MailCleaner Extended FAQ

Similar documents
MailCleaner Extended FAQ

Configuration Section

Comodo Antispam Gateway Software Version 2.1

Comodo Antispam Gateway Software Version 2.12

WeCloud Security. Administrator's Guide

Comodo Comodo Dome Antispam MSP Software Version 2.12

Introduction. Logging in. WebQuarantine User Guide

Comodo Antispam Gateway Software Version 2.11

Panda Security. Protection. User s Manual. Protection. Version PM & Business Development Team

SPAM QUARANTINE. Security Service. Information Technology Services

University Information Technology (UIT) Proofpoint Frequently Asked Questions (FAQ)

Managing Spam. To access the spam settings in admin panel: 1. Login to the admin panel by entering valid login credentials.

Introduction. Logging in. WebMail User Guide

Extract of Summary and Key details of Symantec.cloud Health check Report

Technical description

Anti-Spam Processing at UofH

ISOCNET Quarantine. User s Guide

Getting Started 2 Logging into the system 2 Your Home Page 2. Manage your Account 3 Account Settings 3 Change your password 3

Spam Quarantine. Overview of the Spam Quarantine. Local Versus External Spam Quarantine. This chapter contains the following sections:

Untitled Page. Help Documentation

Personal Dashboard User Guide

Spam Quarantine. Overview of the Spam Quarantine. This chapter contains the following sections:

EVRY Security. Administrator's Guide

AccessMail Users Manual for NJMLS members Rev 6

Spam Quarantine. Overview of the Spam Quarantine. Local Versus External Spam Quarantine

Using WebQuarantine for Managing Quarantined Messages

MX Control Console. Administrative User Manual

Tracking Messages. Message Tracking Overview. Enabling Message Tracking. This chapter contains the following sections:

USER GUIDE. Accessing the User Interface. Login Page Resetting your Password. Logging In

Quarantine Management System Administration Guide

Barracuda Security Service User Guide

Cyber Security Guide for NHSmail

Tracking Messages

Block Threats Before They Reach Your Network Make Downtime a Thing of the Past. Comprehensive and reliable protection

700 Fox Glen Barrington, Illinois ph: [847] fx: [847] Webmail System User Guide

Choic Anti-Spam Quick Start Guide

Table of Contents Control Panel Access... 1 Incoming... 6 Outgoing Archive Protection Report Whitelist / Blacklist...

Documentation Userinterface

SAYRE AREA SCHOOL DISTRICT TECHNOLOGY TIPS SPAM SASD PROOFPOINT BASICS ON HOW

WEBSENSE PERSONAL MANAGER

What's new in Europa?

Dataprise Managed Anti-Spam Console

How do I use ProofPoint anti-spam software at the GC

Ethical Hacking and. Version 6. Spamming

ProofPoint Protection Perimeter Security Daily Digest and Configuration Guide. Faculty/Staff Guide

Protection FAQs

User Manual Version User Console Outlook AddIn Web Interface.

. Help Documentation. This document was auto-created from web content and is subject to change at any time. Copyright (c) 2019 SmarterTools Inc.

Handling unwanted . What are the main sources of junk ?


An Overview of Webmail

Web Mail and e-scout Instructions

Anti-Spoofing. Inbound SPF Settings

MailCore Pro User Guide

Life After Webmail Reference Guide

700 Fox Glen Barrington, Illinois ph: [847] fx: [847] Webmail System User Guide

Mail Services SPAM Filtering

Unified Management Console

Eftel s Anti-Spam Manual

Block Threats Before They Reach Your Network Make Downtime a Thing of the Past. Comprehensive and reliable protection

SPECIAL INSTRUCTIONS AND CAUTIONS ================================================

How does the Excalibur Technology SPAM & Virus Protection System work?

Edition 3.2. Tripolis Solutions Dialogue Manual version 3.2 2

Spam Management with PureMessage

TOTAL CONTROL SECURITY END USER GUIDE

Service User Manual. Outlook By SYSCOM (USA) May 7, Version 2.0. Outlook 2003 Ver. 2.0

How to Use the Greymail Spam Filter

2 User Guide. Contents

Smart Mail: User Manual of Webmail

To create a few test accounts during the evaluation period, use the Manually Add Users steps.

LAUSD ITD Service Desk. Microsoft Outlook Web Access User Guide Windows OS

User Guide. Version 8.0

Barracuda Spam Firewall User s Guide

Mail Assure Quick Start Guide

========================================================================= Symantec Messaging Gateway (formerly Symantec Brightmail Gateway) version

SpamPanel Level Manual 1 Last update: 2015/02/03 SpamPanel

Mail Assure. User Guide - Admin, Domain and Level

WebAdmin IceWarp WebAdmin Manual

GFI product comparison: GFI MailEssentials vs. McAfee Security for Servers

Service User Manual. Outlook By SYSCOM (USA) May 2nd, Version 1.0. Outlook 2013 Ver.1.0

Mass mailing lists. There are many different settings, this goes through many of the basics. The defaults are usually adequate for most mailing lists.

Centralized Policy, Virus, and Outbreak Quarantines

Protection: End User s Guide. Table of Contents

UCHC Dept. Information Technology Outlook Web Access User Guide. Using UCHC Outlook Web Access 3/6/2012

On the Surface. Security Datasheet. Security Datasheet

Encrypted Users Guide. Revised 8/28/2017

TurnkeyMail 7.x Help. Logging in to TurnkeyMail

GFI MailSecurity 2011 for Exchange/SMTP. Administration & Configuration Manual

Tutorial for Horde . Contents

This manual is for administrative users of NetIntelligence MailFilter. The following two sections of this guide describe:

Mailbox Control Panel

Service User Manual. Outlook By SYSCOM (USA) May 2, Version 2.0. Outlook 2007 Ver. 2.0

to Stay Out of the Spam Folder

Using Your New Webmail

Using the Control Panel

Understanding the Pipeline

Total Security

Exchange Security Small Business Edition. User Manual

Dell Service Level Agreement for Microsoft Online Services

Binarytech Digital Education Karta Allahabad ( Notes)

Transcription:

MailCleaner Extended FAQ NETHZ Mail Filtering Preferences NETHZ 001 Q: Can I still use my nethz Mail Filtering Preferences? A: The "email Spamfilter" option of the www.passwort.ethz.ch user interface will no longer be used to set filtering preferences. Your old whitelist and blacklist entries will not be imported into MailCleaner. If your e-mail domain has been migrated to filtering by MailCleaner, the nethz mail filtering preferences for that domain will be ignored. NETHZ 002 Q: Will my nethz whitelist and blacklist entries be lost? A: Yes. The Fastnet people discourage the use of whitelists and we do not want MailCleaner to be "vorbelastet" with old blacklist entries. Quarantine Reports QUARANTINE 001 QUARANTINE 002 QUARANTINE 003 QUARANTINE 004 QUARANTINE 005 QUARANTINE 006 QUARANTINE 007 Q: How can I change the frequency with which I receive quarantine reports? A: See "Configuration> Address settings> Frequency". Q: How long will messages remain in the quarantine before they are deleted? A: 30 days. Q: How can I see messages that were quarantined more than 7 days ago A: See "Configuration> Quarantine display> Number of days". Q: What is the function of the "release-the-message" action button? A: It sends a COPY of the message to your mailbox... use with caution! See the "Quarantine processing tools" section of the User Manual. Q: If I release a message from the quarantine, will the message be trapped by another ID filter? A: No, but the message might be stripped of its attachment by the Exchange server. Q: What is the function of the "message-preview" action button? A: It displays the contents of a message or its headers. To prevent execution of malicious code, HTML commands are disabled when message contents are displayed. See the "Quarantine processing tools" section of the User Manual. Q: What is the function of the "filter-adjustment" action button? A: This is intended for "clean" messages that land in your quarantine. It sends a copy of the message to the MailCleaner Analysis Center. Filter adjustmenst are incremental, so it may be necessary to do this for messages from a particular sender over a period of several days. See the "Quarantine processing tools" section of the User Manual. Page 1 / 7

QUARANTINE 008 QUARANTINE 009 Q: What is the function of the "Accept this newsletter" button? A: It sends a copy of the newsletter message to your mailbox and adds the sender address (smtp-sender & from-sender) to your newsletter-whitelist. Q: How can I combine my quarantines and just receive a single report for all of my addresses? A: First, make a direct login to your Management Center, using the https://mailcleaner.ethz.ch URL. This will cause MailCleaner to query Active Directory. Do not use the link in your quarantine reports for this function because it will not trigger an AD query. After the direct login, MailCleaner will know which addresses belong to your account. Go to Configuration> Address settings. The "Addresses" box will show all of your addresses. You may then enter an address value into the "Send reports to this address" box and then click the "Apply settings to all addresses" box. MailCleaner "Management Center" (User Web Interface) MANAGEMENT 001 MANAGEMENT 002 MANAGEMENT 003 MANAGEMENT 004 Q: Where can I find the MailCleaner user interface? A: Set your web browser to https://mailcleaner.ethz.ch There is also a link to the user interface in your daily quarantine report which allows you to log in without providing your username and password. Q: How do I log into the MailCleaner user interface? A: Use your mailbox username & password. For domains on the Exchange server, you may use your email domain or the "@ethz.ch" default domain. For domains on other mail servers, be sure to select the correct email domain. For the psi.ch domain, be sure to select the correct email domain. Q: What can be configured in the MailCleaner user interface? A: + Interface Language + Junk, Error & Newsletter message preferences + Frequency & format of quarantine reports + Delivery address for quarantine reports + Number of days to display in quarantine reports + Your Warnlist, Whitelist & Blacklist Q: If I have multiple addresses, must I select the same options & white/black/warn list settings for EACH address? A: Yes, but MailCleaner will help by providing you with a pull-down menu of previously entered options and address entries. Newsletters & Newsletter-Spam NEWSLETTER 001 NEWSLETTER 002 Q: What is the function of the "newsletter" option in my "management center"? A: About 80% of spam today is disguised as a newsletter, so MailCleaner retains "newsletter" messages in the quarantine by default. This also a defense against malicious subscriptions to newsletters. Clicking the "Accept this newsletter" button delivers a copy of the newsletter to the user's mailbox and adds the sender to your newsletter-whitelist. Users may override the "newsletter"option, but this is not recommended. Configuration> Address settings> For each message detected as newsletter select "retain in quarantine". Q: What happens when a user clicks "Accept this newsletter"? Page 2 / 7

A: A copy of the newsletter message is delivered to the user's mailbox and newsletter sender-address is white-listed (in your newsletter-whitelist). NEWSLETTER 003 NEWSLETTER 004 NEWSLETTER 005 Q: When a user clicks "Accept this newsletter", which newsletter sender-address is white-listed? A: Both the SMTP-FROM address (envelope sender-address) and From-Header address are white-listed. Q: Why did this newsletter land in my quarantine after I have clicked "Accept this Newsletter"? A: A message can be classified as a "newsletter" AND "spam", which means that a message may still land in your quarantine, even if the sender has been added to your newsletter-whitelist. Q: Where is the "Accept this Newsletter" button? I do not see it next to any message in my quarantine report. A: The "Accept this newsletter" button only appears in web interface and is not available in the quarantine reports. To see and use the "Accept this newsletter" button, please click the link in your quarantine report or log in directly to https://mailcleaner.ethz.ch/ Whitelists, Blacklists & Warnlists WHITE-BLACK-WARN 001 WHITE-BLACK-WARN 002 WHITE-BLACK-WARN 003 WHITE-BLACK-WARN 004 WHITE-BLACK-WARN 005 WHITE-BLACK-WARN 006 WHITE-BLACK-WARN 007 WHITE-BLACK-WARN 008 Q: Does MailCleaner have a general whitelist, blacklist, warnlist? A: Yes. Q: Does MailCleaner have a central whitelist, blacklist, warnlist for each domain? A: Yes. Q: Do the users have individual whitelists? A: Yes, however, the "filter-adjustment" button should be used before you resort to adding an address to your whitelist. See the "Configuring the whitelist" section of the User Manual. Q: Does the whitelist exempt the sender address from ALL checks? A: No. Malware and "dangerous content" checks are made before messages from these addresses reach address-level filter preferences. However MailCleaner says that whitelists should be used for only short periods and recommends that warnlists should be used instead of whitelists. Q: Which sender-addresses are used by the whitelist? A: Whitelists only use the "From:" address. Q: Do the users have individual blacklists? A: Yes. Q: Which sender-addresses are used by the blacklist? A: Blacklists use the "From:" header and the envelope-sender (seen in the message headers). Q: What is a "warnlist" and how is it used? A: The warnlist contains sender addresses for which you will be notified by mail if a message from that sender has landed in the quarantine. Page 3 / 7

WHITE-BLACK-WARN 009 WHITE-BLACK-WARN 010 WHITE-BLACK-WARN 011 Q: Which sender-addresses are used by the warnlist? A: Warnlists only use the "From:" address. Q: Do white/black/warn lists only allow full domains and complete addresses? A: Complete and partial addresses/domains are allowed: philip@*.ac.uk werbung@*.com *.books.ch postgress@id.hdb*.ethz.ch Q: Are white/black/warn list addresses case-sensitive? A: From-headers are not case-sensitive; envelope-sender-addresses are not casesensitive Prohibited Messages (Messages that are rejected without regard to user whitelists) PROHIBITED-FILE-TYPES 001 PROHIBITED-FILE-TYPES 002 Q: What types of attachments are prohibited (rejected) by MailCleaner? A: The.js.jse.dotm &.wsf filetypes are rejected (even inside an archive) with a "Detected forbidden filetype" notice. Q: How can I receive a legitimate message with a prohibited attachment? A: The sender must use an encrypted archive or file-transfer service such as CIFEX, polybox, or Dropbox. How does MailCleaner handle bad messages? FILTER-PROCESS 001 Q: What does MailCleaner do with "bad" messages? A: Some messages are rejected, some are deleted, some are quarantined or tagged. Mail from non-existent sender domains or to non-existent recipient addresses is rejected. If the owner of a mail domain has published SPF records that specify which mail hosts are allowed to send mail for that domain, mail with that domain that is sent from any other source will be rejected. Messages from sources in the SpamHaus blacklist are rejected. Messages containing prohibited file types are rejected. Messages containing known viruses may be accepted and deleted before they reach address-level filtering. These deleted messages do not appear in the quarantine reports. Logs of deleted messages are only visible to the administrator. Messages with dangerous content may land in your mailbox or quarantine with a {Content?} tag in the Subject line. This is a "disarmed" version of the message with links or attachments removed and an added attachment (AttentionVirus.txt) giving the Message-ID. To receive the full version of the message, you must contact the Service Desk (servicedesk@id.ethz.ch) and provide the Message-ID. Page 4 / 7

Exchange Server "Shared Mailboxes" Other messages land in your quarantine. However, you may use the "Management Center" to choose what happens to these messages (quarantine/tag/delete). SHARED-MAILBOX 001 Q: How does MailCleaner handle the quarantine & preferences for MS Exchange "Shared Mailbox" addresses? A: Anyone with access to the quarantine report may release messages from the quarantine to the mailbox or set filtering/reporting preferences. If you wish to prevent this from happening, the filter administrators can set the shared-mailbox address to tag-only. Distribution List Addresses DISTRIB-LIST 001 Q: How does MailCleaner handle the quarantine & preferences for a distribution list? A: Any recipient of a quarantine report may release messages from the quarantine to the entire list or set filtering/reporting preferences. To prevent this from happening, one address should be designated by the filter administrators to receive quarantine reports and to release any wrongly quarantined messages to members of the list, or the list must be set to tag-only. Reporting "False Negatives" (mail that should have been blocked) FALSE-NEGATIVES 001 FALSE-NEGATIVES 002 FALSE-NEGATIVES 003 Q: What is the reporting address for spam? A: spam@mailcleaner.net Q: What is the reporting address for phishing & malware? A: phishing@ethz.ch - this notifies various ETH offices AND the MailCleaner team at Fastnet. Q: How should I send a spam/phish/malware message to the reporting addresses? A: Messages should be forwarded as an attachment to include the mail headers. Reporting "False Positives" (mail that should NOT have been blocked) FALSE-POSITIVES 001 Q: How do I report mail that should NOT have been blocked? A: Use the "filter-adjustment" button in your quarantine, or forward the clean message as an attachment to nospam@mailcleaner.net Filter adjustments are incremental, so it may be necessary to do this for messages from a particular sender over a period of several days. Reporting a Phishing/Malware wave PHISH-MALWARE 001 PHISH-MALWARE 002 Q: How should users report a suspected "wave" of phishing or malware messages? A: By forwarding the mail as an attachment to phishing@ethz.ch - which notifies various ETH offices AND Fastnet Q: If our users report a phishing/malware wave, what response time should we expect from Fastnet? A: There is no guaranteed response time. Page 5 / 7

MailCleaner Outlook Plug-In OUTLOOK 001 OUTLOOK 002 Q: Will the MailCleaner Outlook Plug-In work with newer versions of Outlook? A: No. It only works up to Outlook 2010 and is no loner supported by Fastnet. Q: Is Fastnet planning to release a new version of the MAILCLEANER Outlook Plug- In? A: No. Known Problems PROBLEM 001 PROBLEM 003 PROBLEM 003 Quarantine report action icons generate "BADPARAMS" error with IE Version: 11.0.10240.17319 & Windows 10 Quarantine report action icons function correctly with IE Version: 11.0.10240.17319 & Windows 7 MailCleaner user login fails with ERR_SSL_VERSION_OR_CIPHER_MISMATCH with older versions of Chrome If a user has selected "Retain error messages", an attempt to release an error message (empty sender address) from the quarantine will result in the message landing back in the quarantine with an extra "X-MailCleaner-Bounce" header. Test Domains (some addresses are filtered by MailCleaner) TEST-DOMAINS 001 In the test phase, particular addresses are diverted to MailCleaner while the rest of the domain is still filtered by the in-house fitering system on the philx mail gateways. During this test phase, users will occasionally receive messages which seem to be unfiltered. This is caused by an interaction between the MailCleaner SPF check and the "divert" mechanism on the philx mail gateways. These "unfiltered" messages will contain one of these headers: X-MailCleaner-SPF: permerror X-MailCleaner-SPF: fail X-MailCleaner-SPF: softfail You may wish to add a mailbox rule to send these messages to your junk folder. The problem will disappear when the specified domain is migrated to MailCleaner. TEST-DOMAINS 002 baug.ethz.ch ethz.ch fim.math.ethz.ch ifu.baug.ethz.ch ihw.baug.ethz.ch ivt.baug.ethz.ch poc.switch.ch psi.ch math.ethz.ch stat.math.ethz.ch switch.ch test.math.ethz.ch test.switch.ch Page 6 / 7

Migrated Domains (all addresses are filtered by MailCleaner) cardex.ethz.ch dco.ethz.ch id.ethz.ch inf.ethz.ch library-lab.ethz.ch lists.dco.ethz.ch lists.inf.ethz.ch sirius.inf.ethz.ch sn.gess.ethz.ch Page 7 / 7

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback