Defining PMM Access Control

As part of configuring PMM, you can control which IP addresses and users have access to the PMM port on your Clearswift Gateway. For security reasons, you should specify the IP addresses or addresses of your PMM user community.

Users with IP addresses outside the specified ranges, or whose mail addresses are not on an Address List on an authenticated mail domain, will be unable to access the portal or manage their held messages.

User access rules are defined by Address List on the Users tab. Host access rules are defined by IP address/range on the Hosts tab. These rules will affect the PMM Users when they attempt to access the Portal, or release and delete messages within their digest messages. All access rules are applied in the order specified.

  If there are no rules defined, access is automatically allowed to ALL users or hosts. If a rule is set, the peer will deny access to any user or host without an access rule. You are recommended to add a default rule allowing access for the Anyone Address List in the Users tab, and * (all hosts) in the Hosts tab.

To configure PMM IP address access control:

  1. From the System Center Home page, click PMM Settings.
  2. Click Access Control to display the PMM Access Control page.
  3. On the PMM Access Control page, click the Hosts tab to display the Hosts area.
  4. Click New above the table of host names. The Add Host dialog appears.
  5. Specify an IP address or address range for which you want to allow or deny access. To specify an IP address range, use one of Closedthese formats.

    Use one of the following formats to define an IP address range:




    You may not specify anything in the address after the asterisk.

  6. Indicate whether the IP address or address range is to be denied or allowed access using the drop-down box.
  7. Click Add to add the entry to the table.
  8. To add another address or address range, repeat from step 4.
  9. We recommend that you provide a default policy by adding a * entry at the bottom of the table to deny or allow access to all addresses other than those you have allowed or denied specifically.

To configure PMM User access control:

  1. From the System Center Home page, click PMM Settings.
  2. Click Access Control to display the PMM Access Control page.
  3. On the PMM Access Control page, click the Users tab to display the Users area.
  4. Click New above the table of host names. The Add User Address List dialog appears.
  5. Select an Address List from the drop-down box.
  6. Indicate whether the Address List is to be denied or allowed access using the drop-down box.
  7. Click Add to add the entry to the table.
  8. To add another Address List, repeat from step 4.

To Test User Access:

You can test whether a user has access to the Portal Interface.

  1. From the System Center Home page, click PMM Settings.
  2. On the PMM Settings page, click Test user access in the task panel. The Test User Access dialog appears.
  3. Enter a valid User Mail Address.
  4. Click Test Access.
  If you change any configuration settings you must apply the new configuration for the new settings to take effect. If the Gateways are configured as a group, any group changes should be applied to each Gateway.