Mail Express 3.1 and later provide an Internal Web portal to access the Mail Express service. A web interface avoids the need to install and manage any client software and can be accessed from anywhere via a web browser. The Internal Web portal allows non-Outlook internal users to access Mail Express. The web interface provides file transfer functionality similar to the Outlook Add-In and Drop-Off portal to allow end users to manage their file transfer needs completely via Mail Express (within the bounds set by the account owner or IT administrator). Internal users can create and send email attachments (packages), account invitations, and reply links.
Access to the Internal Portal is protected by username/password authentication. A “lost password” link is provided for users to reset their password if forgotten. A "remember me" option is provided to remember the last username saved on the local computer for 30 days from time of login, but the end user can enable or disable this option (disabled by default). A "request account" link is provided for un-registered users to request access to the Internal Portal.
Unlike the Drop-Off page used by external senders, the Internal Portal does not have the same security restrictions, such as CAPTCHA. The Internal Portal can also be customized. You can also use Single Sign-On (SSO) for the Internal portal. Kerberos must be configured and enabled in Mail Express for SSO, as described below.
On the Internal Settings page, you define the requirements for Internal Users' use of the Mail Express Outlook Add-In and the Internal Portal. These settings are passed to each instance of the Add-In being used. Internal Users can configure Message Options to be stricter through the Add-In, but cannot make the settings less strict or set to a way that Mail Express is not used in situations in which the administrator expects Mail Express to be used. This control allows the administrator to enforce a set of corporate usage standards. If the user's settings are MORE restrictive than the admin's settings, the user settings will not be overwritten to make them less strict.
In Mail Express v3.2 and later, Internal users can send an invitation email from the Add-in or Internal Portal to invite others to create a permanent external account. With this account, external users are able to use a defined Drop-Off Portal account to send files to the sender as an alternative to using the Drop-Off Portal anonymously. This feature involves more work for recipients because they must initially create an account, with the added benefit that the users can more efficiently exchange files. Invitations sent from the Add-in can be sent with or without attachments. Each recipient will receive their own private invitation link even when an invitation is sent to multiple addresses.
In v3.3.5 and later, if the Mail Express administrator has enabled Active Directory, invites can be used to create internal users.
After an external user creates an account via an invitation, the user can access the Mail Express system to send files via the Drop-Off portal and will be subject to all restrictions and limitations put on the portal by the Mail Express administrator. The Mail Express administrator controls which Internal users have permission to send invitations to external users. The administrator can allow or deny the permission globally to all Internal users via the Internal Settings page, or only for specific Internal users via the user account details page. The global setting overrides the individual setting; that is, if the global setting is disabled, no one can send invitations, even if the check box was selected for a specific account. The Mail Express administrator can run an activity report to view which users have sent invitations and to whom they were sent. Also, when the global setting is enabled, Outlook users can send invitations from Outlook.
If the recipient's email is already defined in Mail Express, the invitation email provides a "reminder" link to the user's account.
For details of authentication of Outlook users, refer to Authenticating Outlook Users.
To configure Internal Settings
Launch the Mail Express Server administration interface. (e.g., click Start > Programs > Globalscape > Mail Express > Mail Express Admin or double-click the desktop shortcut).
Log in using the Mail Express Server administrator username and password that you specified during installation of the server.
In the navigation pane, click Portal Settings > Internal Settings. The Internal Settings page appears.
Select the Add-In services enabled check box. If the Add-In services enabled check box is cleared, the Outlook Add-In will not be able to connect to the Mail Express Server. The Add-In services enabled check box also controls whether the Authentication Settings and Policy Settings are available.
Select the Internal Portal enabled check box to allow Internal users to connect to the Internal Portal.
To limit the size of files for uploads when using the Internal Portal or the Outlook Add-In, select the Total file size check box, then specify the file size.
To specify when links are to expire, select the Link Expiration check box, then specify the duration. If no link expiration is defined, packages will be available for download until purged, based on the file retention policy. When you modify the file expiration value, you are modifying this setting for all future transfers. Packages that are active within the system retain the expiration value in place at time that they were created. (The default is 2 weeks. Link expiration can be from 1 minute to 99 years.) Administrators should instruct their internal recipients to download a copy of Mail Express-managed attachments before the expiration date.
In the Include Mail Express Reply link area, specify whether the Mail Express Reply link is Never included, Always included, or User choice. If User choice is specified, the sender can choose whether to include the Mail Express reply link and, if so, whether the default user choice is Never, Managed, or Always. Managed is specified by default, which means that the Mail Express reply link is included on all emails that are managed by Mail Express. When a reply link is included, text similar to the following line appears:
In the Basic Auth realm box, specify the Mail Express Server name. This name is used as the realm name when performing basic access authentication for web services.
To enable Kerberos, select the Enable Single Sign On (Kerberos) check box. If Kerberos authentication is enabled, the account with which the Outlook user is logged into the operating system is used for authentication. If you selected the Enable Single Sign On check box, more options appear. (Refer to Configuring Mail Express for Windows (Kerberos) Authentication for more information about using Kerberos.)
In the KDC Host box, provide the string (between 1-256 characters) that used as the Key Distribution Center (KDC) host when performing Kerberos authentication. A KDC for a domain is located on a domain controller. If a domain has a single domain controller, the KDC host will be the same as the Active Directory server host. For example, mailexpress.globalscape.com.
In the KDC Port box, provide the port that the KDC is listening on (default = 88; valid values are 1 to 65535 ).
In the Domain Name box, provide the string used as the domain name when mapping between Windows Domains and the Kerberos Realm. For example, globalscape.com
In the KDC Pre-auth Username box, provide the username of the account that will be used to authenticate with the KDC.
In the KDC Pre-auth User Password and Confirm KDC Pre-auth User Password boxes, provide the password of the account that will be used to authenticate with the KDC.
Under Policy Settings, specify how Outlook users should use Mail Express:
Maximum message size—You can limit how large file attachments can be, even if there is no Usage Policy set for File size. (Applies to Outlook 2007 and later.) For example, if you have specified Mail Express use not required, you can still limit file size based on this setting. When the Maximum message size check box is selected, you can attach files over the specified size without receiving an error message when you attach the file using the Outlook Attach File button instead of the Mail Express Attach File button. Refer to Best Practice Recommendations for Outlook 2007 and Later for more information about this setting. (Outlook may need to be closed, and then reopened for this setting to take effect.)
Always Use Mail Express—Selected by default; use Mail Express to manage attachments for every email.
Mail Express not Required—Outlook Add-In users can use Mail Express if they want to, but the administrator is not requiring its use.
Use Mail Express based on the following policy—Any attachment on a message that matches any one of the criteria specified causes all attachments on that message to be sent using Mail Express. When you select this option, the section expands to provide Usage Policy options. (Usage Policy options appear when you click Use Mail Express based on the following policy.)
File Size—Messages that match or exceed the defined file size (aggregate of all files attached to message) will cause Mail Express to be used; otherwise, it is not used. (This setting does not automatically increase in the Message Options dialog box in the Add-In, to avoid overwriting any user-specified, more restrictive settings.)
File Type—Attached files with extensions defined in this section trigger Mail Express use. Default file types are doc and pdf. Provide only the extension, no periods or wildcards. To add a file type, select the check box, type the extension, then click Add. To remove a file type from the list, click it in the list, then click Delete.
Number of Attachments—Messages that match or exceed the number of attachments specified trigger Mail Express use. Defaults to 10 when enabled; valid values are between 1-100.
To specify that Mail Express should manage embedded attachments, such as a company logo in a signature block, select the Manage Embedded Attachments check box.
Mail Express does not process emails that are in rich-text format (RTF); however, Mail Express does provide an administrative setting “Enforce Rich Text Conversion” that requires users to change the format of RTF messages to plain-text or HTML if they try sending RTF emails that meet the policy criteria. This feature is useful in situations where an organization wants to ensure that users cannot bypass Mail Express by sending attachments via RTF messages. By default, the Enforce Rich Text Conversion feature is turned off. For instructions for changing the format of emails to HTML or Plain-Text in Outlook, refer to Sending Files with the Mail Express Outlook Add-In.
File integrity checking is enabled by default. With integrity checking enabled, if there is a mismatch between sent and received files, the Add-In will resend the attachment. (A mismatch is typically due to a network error.) If you do not want to use file integrity checking, clear the Perform file integrity check check box. If your server experiences heavy traffic, turning off file integrity checking can provide a slight boost in performance.
To specify what to do when Mail Express Server is not available, under Behavior when Mail Express is unavailable, click one of the following options:
Queue emails with attachments until Mail Express Server is available—Save the messages in a queue until the connection to Mail Express Server is restored, then send the emails.
Send emails via Outlook without Mail Express—Send the emails through Outlook without Mail Express managing the attachments.
Allow sender to specify behavior—Display a prompt when the connection to the Mail Express Server is lost and ask the user to specify whether to wait for connectivity to the Mail Express Server or send the email immediately without Mail Express managing the attachments.
Click Save to save your changes, or click Restore to reset the boxes to their previous setting. If you navigate away from the page without clicking Save, your changes are discarded.