Unlike IE, Mozilla Firefox is a third-party browser with no integration with Microsoft Windows, and it does not support remote administration by default. Nevertheless, there are ways to remotely configure Firefox like IE. In order to use this procedure you will need a freeware package FirefoxADM. It can be downloaded from the repository SourceForge.

Note: GFI provides this for customers’ convenience. We do not support the FirefoxADM package.

Before deploying the proxy settings for Firefox, download and extract the package FirefoxADM on a server with Active Directory.

Pushing out Firefox proxy settings with GPO

1. Open the relevant GPO for the site, domain or organizational unit in the Group Policy Object Editor
2. Expand the following levels within the tree: User Configuration > Windows Settings > Scripts (Logon/Logoff)
3. Double-click Proxy-settings in the main policy area
4. Click the Show Files button; this will display the folder the script will be stored in
5. Copy and paste the script firefox_login.vbs from the FirefoxADM package into the folder
6. Return to the Logon Properties window and click Add
7. Browse to the location of the start scripts folder where the script was just copied to, select the file and click the Open button
8. Click OK and then OK again to save the changes.

This has now configured the GPO to run a script which locks down the Firefox settings when the machine first starts up. You now need to add and configure the Administrative Templates which will be used to define the locked down proxy settings:

1. Expand the User Configuration level in the tree
2. Right-click Administrative Templates and select Add/Remove Templates
3. Click the Add button and browse to the location of the startup template firefoxdefaults.adm, select the file and click Open, then Click Close
4. Expand the Administrative Templates level under Computer Configuration
5. Select Mozilla Firefox Default Settings in the tree
6. Double-click Proxy Settings in the main policy area
7. Select the radio button Enabled
8. At this point you can begin entering the proxy settings that are to be pushed to users; this information can be found in your provisioning email
9. Once finished click OK.

This policy and any subsequent changes will only be refreshed on user login, or alternatively you can force a GPO update from command prompt if available (the command is: gpupdate /force).

Locking down Firefox proxy settings with GPO

1. Open the relevant GPO for the site, domain or organizational unit in the Group Policy Object Editor
2. Expand the following levels within the tree: Computer Configuration > Windows Settings > Scripts (Logon/Logoff)
3. Double-click Startup in the main policy area
4. Click the Show Files button, this will display the folder the script will be stored in
5. Copy and paste the script firefox_startup.vbs from the FirefoxADM package into the folder
6. Returning to the window, click Add in Startup properties
7. Browse to the location of the start scripts folder where the script was just copied to, select the file and click the Open button
8. Click OK and then OK again to save the changes.

This has now configured the GPO to run a script which will lockdown the Firefox settings when the machine first starts up. You now need to add and configure the Administrative Templates which will be used to define the locked down proxy settings:

1. Expand the Computer Configuration level in the tree
2. Right-click Administrative Templates and select Add/Remove Templates
3. Click the Add button and browse to the location of the startup template firefoxlock.adm, select the file and click Open, then click Close
4. Expand the Administrative Templates level under Computer Configuration
5. Select Mozilla Firefox Locked Settings in the tree
6. Double-click Proxy Settings in the main policy area
7. Select the radio button Enabled
8. At this point you can begin entering the proxy settings that are to be pushed to users; this information can be found in your provisioning email
9. Once finished click OK.

This policy and any subsequent changes will only be refreshed on system start up.

Do you have any questions? Leave us a comment below and I’ll reply to your query.

Like our posts? Subscribe to our RSS feed or email feed (on the right hand side) now, and be the first to get them!

There is still a lot of opportunity in email archiving – around 45% of SMBs still do not have an email archiving solution. There are tens of millions of Exchange seats out there, and because these organizations do not have email archiving software in place, they are facing key IT challenges every day. The process of archiving electronic information is the essence of what an email archiving solution does. However, email archiving software goes beyond that; the technology helps solve key challenges IT staff face, primarily, lower email management costs and reducing legal risks.

Email archiving helps lower email management costs in a number of ways. By offloading Exchange an email archiving solution reduces the load on Exchange, making it less sluggish and, because there is less email stored, backup and restore times are reduced. PST files spread throughout the organization on desktops and laptops are an IT headache. An email archiving solution allows the organization to get rid of PST-related management and backup overhead, while giving users virtually unlimited mailboxes.

Organizations also face compliance issues and e-discovery regulations: sources of legal risk that archiving software mitigates. With advanced search, legal hold and retention policy support, an email archiving solution is a key component of any compliant organization. Also, with more and more countries passing data protection acts, procedures on the timely production of evidence and other regulations, organizations are compelled to respond.

With the latest GFI MailArchiver 2011 R3 release, GFI has innovated in the archiving space to deliver actionable information to organizations of any size. By not letting digital archives gather ‘dust’, GFI MailArchiver does more than traditional archiving software and directly appeals to business owners and other stake holders in the organization. The MailInsights module in the latest R3 release helps organizations, for example, see who is abusing web-based email, helps them gain visibility into how email storage is being used, and allows them to determine email responsiveness. By leveraging the rich data in email, email archiving is ever more relevant to the organization. We’re no longer simply talking about archiving but also gathering business and behavioral intelligence.

Resellers have good reason to be excited; large numbers of SMBs still rely on PST files, legal regulations that mandate archiving software are on the increase, and innovation in the marketplace makes archiving even more appealing and salient to SMBs – A perfect opportunity to target new business and have the edge on the competition.

Have a look at what GFI MailArchiver can do to improve your email archiving system, or just download a free trial and give it a spin!

GFI LANguard is the first network vulnerability and patch management solution to integrate with more than 1,500 critical security applications

The GFI Infrastructure Business Unit announces the launch of GFI LANguard™ 2011, the latest version of the company’s comprehensive network vulnerability scanning and patch management solution. GFI LANguard 2011 is the first network vulnerability and patch management solution to integrate with more than 1,500 security applications and to include keyword search functionality, illustrating GFI’s commitment to providing small and medium-sized businesses (SMBs) with innovative products that meet the needs of today’s dynamic IT environments.

GFI LANguard 2011 combines vulnerability scanning, patch management and network and software auditing into one solution that enables IT professionals to scan, detect, assess and correct potential security risks on their networks with minimal administrative effort. GFI LANguard provides administrators the ability to inventory devices attached to their networks; receive change alerts, such as notification when a new application is installed; ensure antivirus applications are current and enabled; and strengthen compliance with industry regulations through automated patch management that defends against potential network vulnerabilities. The solution can manage of up to 5,000 machines from a single console.

Enhanced features of GFI LANguard 2011 include:

• Complete Network Security Awareness – incorporates a new management dashboard that processes all security scans, provides current network security status and maintains a history of all relevant changes made to the network.
• Easier Security Management – integrates with more than 1,500 critical security applications, including antivirus, antispyware, firewall, URL filtering, instant messaging, peer- to-peer, disk encryption, VPN, data loss prevention, backup, and device-access control solutions to quickly and easily identify existing security infrastructure, report on the status of each application and remediate any security issues.
• Quick Text Search – enables administrators to perform keyword searches in scan results to quickly and easily ensure specific actions were performed.
• Faster Security Scanning – uses local agents to automate and distribute the scanning load across client machines, resulting in faster and more accurate scans. Thousands of machines, even in Wide Area Network (WAN) environments, can be scanned in minutes.
• Enhanced Reporting – simplifies report management and distribution. Payment Card Industry Data Security Standard (PCI DSS) dedicated reports are also available to help organizations prove compliance.
• Virtual Infrastructure Recognition – detects virtual machines hosted by scanned computers, giving administrators a complete view of their virtual infrastructure.

“We designed GFI LANguard 2011 to be a virtual security consultant for our customers,” said Cristian Florian, product manager, GFI Software. “We constantly strive to enhance our products with innovative new features that meet the evolving needs of SMBs. Our last version of GFI LANguard was the first network security solution to automate missing patch detection and remediation for the top five Web browsers running on Windows-based systems, and GFI LANguard 2011 is now the first solution of its kind to integrate with 1,500 critical security applications.”

Driving Innovation for SMBs

GFI Software’s Infrastructure Business Unit develops a broad range of solutions that help SMBs strengthen their IT operations and better manage all the devices attached to their network. Infrastructure solutions provided by GFI include: data backup and recovery, log management, network fax server, network monitoring, network vulnerability scanning, patch management, network access control and web monitoring. To learn more, email sales@gfi.com or visit www.gfi.com.

CSID – Called Subscriber Identification

CSID is a string which identifies the fax receiving party’s station or number.  This string can be programmed in the fax machine or fax application, and can be a combination of letters and/or numbers.  More frequently, this CSID value will be composed of strictly numbers, as it may help identify the number being sent to.  In addition, CSID is commonly associated with TSID (Transmitting Subscriber Identification), and the two are used almost interchangeably.  The TSID is the string which identifies the fax sending party’s station or number.  The CSID is provided to the sending party in the initial phases of the faxing process.

CSID is one of the more basic routing methods and allows for a fax to be routed based on the CSID/TSID of the sending party.  In order for this routing to occur, the CSID/TSID must match exactly as the number is programmed in the sending party’s device.  Be sure not to confuse CSID with CLID (calling line identification), as many fax applications in an analog environment do not support routing based on CLID.

DTMF/DID

• DTMF – Dual-tone multi-frequency

DTMF is a telecommunication signaling technology that utilizes touch-tones for routing over an analog line.  The concept of DTMF routing is similar to DID routing (description found below) except a digital environment is not necessary.  It is still necessary that you purchase a DID block, but the tones may either be supplied by your Telco provider directly, or you may have a gateway device internally that converts a digital to analog signal; the tones may be provided from this device directly if it supports DTMF signaling. Read more on DTMF technology.

• DID – Direct inward dialing

DID is a feature offered by a Telco provider for use with a customer’s PBX (Private Branch Exchange); additionally, DID may be referred to as DDI (direct dial-in) in European regions.  The DID feature involves the implementation of one or more trunk lines tied to the customer’s PBX, and associated with the line(s) is a range of telephone numbers.  When calls are presented to the PBX, the DNIS (Dialed Number Identification Service) is transmitted, which allows routing to a direct extension.  Typically, the DNIS ranges from four to ten digits, but most commonly it is the last four digits of the number dialed. Read more on DID technology.

Both DTMF and DID routing allow for individual routing to a user without having the overhead of an individual line for each user.  Instead of a one to one relation, both of these technologies focus on bandwidth consumption.  As an example, if you have 500 users who receive faxes, but on average receive twelve faxes consistently, one of these would be a suggested routing method (depending on your telephony environment).

OCR – Optical character recognition

OCR is the technology that allows for the conversion of handwritten or typed printed material to a digital form, to be edited or manipulated by a computer.  In the case of faxing, OCR software may be implemented in combination with faxing software to parse the contents of the received fax job in order to route based on keyword(s) found within the document.  This is a more common routing method in a smaller environment where limited telephony variables are available.  A user may have ten users and only one or two fax lines, but can still perform routing to individual users.

Line

There is no acronym for line routing, as line routing is pretty self-explanatory.  Line routing involves the ability to route one line to one user (or group, in given scenarios).  This may be used more commonly in an environment where all faxes are to go to a general user or mailbox, such as a Human Resource Professional.  These fax jobs may be further analyzed and manually distributed based on the fax contents.

MSN – Multiple Subscriber Number

MSN routing is similar to DID routing, but MSN routing does not require the purchase of DID numbers.  MSN technology relies on ISDN circuitry and allows for tying multiple numbers to one line; these numbers do not have to be contiguous in nature.  Most commonly, MSN technology is used in European regions. Read more on MSN technology.

When discussing technology and computers, ‘OCR’ is the common abbreviation for Optical Character Recognition and involves the electronic translation of scanned, handwritten or typed text images into a digital form that a computer can manipulate.

All OCR systems include an optical scanner for reading the text, and also include sophisticated software for analyzing and processing the image.  This sophisticated software utilizes algorithms and identification mechanisms in order to review the curvature and outline of the provided text for proper recognition.  Although some OCR options may utilize hardware and software in combination to achieve desired results, the more frequently used and cost effective option is strictly software based.

OCR is widely used to convert books, magazine articles, and documents into electronic files in order to create a digital record-keeping system.  This makes it possible to edit the text or quickly search for a word or phrase in what was once data in a printed form.

Now you may ask, “What does OCR have to do with faxing?”  To answer this, most faxing applications may utilize OCR as an option for routing.  Some smaller environments may have more basic telephony systems and cannot afford the overhead of multiple lines for unique recipient routing, and this is where the OCR technology may become very valuable.

A suggested implementation of the OCR technology being utilized with a faxing application would be in an environment where resumes may be faxed to a Human Resources department.  As a job opening becomes available, keywords may be implemented in an OCR module of the faxing application to define the position; this allows for saving much time in unnecessary resume review.  Because an OCR module review may take a fraction of the time of a human review, a Human Resource professional may be able to focus on other delegated duties.

The GFI FAXmaker faxing application provides an optional OCR module which can be used to route to a single employee based on the name, and also allows for routing based on keyword(s).  Although OCR is not a 100% effective technology (handwritten text may be harder to parse and analyze), it is still a great option for any small business, and its effectiveness continues to progress as the technology improves.

Brooktrout SR140

The Brooktrout SR140 is licensed separately from GFI FAXmaker by means of an Activation code; however , the GFI FAXmaker license key must be SR140 enabled together with a valid Software Maintenance Agreement.

Brooktrout Licensing utilizes a “node lock” issued by Dialogic via the Brooktrout License Manager or at http://www.dialogic.com/activation. The Activation code needs to be inserted in the Activation webpage along with the “Node ID” returned from the Brooktrout License Manager according to the Network Interface card to be used for SR140. The generated Brooktrout license can be “node-locked” to another MAC address only once via automatic methods – all subsequent “re-hosting” must involve Dialogic support.

When evaluating Brooktrout SR140, a 30-day Activation code can be requested from GFI Sales. GFI FAXmaker 2011 ships with drivers based on Brooktrout SDK6.3 that introduced a new licensing scheme (SR140-L). This makes Brooktrout licenses more affordable for low density fax environments.

Source: http://www.dialogic.com/products/ip_enabled/docs/10824_SR140_ds.pdf

TE-Systems XCAPI

TE-Systems XCAPI is also licensed separately from GFI FAXmaker by means of an Activation code however the GFI FAXmaker license key must include a valid Software Maintenance Agreement. The XCAPI license can be bound to either one of these options:

• USB dongle that must be inserted in the machine hosting XCAPI
• MAC address of the Network Interface card
• Virtual ID in case of Virtual machines

The Activation code needs to be inserted in the Activation webpage http://www.te-systems.de/licence/index_en.html along with the MAC Address or Virtual ID returned from the XCAPI configuration. The generated XCAPI license cannot be used on other machines. Subsequent “re-hosting” must involve TE-Systems support. In evaluation mode no key is required however the limitations are:

• a maximum of 4 lines can be used at the same time
• voice calls will play a demo message every 30 seconds
• fax calls will render a demo banner on the left edge of the document

GFI FAXmaker 2011 ships with the XCAPI driver installation package. Simply run the installer and follow the on-screen instructions to setup the configuration.

Source: http://www.te-systems.de/te_common/dodownload.php?id=1251

Here are some of the potential repercussions of simply having 1 un-patched machine on the network:

• Downtime and loss of productivity due to reinstallation
• Questionable data integrity due to a successful exploit
• Negative public relations due to systems unavailable for your customers
• Legal problems should your patch management process go under a judicial microscope

Here are the simple three steps to successfully manage the patch deployment process using GFI LANguard:

1. Scanning for vulnerabilities and building an application inventoryThe first step would be to establish an inventory of your organization’s network and the software deployed on it. Without a proper inventory, patching becomes a very daunting task. In addition to this, machines should also be prioritized by creating a risk profile based on their necessity to the organization. GFI LANguard ships with an applications inventory which provides a list of all applications detected during past scans.For the inventory discussed above to be populated automatically, an initial scan of all machines must be done. You can choose to run a scheduled custom scan to simply detect for missing patches and service packs. This would scan the machines to list the software installed on each one. The scan results would then save the applications detected in the scans in the applications inventory.With each new scan, any new applications which may have been installed would also be detected by the scan and added to the applications inventory. GFI LANguard would then automatically download any patches and service packs for the applications that need patching.
2. Analyzing the resultsThe most important task following a network security scan is identifying which areas and systems require your immediate attention. This is achieved by analyzing and correctly interpreting the information collected and generated during a network security scan. Upon completing a scan, GFI LANguard immediately displays a scan summary that graphically displays the vulnerability level of the scanned computer or a combined interpretation of the scan results obtained following a network scan.The scan results also show a vulnerability level. A vulnerability level is a rating given by GFI LANguard to each computer after it has been scanned. This rating indicates the vulnerability level of a computer/network, depending on the number and type of vulnerabilities and/or missing patches found. See a complete list of software products supported by GFI LANguard. Once a scan has been performed, and its results analyzed, the final step would be to remediate the vulnerabilities.
3. Remediating the vulnerabilitiesOnce you have performed a scan and analyzed the results, you can now configure GFI LANguard to automatically fix some of the issues identified during your network audit. This is achieved through the built-in tools that ship with the product. Available remediation actions include:

• Auto-patch management – This remediation feature automatically downloads missing updates and deploys them network-wide.
• Applications auto-uninstall – This remediation action enables the auto-uninstall of applications that support silent uninstall. This remediation action auto-uninstalls the applications of your choice from the application inventory outlined above. The process involves a test phase (called validation) during which an application is uninstalled automatically to identify if silent uninstall is supported by target application. If it is, all the other instances on the network will be automatically uninstalled during scheduled scans.

Sometimes drastic action may be necessary to protect your organization’s network. You can always disable the machine’s account and immediately start the patch management process on this infected/un-patched machine.

If this doesn’t work, then disable the switch port that the workstation connects to or move the machine to a quarantined network. This will allow you to remediate the vulnerabilities on this machine in a confined environment, without increasing the risk of the entire network getting infected.

Depending on the VOIP setup, configuration and troubleshooting of VOIP Gateways can be tricky. In this short article I will be discussing tips & techniques to use during configuration and troubleshooting issues with FOIP.

Key FOIP components

The basic VOIP setup would consist of the fax server (GFI FAXmaker), the FOIP Software (Brooktrout SR140 or TE-Systems XCAPI) and the VOIP Gateway. The first step is to check the configuration of the VOIP Gateway settings according to the manufacturer’s recommendations including the specific settings for the FOIP protocol to be used (SIP or H.323). Then on the FOIP Software, you need to insert the correct settings to be used with the VOIP Gateway. Normally just the VOIP Gateway IP is needed to be configured in the FOIP Software for the faxing to work however some other configuration tweaks may be necessary.

Base investigation

The advantage of using FOIP is that it is IP based and you can run a network sniffer tool to troubleshoot problems. A very useful tool in such cases is Wireshark.

Here is the procedure to sniff and analyze the FOIP calls:

1. Download and install Wireshark on the fax server. The machine running Wireshark can also be a separate machine connected to an Ethernet hub between the machine running the FOIP Software and the VOIP Gateway.
2. Run Wireshark and choose Capture -> Interfaces. Click start next to the Interface used by the FOIP Software.
3. Send/Receive a test call. When finished, stop the capture.
4. Click in Telephony -> VOIP Calls to open a list of all the VOIP calls which occurred during the capture. Select the call and click on Graph/Flow.

Captures can be saved to a *.pcap file and sent to GFI Support personnel for further analysis. It is important to specify the make and model of your FOIP Gateway and which FOIP Software is being used.

Maybe one of the most important, and the most misunderstood, parts of working with a computer is the backup, or the process of backing up data.

As most people know, a backup is usually a complete copy of the important data on a computer. Now, at a minimum, a backup must have a source and a destination. Even if this appears pretty logical, let’s deepen the analysis a bit.

The source of a backup must be all the data that one works with. If the data is lost, the backup should contain everything needed in order to continue one’s work. While this might seem straightforward, there are cases when the files needed are scattered apart on the computer’s disk(s).

Let’s assume a backup for an accounting program – one would simply select its folder (from the Program Files folder) and create the backup. What happens, usually, is that the respective program saves its working data in other folders, like Application Data, thus making the backup incomplete. This is just a quick scenario that explains the necessity of having the right source for the backup.

On the other hand, if the user tries to back up the above-mentioned program on a weekly schedule, the backup program should be able to allow the user to schedule these backups. Forcing the user to select the same data, over and over again, would be counter-productive. Even assuming that the backup source is easy to select, the user is prone to forget about doing the backup, and there are plenty of reasons for why that might happen – the user’s in a hurry, the backup doesn’t seem so important after working a few extra hours, the power went down, and so on. The solution is obvious: the backup program should allow its backups to be scheduled, thus making it easier and safer for the user.

Most backup programs offer the possibility of scheduling backups to run on a specific day of the week, or at specified intervals, reducing user interaction to a minimum, while ensuring that the backup is created.

All backup programs (that I know of) support the creation of successive backups, overwriting its previous versions. This type of backup goes by the name of replace backup (some call it a normal backup). This way, the backup destination always contains (only!) the most recent backup that was made and, in most cases, the best data for a restore operation. As the saying goes, “A backup is just as important as its age: the newer, the better” (however, this is not true in some cases). While this method of creating a backup is, undoubtedly, among the easiest to program, it has its disadvantages.

One of the main problems with this approach is the fact that each backup execution would require about the same time as its first execution. If the backup’s source contains a lot of data, this operation can consume a lot of time and resources – it can easily disturb the user’s work, if the backup runs during work hours.

What if the backup source contains thousands of files and the user created/modified only one hundred (or less) files between two backup executions?

The little graphic above (note that the data in the graphic does not reflect the performance of a specific backup program and is merely an example) shows that the time needed to create a full backup every time is about the same at every backup, because this approach does not take into account how many files are new or changed after the first backup. It just takes the whole source and copies it to the destination. Leaving out the time needed for a new backup to be completed, this type of backup also uses a lot more resources than would be necessary. It’s obvious that we need all the data backed up, but we want the process to be more efficient – to be faster, to better use the available resources and to consume less space for the backup.

A solution to this problem would be the following:

1. create the first backup, as a full backup
2. following the full backup – at all the other executions of the backup – check the source against the destination and copy only the new or modified files

The checking of the source against the destination can be made by using an index file, making the operation a lot faster than by verifying every byte of every file in the backup’s source and destination.

This way, only the first backup will take a long time and a lot of processing power. The next backups will only add information to the first backup, as necessary. This type of backup is usually called, somewhat inappropriately, an incremental backup.

Now we can rest assured, for we have a backup to use in case anything goes wrong – and the operation itself will not disturb anyone, especially if it’s scheduled to run at a convenient time.

GFI MailArchiver archives emails by polling them from the journal mailbox you set up in Exchange and storing them in the databases you configure. You can choose to store emails in the inbuilt GFI MailArchiver Firebird database, SQL Express or Full database or in a SQL + File System database. Therefore, as you can imagine, there are quite a few points of failure and various reasons why your mail might not be archived. You can easily check whether mail is being archived or not by going to ‘Archives Stores’ in the GFI MailArchiver and clicking on ‘View Statistics’ for the active database.

Let’s break it down, step by step.

The first thing to check would be your journal mailbox and the account you use for this mailbox.

1. See if you can access this mailbox using OWA or Outlook. If you cannot access this mailbox, chances are the account is locked out in AD or the credentials you specified are incorrect.
2. If you can access the mailbox, check if emails are entering and leaving the mailbox. An easy way to test if emails are arriving at the journaling mailbox is to go to ‘Mail Servers to Archive’ in the GFI MailArchiver configuration and uncheck ‘Archive emails from this server’ . Then send a couple of outbound, inbound and internal emails and see if they arrive in the inbox. If they do not, then the problem is with your journaling rules in Exchange. You’d might want to create a new journal mailbox as a test. If emails are seen in the journal mailbox, go back to ‘Mail Servers to Archive’ and check ‘Archive emails from this server’. If the emails are polled, then the problem lies within GFI MailArchiver and not in the journal mailbox.

Once you have taken the journal mailbox out of the picture, you can then move onto investigating GFI MailArchiver.

First thing to check here is that the database schemas are up to date. To do this, click on ‘Archive Stores’ in the GFI MailArchiver configuration and click on ‘Edit Settings’ for the active database and go through the wizard until you get to the page where it checks for database schema. If the database schema needs updating, the wizard will prompt you to upgrade it.

If the database schema is the latest, you should then go on to check  the <..\GFI\MailArchiver\Core\Queue> and <..\GFI\MailArchiver\Core\Pickup> folders.  GFI MailArchiver will stop polling mails when information on 1000 emails are found in these folders.

There are a number of reasons why emails back up in these folders , mainly Anti-Virus or Backup Software scanning the GFI MailArchiver directory.  Another  would be that GFI MailArchiver cannot communicate correctly to the Firebird or Microsoft SQL database. Reasons for this would be an unstable connection to the database server, or incorrect auto-growth settings for the database, or the transaction log files are not optimally configured. Database timeouts could also cause emails not to transfer to the database.

What to try – Firebird databases

• Ensure that the GFI MailArchiver directory is excluded from real-time backup and/or virus scanning software.
• Keep the physical size of the firebird database under 2GB in size – roll over to a new database every 2 months or every quarter as needed.
• If you have a large firebird database, stop archiving, set indexing to a scheduled time of 30/60 minutes and allow everything to settle down (i.e.: finish indexing, archiving the e-mails in the queue, etc) then create a new database and start archiving to that new database.
• Ensure that “disk write caching” is enabled on the disk that hosts the firebird databases.
• Try to keep the databases on another physical disk or spread out over different disks (a spanned volume where drive “D:” for example would behind the scenes have 2, 3, 4 disks running, so you don’t just have one disk head doing all the work and spinning like mad).
• If you are getting timeout or deadlock errors, you can also try the following:

1. Open ..\MailArchiver\Core\Data\LogSettings.xml with notepad.
2. Change <MaxThreads>5</MaxThreads> to 2.
3. Change <BatchSize>100</BatchSize> to 50.
4. Save the file and restart the GFI MailArchiver Core service.
5. The issue should be resolved.

What to try – SQL databases

• Ensure that the GFI MailArchiver directory is excluded from real-time backup and/or virus scanning software.
• Ensure that GFI MailArchiver has a stable connection to Microsoft SQL server and that Microsoft SQL Server has enough resources to cope with the load.
• Run a scan to check for hard disk errors.
• Run a disk defragmentation tool to defragment the hard disk that hosts the SQL databases.
• Run an integrity check on the problematic GFI MailArchiver database.
• Ensure that there is enough memory and hard disk space to cater for the load.
• Ensure that the timeout values from SQL Server itself (including connection timeout) are set to a high value (not the default of 2 minutes).
• Ensure that the autogrow of the DATA and TRANSACTION LOG are set to a fixed size (not percentage) and ensure that the database has enough space to grow automatically.
• Stop any other applications from making use of the SQL Server, so that GFI MailArchiver is the only one making use of it, and check if the problem persists.