From the Dashboard, after logging into SecurityGateway with a global administrator account:

1. Click on Setup/Users in the lower-left hand corner.
2. Locate the Database section.
3. Click on Data Retention.

You will then see a number of options related to how long SecurityGateway will retain information regarding the database, SMTP sessions, and messages sent to and from the server.

• Message Database Records: This is where you can setup how long SecurityGateway maintains information regarding the number of messages that were sent through the server, what score they got, if they were passed along or rejected, and so forth. You may either keep records for an indefinite period of time, or delete them after a defined number of many days.
  
• Message Content: By default, SecurityGateway deletes the contents of messages once it has done processing them, and either passing them along to the mail server(s), or rejecting them. If you wish to hold onto the message so you can take further action on them at a later time, check the boxes next to what kind of mail you wish to save.
  
• Message Transcripts: SecurityGateway’s session transcripts are the same as message logs on your email server, and so this is where information regarding the SMTP traffic from every session the server handles is stored. By default, SecurityGateway will hold onto session transcripts the same length of time as it stores database records, but you can set it to delete them soon or later, or not save them at all. Note that choosing to not store message transcripts at all will make it difficult to troubleshoot any issues that may arise when email is sent or received from SecurityGateway.
  
• Bandwidth Information: SecurityGateway stores all information regarding the bandwidth used to send and receive messages, and displays it on the dashboard so administrators can tell how much bandwidth is being used in general, how much is used for spam messages, and so on. Check the box here to delete this information after a specified number of days.

Note: Any database-record pruning enabled here will be done at midnight after the specified number of days.