KB00022603 Web Proxy Quickstart GuideThe Mailtraq Proxy make it possible for every machine on your network to browse the Internet web pages through a single cable, DSL or even dial-up connection, and provide access control. Add the Proxy The proxy is an optional extra to the Mailtraq Professional license. 30-day Free trial Find out how to add it here ... Configuring MailtraqMailtraq's Web Proxy is not enabled by default, so follow these steps to ensure it is active and correctly configured (also see Configuration Tips at the foot of this page). Multiple separately configured HTTP-Proxy services can be configured to provide fine grain, differentiated control over access privileges. - Go to Services
- If no HTTP Web Proxy exists on port 8080, then add one from the menu.
- To Configure Select the HTTP Web Proxy on port 8080 and select Properties.
- Make sure the Enable at Startup is checked.
- Set the Access Control to restrict user access to the Proxy.
- Set the Schedule if you want to control when the Proxy is available. See note about Guest settings below.
- In a dial-up environment - if you want Mailtraq to connect to the Internet on demand (when a machine tries to connect to a web site) then in the Proxy-tab check the Enable Dialup option, and click on Settings and verify the time-out options
If you do want to connect on demand, but want the user to verify this through a special web page, then check the Conditional... option. Guest Privileges The default settings provide the Guest user with access to the web proxy. To enforce the 'Conditional' or 'Schedule' rules it is necessary to revoke that privilege. XP/NT/W2003 Console Go to Options | Users - [Guest] button, select the Privileges-tab and uncheck the 'Use web proxy' privilege. Vista/W7/W2008 Console Go to Users | Guest User Properties (see image right) select the Privileges-tab and uncheck the 'Use web proxy' privilege. Users will now be asked for their username and password to access the Internet via the proxy and the Conditional rules can be enforced. Barring - Controlling Site Access | | Mailtraq has powerful controls to manage what sites your users are allowed to visit, either on a whitelist or black list basis - and you can impose banned word scanning to monitor web access. Barring is setup at the Content Barring service and is envoked from the Barring-tab in this dialog. Multiple Content Barriers can be set up. Configuration of Content Barring is explained here... |
Adjust your network Router/Firewall You will need to adjust your network Router/Firewall to accept and pass connections on Port 80 only from the Mailtraq machine to ensure that all users are required to use the Proxy service.
Configuring the Web Browsers You must now configure each Web Browser to use the Mailtraq Proxy. In order to do this, you must be able to refer to the machine running Mailtraq from within your network. The easiest way to do this is to refer to it by the local IP Address. Configuring Microsoft Internet Explorer - Go to the Control Panel
- Double-click on the Internet applet
- Click on the Connection tab
- Check the Access the Internet through a Proxy Server option
- In the Address field, enter the IP Address of the machine running Mailtraq
- In the Port field, enter 8080
(If the Address and Port fields are disabled, then click on Advanced and enter the information there)
- Check Bypass proxy server for local (Intranet) addresses
- Click on Advanced and in the section Do not use proxy server for addresses beginning with, add the first two numbers from your IP address (e.g. 192.168)
Configuring Firefox - Run Firefox and select Tools from the Options menu
- Open the Advanced section on the right, then select Network - Settings
- Select Manual Proxy Configuration, and [x] Use this Proxy for all protocols
- then, enter the IP Address of the machine running Mailtraq into the Address field, and 8080 in the Port field
- In the section No proxy for: enter localhost, 127.0.0.1 and your LAN (e.g. 192.168.1.0/24)
- Click on OK
Configuration Tips1.) Proxy performance benefits from adaquate RAM - 2GB of RAM is recommended 2.) Proxy usage produces a large number of logged events. If you do not need detailed logging we recommend turning off logging in the Proxy service. Go to the Mailtraq Console, Options, Services and select the Proxy service, and then the [Properties] button. From the Proxy-tab [x] Disable Request Logging then [OK] back to the Console.
3.) You can optimize threading for Proxy usage by making a change in the Windows Registry. You should be qualified to modify the Registry, then with Mailtraq *shut-down*, open the Registry and adjust the number of threads used by the ISM HTTP server . Set the thread count in the registry like this: [HKEY_LOCAL_MACHINE\Software\Fastraq\Mailtraq] IsmThreads = "8" (DWORD)
So, at [HKEY_LOCAL_MACHINE\Software\Fastraq\Mailtraq] create a new DWORD value. Call it IsmThreads and then modify the Decimal "Value data:" to be 8 It will look like this when you are done: |