1. Manuals
  2. Brands
  3. McAfee Manuals
  4. Software
  5. SMEFCE-AI-DA - Email Security Service...
  6. Administration manual

McAfee SMEFCE-AI-DA - Email Security Service Inbound Administration Manual

Administration guide
Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
McAfee SaaS Email
Protection Administrator
Guide
Updated: November 2012
Proprietary and Confidential

Advertisement

Table of Contents
loading

Related Manuals for McAfee SMEFCE-AI-DA - Email Security Service Inbound

Summary of Contents for McAfee SMEFCE-AI-DA - Email Security Service Inbound

  • Page 1 McAfee SaaS Email Protection Administrator Guide Updated: November 2012 Proprietary and Confidential...
  • Page 2 McAfee. All copies of this document are the sole property of McAfee and must be returned promptly upon request. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...

  • Page 3: Table Of Contents

    Optional Utilities ..................... 13 Spam Control for Outlook® ................13 Disaster Recovery Services ................... 14 Fail Safe ......................14 Email Continuity ....................14 Access Email Protection Administration 15 November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...
  • Page 4 Redirect Your MX Records ..................33 Check Your MX Record ..................34 Set up User Creation Mode — SMTP Discovery or Explicit ........36 Customize Inbound Mail Filters 39 November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...
  • Page 5 Define the Format and Text of Notifications to Users ......... 80 Variables within a Notification ................80 Define the Format and Text of Virus Notifications ..........81 Define the Format and Text of Content Violation Notifications ......83 November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...
  • Page 6 Set up Disaster Recovery Services 101 Administer Disaster Recovery Services .............101 Set up Spooling for Disaster Recovery .............101 Set up Notifications of Disaster Recovery ............102 User-Level Policy Configuration 103 System Reports 105 November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...
  • Page 7 View Details of Log Items ..................130 User Activity ......................131 Event Log ......................133 Audit Trail ......................134 Inbound Server Connections ................135 Disaster Recovery: Overview ................137 Disaster Recovery: Event Log ................138 November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...
  • Page 8 Turn on Exception Notifications for the MSP Connection .........142 View an MSP Connector Audit Report .............143 Administer Performance Reports ...............147 Performance Report Descriptions ..............148 Tips and Frequently Asked Questions 153 FAQs ........................153 Tips/Techniques ....................159 November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission viii...

  • Page 9: Overview

    Control Console, the comprehensive graphical interface into McAfee Saas Email Protection. This document describes the tasks necessary to configure and maintain your McAfee Saas Email Protection. Differences in Administration for Service Providers This document is for use by Enterprise customers only.

  • Page 10: Mx Record Validation

    You can customize the default inbound policy for any and each domain, or any and each group, to fit your business Email Protection. For more information, see Customize Inbound Mail Filters. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 11: Types Of Inbound Email Filtering

    Statistical algorithms built by your Email Protection provider Filtering identify and quantify the possibility that an email is spam based on how often elements in that email have appeared in identified spam emails. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...
  • Page 12 (blackholes) for the purpose of limiting the transport of known-to-be-unwanted mass email. The RBL is a database of IP addresses that are reported to be spam sources. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...
  • Page 13 Graphic Image You can enable or disable the automatic replacement of images Replacement with a transparent 1x1 pixel GIF within HTML emails. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...
  • Page 14 You can configure custom rules for emails with encrypted zip files Risk” Zip File and/or zip files that are considered high risk (too large, too many Attachment Rules nested levels, etc.). Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...
  • Page 15 Each policy set affects the email filtering for all user accounts in the groups that are subscribed to that policy set. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...

  • Page 16: Types Of Outbound Email Filtering

    Also, depending on the enabled email filter, various actions must be configured that define how Email Protection will respond if an email violates the specific filter policy. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...
  • Page 17 You can designate that only the infected attachment is stripped. and the remaining email contents and attachments are sent to the recipient. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...

  • Page 18: User-Level Policy Configurations

    • Spam Quarantined Messages – Accessible to all users, with users with role of User or Reports Manager allowed to access only their own personal spam quarantine Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 19: Customizing The Interface

    Cobrand – Branding uses images provided by you and your service provider., and addresses provided by you. • White Label – Branding uses no identifying images and uses addresses provided by you. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...

  • Page 20: Language Localization

    Every email that was sent from your organization to Email Protection for email filtering will have the designated text added to the end of the email content. This feature requires that outbound filtering be licensed. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 21: Notifications

    Threat Center, and then deletes it from your Microsoft Outlook mailbox. This utility only works for the Outlook mail client. You can download this utility at the following location: http://www.mxlogic.com/services/spam_blocking/spam_control.html November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...

  • Page 22: Disaster Recovery Services

    Email Continuity also has unlimited storage capacity and removes messages that have been in Email Continuity storage for more than 60 days. For more information, see Administer Disaster Recovery Services Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 23: Access Email Protection Administration

    Email Protection policies for the assigned groups. A Group Administrator does not need to be a member of a group in order to have these capabilities. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...
  • Page 24 Quarantine Group Enablement Administrator Administrator Manager Admnistrator Required Overview Policies tab Policy Sets Anti-virus: Action Anti-virus: Notifications Anti-SPAM: Classification Anti-SPAM: Content Groups Anti-SPAM: Reporting Content: Content Groups Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...
  • Page 25 Notifications Allow/Deny: Sender Allow Allow/Deny: Sender Deny Allow/Deny: Recipient Shield Enforced TLS: Actions Enforced TLS: Notifications Notifications: Content Notifications: Attachment Group Subscriptions Disaster Recovery Quarantine Tab SetupTab November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...
  • Page 26 MX Records Setup User Creation Settings Reports tab Traffic Overview Threats Overview Threats: Viruses Threats: Spam Threats: Content Threats: Attachments ClickProtect:Over view ClickProtect: Click Log Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 27: Other Documents You Might Need

    Control Console or the documentation as listed below. Email Protection Documents • Email Protection Concepts Guide • Email Protection Quick Start • Intelligent Routing User Guide • Email Continuity Administrator Quick Start Guide November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...

  • Page 28: Web Protection Service Documents

    Note: The first time you log on, you might need to create your password. If so, see Reset Your Password from the log on window Open a browser on your computer and enter the URL for the Control Console. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 29: Reset Your Password From The Log On Window

    Forgot your password or need to create a password? The following window is displayed. In the Username field, type your email address. Do one of the following: November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...
  • Page 30 The email is similar to the following: Click the link in the email. The link is active for only a limited time after the email is sent (typically, 60 minutes). Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...
  • Page 31 Thus, if the password contains mostly alphabetical characters, then at least one character must be either a special character or numeric. For example, majordude is invalid, but majordude9 is valid. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...
  • Page 32 Keep your password safe and private. 11 Retype your password in the Confirm Password field. 12 Click Save. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 33: Check The Status Of Email Protection On The Overview

    Select Email Protection | Overview. The Overview window is displayed with the initial view. Click Display Statistics. The Overview window is displayed with the complete view. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...
  • Page 34 Spam – Number of inbound emails that were potentially spam Quarantined – Total number of inbound emails that were quarantined for any reason, including spam, virus, etc. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...
  • Page 35 (links). Click the desired link to view the complete information. Depending on the configuration, this section may be blank or may contain different information. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...
  • Page 36 Email Protection Administrator Guide Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 37: Set Up Your Servers

    You can configure additional inbound servers to receive inbound email from Email Protection for the designated domain. All servers for a domain that receive inbound email from Email Protection must be configured on the Inbound Servers Setup window. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...

  • Page 38: Delete An Inbound Server

    To delete an inbound server, perform the following steps: Access the appropriate domain on the Inbound Server Setup window Click the Delete checkbox next to the server you want to delete. Click Save. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 39: Add Ip Address Of Outbound Server, If Necessary

    • Scan your network for open relays, viruses and malware. • Refer to the Accepted Use Policy (AUP) at http://www.mxlogic.com/terms/aup/ for information on bulk mail. index.cfm November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...

  • Page 40: Delete An Outbound Server

    Note: If no outbound package has been designated for the selected Domain, this window is unavailable. Click Email Protection | Setup | Outbound Servers. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 41: Redirect Your Mx Records

    The information necessary for your company to make these changes is provided in your Email Protection Activation Guide, which you receive when you first sign up for service. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...

  • Page 42: Check Your Mx Record

    Note: This feature must be enabled at the system level to be available in Email Protection. Click Email Protection | Setup| MX Records. The MX Record Analysis window is displayed. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...
  • Page 43 Unrecognized – MX Record could not be authenticated and may be allowing email to enter your system bypassing Email Protection. This situation, if occurring within 72 hours of the MX Record change, may indicated the changes are not yet complete. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...

  • Page 44: Set Up User Creation Mode - Smtp Discovery Or Explicit

    If you use Directory Integration, explicit user creation is highly-recommended. To turn on Explicit User Creation, perform the following steps: Click Email Protection | Setup. Click User Creation Settings. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...
  • Page 45 Email Protection Administrator Guide Set up User Creation Mode — SMTP Dis- Under the User Creation Mode heading, select Explicit. Click Save. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...
  • Page 46 Set up User Creation Mode — SMTP Discovery or Explicit Email Protection Administrator Guide Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 47: Customize Inbound Mail Filters

    A custom group policy supersedes the default policy that is assigned to all domains. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...
  • Page 48 Enterprise or Service Provider Customer Email Protection Administrator Guide Figure 6: Service Provider Custom Policy Assignment Figure 7: Enterprise Custom Policy Assignment (Groups by Domain) Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 49: Create A Custom Policy (Enterprise Customer Only)

    Click Email Protection | Policies | Inbound Policies link. Click New to launch the New Policy window. The New Policy Set fields are displayed. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...
  • Page 50 Copy From field. Click Save. The Policy Sets list is updated with the new policy. You can now modify the new policy to meet your business needs. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 51: Configure A Virus Filter

    Click Email Protection | Policies. Select the policy you want to change. Click Virus. The Actions window is displayed. Complete the fields as described in the following table. Field Description November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...

  • Page 52: Set Email Protection To Notify Users About Emails With Viruses

    (for example, SoBig or MyDoom). These notifications will be automatically disabled by the Email Protection. Click Email Protection | Policies. Select the policy you want to change. Click Virus. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 53: Configure A Spam Filter

    There are three scores are used to determine the likelihood of spam and what actions should be taken. Those scores are: • Medium likelihood if default settings are used. This email is normally quarantined for review. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...

  • Page 54: Define The Action To Take On Spam

    Define the Action to Take on Spam Click Email Protection | Policies. Select the policy you want to change. Click Spam. The Classification window is displayed. Complete the following fields: Field Description Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 55: Define Additional Words That Indicate Spam

    If the action is to send spam matches to quarantine, users who receive Spam Quarantine Reports can view the matching messages in the quarantine. Note: A spam content group does not analyze the content within attachments. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...
  • Page 56 Allow – The email is sent to the recipient email address. Note: The Allow option is useful if you want to override standard Email Protection spam content filtering for particular keywords. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...
  • Page 57 10 Click Save for the new spam content group. 11 Click Save for the policy or continue to the Reporting tab. To change a policy’s existing spam content group, click Edit. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...

  • Page 58: Set Up Spam Quarantine Reports

    Selected users – Only those user accounts configured for Spam Quarantine Reports on the User Management windows receive the reports. • No users – No users associated with this policy set receive Spam Quarantine Reports. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...
  • Page 59 Spam Quarantine Report and perform any spam management. A high value might increase the security risk of unauthorized access into the Control Console using an old Spam Quarantine Report. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...
  • Page 60 Spam Control For Outlook utility. The location from which Control For the utility is downloaded is configured in the Branding Settings window. Outlook® Note: This feature can be enabled or disabled at the system level. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 61: Configure A Content Filter

    Spam – Content Groups window. In addition, spam identified by the Content – Content Groups filter is accessible only by Quarantine Managers or higher level administrators. Users cannot view this spam. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...

  • Page 62: More Options

    Email Encryption if the outbound message contains the word [encrypt]. The word, [encrypt] can reside in the message subject line or the body of the outbound message. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 63: Turn Off A Default Content Filter

    The Content Groups window is displayed, showing the default content groups. • Profanity • Racially Insensitive • Sexual Overtones Double-click one of the default content groups. Uncheck the Enable checkbox. Click Save. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...

  • Page 64: Custom Content Group

    For example, refi* would catch refinance, refinancing and refine. — * – followed by a literal character designates multiple characters, including white space characters, until the designated character is encountered. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 65: Notify Users About Spam Content

    Note: Virus notifications will not be sent out for emails that are infected with widespread viruses or worms (for example, SoBig or MyDoom). These notifications will be automatically disabled by the Email Protection. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...

  • Page 66: Configure A Filter For Html, Java Script, Activex, And Spam Beacons

    You can configure how Email Protection filters email for HTML attachments or various forms of HTML coding within email. Click Email Protection | Policies. Select the policy you want to change. Click Content. Click HTML Shield. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...
  • Page 67 Select Replace all image links with a default transparent image to eliminate objectionable images in email. This option replaces links to images in email with links to an image with one transparent pixel. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...

  • Page 68: Configure Web Hyperlink Filters (Clickprotect)

    Display warning message and deny click-throughs — Displays a dialog box with a customizable warning message and does not allow users to continue with the click-through process. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...
  • Page 69 Must be a text file • One entry per line • File must be available for your browser to access On the ClickProtect window, go to the More Options section. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...

  • Page 70: Define An Attachment Filter

    To filter email by file type, you must define the following: • What file types are allowed to be received • File size restrictions on the allowed file types Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...
  • Page 71 The following table lists the file extensions associated with each file type: File Type Example File Extensions Microsoft Word *.doc, *.dot, *.rtf, *.wiz Documents November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...
  • Page 72 Do nothing – Email Protection sends the email to the recipient with no filtering or notification. • Deny delivery – Email Protection denies delivery of the email. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 73: Filter By Attachment File Name

    Value description anywhere within the filename string. For example, if you want to filter for any file that contains config in its name, like postconfig or config.ini, select this option. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...

  • Page 74: Filter Zip File Attachments

    Click Email Protection Policies. Select the policy you want to change. Click Attachments. The Attachments: File Types window is displayed. Click Additional Policies. The Additional Attachment Policies window is displayed. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 75: Notify Users About Attachment Violations

    Notifications tabs. See Define the Format and Text of Notifications to Users Click Email Protection | Policies. Select the policy you want to change. Click Attachments. Click Notifications. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...

  • Page 76: Allow Or Deny Email To Or From Specific Addresses

    In addition, you can define lists of recipient email addresses that are always denied receiving email. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 77: Allow Email From A Specific Address

    IP addresses – Complete IP address or partial address with wildcards (for example, 123.123.12.3 or 123.123.12.*) Note: CIDR notation is not allowed. Each IP address must be designated separately. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...

  • Page 78: Deny Email From A Specific Address

    You can add individual addresses one a time or you can add them with a batch file. See Add Allow, Deny, or Recipient Shield Addresses with a Batch File Click Email Protection | Policies. Select the policy you want to change. Click Allow/Deny. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...
  • Page 79 Deny delivery – The email is denied delivery. Click Save. You can save a copy of the list you created. See Save a Copy of an Allow, Deny, or Recipient Shield List November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...

  • Page 80: Deny Email To A Specific Recipient

    If the Recipient is on the Recipient Shield List section, select one of the following options: • Accept and silently discard the message – The email is accepted, but is discarded without notification. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 81: Save A Copy Of An Allow, Deny, Or Recipient Shield List

    MTAs, then the system delivers the email over TLS. If a TLS connection CANNOT be established between the sender or the recipient MTA, then the mail transfer November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...
  • Page 82 The maximum number of values allowed in the Add Domain list is specified. This limit is defined at the system level (see the online help for the specific count). Any duplicate or invalid values are discarded automatically. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 83: Enforced Spf

    Even those that have implemented SPF might have outdated or inaccurate records, resulting in false positives. The only way to resolve this is to contact the domain owner and ask them to correct the issue. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...
  • Page 84 Note: To select more than one value from the list, press Ctrl on your keyboard, click each entry you want to remove, and then click the « Remove button. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...
  • Page 85 The DomainKeys specification has adopted aspects of Identified Internet Mail to create an enhanced protocol called DomainKeys Identified Mail. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...
  • Page 86 Note: All entries are removed when clicking the button Remove All More Options Regardless of Sender Domain From the drop-down lists, select the appropriate DKIM action (Deliver, Deny, Tag Subject) for the following criteria: Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...
  • Page 87 (non-default) policy sets. NOTE: If the default list changes, your subscription to the default is updated to reflect those changes. Email Authentication Notifications tab November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...

  • Page 88: Define The Format And Text Of Notifications To Users

    Inserts a variable that automatically indicates the sender’s email address (From: address) from the email that violated the policy. This variable inserts the From: address that is displayed in the email. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 89: Define The Format And Text Of Virus Notifications

    Define the Format and Text of Virus Notifications Click Email Protection | Policies. Select the policy you want to change. Click Notifications. The Notifications: Virus window is displayed. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...
  • Page 90 Type the text to be used as the body text for the notification email template. Optionally, you can type variables that insert system information into this content. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 91: Define The Format And Text Of Content Violation Notifications

    Subject Type the text to be used as the subject for the notification email template. Optionally, you can type variables that insert system information into this content. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...

  • Page 92: Define The Format And Text Of Attachment Violation Notifications

    Designates what email address is used if the recipient of the notification email clicks the Reply button in his/her email application. Optionally, you can type variables that insert system information into this content. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 93: Email Authentication

    From: address received from the sending email server. $(TO) – Inserts a variable that automatically indicates the recipient's email address (To: address) from the email that violated the policy. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...
  • Page 94 The following examples demonstrate the Subject Field or Subject Notification only displaying Delivery Notification. Again, this is because the $(SUBJECT) variable is an empty variable. Email Subject Line Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 95: Disaster Recovery

    Do not allow users to use the Email Continuity webmail client Select this option if you do not wish to allow users to use the Email Continuity webmail client when email cannot be delivered. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...

  • Page 96: Assign A Group To The Custom Policy

    Select the custom policy to which you want to assign a group. Click Group Subscriptions. The Policy Configuration Groups window is displayed. Select the group you want to assign. Click Add. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 97: Customize Outbound Mail Filters

    Enter a name for the policy set you are creating. The name should reflect the name or purpose for the group or groups that you will assign to the policy. Description Enter a description of the new policy set. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...

  • Page 98: Configure A Virus Filter

    Groups and Notifications. HTML Shield and ClickProtect are not available for outbound email. You set up content groups and notifications in the same way as that for inbound email. For more information, see Create a Custom Policy. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 99: Email Encryption For Content Groups

    This word, [encrypt] can reside in the message Subject line or the body of the outbound message. This option can be found under Email Protection | Policies | Outbound (default) | Content |Content Groups. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...

  • Page 100: Define An Attachment Filter

    Assign a Group to the Custom Policy You assign a group to a policy for outbound email in the same way as that for inbound email. For more information, see Disaster Recovery. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 101: Managing Quarantine Reports

    Release Quarantined Messages • View Quarantines Messages As an administrator, you can also directly access your own quarantined email within the Control Console. See Monitor Your Own Quarantine. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...

  • Page 102: Primary Email Addresses, Aliases, And Public Domain Addresses

    To search quarantined email, perform the following steps: Click Email Protection | Quarantine. If necessary, click Quarantine Search. Complete any or all of the following fields to define your search: Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 103: Interpret The Search Results

    Also, a sixth column displays information that varies, depending on the type of threats you searched for: The following table lists the type of information that might be contained in this column. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...

  • Page 104: Sort The Search Results

    Click on the heading of the column you want to sort. You have the choice of sorting the messages in ascending or descending order of the values in the column. Click Sort Ascending or Sort Descending. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 105: Delete Quarantined Messages

    To view a message in the quarantine: Double-click the message you want to view. The message opens in a new tab with the subject heading. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...
  • Page 106 After checking a message, do one of the following: • Delete the message as described in Delete Quarantined Messages. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 107: Monitor Your Own Quarantine

    • Search for Quarantined Email • Interpret the Search Results • Sort the Search Results • Delete Quarantined Messages • Release Quarantined Messages • View Quarantines Messages November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...
  • Page 108 Monitor Users’ Quarantined Email Email Protectionr Administrator Guide Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 109: Set Up Disaster Recovery Services

    When necessary, you then select Start Spooling to initiate manual spooling; and select Stop Spooling to stop it. Note: It may take a few minutes for manual spooling of incoming mail to start and stop. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...

  • Page 110: Set Up Notifications Of Disaster Recovery

    Click Add. Repeat steps 1 and 2 for up to three more notification recipients. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 111: User-Level Policy Configuration

    Search the Quarantine of a User • View the Email Activity Summary of a User Users can also manage some aspects of their email filtering. See Email Protection User Guide. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...
  • Page 112 Email Protection Administrator Guide Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 113: 10. System Reports

    The report also includes a percentage of incoming email messages that were denied, validated or unavailable due to an Enforced SPF Policy violation. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...

  • Page 114: View An Email Protection Report

    To view an Email Protection Report, perform the following steps: Click Email Protection | Reports. From the Domain drop-down menu, select the domain for which you want the report. The Traffic Overview report is displayed. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 115: Traffic Overview

    Download on any report, then follow the instructions. Traffic Overview The Traffic: Overview window displays overview information about the inbound and outbound email traffic for the designated domain. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...
  • Page 116 The bandwidths, in kilobytes, used by inbound and outbound email for the designated Domain and date range. • Green – Inbound data • Purple – Outbound data Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 117: Traffic: Enforced Tls Report

    Enforced TLS Policy violation. Traffic Summary TLS Inbound Messages - The total of TLS inbound messages that were processed via a TLS connection. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...

  • Page 118: Traffic: Encryption

    The Traffic: Encryption report displays information about all outbound email traffic, percentages and bandwidth for the designated domain during the selected date or date range sent out to be encrypted. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 119: Threats: Overview

    % Outbound Bytes sent via TLS - The percentage of outgoing bytes messages sent out to be encrypted. Threats: Overview The Threats: Overview report displays overview information about email violations by policy type for the designated domain. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...
  • Page 120 Content Keyword Violations – The total number of inbound emails that violated the content keyword policies. • Attachment Policy Violations – The total number of inbound emails that had attachments that violated the attachment policies. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 121: Threats: Viruses

    Threats: Viruses The Threats: Viruses report displays information about emails that violated the virus policies for the designated domain. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...
  • Page 122 The following table lists the report items in the report. Report Item Description Virus Volume The total number of emails that contained known viruses. Trends • Green – Inbound data • Purple – Outbound data Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 123: Threats: Spam

    Threats: Spam The Threats: Spam window displays information about emails that violated the spam policies for the designated domain. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...
  • Page 124 The following table lists the report items in the report. Report Item Description Spam Volume The total number of emails that violated spam policies. Trends • Green – Inbound data • Purple – Outbound data Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 125: Threats: Content

    The percentage of policy actions applied to the emails that violated spam Actions policies. Threats: Content The Threats: Content window displays information about emails that violated the content keyword policies for the designated domain. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...
  • Page 126 Report Item Description Content Policy The total number of emails that violated the content keyword policies. Violation Trends • Green – Inbound data • Purple – Outbound data Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 127: Threats: Attachments

    The percentage of policy actions applied to the emails that violated content Actions keyword policies. Threats: Attachments The Threats: Attachments window displays information about emails that had attachments that violated the attachment policies for the designated domain. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...
  • Page 128 Attachment Policy The total number of emails that had attachments that violated the Violation Trends attachment policies. • Green – Inbound data • Purple – Outbound data Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 129: Enforced Tls: Details

    Reporting Period: All report data is viewable on either a day, week, or month basis for the current month, or the previous month. You can use the Download button to save a copy of the currently displayed report results in a spreadsheet format. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...

  • Page 130: Enforced Spf Report

    Enforced TLS policy for a given domain. Enforced SPF Report The Enforced SPF report identifies inbound email messages that were delivered or denied due to an Enforced SPF Policy violation. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 131: Clickprotect: Overview

    ClickProtect processing tracks Web hyperlinks received in emails that can be clicked and followed by the user or that were blocked, depending on the ClickProtect policy configurations. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...
  • Page 132 • Green – Total number of emails that contained hyperlinks. • Purple – Number of emails that contained hyperlinks that were clicked by the recipients. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 133: Clickprotect: Click Log

    ClickProtect Allow list. ClickProtect: Click Log The ClickProtect: Click Log window displays information about hyperlinks in emails that were clicked by recipients. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...

  • Page 134: Quarantine: Release Overview

    Quarantine: Release Overview The Quarantine: Release Overview displays overview information about emails that were quarantined and released from all the quarantine areas within Email Protection for the designated domain. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...
  • Page 135 • Total # of individuals – The total number of user accounts that had emails released from the spam quarantine. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...

  • Page 136: Quarantine: Release Log

    Quarantine: Release Log The Quarantine: Release Log displays detailed information about emails that were released from all the quarantine areas within Email Protection for the designated domain. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...
  • Page 137 The total file size of this email, including all attachments. Additional Position your cursor anywhere over a log item and the Item Pop-up window Feature appears, displaying more information about the item. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...

  • Page 138: View Details Of Log Items

    • Content Keyword – Indicates the specific content keyword that caused the email to be quarantined. Size The total file size of the email, including attachments. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 139: User Activity

    User Activity The User Activity report displays the user accounts that have received the most inbound emails and have sent the most outbound emails for the designated domain. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...
  • Page 140 The sender email addresses that sent the most outbound email, in order of volume. Messages The total number of emails sent by each email address. Size The size of the largest email, including attachments, sent by each email address. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 141: Event Log

    • Viruses – Displays only event log items for actions performed on emails that contained known viruses. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...

  • Page 142: Audit Trail

    The Audit Trail report displays the audit log items for all actions performed by users of Report Managers or higher level roles within the Control Console for the designated domain and date range, including user names and configuration changes. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 143: Inbound Server Connections

    The Inbound Server Connections report displays information about the connections made to the inbound email servers (a.k.a. Customer MTAs) during processing. This report may be useful in determining down times or connection issues. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...
  • Page 144 The total number of successful connections to the designated server(s). Total Failures The total number of unsuccessful attempts to connect to the designated server(s). Server:Port The server address and port being reported. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 145: Disaster Recovery: Overview

    The Disaster Recovery: Overview report displays information about emails that were spooled and unspooled by the disaster recovery service, which can be either FailSafe or Email Continuity. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...

  • Page 146: Disaster Recovery: Event Log

    FailSafe or Email Continuity. Actions include those performed automatically by Email Protection and those performed manually by the users. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 147: Administer Msp Connector

    Configure the MSP Connection To configure the MSP connection to ConnectWise, perform the following steps: Click Account Management | Customers | MSP Connector. The Configuration window is displayed. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...
  • Page 148 In the Time Zone drop-down menu, select the time zone on which to base the timestamp for the ConnectWise instances. Click Test to make sure the connection works. 10 Click Save. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 149: Add Domains To The Msp Connection

    Note: Clicking Add All selects all domains, even those not displayed due to pagination. Add All is disabled if there is an active filter for available domains. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...

  • Page 150: Turn On Exception Notifications For The Msp Connection

    To assign the domain(s) for which should be sent to ConnectWise, perform the following steps: Click Account Management | Customers | MSP Connector. Click Notifications. Click the Exceptions Notifications: Enable checkbox to turn on notifications. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 151: View An Msp Connector Audit Report

    To assign the domain(s) for which should be sent to ConnectWise, perform the following steps: Click Account Management | Customers | MSP Connector. Click Audit Report. A list of Audit Reports is displayed. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...
  • Page 152 The Status column lists the status of attempts to pass data to ConnectWise. Double-click a report to view the details of the report. The details of the audit reports are displayed. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...
  • Page 153 Email Protection Administrator Guide Administer MSP Connector November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...
  • Page 154 The total number of messages with known viruses (infected emails) for the previous calendar month. Account Messages The total number of messages successfully delivered to the receiving MTA for the previous calendar month. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 155: Administer Performance Reports

    Some of the data within this report is subject to variables such as: • Time zone settings • Message delivery timing (may be briefly queued) • Quarantine releases • Reporting period November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...

  • Page 156: Performance Report Descriptions

    Note: You can also click Send Now to immediately email the Performance Report from the last reporting period to the distribution list. Performance Report Descriptions The following tables reflect either weekly or monthly reports depending on the customer’s request. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...
  • Page 157 Inbound Messages Delivered The total number of all inbound messages successfully delivered. Spam Detected The total number of all inbound messages counted as SPAM November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...
  • Page 158 Tag applied to the message. Spooled Messages The total number of all messages spooled, either automatically or manually. Unspooled Messages The total number of all messages unspooled, either automatically or manually. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...
  • Page 159 Administer Performance Reports Outbound Messages Overview The Outbound Messages Overview reports on the number of messages processed and successfully delivered. This includes: • Outbound Threats • Outbound Message Actions November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...
  • Page 160 Administer Performance Reports Email Protection Administrator Guide Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 161: Tips And Frequently Asked Questions

    Total Billed Users Qty field during Domain creation or edit. If you want to disable the automatic creation of user accounts, do one of the following: November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...
  • Page 162 Allow list. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...
  • Page 163 This email action accepts the email as if it was valid, and then discards it without notification to the sender or recipient. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...

  • Page 164: System Configuration

    MX Record. This means that some email servers may still send email directly to your inbound servers and not to the redirected MX Record for the first 2-3 days after the redirection. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...
  • Page 165 MX record set to your internal mail servers. The service is currently configured to deliver your inbound email traffic to the Message November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...
  • Page 166 Click the Cancel button until you return to the browser window. Enter the password in the Supervisor Password Required dialog. Click the OK button. Continue clicking the OK button until you return to the Internet Explorer window. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

  • Page 167: Tips/Techniques

    Protection certain criteria. If you want to receive such files, but not turn off attachment filtering, you have two options. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission...
  • Page 168 Service personnel will analyze the email information to refine the filtering engines for subsequent release, and if necessary, post any urgent updates to virus scanners, etc., to support filtering these emails properly. Proprietary: Not for use or disclosure outside McAfee without written permission. November 2012...

This manual is also suitable for:

Saas email protection

Table of Contents