character in a log file is not printable or is not ASCII the sequence xAB is displayed instead of that character AB is the hexadecimal value of the character For example a character with a decimal value of 128 is displayed as x80 This command is restricted to the file names that are obtainable from the list c
26. e malquery SEE ALSO Example 4 Search for an email based on the following criteria Start date between July 4 2009 11 00 P M and date of July 4 2009 11 59 P M Recipient is dale company com Subject contains the words check this out Number of matching results for this command is the default index_max of 1000 Write results to file tmp results xml malquery 1 200907040000 200907090000 e RCPTS dale company com e SUBJECT check this out I o tmp results xml See mallog on page 53 monitor SYNOPSIS DESCRIPTION OPTIONS Command reference 59 monitor monitor view and record information about Brightmail specific processes monitor options proc name identifier monitor list monitor stop pid all The monitor command lets you view and record detailed information about the Brightmail system and its processes count c num Produce num samples The default is 1 The upper limit is 2 31 1 roughly 2 1 billion help h Display this message interval i num Take a sample at the num interval measured in seconds The default is 10 seconds For any long running monitor jobs that are written to disk you should increase this interval to 60 or more If the disk space fills up the monitor process stops Increase the interval time to avoid this issue output o file Save the output to a file instead of printing it to the console The file is saved as data monitor
27. e file name specified in the path The default diagnostics file name is in the following format diagnostics yy mmm dd hh mm hostname tar gz For example diagnostics 09 Sep 10 15 42 host9902 symantecexample com tar gz An option cannot be specified more than once whether it is in its long form or short form For the cores option a component cannot be specified more than once either with the component name or convenient string a11 If you attempt to an error message appears along with the appropriate usage text SCOn Elgg Ae Collect only the configuration data The configuration data includes Symantec Protection Center SPC registration details if available 34 Command reference diagnostics cores O component n Collect the latest n core directories including core files for a component The valid range for nis 1 through 9 999 The list of components include the following cores mta n collects MTA core packages cores bmagent n collects Brightmail Agent core packages cores imrelay n collects IM Relay core packages cores bmserver n collects Brightmail Server core packages cores conduit n collects Conduit core packages cores jlu controller n collects Java LiveUpdate core packages cores dds n collects Directory Data Service core packages cores other n collects the other core files that are not collected with other options cores all n all is a convenient identifier that means all components
28. e running before they can be executed In these cases the only output is The DNS Cache is currently stopped Start the cache with the dns control start command before you run those commands The command components are as follows start Start the local caching name server stop Stop the local caching name server restart Restart the local caching name server status Display the status of the local caching name server flush Flush the cache Tist List the locally configured name servers for the resolver trace Increment the tracing debug level by 1 notrace Disable tracing debug Command reference 39 dns control reconfig Forces a reload of the name server configuration information help Display this page 40 Command reference grep grep grep search in files for text or a regular expression DESCRIPTION The grep command searches in the files that you specify for text or regular expressions Type grep help on the command line for more information about the options available for grep The information that is displayed may contain references to commands that are not available on Symantec Messaging Gateway This command is a standard Linux command that is limited in Symantec Messaging Gateway Administrators can only use grep m On filenames obtainable through the 1ist command m By piping the output of other commands to the grep command help SYNOPSIS DESCRIPTION Command reference 41
29. each identifier are prefaced with the process name For example controlcenter_ p user list Produce a list of all monitor processes their PIDs and the options that were used at runtime The monitor list command always shows the monitor list command as one of the monitor processess that is running This behavior is normal 62 Command reference monitor stop pid all Stop the specified monitor processes Type a PID to stop a single process Type the word a11 to stop all monitor processes identifiers The information that is displayed or saved depends on the identifiers that you specify If you do not specify one or more identifiers then the default of system is used Some identifiers represent multiple identifiers and are provided for convenience Five groups of identifiers are available system database disk MTA and process System identifiers are as follows a a a a a user Percent of the available CPU time that is spent in user mode nice Percent of the available CPU time that is spent running as nice sys Percent of the available CPU time that is spent in system mode wait Percent of the available CPU time that is spent in IO wait idle Percent of the available CPU time that is spent idling memt Total memory k memu Memory in use k pageout The number of memory pages that are swapped out to disk S ystem A convenience identifier that in
30. ekeeperrules Delete gatekeeper antispam rules and replace with factory default rules intsigrules Delete all intsig rules and replace them with the factory default rules ipfreqrules Delete IP frequency rules regexrules Delete regex filter rules EXAMPLES Command reference 31 delete spamhunterrules Delete all spam hunter rules and replace them with the factory default rules spamsigrules Delete spamsig rules and replace them with the factory default rules Note The delete command may take half a minute to delete rules Wait for the command prompt to return before you run additional commands Do not press Ctrl C to stop the delete command while it is running Miscellaneous components Adal Delete all logs configuration data passwords support sieve scripts Scanner data cores diagnostic packages rules queue data SPC data and backup files to restore your appliance to the original factory configuration bechostacl Delete the Scanner access controls made on the Administration gt Settings gt Control Center page to permit access from all Scanners cores Delete all core directories database Delete all backups of the Control Center database that were created with db backup diagnostics Delete all diagnostic packages help Display a summary of components that you can delete monitor Delete the files made by the monitor command Example 1 Delete the BrightmailLog 1log
31. estores brightmail databases to an appliance from a single previously created backup These are the backups that you have previously generated and saved on the appliance or from remote locations with FTP and SCP If you attempt to run more than one instance of db restore at a time an error results If any part of the operation fails do restore fails and an explanatory message appears on the command line You must be on the Control Center host to use the db restore command Note Restoring an appliance immediately after resetting the appliance to its factory default might leave the appliance in an unusable state Therefore you must complete the site setup before restoring an appliance that is reset to its factory default When you restore a database backup on a different appliance than it was created keep in mind the following considerations m Ifyou restore the appliance from a backup taken on a different appliance the restored appliance does not affect the configuration settings on the new host However the virtual IP addresses are not created during the configuration Virtual IPs defined in the old Control Center host are mapped by default to an interface on the new Control Center host You can avoid the mapping of virtual IPs from the old Control Center host to the interface on the new Control Center host by completing the site setup Alternatively you can create the virtual IPs on the new Control Center host after the restore m
32. esume accept resume deliver Set delivery to running The accept and scan States are not affected by resume deliver This is equivalent to mta control delivery start resume scan Set scan to running and set accept to running The delivery state is not affected by resume scan Example 1 Show the status of the MTA inbound outbound and delivery queues and whether they are running or not mta control pause mode status Example 2 Do not accept any new mail on the appliance but scan mail in the queue This command does not affect the delivery of email Command reference 71 mta control mta control pause mode pause accept Example 3 Accept email on the appliance but do not scan it This command does not affect the delivery of email mta control pause mode pause scan Example 4 Do not deliver email on the appliance mta control pause mode pause deliver Example 5 Accept and scan email on the appliance This command does not affect the delivery of email mta control pause mode resume accept Example 6 Accept and scan email on the appliance This command does not affect the delivery of email mta control pause mode resume scan Example 7 Deliver email on the appliance mta control pause mode resume deliver Example 8 Display the queue id of messages in delivery queue mta control delivery query queue Example 9 View a raw message in the delivery queue with a message queue id mta control delivery export m
33. file When you use this option monitor runs in the background and returns the process ID PID of the monitor process Use cat more or tail to view the file The file name can contain ASCII characters proc p name Collect data for one of the following Brightmail processes and its children The valid process names and the programs that they represent are as follows 60 Command reference monitor afasnmpd The afasnmpd process provides SNMP information for some Dell PowerEdge Expandable RAID Controllers The afasnmpd process is only applicable on the following systems m Dell System PowerEdge 750 SMS 8240 appliance m Dell System PowerEdge 850 one of many SMS 8340 appliance bmagent The Brightmail Agent facilitates communicating configuration information between the Control Center and each Scanner bmserver The bmserver process filters email messages conduit The Conduit retrieves updated email filters and manages statistics controlcenter The Control Center provides centralized Web administration collects statistics and hosts quarantines im The IM process filters instant messaging liveupdate LiveUpdate downloads virus definitions from Symantec Security Response to the Scanner lsisnmpd The 1sisnmpd process provides SNMP information for some Dell PowerEdge Expandable RAID Controllers The 1sisnmpa process is only applicable on the following systems m Dell System PowerEdge 1950 SMS 8360 appliance m Dell Syste
34. file through SCP You are prompted for a password for the user name that you specify Return codes are checked to ensure that the entire backup file is copied from the remote host The script exits with non zero status on failure If the script fails an error message appears Error checking ensures that the copies are complete See db backup on page 21 See diagnostics on page 33 delete SYNOPSIS DESCRIPTION OPTIONS ARGUMENTS Command reference 27 delete delete clear logs configuration information and data delete purge num component component delete file file Use the delete command to delete logs configuration information and other data You may want to delete data if disk space is low or to clear configuration data to correct or diagnose a problem The delete command restarts the Brightmail Engine if necessary after you run the delete command purge p num Delete all database backup files except for the num most recent files This option is only valid with the database component You can delete individual files or you can specify one or more components to delete logical groups of files file file Delete the file that you specify You can only delete the files that you can view with the 1ist command Specify the entire path to the file as shown by the list command Symantec recommends that you delete items by specifying a component instead of deleting individual files If you delete individual fi
35. he command prompt at the top of the screen This command is a standard Linux command that has not been modified db backup SYNOPSIS DESCRIPTION OPTIONS Command reference db backup db backup back up the Control Center database db backup options The db backup command backs up the Brightmail databases such as configuration settings report data log data and incidents You can store backups on the appliance or on a remote server Only run this command on the appliance that contains the Control Center This command does not function on a Scanner only appliance Only one instance of db backup can run at a time By default backup files are compressed before they are written to disk to minimize the size of backup files The db backup command calculates the amount of disk space the backup file requires The command does not run unless at least twice this amount is available on the data partition Use db restore or the Control Center restore feature to restore a backup on the appliance or a backup on a remote computer If you specify file pathfora backup to the appliance you can only restore the backup using the db restore command not the Control Center restore feature You can also create backups using the Control Center In the Control Center click Administration gt Hosts gt Version gt Backup backup b number The number of backups to store on the appliance If you have more backups stored than number the
36. his command is a standard Linux command that has not been modified list SYNOPSIS DESCRIPTION OPTIONS Command reference 51 list list display the file names of all files that certain commands can act on list all cores diagnostics logs monitor temp top list help The list command displays the file names of all of the files that can be acted upon by certain commands The following commands can act upon the files that are listed with list cat Display the contents of one or more files delete Delete one or more files more Display the contents of one or more files and pause at the end of each screen tail Show the last 50 lines of the named log file If 1ist does not list any files when you specify an option there are no files in that category all a List all files cores c List all core files diagnostics d List all diagnostic packages help h Display this message 52 Command reference list logs 1 List all log files monitor M List all monitor files temp p List all temporary files top t List the largest files that the administrator can delete and their sizes EXAMPLES Example 1 List all the files that can be viewed with cat except core files and diagnostic files or deleted with delete list all Example 2 List the largest files that you can delete You can use the delete command to delete large files if
37. iance software In Symantec Brightmail Gateway version 9 0 some commands that existed in version 8 0 and previous versions were renamed incorporated into other commands or removed The following commands were changed in version 9 0 agentconfig Replaced with agent config clear Replaced with delete In version 9 0 the clear command clears the screen crawler Part of diagnostics date Replaced with show date 46 Command reference help deleter Replaced with delete cores dn normalize The functionality of the dn normalize command is not available in version 9 0 eula Replaced with show eula http Replaced with cc config http install Replaced with update install is Replaced with list mta stats Replaced with monitor mta passwd Replaced with password pause mode Replaced with mta control pause mode rebuildrpmdb Replaced with rpmdb repair rm Replaced with delete files set control center port 443 Replaced with cc config port 443 sshdctl Replaced with sshd config sshdver Replaced with sshd config version sys info Replaced with show info system stats Replaced with monitor system Command reference 47 help tls ca cert contre The functionality of the t1s ca cert control command is not available in version 9 0 i Command reference ifconfig ifconfig DESCRIPTION ifconfig a standard Linux command to configure network interfaces
38. ies about product features and functionality The Technical Support group also creates content for our online Knowledge Base The Technical Support group works collaboratively with the other functional areas within Symantec to answer your questions in a timely fashion For example the Technical Support group works with Product Engineering and Symantec Security Response to provide alerting services and virus definition updates Symantec s support offerings include the following m Arange of support options that give you the flexibility to select the right amount of service for any size organization m Telephone and or Web based support that provides rapid response and up to the minute information m Upgrade assurance that delivers software upgrades m Global support purchased on a regional business hours or 24 hours a day 7 days a week basis m Premium service offerings that include Account Management Services For information about Symantec s support offerings you can visit our Web site at the following URL www symantec com business support All support services will be delivered in accordance with your support agreement and the then current enterprise technical support policy Contacting Technical Support Customers with a current support agreement may access Technical Support information at the following URL www symantec com business support Before contacting Technical Support make sure you have satisfied the system requ
39. irements that are listed in your product documentation Also you should be at the computer on which the problem occurred in case it is necessary to replicate the problem When you contact Technical Support please have the following information available m Product release level Hardware information Available memory disk space and NIC information Operating system Version and patch level Network topology Router gateway and IP address information Problem description m Error messages and log files m Troubleshooting that was performed before contacting Symantec m Recent software configuration changes and network changes Licensing and registration If your Symantec product requires registration or a license key access our technical support Web page at the following URL www symantec com business support Customer service Customer service information is available at the following URL www symantec com business support Customer Service is available to assist with non technical questions such as the following types of issues Questions regarding product licensing or serialization Product registration updates such as address or name changes General product information features language availability local dealers Latest information about product updates and upgrades Information about upgrade assurance and support contracts Information about the Symantec Buying Programs Advice about Symantec s technical su
40. ith the support user account The db backup command prompts for the password for the support user account db backup file scp support 192 168 2 42 tmp Example 3 Save a full backup on a remote server with FTP The database backup file db backup brightmail date time full manual tar bz2 is copied to host symantecexample org in the user jmuir directory Log on to the FTP server with the jmuir user account and secret password db backup f ftp jmuir secret host symantecexample org user jmuir Example 4 Backup configuration and content filtering incident data to the appliance and include the word weekly in the backup file name In addition to the newly created backup keep one additional existing backup with config incidents and weekly in the file name db backup backup 2 schedule weekly type ci Example 5 Delete a single backup file db backup purge file db backup brightmail Jan 21 10 19 26 config incidents weekly tar bz2 Example 6 Delete all but the one most recent backup file of type config incidents and schedule manual db backup purge backup 1 type config incidents schedule manual See db restore on page 25 db restore SYNOPSIS DESCRIPTION Command reference 25 db restore db restore restores the brightmail databases to an appliance from previously created backups on the appliance or from remote locations with FTPand SCP db restore force list help file The db restore command r
41. les you may change the effectiveness or performance of Symantec Messaging Gateway If you delete log files or temporary files with the delete file filecommand some log data may be lost To delete log files specify one of the components in the log components group If you do delete individual log files with the delete file file command restart the service that applies to the log file that you deleted For example if you delete the Control Center log file Brightmaillog og restart the Control 28 Command reference delete Center service Use the service command or the Control Center to restart a service The following components are available and are listed in groups of similar behavior Log components alllogs Delete all logs in the log component group bcclogs Delete all Control Center logs ddslogs Delete all directory data service logs If you delete ddslogs the bmclient_log and bmserver_log log files may contain many Could not connect Connection refusederrors These errors are normal imlogs Delete all IM logs mallogs Delete all Message Audit Logs oslogs Delete all operating system logs scannerlogs Delete all Scanner logs Configuration components allconfig Delete all configuration data in the configuration component group becconfig Delete all Control Center configuration files clearsockets Delete all socket files in the var tmp directory ddsconfig Delete all directory data
42. ltiple identifiers and are provided for convenience This command does not give any indication about the average load or amount of work that is done between one sample and the next Each sample is a snapshot of the MTA status at that point in time Process identifiers The proc option lets you monitor statistics for groups of Brightmail processes If the proc flag is used without any p_ identifiers the following default value is used p user p sys p_memv p memr p mems Identifiers for use with proc include m p user Percent of the available CPU time that is spent in user mode m p sys Percent of the available CPU time that is spent in system mode E p_memv Virtual memory that the processes use k E p memr Resident memory in use by the processes k m p mems Highest amount of the shared memory that any of the processes use k m p_all Allof the proc identifiers The following examples describe some ways that you can use the monitor command These examples include a mix of the long and short forms of some of the option names such as o and output Example 1 Check one time the percent of available CPU time and memory that the conduit service consumes Save the result to file data monitor conduit_mon monitor proc conduit output conduit _mon Example 2 Collect the average load of the MTA service on the system every 3 seconds 1000 times Display the average load on the system from the MTA service in
43. m PowerEdge 2950 SMS 8380 appliance m Dell System PowerEdge R610 SMS 8360 appliance m Dell System PowerEdge R710 SMS 8380 appliance m Dell System PowerEdge 860 SMS 8340 appliance m Dell System PowerEdge R200 SMS 8340 appliance m Dell System PowerEdge R210 SMS 8340 appliance ARGUMENTS Command reference 61 monitor monitor The monitor process displays or saves information about Symantec Messaging Gateway processes mta The mail transfer agent routes inbound and outbound messages to the Brightmail Engine for processing and delivers filtered messages mysql The MySQL database on the Control Center stores settings and message information percsnmpd The percsnmpd process provides SNMP information for some Dell PowerEdge Expandable RAID Controllers The percsnmpd process is only applicable on the following system m Dell System PowerEdge 1850 SMS 8260 appliance snmpd The snmpd process waits for requests from SNMP management software stunnel The stunnel process provides secure encrypted connections quiet q Suppress any warnings from the monitor program tab f Produce data in a tabular format Use the tab option with the output option to create output to import into a spreadsheet The tab does not format text correctly for the screen For example on the screen the column headings are not aligned with the column data When you format data for tabular output tab the column headings for
44. mponent This option does not stop or restart a process but it may cause the process to pause briefly The available components are E bmagent E bmserver E conduit E imrelay E mta M jlu controller help h Display this message include old queues i Collect queue data from old postfix queues This command is only useful on configurations in which Symantec Messaging Gateway is migrated from version 7 7 or earlier This command is not applicable for Symantec Messaging Gateway version 8 or higher ldap p Collect legacy ldapsync data 36 Command reference diagnostics ARGUMENTS This command is only useful on configurations in which Symantec Messaging Gateway is migrated from version 8 or earlier This command is not applicable for Symantec Messaging Gateway version 9 or higher logs all l Collect all logs of all log files logs n l Collect log data that is limited to n lines per log file The valid range for nis 1 through 2 147 483 647 monitor m Collect a snapshot output of the following monitor command monitor c 6 proc bmserver proc mta system database disk mta p_alland existing monitor logs under data monitor rules r Collect all rules that are present on the Scanner except exact data match data tracking t Collect Message Audit Log files verbose v Show the command process in verbose mode The syntax for the URL paths referenced by this command is as follo
45. n older backups are deleted Each unique combination of type and schedule is retained separately If you do not specify backup number the default is 5 for each type and schedule combination See examples 4 and 6 file f path The name and optionally location to save the backup Use the file option to specify an alternate file name for the backup file or to save the backup file to aremote computer If you do not specify file path the backup is saved to the appliance as db backup brightmail Mon Day Year Hour Min full manual tar bz2 21 22 Command reference db backup You can save the backup to a remote computer using either FTP file transfer protocol or SCP secure copy protocol If the path ends with the backup is saved in that directory using the default file name If the path ends with a file name the backup is saved with that name in the specified path When you save the backup to a remote computer db backup temporarily stores the backup file on the appliance checks the file for data integrity copies the file to the remote computer and checks to ensure that the file was successfully copied Use one of the following two path formats to save the backup to a remote server FTP Use the following format ftp user password host port path If special characters are included in the password you must enclose the password in single quotes If the special characters in a password include a single quote you c
46. ncludes all the above disk data MTA identifiers These identifiers report MTA statistics The identifiers are as follows i_conn Number of inbound connections i_qmsgs Number of queued inbound messages i_dmsgs Number of deferred inbound messages i_qsize Size of the inbound queue MBs i_drate Inbound listener data rate kbps i_mrate Inbound listener message rate mta_in All of the inbound statistics the identifiers that begin with i_ o_conn Number of outbound connections o_qmsgs Number of queued outbound messages o_dmsgs Number of deferred outbound messages o_qsize Size of the outbound queue MBs o_drate Outbound listener data rate kbps o mrate Outbound listener message rate mta_out All of the outbound statistics the identifiers that begin with o d_conn Number of delivery connections d_qmsgs Number of queued delivery messages d_dmsgs Number of deferred delivery messages d_qsize Size of the delivery queue MBs 64 Command reference monitor EXAMPLES E d drate Delivery listener data rate kbps E d mrate Delivery listener message rate E mta del All of the delivery statistics the identifiers that begin with a _ m mta A convenience identifier that includes all of the MTA identifiers The information that is collected depends on the identifiers that are provided If none are provided then the default of system is used Some identifiers represent mu
47. nd line interface After connecting to the command line interface type admin at the login as prompt and type the adminstrator password at the password prompt 12 Command reference Command line interface access methods Table A 1 Command line interface access methods for physical appliances System console using You must have physical access to the appliance to access the directly attached command line interface with a keyboard and VGA monitor keyboard and VGA Connect a keyboard to the keyboard port on the appliance Connect monitor a VGA compatible monitor to the D sub 15 VGA port on the appliance You can also connect the keyboard and VGA ports on the appliance to a KVM switch System console using You must have physical access to the appliance to access the a serial cable command line interface with serial cable Connect a null modem cable from the DB9 serial port on the appliance to the serial port on another computer Use a terminal emulation software on the computer to access the appliance through the serial port On a Windows computer ensure that the terminal emulation software is set to use the correct COM port Configure the terminal emulation software on the computer to the following settings 9600 bps 8 data bits No parity bit 1 stop bit Remote access using Using an SSH client lets you access the command line interface an SSH client from any computer on your network unless firewall rules prohibi
48. nd short versions The long version and short version produce the same behavior Use whichever version is most convenient for you In the OPTIONS section these options are displayed with the long version first followed by acomma and then the short version The long version is preceded with two dashes and the short version 42 Command reference help is preceded with one dash Some options have required parameters that you specify after the option like a log level or IP address The help pages contain the following sections SYNOPSIS A description of the options and arguments available for the command DESCRIPTION General information about the command OPTIONS Options that you can use to control the behavior of a command Options always begin with one or two dashes such as s or status If an option is listed in square brackets in the synopsis the options are optional If not the option is required Some options have arguments For example 1og level Square brackets indicate optional arguments Not all commands have options ARGUMENTS Some commands require arguments Arguments are names of files host names IP addresses and so on that you specify to control the behavior of the command Not all commands have arguments EXAMPLES The EXAMPLES section provides sample command usage Not all commands have examples SEE ALSO The SEE ALSO section lists related commands Not all commands have see also references
49. nds to navigate through the man pages m forSPACE Forward one window a b Backward one window m pattern Search for a word or pattern E lt Go to the beginning of the document E gt 10 Command reference Administering Symantec Messaging Gateway through the command line Go to the end of the document mq Quit m h Display more help with man pages Type help command name to get information about a specific command Type help to get general information about command line man pages The following commands are available m agent config m cat m cc config m clear m db backup m db restore m delete m diagnostics m dns control m grep m help m ifconfig m iostat m ldapsearch m list m mallog m malquery m monitor m more m mta control m netstat m nslookup Command reference 11 Command line interface access methods m password m ping m reboot m route m rpmdb m service m show m shutdown m sshd config m tail m telnet m traceroute m update Command line interface access methods You can log into the command line interface on each Symantec Messaging Gateway appliance Some of the commands duplicate functions in the Control Center Some of the commands provide functions that are not available in the Control Center See Administering Symantec Messaging Gateway through the command line on page 8 Table A 1 and Table A 2 describe the methods that you can use to access the comma
50. ng logs from the specified URL Existing logs are overwritten Note This option suspends mail processing while the command is executed URLs may have a scheme of either FTP SCP or HTTP for restore only If you specify a path that ends with a forward slash the diagnostics file is written to the path that you specify with the default file name If you specify a path that does not end with a forward slash the backup file is written with the file name specified in the path The restore option requires a full path name which includes a file name The entire URL should be taken in double quotes If any part of the URL contains special characters such as full or double quotes escape the special characters with a backslash When the password is part of the URL it should be written in quotes if it has any special shell characters in it Transmit the package to the url location by SCP or FTP The entire URL should be taken in double quotes If any part of the URL contains special characters such as full or double quotes escape the special characters with a backslash When the password is part of the URL it should be written in quotes if it has any special shell characters in it See malquery on page 55 Command reference 55 malquery malquery malquery query Message Audit Logs SYNOPSIS malquery 1l start end g start end u uid u uid e event arg num lt gt string e q event arg_num lt
51. nnects hosts to the Control Center agent config norestart force add delete ip agent config help status agent config norestart log level The agent config command lets you edit the allowed IP configuration for the Scanner Use this command when you change the IP address of the Control Center You must run this command on every host to re allow the new Control Center IP to connect to the hosts The Agent restarts when you add or delete an IP address to or from the allowed IP list unless you include norestart in the command add a ip Add an IP address to the agent allowed IP address list Specify an IP address in dotted quad format For example 192 168 2 1 delete d ip Delete an IP address from the agent allowed IP address list Specify an IP address in dotted quad format For example 192 168 2 1 log L level Set the log level The log levels are listed below from least verbose to most verbose and each level includes the previous level For example if you specify the errors level only the most urgent log messages are stored If you specify the notices level errors warnings and notices level log messages are stored Specify one of the following log levels E errors E warnings E notices E information E debug Command reference 15 agent config force f Used with delete option to bypass the deletion warning help h Display this message norestart n Do not restart the
52. ns netstat an Example 2 Display routing table netstat r 74 Command reference nslookup nslookup DESCRIPTION EXAMPLES nslookup a Standard Linux command to query DNS servers The nslookup command performs a DNS lookup of the given hostname or IP address Type help nslookup on the command line for more information about the options available for nslookup The information that is displayed may contain references to commands that are not available on Symantec Messaging Gateway This command is part of the standard Linux command set It has been modified for use by Symantec Messaging Gateway but this modification does not affect its functionality Look up MX records for a domain yahoo com for example nslookup querytype mx yahoo com Command reference 75 password password password change your administrative password SYNOPSIS password help reset DESCRIPTION The password command changes the password that you use to logon to the command line You are prompted to type your old password and to type your new password twice Note If you are using the Control Center appliance when you change the password the admin password for login to the Control Center is also changed OPTIONS help h Display this message reset r Set the administrative password to the factory default a Command reference ping ping DESCRIPTION ping a standard Linux command to te
53. nterface access methods on page 11 These help pages use the following Linux man page conventions Command reference 9 Administering Symantec Messaging Gateway through the command line m Square brackets indicate that a statement is optional m The pipe character indicates that one of two statements can be specified m Text in italics indicates that the text should be replaced with the text that you specify The Symantec Messaging Gateway man pages contain the following sections m Synopsis A description of the options and arguments available for the command m Description General information about the command m Options Options that you can use to control the behavior of a command Options always begin with one or two dashes such as s or status Use two dashes for the full term one dash for the abbreviated term Some options have arguments For example 10g level Square brackets mean that element of the command is optional Not all commands have options m Arguments Some commands require arguments Arguments are names of files host names IP addresses and so on that you specify to control the behavior of the command Not all commands have arguments Unlike options you do not precede arguments with dashes m Examples This section provides sample command usage Not all commands have examples m See Also This section lists related commands Not all commands have see also references Use the following comma
54. ommand The 1ist command displays the file names of all of the files that can be acted upon by certain commands In addition to the tail command the following commands can act upon the files that are listed with list cat Display the contents of one or more files delete Delete one or more files more Display the contents of one or more files and pause at the end of each screen Follow the file as new text is added to it The tail f command prints the last 10 lines of the file but does not exit As new text lines are added to the file tail displays the new text lines The option is useful for monitoring a log file as additional information is added to the log file If you type tail 88 Command reference tail f log name and nothing seems to happen the file is empty the file is not being written to or both To stop monitoring a file press Ctrl C help h Display this message ARGUMENTS log_name log_name can be any of the following E agent_log E battery log E bmclient_log E bmserver log E boot log E BrightmailLog log E conduit log E cron E db migration log E dds log E dmesg E imlinkage log E imrelay log E jlu controller log E liveupdt log E maillog E messages E named run E secure E update log EXAMPLES SEE ALSO Command reference 89 tail Example 1 Display the last 50 lines of the BrightmailLog 1og log file tail BrightmailLog log Example 2 During an update
55. onent group becdata Delete all Control Center data including any license files Afterwards your configuration is the same as an out of the box the Control Center configuration ddsdata Delete all directory data service data imdata Delete all IM data keystore Delete Control Center HTTPS certificates from the keystore scannerdata Delete mail from MTA queues and the following file 30 Command reference delete data scanner rules matchEngine tmp data_match engine jce keystore spcdata Delete all Symantec Protection Center SPC data and de register any Symantec Messaging Gateway SPC instance After using spcdata you must re register the Control Center with the SPC server in order to continue using the Control Center with SPC sudata Delete all of the files that are related to software updates Quarantine components allquarantine Delete all messages from all quarantines contentquarantine Delete all content quarantine and informational messages spamquarantine Delete all messages from Spam Quarantine virusquarantine Delete all messages from Suspect Virus Quarantine Rule components allrules Delete all rules and replace them with the factory default rules avrules Delete all antivirus rules and replace them with the factory default rules dayzerorules Delete all day zero rules and replace them with the factory defaults rules fastpassrules Delete all Fastpass rules gat
56. orarily Its primary use is for viewing the routing tables Type help route on the command line for more information about the options available for route The information that is displayed may contain references to commands that are not available on Symantec Messaging Gateway This command is a standard Linux command that has not been modified rpmdb SYNOPSIS DESCRIPTION OPTIONS Command reference 79 rpmdb rpmdb manage and repair the RPM database rpmdb verify repair The rpmdb command lets you verify the current RPM database and rebuild it This command can be useful in the event the database is corrupted and you want to repair it Software updates for Symantec Messaging Gateway are stored as RPM packages pepairy t Rebuild the RPM database verify v Verify the current RPM database 80 Command reference service service SYNOPSIS DESCRIPTION ARGUMENTS service a standard Linux command to start or stop services service name command service name help Start stop and check the status of Symantec Messaging Gateway services with the service command Services are programs that run continuously to perform specific tasks During normal operation you do not have to stop or start services You may need to stop or start services to diagnose or resolve a problem with Symantec Messaging Gateway The service command is a standard Linux command that has been modified to work with service
57. ormation about reinstalling the appliance software See reboot on page 77 Command reference 85 sshd config sshd config SYNOPSIS DESCRIPTION OPTIONS ARGUMENTS sshd config configure which addresses can SSH to the appliance sshd config list help sshd config add allow deny address sshd config delete allow deny rule sshd config version 1 2 sshd config cbc on off The sshd config command lets you specify which addresses can access the appliance through SSH add a Add a new rule cbhe lt Turn on or off support for CBC ciphers also known as block ciphers If set to off the only cipher available for use is RC4 also known as arcfour delete d Delete an active rule help h Display this message list 1 Display the active rules and the current protocol number version v Set the version number of the protocol to use 1 or 2 allow deny When an SSH client connects the client address is compared to the allow list and deny list in the following order 86 Command reference sshd config rule If the client address matches any allow rules then the connection is allowed If the client address matches any deny rules then the connection is rejected Each rule is a list of one or more addresses and wildcards that are separated by commas as follows m some hostname com Matches a specific host hostname com Matches some hostname com an
58. ot specify a version the latest software update notes are displayed Download but do not install a software update After you download a software update you can install it by typing update install update download 94 Command reference update
59. ples e RCPTS dale company com RCPTS is recipient In this example the recipient is dale company com e SUBJECT my flowers SUBJECT is the subject of the email message In this example the subject contains the words my flowers start end Find messages by the GMT date range to search in UNIX time the number of time units that have elapsed since the epoch time 1 1 1970 For example July 4 2008 11 59 P M 1215212340 Separate the start date and end date by a comma with no space index_max_n Use the index idx file if the number of matching results is less than or equal to index_max_n Otherwise the index is ignored This option searches a flat file which saves time when you want to look up large numbers of events The default for index_max_nis 1000 start end Find messages based on the specified date range The date format is YYYYMMDDhhmm For the hours and minutes use a 24 hour clock For example July 4 2008 11 59 P M 200807042359 Separate the start date and end date by a comma with no space max_results Return the max_results number of messages The default is 1000 file Output data that matches results to file Find email messages that contain the events that match the specified criterion in quoted printable encoding For example q SUBJECT red 3D rose subject contains red rose audit_id Find the email message with the specified audit ID Show the command process in verbose mode
60. pport options Nontechnical presales questions Issues that are related to CD ROMs or manuals Support agreement resources If you want to contact Symantec regarding an existing support agreement please contact the support agreement administration team for your region as follows Asia Pacific and Japan customercare_apac symantec com Europe Middle East and Africa semea symantec com North America and Latin America supportsolutions symantec com Command reference This document includes the following topics Administering Symantec Messaging Gateway through the command line Command line interface access methods agent config cat cc config clear db backup db restore delete diagnostics dns control grep help ifconfig iostat ldapsearch list mallog 8 Command reference Administering Symantec Messaging Gateway through the command line m malquery m monitor m more m mta control m netstat m nslookup m password m ping m reboot m route m rpmdb m service m show m shutdown m sshd config m tail m telnet m traceroute m update Administering Symantec Messaging Gateway through the command line Each appliance physical or virtual has a set of commands that you can use to configure optimize and administer your product You can execute these commands from an SSH session or from the system console The help for these commands is presented in Linux man page format See Command line i
61. s available on Symantec Messaging Gateway Specify a service name and command when you run service name Specify one of the following service names afasnmpd The afasnmpd service provides SNMP information for some Dell PowerEdge Expandable RAID Controllers agent The Brightmail Agent facilitates communicating configuration information between the Control Center and each Scanner connector The Conduit and LiveUpdate services download spam and virus definitions controlcenter The Control Center provides centralized Web administration collects statistics and hosts quarantines Command reference 81 service dds Directory data service interfaces with LDAP to provide authentication email address validation message routing and policy groups If you restart the dds service the bmclient_log and bmserver_ log log files may contain many Could not connect Connection refused errors These errors are normal imrelayd The IM service filters instant messaging lsisnmpd The 1sisnmpd service provides SNMP information for some Dell PowerEdge Expandable RAID Controllers mta The mail transfer agent processes routes and delivers email messages in cooperation with the Brightmail Engine mysql The MySQL database on the Control Center stores settings and message information osconfig The osconfig service manages network interfaces and related services percsnmpd The percsnmpd service provides SNMP information for
62. s without prior written authorization of Symantec Corporation and its licensors if any THE DOCUMENTATION IS PROVIDED AS IS AND ALL EXPRESS OR IMPLIED CONDITIONS REPRESENTATIONS AND WARRANTIES INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY FITNESS FOR A PARTICULAR PURPOSE OR NON INFRINGEMENT ARE DISCLAIMED EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BE LEGALLY INVALID SYMANTEC CORPORATION SHALL NOT BE LIABLE FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES IN CONNECTION WITH THE FURNISHING PERFORMANCE OR USE OF THIS DOCUMENTATION THE INFORMATION CONTAINED IN THIS DOCUMENTATION IS SUBJECT TO CHANGE WITHOUT NOTICE The Licensed Software and Documentation are deemed to be commercial computer software as defined in FAR 12 212 and subject to restricted rights as defined in FAR Section 52 227 19 Commercial Computer Software Restricted Rights and DFARS 227 7202 Rights in Commercial Computer Software or Commercial Computer Software Documentation as applicable and any successor regulations Any use modification reproduction release performance display or disclosure of the Licensed Software and Documentation by the U S Government shall be solely in accordance with the terms of this Agreement Symantec Corporation 350 Ellis Street Mountain View CA 94043 http www symantec com Technical Support Symantec Technical Support maintains support centers globally Technical Support s primary role is to respond to specific quer
63. service configuration files imconfig Delete IM configuration files Command reference 29 delete osconfig Delete operating system configuration files scannerconfig Delete all of the Scanner configuration files for a given Scanner including support sieve scripts It does not affect the Scanner configuration information that is stored in the Control Center When yourun delete scannerconfig it restarts the appliance on which the command is run After yourun delete scannerconfig you must recommit Scanner configuration information from the Control Center to disk and relicense your Scanner You can recommit the Scanner information to disk unchanged or edit the information to correct potential problems before you save this information to disk To do either of these tasks access Administration gt Hosts gt Configuration in the Control Center select the Scanner and click Edit To recommit the information unchanged click Save Alternatively edit any settings for this Scanner as necessary to correct a problem in the configuration and click Save You can delete the Scanner configuration if you change the Scanner configuration of an independent Scanner appliance Then you can re add it with the Add Scanner Wizard This option is not available for an appliance that hosts both a Control Center and Scanner Symantec recommends that you do not use delete scannerconfig Data components alldata Delete all data in the data comp
64. sg by id 00 00 25597 EFD46794 Example 10 Export a specific message from the delivery queue with a message queue id The message queue id is 00 00 25597 EFD46794 Export it to the 192 168 159 99 SCP server in the tmp directory with the support account mta control queries for the password mta control delivery export msg by id 00 00 25597 EFD46794 scp support 192 168 159 99 tmp 72 Command reference mta control Example 11 Export all message queues Export the message queue file to the 192 168 159 99 FTP server in the tmp directory with the sysadmin account Since a password is not specified mta control queries for the password mta control all export queues ftp sysadmin 192 168 159 99 tmp Example 12 mta control all query queue Show all messages currently in the inbound queue the outbound queue and the delivery queue netstat DESCRIPTION EXAMPLES Command reference 73 netstat netstat a standard Linux command to view network connections The netstat command prints network connections routing tables interface statistics masquerade connections and multicast memberships Type help netstat on the command line for more information about the options available for netstat The information that is displayed may contain references to commands that are not available on Symantec Messaging Gateway This command is a standard Linux command that has not been modified Example 1 Display network connectio
65. some Dell PowerEdge Expandable RAID Controllers smsswapfile The smsswapfile service manages secondary swap file space snmpd The snmpd service waits for requests from SNMP management software stunnel The stunnel service provides secure encrypted connections command The following commands are available Some commands do not apply to certain commands Type service name help to display the commands that apply to a service condrestart Restart the service only if it is currently running This command is available only for the controlcenter snmpd mta and stunnel services 82 Command reference service EXAMPLES delete Delete the swap file on the appliance This command is available only for the smsswapfile service help Display the commands available for the service that you specify reload This command is available only for the mysqi and stunnel services restart Stop the service and then start the service status Display the status of a service start Start the service stop Stop the service Example 1 Display the commands that are available for the mta service service mta help Example 2 Display the status of the mta service service mta status Example 3 Stop the mta service service mta stop Example 4 Stop the Conduit LiveUpdate and jlu controller service connector stop show SYNOPSIS DESCRIPTION OPTIONS Command reference 83 show show display sys
66. sswords email addresses and user names for exporting Specify the full path name Specify one of the following MTA queues m inbound m outbound m delivery m all The following components are available m start Start the queue m stop Stop the queue m status Display the current status The status can be running not running enabled or disabled m restart Restart the queue m flush Reattempt delivery for all queued messages m delete msgs by sender regexp Delete from the queue all messages with Envelope Sender that matches the given Perl regular expression case insensitive 68 Command reference mta control delete msgs by rcpt regexp Delete from the queue all messages with an Envelope Recipient that matches the given Perl regular expression case insensitive Note This deletes the entire message not just the recipient delete msg by id queue ID Delete the message with the given queue ID from the queue delete all msgs Delete all messages from the queue active routes Print all active routes and the number of messages for each route num messages in route route Print the number of messages for the given route list msgs route Print the messages for the given route list msg details msgid Given a message ID print details about that message route info route Display DNS lookup information destination and number of messages for a route reroute src routedst route
67. st for a response from a remote computer The ping command tests through data packet the transfer of that data between the appliance and the hostname or IP address that you specify Type help ping on the command line for more information about the options available for ping The information that is displayed may contain references to commands that are not available on Symantec Messaging Gateway This command is a standard Linux command that has not been modified reboot SYNOPSIS DESCRIPTION OPTIONS SEE ALSO Command reference 77 reboot reboot reboot the appliance reboot force The reboot command stops all services and then restarts the appliance Note When prompted you must type yes to complete shutdown Typing y results in an error message Note If you reboot the appliance while you run software update on Symantec Messaging Gateway you can corrupt the appliance software force f Reboot the appliance even if software update is running not recommended The appliance can become corrupted and require reinstallation Contact Symantec Technical Support for information about reinstalling the appliance software help h Display this message See shutdown on page 84 78 Command reference route route DESCRIPTION route a Standard Linux command to show and manipulate the IP routing table The route command lets you view routing tables or add entries to a routing table temp
68. t access For a Windows computer use an SSH client such as PuTTY On a UNIX computer you can use the ssh command that is typically included in the operating system The host name or IP address to connect to using the SSH client is the name you specified when you initially configured the appliance For a Control Center appliance the host name is also the name in the URL that you use to access the Control Center Table A 2 Command line interface access methods for virtual appliances VMware Virtual You can use the VMware Virtual Machine Console to log into the Machine Console virtual appliance Refer to the VMware Virtual Machine Console documentation for more information Command reference 13 Command line interface access methods Table A 2 Command line interface access methods for virtual appliances continued Remote access using If you configured the virtual appliance with a host name or IP an SSH client address that resolves on your network you can use an SSH client to access the command line interface You can access the virtual appliance from any computer on your network unless firewall rules prohibit access For a Windows computer use an SSH client such as PuTTY Ona UNIX computer you can use the ssh command that is typically included in the operating system 14 Command reference agent config agent config SYNOPSIS DESCRIPTION OPTIONS agent config configures the agent that co
69. tem information show date eula info version show help The show command displays the following information m Current date and time m End User License Agreement m System information m Product version number date d Show the current date and time eula e Show the End User License Agreement help h Display this message info i Show the system hardware information version v Show the product version number and installation date 84 Command reference shutdown shutdown SYNOPSIS DESCRIPTION OPTIONS SEE ALSO shutdown shut down the appliance without rebooting shutdown help force The shutdown command turns off the appliance immediately The appliance is not restarted Shutdown occurs immediately and email messages remain in the queues To start an appliance after you run the shutdown command you must press the appliance power button unless you have configured remote access to the appliance hardware Note When prompted you must type yes to complete shutdown Typing y results in an error message Note If you shut down the appliance during the software update process you can corrupt the appliance software help h Display this message force f Shut down the appliance even if software update is running not recommended The appliance can become corrupted and require reinstallation Contact Symantec Technical Support for inf
70. ws m scp user password host port path Copies the diagnostics package remotely through SCP m ftp user password host port path Copies the diagnostics package remotely through FTP If no user name and password are specified an anonymous login is used Logon is attempted with the user name and password credentials that are provided on the command line If special characters are included in the password you must enclose the password in single quotes If the special characters in a password include a single quote you can use the double quote instead If no credentials are specified anonymous logon is used EXAMPLES Command reference 37 diagnostics Create a diagnostics file and transfer it with the SCP protocol The diagnostics file in the format diagnostics yy mmm dd hh mm hostname tar gz is transferred to the SCP destination diagnostics scp support 10 160 248 128 tmp Note The month is expressed in the three letter format not two digit format 38 Command reference dns control dns control SYNOPSIS DESCRIPTION ARGUMENTS dns control control the local DNS cache dns control command The dns control command manages local caching for the name server All dns control command outputs end with either a completion message or a failure message Examples are Command cmdname completed successfully and Command cmdname failed Some commands require the DNS cache to b
Download Pdf Manuals
Related Search