Trusted Senders - ExchangeDefender

advertisement
V3
ExchangeDefender™
V3
The following document helps introduce users, administrators and support staff to
the features and implementation of ExchangeDefender™ SMTP Security.
V3.1
Copyright © 2003 – 2007, Own Web Now Corp. ExchangeDefender™ is a trademark of Own Web Now Corp.
Contents
ExchangeDefender™ User Guide .................................................................................................................. 3
Overview ................................................................................................................................................... 3
Web Interface ........................................................................................................................................... 3
Main Portal ............................................................................................................................................... 4
E-Mail Addresses ....................................................................................................................................... 5
Quarantine Operations ............................................................................................................................. 6
Trusted Senders ........................................................................................................................................ 7
Settings...................................................................................................................................................... 8
Daily SPAM Reports .................................................................................................................................. 9
ExchangeDefender Administrator Guide .................................................................................................... 11
Overview ................................................................................................................................................. 11
Deployment Scenario .............................................................................................................................. 11
Web Interface ......................................................................................................................................... 11
Account Management ............................................................................................................................ 13
Find Accounts ...................................................................................................................................... 14
New Account ....................................................................................................................................... 14
SPAM and SureSPAM Policies ............................................................................................................. 15
Additional SMTP Addresses (Aliases, Forwards) ................................................................................. 16
Resend Password Reminders and Welcome Message ....................................................................... 16
Manage Daily and Intraday E-mail Reports ........................................................................................ 16
Manage User ....................................................................................................................................... 17
Policies .................................................................................................................................................... 17
Lists ......................................................................................................................................................... 18
SPAM Czar ............................................................................................................................................... 18
Settings.................................................................................................................................................... 19
2
ExchangeDefender™ User Guide
The following section helps ExchangeDefender™ protected user get the most out of the service.
Overview
ExchangeDefender™ is an SMTP Security Service allowing your organization to be protected from
Internet security threats and annoyances such as SPAM, worms, viruses, DDoS attacks and more.
ExchangeDefender™ keeps the unwanted content from your mailbox by constantly monitoring and
analyzing messages and detecting potential threats. Because this is an automated software system it can
make mistakes. We never delete your mail and have several convenient ways for you to access anything
that may have been incorrectly identified as a threat. You can access quarantined messages through a
Daily SPAM Report email, Intraday SPAM Report email and in realtime via secure ExchangeDefender™
Administration web site.
Web Interface
ExchangeDefender™ management is primarily managed through the secure ExchangeDefender™ Admin
Portal web site at:
https://admin.exchangedefender.com
ExchangeDefender™ Admin Portal web site is a secure web site using commercially-signed 128-bit SSL
certificate to encrypt all data exchanged between your computer and our network. This is the same type
of security used by major banks and e-commerce sites such as Amazon and eBay so you can feel free to
enter data and know it is secure. Furthermore, data provided through the ExchangeDefender™ Admin
Portal web site is completely encrypted on the server side making identity theft very difficult.
What can be done through the ExchangeDefender™ Admin Portal?
3
Main Portal
-
Quick overview of all SPAM and SureSPAM quarantines
Search for quarantined messages, senders and subjects
E-Mail Addresses
-
Protect additional e-mail addresses that belong to you by adding them to your account
Resend or Delete any Welcome or Activation messages
Manage SPAM actions: Deliver, Quarantine or Delete
Delete e-mail address you do not wish to have monitored or protected
Quarantine Operations
-
Release messages from the quarantine and deliver
Trust Senders (whitelist) and deliver quarantined messages
Review All messages to mark items you’ve already seen
Trusted Senders
-
Add e-mail addresses and trust sender to send messages to one or all of your addresses
Settings
-
Enable or disable Daily SPAM and Intraday SPAM reports
Configure reporting schedule and set when your reports should arrive
Set paging to limit the number of items you see per page
Set your default time zone
Change your ExchangeDefender™ password
Main Portal
ExchangeDefender™ main page is the first thing you see when you login to your ExchangeDefender™
account. This interface is designed based on user feedback and gives you quick access to your settings,
search and spam quarantines.
The navigation is on the very top of the screen just under the logo and allows you access to your E-mail
Addresses, Trusted Senders, Settings and more.
4
The main screen has three panels:
-
Announcements: Important notices from your system administrator
Find messages: Type in a part of the email or subject to locate a message
Browse SPAM: Review your SPAM quarantines by browsing through messages
E-Mail Addresses
E-Mail Addresses section of the portal allows you to configure your own SPAM management policies –
What should ExchangeDefender™ do with SPAM: quarantine, delete or deliver? If your system
administrator has given you the right to set these settings yourself you can quickly make the changes
under the Manage dropdown (click on Select one and pick the desired action).
5
You can manage multiple e-mail addresses through the same ExchangeDefender™ account. Most users
have additional aliases (additional e-mail addresses) and this feature enables you to review all SPAM
messages using the same login or to receive a single Daily SPAM report.
Quarantine Operations
If you have chosen to quarantine SPAM with ExchangeDefender™ we will never delete your e-mail.
Instead, it is stored on our servers, allowing you to save bandwidth, mailbox quota and time by quickly
finding or browsing for anything that may have been incorrectly identified as SPAM.
ExchangeDefender™ quarantine screens (browsing messages or searching) have several components.
There are three buttons on top of every message listing – Release, Trust Sender, Review All. To the left
of those are links that show you how many SPAM messages are in the quarantine, ability to move back
and forth through messages or show them all on the same screen (Warning: Be careful with Show All as
loading thousands of SPAM messages at once can crash your browser).
6
The body of the quarantine listing shows you where the message came from, what the subject was and
when it was received, respective to your time zone. On the very left of each message is a checkbox – you
can check several messages and select the action – Release or Trust Sender. Clicking on Review All allows
you to mark all messages as reviewed so that they do not appear on the main portal screen and give you
a way to identify which messages you’ve already looked at. This action is quite useful for individuals that
receive a lot of SPAM and check their quarantines several times a day.
Release and Trust Sender operations are very intuitive and allow you to act on several messages at once.
These actions are similar in that they both deliver the suspected SPAM message to your inbox within
seconds. Trust Sender is special because in addition to releasing the message from the quarantine it also
adds the sender of the message to your trusted senders list automatically.
Trusted Senders
Trusted Senders or whitelist allow you to make exceptions to how ExchangeDefender™ processes
messages from certain senders. Whitelists allow you to provide e-mail addresses or domains you never
want scanned for SPAM content. Just enter the email address or domain you wish to always receive mail
7
from regardless of the SPAM content, select an email address which these messages go to (or check box
Apply to all my e-mail addresses to whitelist to all addresses).
Deleting addresses from this list is easy as well because whitelists are sorted alphabetically and broken
up by the email address they apply to.
Settings
ExchangeDefender™ settings allow you to customize the display and behavior of ExchangeDefender™ enable or disable Daily SPAM report e-mails, set default time zone, change password or limit the
number of items shown when you browse message or trusted senders lists.
8
Daily SPAM Reports
ExchangeDefender allows you to receive a single daily email giving you quick access to all possible SPAM
messages that were quarantined during the previous day. This web page (HTML) email gives you a
single-click access to deliver a message, trust sender and review entire days worth of email.
9
In addition to the Daily SPAM Report you can also enable an Intraday SPAM Report. This is an additional
daily email that can be helpful if it is critical that you review SPAM messages received during the day.
Keep in mind that you have real-time access to all messages through the ExchangeDefender™ Admin
Portal web site at any time.
10
ExchangeDefender Administrator Guide
The following section helps ExchangeDefender™ administrator configure and manage security for the
protected domain and its users.
Overview
ExchangeDefender™ Admin Portal web site allows you to quickly establish a security policy for your
domains, manage users, search quarantines and provide overall management for all mail coming in or
out of your mail server. ExchangeDefender™ is a secure managed SMTP service provided out of 14 data
centers spanning hundreds of servers dedicated to enforcing your organizations messaging security
policies. ExchangeDefender™ also provides advanced archiving, business continuity, failover, routing and
selective delivery services without installing server software or hooking directly into your network at all.
This secure deployment “in the cloud” (over the Internet) allows ExchangeDefender™ to provide the
ultimate security solution without compromising corporate privacy policies.
Deployment Scenario
ExchangeDefender™ is deployed in two stages. Your mail server should first be instructed to route all
outbound SMTP mail through our ExchangeDefender™ outbound network. This is accomplished through
the smarthost mechanism which is present in all modern SMTP servers. The second step is to protect
inbound mail by pointing the MX records at the ExchangeDefender™ inbound network. Finally, IP
restrictions are put in place to restrict which systems are allowed to relay messages out of your network
and which addresses ExchangeDefender™ will relay messages into your network.
Firewall, smarthost and IP restriction configuration is device/service dependant and is beyond the scope
of this document. However, we do have whitepapers and webcasts on our web site that can assist you
with configuration or you can just give us a call.
Web Interface
ExchangeDefender™ management is primarily managed through the secure ExchangeDefender™ Admin
Portal web site at:
https://admin.exchangedefender.com
ExchangeDefender™ Admin Portal web site is a secure web site using commercially-signed 128-bit SSL
certificate to encrypt all data exchanged between your computer and our network. This is the same type
of security used by major banks and e-commerce sites such as Amazon and eBay so you can feel free to
enter data and know it is secure. Furthermore, data provided through the ExchangeDefender™ Admin
Portal web site is completely encrypted on the server side making identity theft very difficult.
11
What can be done through the ExchangeDefender Admin Portal?
Account Management
-
Create a new account
Add e-mail address aliases (additional SMTP addresses) to the account
Change account password, time zone, paging, report settings
Customize account’s SPAM management policies: Deliver, Quarantine or Delete
Enable and schedule Daily and Intraday SPAM reports
Resend password reminders and welcome messages
Manage users account on their behalf
Policies
-
Establish complex & granular policies per user, domain or organization
Manage archiving settings for government and regulatory compliance
12
-
Manage virus scanning preferences and ExchangeDefender™ confidence levels
Set organizational tolerance for SPAM
Manage multiple levels of SPAM to reduce users review time
Lists
-
Easilly manage per-user blacklists and whitelists (banned users, trusted senders)
Manage global per-domain or organization-wide whitelists and blacklists
SPAM Czar
-
Delegate SPAM management functions to the individual or department
Empower individual user to review SPAM and SureSPAM for the entire organization
Allow Spam Czar to manage, search, add, trust and release messages for the entire company
Allow limited priviledge (no administrative rights) access to quarantines and whitelists
Search all quarantined messages in realtime across all accounts
Settings
-
Set paging to limit the number of items you see per page
Set your default time zone
Change your ExchangeDefender™ password
Account Management
Account Management section of the ExchangeDefender Admin Portal allows you to control every aspect
of your organizations mail security. You can create accounts, manage SPAM settings, search quarantine
in realtime, establish domain policies and control everything that the user can control. This functionality
enables you to reduce the time required to troubleshoot any issues your users may encounter because
you see what they see.
13
Find Accounts
Find Accounts section allows you to quickly locate the user by typing just a part of their email address.
New Account
New account section allows you to provide ExchangeDefender™ security to a user that is new to your
organization. This process is quick and easy with recommended settings set by default, leaving plenty of
room to completely customize and lock down a user as needed. This section completely creates new
users ExchangeDefender™ profile so they can log into the ExchangeDefender™ Administrative Portal,
opens up mail forwarding to your mail server, establishes SPAM tolerance and allows you to determine
which daily e-mail reports the user should receive.
14
SPAM and SureSPAM Policies
There are several actions you can use to handle SPAM and SureSPAM messages before they reach your
server. These actions are Deliver, Quarantine or Delete:
Deliver – Automatically deliver all SPAM or SureSPAM to this user but modify the subject
([SPAM] prefix) and add an SMTP header: X-ExchangeDefender-SPAM: Yes.
Quarantine – Do not deliver possible SPAM or SureSPAM message to the user, quarantine it on
the ExchangeDefender network instead. User can still access the message through the
15
ExchangeDefender™ Admin Portal in real-time, through the daily and intraday SPAM reports or
by the administrator or Spam Czar.
Delete – The ultimate no to SPAM, automatically and permanently deletes the message without
quarantining, logging or delivering the message.
Note: ExchangeDefender™ is configured to quarantine possible SPAM or SureSPAM messages by default.
This setting immediately makes the user more productive by keeping messages out of users mailbox but
still provides for an opportunity to review and retrieve the messages that may be incorrectly identified
as SPAM. We believe that best practices configuration is to Quarantine SPAM messages and Delete
SureSPAM messages when you are comfortable with ExchangeDefender™ performance and trust its
ability to correctly identify SPAM.
Additional SMTP Addresses (Aliases, Forwards)
ExchangeDefender™ administrators and users can add multiple email addresses to a single account.
Most users tend to have multiple email addresses associated with their email accounts and
ExchangeDefender can consolidate those reports and streamline search and daily e-mail reports.
Resend Password Reminders and Welcome Message
Users frequently lose or accidentally delete their welcome messages, passwords and other information.
ExchangeDefender™ allows you automatically resend welcome and password reminder messages for
any user.
Manage Daily and Intraday E-mail Reports
Daily reports provide a convenient way to alert the user that some of their messages may have been
quarantined. This system is highly efficient because it does not require any additional software to be
installed. E-mail reports give the user a single daily e-mail containing the list of all quarantined messages
and allow single-click Release or Trust Sender (whitelist) without the need to authenticate to the
ExchangeDefender™ web site. It makes the entire organization immediately productive by reducing the
amount of clicks required to review messages, reduces the quota and system impact because instead of
a few hundred SPAM messages your user will only receive one daily report containing them all.
There are two actions associated with the daily SPAM report:
Deliver – Release message from the quarantine and deliver to users mailbox.
Trust Sender – Release message from quarantine, deliver to users mailbox and add the original
sender to the Trusted Sender (whitelist) so no future messages from that sender are ever caught
in the SPAM quarantine.
16
Manage User
The ultimate in user management – select this action to be automatically logged in as the user and make
all the changes on their behalf. See what they see!
Policies
ExchangeDefender™ policy engine is the system that enforces the rules you have set to manage your
messaging hygiene. This powerful system controls which rules are applied to each message going
through ExchangeDefender™ and considers everything from security to encryption and spam handling.
Note: Be careful when making modifications to the policy engine. By default we enforce the optimal
configuration, making changes to the policy engine behavior can affect your organization’s security and
privacy so seek management approval before making significant changes to the system.
17
Lists
Lists section of the ExchangeDefender™ Admin Portal manages exceptions ExchangeDefender makes in
processing messages. Whitelists allow you to provide email addresses or domains you never want
scanned for SPAM content. Conversely, Blacklists allow you to specify which email addresses, domains
or network addresses you always want considered as SPAM so they can never send mail to your users.
Managing blacklists and whitelists is quite simple: just enter the sender and recipients email addresses
and select whether messages matching that criteria should be whitelisted or blacklisted. Additionally
you can enter entire domains, countries or IP address blocks.
SPAM Czar
SPAM Czar role allows you to delegate spam management functions of the entire organization to an
individual or department. Some organizations choose to designate a single person or department as the
main reviewer of all ExchangeDefender™ quarantined mail because they believe their staff is not
18
technical enough to manage SPAM or too busy to be bothered with managing their own junk mail.
Whatever the reason, ExchangeDefender™ SPAM Czar role is a limited-privilege account that only allows
the designated user to review other users messages and act on them.
What can SPAM Czar do? SPAM Czar has the same power over quarantined messages as every other
user protected by ExchangeDefender™; they can search the quarantine, release messages, trust senders,
and review messages for the entire organization.
Note: SPAM Czar has no administrative power. Even though SPAM Czar can manage all SPAM and trust
lists there is no way for them to view users messages, adjust system policies, change passwords or affect
the behavior of ExchangeDefender™.
Settings
ExchangeDefender™ administrative settings allow you to customize the way ExchangeDefender™
presents the information on the web site. For example, you can set your time zone so that all message
timestamps match your locale. You can also change the number of items shown per page or change the
password used to access the portal.
19
Note: It is important to note that ExchangeDefender™ settings are for display purposes only. Actual
ExchangeDefender™ management is defined by the policies you set for each individual domain or user.
20
Download