Chapter 6: ScanMail emanager



Similar documents
Document Part No. SEEM50893/11101

Trend ScanMail. for Microsoft Exchange. Quick Start Guide

Chapter 7: Configuring ScanMail emanager

K7 Mail Security FOR MICROSOFT EXCHANGE SERVERS. v.109

ESET Mail Security 4. User Guide. for Microsoft Exchange Server. Microsoft Windows 2000 / 2003 / 2008

Symantec Mail Security for Microsoft Exchange Getting Started Guide

Kaspersky Security 8.0 for Microsoft Exchange Servers AD Administrator's Guide

ADMINISTRATOR'S GUIDE

Archive Server for MDaemon Keep track of all your ! Save that information in a safe place and retrieve it in a snap.

Symantec Mail Security for Domino

System Compatibility. Enhancements. Operating Systems. Hardware Requirements. Security

Quick Heal Exchange Protection 4.0

Symantec Mail Security for Microsoft Exchange Getting Started Guide

Kaspersky Security 8.0 for Microsoft Exchange Servers Installation Guide

Trend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice.

Symantec Mail Security for Microsoft Exchange

Copyright 2011 Sophos Ltd. Copyright strictly reserved. These materials are not to be reproduced, either in whole or in part, without permissions.

Core Protection Suite

ASAV Configuration Advanced Spam Filtering

Frequently Asked Questions for New Electric Mail Administrators 1 Domain Setup/Administration

MailFoundry Users Manual. MailFoundry User Manual Revision: MF Copyright 2005, Solinus Inc. All Rights Reserved

Symantec Mail Security for Microsoft Exchange

Microsoft Exchange Server 2007, Upgrade from Exchange 2000/2003 ( /5049/5050) Course KC Days OVERVIEW COURSE OBJECTIVES AUDIENCE

About this documentation

Kaspersky Security 9.0 for Microsoft Exchange Servers Administrator's Guide

Kaspersky Security 9.0 for Microsoft Exchange Servers Administrator's Guide

Symantec Mail Security for Microsoft Exchange

Core Filtering Admin Guide

PureMessage for Microsoft Exchange Help. Product version: 3.1

PureMessage for Microsoft Exchange Help. Product version: 4.0

Policy Based Encryption Gateway. Administration Guide

AND SERVER SECURITY

AND SERVER SECURITY

Avira Managed Security AMES FAQ.

1 Accessing accounts on the Axxess Mail Server

No filter is perfect. But with your help, MailCleaner may aim at perfection. Case Description Solution

Installing GFI MailSecurity

FortiMail Filtering Course 221-v2.0. Course Overview. Course Objectives

Cloud Services. Cloud Control Panel. Admin Guide

Policy Patrol 7 Upgrade Guide

GREEN HOUSE DATA. Services Guide. Built right. Just for you. greenhousedata.com. Green House Data 340 Progress Circle Cheyenne, WY 82007

User guide Business Internet features

Avira Exchange Security Small Business Edition. Quick Guide

eprism Security Appliance 6.0 Release Notes What's New in 6.0

Configuration Information

Avira AntiVir Exchange 7

M+ Guardian Firewall. 1. Introduction

Symantec Hosted Mail Security Getting Started Guide

Service Launch Guide (US Customer) SEG Filtering

Kaspersky Security 8.0 for Microsoft Exchange Servers Administrator s Guide

KASPERSKY LAB. Kaspersky Anti-Virus 5.5 for Linux and FreeBSD Mail Servers ADMINISTRATOR S GUIDE

FortiMail Filtering Course 221-v2.2 Course Overview

Introduction. How does filtering work? What is the Quarantine? What is an End User Digest?

Kaspersky Security 8.0 for Microsoft Exchange Servers AD Installation Guide

Barracuda Security Service User Guide

Quick Start Guide for End Users

Client Server Messaging Security3

IceWarp Unified Communications. AntiVirus Reference. Version 10.4

The Institute of Education Spam filter service allows you to take control of your spam filtering.

AVG Server Edition

Exchange Security. User Manual

Feature Comparison Guide

User Guide. ThreatTrack Security Product Manual

Websense Security Transition Guide

Barracuda Spam Firewall User s Guide

INLINE INGUARD GUARDIAN

Using Security to Protect Against Phishing, Spam, and Targeted Attacks: Combining Features for Higher Education

Policy Based Encryption Gateway. Administration Guide

Avira Exchange Security 11 Release Notes

Installing GFI MailSecurity

Avira AntiVir Exchange User Manual

Secure Gateway (EMSG)

PureMessage for Microsoft Exchange 2013 startup guide. Product version: 4.0

MX LOGIC SPAM FILTERING

Migration Manual (For Outlook Express 6)

Worry-FreeTM. Business Security Standard and Advanced Editions. System Requirements. Administrator s Guide. Securing Your Journey to the Cloud8

V1.4. Spambrella Continuity SaaS. August 2

Quick Start Policy Patrol Mail Security 10

SPAMfighter Mail Gateway

Trend Micro InterScan Messaging Security Suite. Certification Training Course. Student Textbook

Updating Your Skills from Microsoft Exchange 2000 Server or Microsoft Exchange Server 2003 to Microsoft

Scan Sequence and Action in Microsoft Forefront Protection 2010 for Exchange Server

Quick Start Policy Patrol Spam Filter 9

Barracuda Spam Firewall

Getting started. Symantec AntiVirus Corporate Edition 8.1 for Workstations and Network Servers

escan SBS 2008 Installation Guide

Designing and Deploying Messaging Solutions with Microsoft Exchange Server 2010 Service Pack 2 MOC 10233

PROOFPOINT - SPAM FILTER

Mod 08: Exchange Online FOPE

Quick Reference. Administrator Guide

SonicWALL Security Quick Start Guide. Version 4.6

Title: Spam Filter Active / Spam Filter Active : CAB Page 1 of 5

Transcription:

Chapter 6: ScanMail emanager Chapter 6: ScanMail emanager Chapter Objectives After completing this chapter, you should be able to achieve the following objectives: Describe the purpose of ScanMail emanager 5.1 Describe the ScanMail emanager architecture Describe the features and functions of ScanMail emanager Describe how spam filtering works Describe how content filtering works 2003 Trend Micro Incorporated 131

Trend Micro ScanMail for Exchange Student Textbook ScanMail emanager Overview ScanMail emanager detects spam sent to users on the corporate LAN. With emanager, the Exchange server does not process rejected spam nor does it deliver it to client mailboxes. As new spam is released and as spam senders jump from routing domain to routing domain to obscure their identities, Trend Micro collects blocking information and incorporates it into new anti-spam rule and import files. ScanMail emanager also supports content filtering, which allows you to check inbound mail for content deemed offensive or otherwise undesirable. A content-filter policy consists of a group of conceptually related words and phrases that are matched against the text of email messages. You can use the included Trend Micro content-filter policies as well as define policies of your own. Program Architecture This section explains the general architecture of ScanMail, including the following: Architecture overview Filter architecture Spam filtering Content filtering Architecture Overview You can install ScanMail emanager on any server that is running the ScanMail Core Module (ScanMail main program). ScanMail emanager is a content filtering plug-in that you can add to ScanMail for Exchange. The ScanMail scanning engine performs the actual scanning. If you enable the ScanMail emanager content policies, the email is scanned for content before being scanned for viruses. emanager then prevents spam from entering your email system, and ScanMail for Exchange does not expend any resources scanning spam for viruses. However, the messages sent to your alert directory could contain viruses because they have not been scanned for viruses. 132 2003 Trend Micro Incorporated

Chapter 6: ScanMail emanager Figure 6-1 illustrates the relationship between ScanMail for Exchange and ScanMail emanager. ScanMail accepts email and sends it to the emanager module using a Distributed Component Object Module interface. Client Exchange Information Store Spam Filter emanager Matched: Deleted, Quarantined, or Archived Not Matched Content Filter Not Matched Matched: Deleted, Quarantined, or Archived 1. Event Logging 2. Notification Information for ScanMail 3. Action Information for ScanMail Uninfected and cleaned messages are returned to the Exchange Information Store ScanMail Message and Attachment are scanned. Infected messages are Cleaned, Deleted, or Quarantined Archive Figure 6-1: The relationship between the ScanMail emanager plug-in and ScanMail for Exchange Filter Architecture Spam Filtering The spam filter in ScanMail emanager evaluates the subject and header of email messages. By comparing the header information with a set of user-defined rules, the spam filter checks the origin of email messages to assess whether they are spam. Messages that match the filter rules can be deleted or quarantined and they are not passed to ScanMail for Exchange for virus checking. Alternatively, messages can be archived (copied to the archive directory) and passed to ScanMail for Exchange for virus checking. 2003 Trend Micro Incorporated 133

Trend Micro ScanMail for Exchange Student Textbook Spam rules are completely user-definable you can define an unlimited number of rules. Trend Micro also provides a comprehensive list, the rule file list, of the most flagrant spam messages, identified by subject, recipient, or sender. This list can be updated manually or at scheduled intervals. Exchange Information Store Exception Rules Spam Filter No Match Regular Rules No Match Match Logging Notification Action Trend Anti-Spam Rules Match Logging Notification Action No Match Content Filter Module ScanMail Figure 6-2: Anti-spam process flow You can also use the spam filter to define exception rules. Exception rules ensure the passage of any message containing a specified criterion, regardless of whether the message matches one or more anti-spam rules. A message is evaluated against the list of exception rules first. If the message does not match an exception rule criterion, it is evaluated against the regular anti-spam rules. If the message matches an exception rule, the remaining regular spam rules are ignored, and the message is evaluated against content filters (see Figure 6-2). For example, you might want to create an exception rule if one of the filters you have created matches an email message from a legitimate user. Although you want to keep the filter to block the undesired email messages, you also want to allow the delivery of the legitimate email message. In this case, you can create an exception rule, and emanager will deliver the legitimate email message. 134 2003 Trend Micro Incorporated

Chapter 6: ScanMail emanager Content Filtering The content filter in ScanMail emanager performs a more sophisticated analysis of the message text. Like the spam filter, the content filter evaluates messages based on user-defined policies. You can create these rule sets or policies to check for the use of inappropriate or offensive language before the message is delivered (see Figure 6-3). Spam Filter Module Content Filter No More Policies? Yes Yes Match Keywords for Take No Action No 1. Logging 2. Action Recorded Not Matched Policy Matched? Matched Any Match? Yes 1. Logging 2. Notifications 3. Actions ScanMail Figure 6-3: Content filter process flow 2003 Trend Micro Incorporated 135

Trend Micro ScanMail for Exchange Student Textbook Installation You can install ScanMail emanager locally or remotely, using the same installation program. You can also install ScanMail emanager on multiple servers. Preparing for the Installation ScanMail for Exchange must be installed on your Exchange server before you can install ScanMail emanager. ScanMail emanager should be installed on the same server as the ScanMail Core Module (the main ScanMail program). ScanMail emanager does not need to be installed on the same computer on which the ScanMail Management Console is installed. User Rights/Roles needed to Install ScanMail emanager In order to install ScanMail emanager, you must use a Windows Administrator account that has Domain Admin privileges. System Requirements Target Servers Microsoft Exchange 2000 Server with Service Pack 1 or above Windows 2000 Server or Windows 2000 Advanced Server with Service Pack 1 or above Intel Pentium 200 MHz or equivalent 128 MB minimum, 256 MB recommended 30 MB of free disk space for the program files 100 500 MB of free disk space for swap and temporary files A monitor with 800 x 600 resolution or better Microsoft Cluster Servers (Optional) Microsoft Exchange 2000 Advanced Server Setup PC Windows 2000 Server or Windows 2000 Professional Workstation LAN connection 136 2003 Trend Micro Incorporated

Chapter 6: ScanMail emanager Stopping ScanMail for Exchange You must stop the ScanMail for Exchange services before you install or upgrade ScanMail emanager. To stop ScanMail for Exchange, complete the following steps: 1. Click Windows Start Programs Administrative Tools Services. 2. Stop the ScanMail_Monitor, ScanMail_Web, and ScanMail_RealTimeScan services. Cluster Installation In ScanMail for Exchange, you can install to all nodes in the same installation session. In order to install ScanMail emanager, you must use a Windows Administrator account that has Domain Admin privileges. Lab Exercise 5: Installing ScanMail for Exchange emanager 2003 Trend Micro Incorporated 137

Trend Micro ScanMail for Exchange Student Textbook Chapter 6 Summary and Review Questions Summary ScanMail emanager is a plug-in module that filters incoming and outgoing email for spam and objectionable material. emanager comes with content-filter policies from Trend Micro and also allows for user-defined filters. Review Questions 1. When ScanMail emanager is installed, in which order do the various components receive incoming email? a. ScanMail, emanager, ScanMail, Exchange, recipient b. emanager, ScanMail, Exchange, recipient c. emanager, ScanMail, recipient d. Exchange, ScanMail, emanager, ScanMail, Exchange, recipient 2. What does the spam filter evaluate? a. The attachments b. The subject line c. The message content d. All of the above 3. How is the spam filter different from the content filter? a. It does not evaluate the origin of messages. b. It does not evaluate the subject line. c. It does not evaluate the message content. d. All of the above 138 2003 Trend Micro Incorporated

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information