Administration Guide

Adding E-mail Audit Sources

To add an E-mail audit source to a Site, follow these steps:

INFO: E-mail audit sources serve for the Remote Audit with e-mail delivery. For details, see Overview of Audit Methods.

  1. In the Sidebar, right-click the Site and select Properties from the pop-up menu. The Site [Site Name] dialog box opens.

  2. Click New > E-mail. The [Source Name] dialog box opens.

  3. Type in a name for the Audit Source.

  4. Select an Audit Profile for the Audit Source from the Audit Profile list.

    INFO: For details, see Configuring Audit Profiles.

  5. Click the E-mail tab and specify the e-mail address where to deliver audit snapshots over e-mail.

    Some mail servers may reject messages with a blank "From" address. You can specify the "From" address that will appear on these e-mail messages.

  6. Click the Incoming Mail Server tab and configure the settings for the mail server that you want to handle the incoming audit results:
    1. Choose the account type for incoming mail: POP3 or IMAP4.

    2. Enter the name and port number of your incoming mail server.

    3. For IMAP4:

      In the Mail Box field, type in the name of the incoming mailbox folder. For IMAP accounts, the default is INBOX. You can specify a subfolder, for example, INBOX.Audit.

    4. Enter the user name and password to connect to the mail server.

    5. If your mail server requires Security Password Authentication, select the Require Secure Password Authentication (SPA) check box.

  7. In the Secure Connection section, select one of the following options:
    • None — This establishes an insecure (plain text) connection.

    • STARTTLS, if available — This establishes a secure connection using the STARTTLS extension if it is supported by the mail server. If the server does not support STARTTLS, an insecure connection is established.

    • STARTTLS — The audit agent will attempt to establish a secure connection using the STARTTLS extension. If the mail server does not support STARTTLS, a connection is not established.

    • SSL/TLS — The audit agent will attempt to establish a secure connection. If the mail server does not support SSL/TLS, a connection is not established.

    To prevent communication with e-mail servers using an invalid certificate, select the Reject invalid certificates check box.

    Click Test Connection to verify if Alloy Discovery can connect to the specified mail server.

  8. Click the SMTP Server tab and configure the settings for the outgoing SMTP server, which the Inventory Analyzer will use for sending the audit results:
    1. Enter the name and port number of the SMTP mail server that the audit agent will use.

    2. If the SMTP server requires users to authenticate, select the My outgoing (SMTP) server requires authentication check box and provide a valid the user name and password.

    3. If the SMTP server requires Security Password Authentication, select the Require Secure Password Authentication (SPA) check box.

  9. In the Secure Connection section, select one of the following options:
    • None— This establishes an insecure (plain text) connection.

    • STARTTLS, if available — This establishes a secure connection using the STARTTLS extension if it is supported by the mail server. If the server does not support STARTTLS, an insecure connection is established.

    • STARTTLS — The audit agent will attempt to establish a secure connection using the STARTTLS extension. If the mail server does not support STARTTLS, a connection is not established.

    • SSL/TLS — The audit agent will attempt to establish a secure connection. If the mail server does not support SSL/TLS, a connection is not established.

    If you want to prevent communication with e-mail servers using an invalid certificate, select the Reject invalid certificates check box.

    To check the outgoing mail server connection, click Test Settings.

  10. If you are using an IMAP account for incoming mail:

    By default, Alloy Discovery deletes e-mail messages from the IMAP mail server after loading audit snapshots. If you want Alloy Discovery to mark those messages as read on the IMAP server, click the Options tab and click Check unread messages and mark the messages as Read after loading the snapshots in the When looking for audit snapshots in the IMAP folder section.

  11. By default, Alloy Discovery checks the E-mail Audit Source for new audit snapshots every hour and uploads the audit data if new snapshots have arrived. If you want to change this setting, specify another Upload Interval on the Options tab.

  12. Click Apply to save the Audit Source and go back to the General tab.

  13. Choose how to deliver the audit agent to the computers you want audited. You can use any or both of these options:
    • Create an installer and install the audit agent on every computer.

      To create the installer right now, optionally change the default agent schedule, click Create Installer, and choose where to save your AlloyAuditAgent.msi file.

      TIP: You can skip this step now and create the installer later. For details, see Installing the Audit Agent for E-mail Delivery.

    • Create an Inventory Analyzer package, deploy it to remote networks, and automate the audit using domain logon scripts or scheduled tasks.

      To build the Inventory Analyzer package right now, click Create Package and browse to the destination folder.

      TIP: You can skip this step now and build the package later. For details, see Deploying Inventory Analyzer Package for E-mail Delivery.

  14. Click OK to close the [Source Name] dialog box. The E-mail Audit Source appears in the list of Site sources.

    NOTE: When your E-mail Audit Source is configured successfully, the e-mail folder icon appears next to its name. If the Inventory Server cannot access the source (for example, when the mail server is unavailable), the red flag icon is shown.