AVG Cloud AntiSpam
This short guide summarizes the major steps in deploying a new customer.
Step 1: Add the customer’s domain toAVG AntiSpam. Login as a Solution Provider, select the “Customers” menu item, then mouse over Customers and click on “New Customer.” Follow the instructions in the setup wizard and enter the Customer’s name, domain name(s), and delivery destination, and the IP address of the trusted host(s) from which AVG should accept outbound email.
Step 2: Specify the Enterprise Properties and Default Settings that you would like to apply to all new users. In addition to the indicated defaults, we recommend the following:
a)Under Perimeter Defense, select Deny Delivery. This setting blocks inbound messages to users not configured in AVG AntiSpam.
b)Under Security Settings, the default is Content Filtering/Cautious, which blocks messages that score higher than 90. If you find that this results in too many false negatives for a particular user, consider changing the User Properties to Content Filtering/Optimized.
c)Select Spoofing Prevention. This setting blocks all mail sent TO the customer’s domain, FROM the customer’s domain, if it doesn’t originate from a Trusted Host or through SMTP Authentication. It eliminates spoofing, because when using a local email server, internal mail should never pass through AVG AntiSpam.
d)Under Quarantine Settings, we recommend that you not change the default, as the links in the Daily Quarantine Summary (DQS) do not require credentials to operate. As a result, users can “Release (& Whitelist)” messages without having to know their username or password.
e)Under Message Format Options, select Attach a Control Panel to provide users with a simple means of changing a sender’s security settings. When Control Panels are ON, we highly recommend sending a Welcome Message because the links in the Control Panel do require credentials to work.
f)If your customer is not using Outlook, deselect Optimize Delivery for Microsoft Outlook.
g)Under Enterprise Options, select “Add new users the first time they send an email.” This setting eliminates the need to add any future users manually.
Step 3: Import all users, aliases, public distribution lists, etc. Users can be entered automatically with AVG’s LDAP Importer (the recommended approach), manually,or importedas a CSV file, where column 1 = Full Name, column 2 = Primary Address, and all subsequent columns are aliases. Distribution lists and Public Folders accessible from the Internet should be added as separate AVG users; these “users” are omitted from billing only when LDAP is used.
Step 4: Change the MX recordby contacting the customer’s DNS registrar. The MX record should point tomx1.avgcloud.net / mx2.avgcloud.net[Preference = 0].
Step 5: For customers using Microsoft Exchange, change the Smart Host to send all outbound mail through outbound.avgcloud.net. To implement outbound SMTP Authentication, change the Outbound SMTP to point to outbound.avgcloud.net.
Step 6: Allow the DNS to propagate for 72 hours, and create a firewall rule to deny all inbound SMTP connections except from the following AVG subnets:
100.42.120.96/27 (255.255.255.224)
100.42.115.0/27(255.255.255.224)
208.70.208.0/22(255.255.252.0)