CSSv5.0.0 en:Importing policy rules from CSV files

Aus Cryptshare Documentation
Wechseln zu:Navigation, Suche



Import policy rules from CSV files

Additionally to the options 'Create default rule' and 'Create custom rule' you are able to create new policy rules and modify policy rules by importing CSV files containing policy rule definitions.

Option 'Update existing rules'

X.png

When changes to existing rules are necessary, you are able to 'update existing rules' by using the option with the same name. By using the same name as the existing policy rules you define which rules should be updated. By not selecting the option 'Update existing rules' for each rule it is checked if there is already a rule with the same name. When there is no rule with the same name, the name is used as it was defined. When there is is a rule with the defined name, a new rule is created with a policy name extended with a suffix, e.g. 'rule name (2)'. By specifying a blank value for a column, no changes to this setting are performed. An exception to this are sender and recipient patterns. These patterns are added to existing entries instead of overwriting them. The CSV file's format

File Size Limitation

The CSV file may not be larger than 1 megabytes.

Optional delimiter definition

If the policies are written using a different delimiter than a semicolon, you need to define which delimiter was used for the file by adding a first line with the following definition:

sep=<delimiter>
Example:  sep=,


Optional definition of strings

In order to prevent splitting values into multiple column values that contain the delimiter, you are able to use double quotation marks to define a string.

"<String contents>"
Example: "Sending mails from external senders to the departments Marketing, Distribution, and Support"


By using double double quotation marks inside of strings, you are able to escape and add double quotation marks into the string.

Example: "Sending mails from external senders to the departments ""Marketing"", ""Distribution"", and ""Support"""results in the policy name:   Sending mails from external senders to the departments "Marketing", "Distribution", and "Support"


Required definition of headers

For easier understanding of the individual columns, it is necessary to specify a header line definition after the optional separator definition and before the policy rule lines. This header is also used to transparently display changes to the CSV import. Copy this header line into your csv file to get a valid csv file. Please note, if you use a separator other than the default semicolon, replace it with your custom separator in the header definition.

Required header line
Rule name;Rule type;Sender pattern;Recipient pattern;Transfer size;Storage duration;Show filenames;Show filenames changeable;Download notification;Download notification changeable;Show zip content;Allow confidential message;Force confidential message;Allow notification editable;Standard password modes;QUICK password modes;Access protection;Security modes;Quick Default If Established;Sender address;Sender name;Mail format;Mail encoding;Mail image handling;Log messages and subjects;Log filenames;Log zip content;Archiving active


Defining policy rules

Each policy has to be defined in a separate line with 28 columns each. Each column represents an own setting. Based on creating or modifying a rule, a blank value for a column has different results:

  • When a new rule is created, the defined default value is used, see below.
  • When updating an existing rule, the already set setting is used.
Column number Settings Allowed values Default value for new rules when a blank value is given Remarks for creating a new rule Remarks for updating existing rules
1 Rule name Arbitrary string (maximum 4000 characters) <Index> - <Date> - When there are already rules with the same name, the given name is appended with a generated suffix, e.g. 'Rule name (2)'. The rule name is used to determine which existing rules should be updated.
2 Rule type

Allow, Deny

Allow

Define an 'allow' or 'deny' rule.
3* Sender pattern A comma, semicolon, or space separated list of email addresses, domains and regexes.

.*

Entries are assigned to the correct input field in the policy table automatically.

It is not possible, to define a rule where neither the sender pattern nor the recipient pattern is defined.

Defined email addresses, domains, and regexes are added and classified automatically to the existing list of sender patterns.

Already existing email address, domains, and regexes have to be deleted using the "current policy rules" table or the wizard. It is not possible, to define a rule where neither the sender pattern nor the recipient pattern is defined.

4* Recipient pattern A comma, semicolon, or space separated list of email addresses, domains and regexes.

.*

Entries are assigned to the correct input field in the policy table automatically.

It is not possible, to define a rule where neither the sender pattern nor the recipient pattern is defined.

Defined email addresses, domains, and regexes are added and classified automatically to the existing list of recipient patterns.

Already existing email address, domains, and regexes have to be deleted using the "current policy rules" table or the wizard. It is not possible, to define a rule where neither the sender pattern nor the recipient pattern is defined.

5 Transfer size Positive numbers (> 10) The value specified in Transfer Settings for maximum transfer size in megabytes.
6 Storage duration Positive numbers (>1) The value specified in Transfer Settings for  storage duration in days.
7 Show filenames Boolean value (0 - false, 1 - true) The value specified in Mail Settings for show filenames in transfers.
8 Show filenames changeable Boolean value (0 - false, 1 - true) The value specified in Mail Settings for show filenames in transfers changeable.
9 Download notification Boolean value (0 - false, 1 - true) The value specified in Mail Settings for download notification on file retrieval.
10 Download notification changeable Boolean value (0 - false, 1 - true) The value specified in Mail Settings for download notification on file retrieval changeable.
11 Show zip content Boolean value (0 - false, 1 - true) The value specified in Mail Settings  for show zip contents.
12 Allow confidential message Boolean value (0 - false, 1 - true) The value specified in Mail Settings for allow confidential message.
13 Force confidential message Boolean value (0 - false, 1 - true) The value specified in Mail Settings for force confidential message.
14 Allow notification editable Boolean value (0 - false, 1 - true) The value specified in Mail Settings for allow edit recipient notification.
15 Standard password modes A comma, semicolon, or space separated list of "none", "generated" or "manual. The value specified in Password Policy for standard password modes.
16 Quick password modes  A comma, semicolon, or space separated list of "none", "generated" or "manual. The value specified in Password Policy for Quick password modes.
17 Access protection lock, delete The value specified in Download Security for access protection.
18 Available security modes A comma, semicolon, or space separated list of  "password", "quick" or "id\_provider". The value in the security settings for activated security modes.

The first listed security mode will be used as default security mode. id\_provider is only selectable when the installed license allows the use of id providers.

19 QUICK default only if established Boolean value (0 - false, 1 - true) The value in the security settings if QUICK should be default if a quick connection is already established.

This setting can only be selected with true if

  • QUICK is an available security mode,
  • QUICK is not the default security mode, and
  • QUICK is not the only available security mode.
20 Sender address Valid mail address (maximum 320 characters) The value specified in Mail Server Settings for sender address
21 Sender name Arbitrary string (maximum 4000 characters) The value specified in Mail Server Settings for sender name
22 Mail format mixed, multipart, html, plain The value specified in Mail Server Settings for mail format
23 Mail encoding binary, 7bit, 8bit, base64, quoted-printable The value specified in Mail Server Settings for mail encoding
24 Mail image handling external, embedded, multipart, hidden The value specified in Mail Server Settings for images
25 Log messages and subjects Boolean value (0 - false, 1 - true) The value specified in Log Settings for log messages and subjects
26 Log filenames Boolean value (0 - false, 1 - true) The value specified in Log Settings for log filenames
27 Log zip content Boolean value (0 - false, 1 - true) The value specified in Log Settings for log zip content
28 Archiving active Boolean value (0 - false, 1 - true) The value specified in Archiving Connection Settings for enable archiving for new policy rules

* One of these 2 colums has to be set for a valid policy rule. The other values can be left empty (but it is necessary to specify the correct amount of separators). Example A CSV file with the contents

Rule name;Rule type;Sender pattern;Recipient pattern;Transfer size;Storage duration;Show filenames;Show filenames changeable;Download notification;Download notification changeable;Show zip content;Allow confidential message;Force confidential message;Allow notification editable;Standard password modes;QUICK password modes;Access protection;Security modes;Quick Default If Established;Sender address;Sender name;Mail format;Mail encoding;Mail image handling;Log messages and subjects;Log filenames;Log zip content;Archiving active
My Policy;;john.doe@domain.com;cryptshare.com;2000;10;1;0;1;0;1;1;1;0;manual;manual,generated;lock;quick,password;0;cryptshare@yourdomain.com;Cryptshare;plain;binary;external;1;0;1;0

results in the following policy:

Your browser does not support the HTML5 video element

Migration of existing CSV files to the current format

In order to migrate an existing CSV file to the current format, the following steps are required:

  1. Add the required header line. See section Required definition of headers.
  2. Change the columns in columns 18 and 19.
    1. When no values were in these columns, no change is necessary and the presets are used for creating new policies or existing settings won't be changed.
    2. When values were in these columns, they have to be changed accordingly to the following lines (when a semicolon is used as separator):
      1. Enabled;1 → quick,password;0
      2. Enabled;0 → quick;0
      3. EnabledIfEstablished;1 → password,quick;1
      4. EnabledIfEstablished;0 → password,quick;1
      5. Disabled;1 → password,quick;0
      6. Disabled;0 → password;0

Example migration

Legend
Removed columns Added columns


The previously used policy file:

My policy;;max.mustermann@domain.com;cryptshare.com;2000;10;1;0;1;0;1;1;1;0;manual;manual,generated;lock;enabled;1;cryptshare@yourdomain.com;Cryptshare;plain;binary;external;1;0;1;0


My policy max.mustermann@domain.com cryptshare.com 2000 10 1 0 1 0 1 1 1 0 manual manual,generated lock enabled 1 cryptshare@yourdomain.com Cryptshare plain binary external 1 0 1 0

has to be changed to:

Rule name;Rule type;Sender pattern;Recipient pattern;Transfer size;Storage duration;Show filenames;Show filenames changeable;Download notification;Download notification changeable;Show zip content;Allow confidential message;Force confidential message;Allow notification editable;Standard password modes;QUICK password modes;Access protection;Security modes;Quick Default If Established;Sender address;Sender name;Mail format;Mail encoding;Mail image handling;Log messages and subjects;Log filenames;Log zip content;Archiving active My policy;;max.mustermann@domain.com;cryptshare.com;2000;10;1;0;1;0;1;1;1;0;manual;manual,generated;lock;quick,password;0;cryptshare@yourdomain.com;Cryptshare;plain;binary;external;1;0;1;0


  • Add the header line
  • Change the columns 18 and 19
Rule name Rule type Sender pattern Recipient pattern Transfer size Storage duration Show filenames Show filenames changeable Download notification Download notification changeable Show zip content Allow confidential message Force confidential message Allow notification editable Standard password modes QUICK password modes Access protection Security modes Quick Default If Established Sender address Sender name Mail format Mail encoding Mail image handling Log messages and subjects Log filenames Log zip content Archiving active
My policy [[1]] cryptshare.com 2000 10 1 0 1 0 1 1 1 0 manual manual,generated lock quick,password 0 [[2]] Cryptshare plain binary external 1 0 1 0