Email Track and Trace. Administration Guide



Similar documents
Quick Reference. Administrator Guide

AntiVirus. Administrator Guide

Data Protection. Administrator Guide

Boundary Encryption.cloud Deployment Process Overview

Spam Manager. Quarantine Administrator Guide

Spam Manager. User Guide

Image Control. Administrator Guide

Policy Based Encryption Z. Administrator Guide

Web Security Firewall Setup. Administrator Guide

Policy Based Encryption E. Administrator Guide

Policy Based Encryption E. Administrator Guide

Portal Administration. Administrator Guide

Address Registration. Administrator Guide

Symantec Backup Exec Management Plug-in for VMware User's Guide

Policy Based Encryption Essentials. Administrator Guide

AntiSpam. Administrator Guide and Spam Manager Deployment Guide

Services Deployment. Administrator Guide

Encryption. Administrator Guide

Enterprise Vault.cloud. Microsoft Exchange Managed Folder Archiving Guide

Symantec Data Center Security: Server Advanced v6.0. Agent Guide

Symantec Mobile Management for Configuration Manager

Trustwave SEG Cloud Customer Guide

Symantec Critical System Protection Agent Guide

Symantec Enterprise Vault

formerly Help Desk Authority HDAccess Administrator Guide

Symantec Enterprise Vault

Veritas Operations Manager Package Anomaly Add-on User's Guide 4.1

January 23, 2010 McAfee SaaS Continuity User Guide

Symantec Enterprise Security Manager Oracle Database Modules Release Notes. Version: 5.4

Symantec ESM agent for IBM AS/400

Symantec Enterprise Vault

Altiris Monitor Pack for Servers 7.1 SP2 from Symantec Release Notes

Symantec Enterprise Vault Technical Note. Administering the Monitoring database. Windows

Veritas Operations Manager LDom Capacity Management Add-on User's Guide 4.1

Security Analytics Engine 1.0. Help Desk User Guide

Symantec Mail Security for Microsoft Exchange Management Pack Integration Guide

Quick Start Guide for Symantec Event Collector for ForeScout CounterACT

Synchronization Tool. Administrator Guide

Symantec Mail Security for Microsoft Exchange Management Pack Integration Guide

Configuring Symantec AntiVirus for Hitachi High-performance NAS Platform, powered by BlueArc

IBM Lotus Protector for Mail Encryption

Norton Small Business. Getting Started Guide

Best Practices for Running Symantec Endpoint Protection 12.1 on the Microsoft Azure Platform

Symantec Virtual Machine Management 7.1 User Guide

Symantec Enterprise Security Manager Modules for Sybase Adaptive Server Enterprise Release Notes 3.1.0

Dell Spotlight on Active Directory Server Health Wizard Configuration Guide

Symantec Endpoint Encryption Device Control Release Notes

Symantec Enterprise Security Manager Modules. Release Notes

Symantec Critical System Protection Agent Event Viewer Guide

Microsoft Dynamics GP. Electronic Signatures

Enabling Windows Management Instrumentation Guide

Symantec Database Security and Audit 3100 Series Appliance. Getting Started Guide

Symantec NetBackup Vault Operator's Guide

IBM Lotus Protector for Mail Encryption

Spambrella SaaS Encryption Enablement for Customers, Domains and Users Quick Start Guide

Symantec Enterprise Vault

Symantec Managed PKI. Integration Guide for ActiveSync

Microsoft Exchange Mailbox Creation

Symantec Backup Exec System Recovery Exchange Retrieve Option User's Guide

Symantec Enterprise Vault

Dell One Identity Cloud Access Manager How to Configure vworkspace Integration

Symantec ESM Agent For IBM iseries AS/400

Symantec NetBackup Backup, Archive, and Restore Getting Started Guide. Release 7.5

NetBackup Backup, Archive, and Restore Getting Started Guide

How To Set Up Total Recall Web On A Microsoft Memorybook (For A Microtron)

Backup Exec Cloud Storage for Nirvanix Installation Guide. Release 2.0

HP A-IMC Firewall Manager

Veritas Cluster Server Database Agent for Microsoft SQL Configuration Guide

Contents Firewall Monitor Overview Getting Started Setting Up Firewall Monitor Attack Alerts Viewing Firewall Monitor Attack Alerts

TIBCO Slingshot User Guide

NetBak Replicator 4.0 User Manual Version 1.0

Symantec Integrated Enforcer for Microsoft DHCP Servers Getting Started Guide

eprism Security Suite

Altiris Patch Management Solution for Windows 7.1 from Symantec Release Notes

Symantec ApplicationHA agent for SharePoint Server 2010 Configuration Guide

Contents Notice to Users

Symantec Enterprise Vault

Self Help Guides. Create a New User in a Domain

Symantec Enterprise Vault

Symantec Security Information Manager - Best Practices for Selective Backup and Restore

Spam Manager User Guide. Boundary Defense for Anti-Spam End User Guide

Sophos for Microsoft SharePoint Help. Product version: 2.0

WaveWare Technologies, Inc. We Deliver Information at the Speed of Light

Personal Dashboard User Guide

Dell Statistica Statistica Enterprise Installation Instructions

NCD ThinPATH Load Balancing Startup Guide

Symantec Endpoint Protection Integration Component 7.5 Release Notes

Smart Connect. Deployment Guide

Sage HRMS 2014 Sage Employee Self Service Tech Installation Guide for Windows 2003, 2008, and October 2013

Symantec Protection for SharePoint Servers Getting Started Guide

Symantec Client Firewall Policy Migration Guide

Cisco Jabber for Windows 10.5 Advanced Features Guide

Symantec Enterprise Vault

Symantec Endpoint Protection Shared Insight Cache User Guide

formerly Help Desk Authority HDAccess User Manual

Ad-hoc Reporting Report Designer

Enterprise Vault Installing and Configuring

Symantec Enterprise Vault

BlackBerry Web Desktop Manager. Version: 5.0 Service Pack: 4. User Guide

Patch Assessment Content Update Release Notes for CCS Version: Update

Transcription:

Administration Guide

Track and Trace Administration Guide Documentation version: 1.0 Legal Notice Legal Notice Copyright 2013 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, the Checkmark Logo and are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. No part of this document may be reproduced in any form by any means without prior written authorization of Symantec Corporation and its licensors, if any. Symantec Corporation 350 Ellis Street Mountain View, CA 94043 http://www.symantec.com Clients are advised to seek specialist advice to ensure that they use the Symantec services in accordance with relevant legislation and regulations. Depending on jurisdiction, this may include (but is not limited to) data protection law, privacy law, telecommunications regulations, and employment law. In many jurisdictions, it is a requirement that users of the service are informed of or required to give consent to their email being monitored or intercepted for the purpose of receiving the security services that are offered by Symantec. Due to local legislation, some features that are described in this documentation are not available in some countries. Configuration of the Services remains your responsibility and entirely in your control. In certain countries it may be necessary to obtain the consent of individual personnel. Symantec advises you to always check local legislation prior to deploying a Symantec service. You should understand your company s requirements around electronic messaging policy and any regulatory obligations applicable to your industry and jurisdiction. Symantec can accept no liability for any civil or criminal liability that may be incurred by you as a result of the operation of the Service or the implementation of any advice that is provided hereto. The documentation is provided "as is" and all express or implied conditions, representations, and warranties, including any implied warranty of merchantability, fitness for a particular purpose or non-infringement, are disclaimed, except to the extent that such disclaimers are held to be legally invalid. Symantec Corporation shall not be liable for incidental or consequential damages in connection with the furnishing, performance, or use of this documentation. The information that is contained in this documentation is subject to change without notice. Symantec may at its sole option vary these conditions of use by posting such revised terms to the website.

Technical support If you need help on an aspect of the security services that is not covered by the online Help or administrator guides, contact your IT administrator or Support team. To find your Support team's contact details in the portal, click Support > Contact us.

This document includes the following topics: About Email Track and Trace Searching for an email with Email Track and Trace Searching by message ID in Email Track and Trace Viewing Email Track and Trace search results Viewing email delivery details in Email Track and Trace Requesting Email Track and Trace results by email Enabling a user for Email Track and Trace About Email Track and Trace The Email Track and Trace tool lets you trace a specific email and determine if and when it was processed and the action taken. You can search for an email that was processed within the last 30 days. Typically, an email is searchable within 15 minutes of entering the Email Services infrastructure. The Email Services infrastructure does not store copies of any emails that pass through it. Rather, it logs key information about each email at the time of processing. When an email is found, the following details are displayed: Whether and when an email was accepted or not into the Email Services infrastructure. Note: The infrastructure rejects all emails that are not on your organization's valid address list. To avoid an email being rejected, ensure that your Address Registration address list is always up to date.

Searching for an email with Email Track and Trace 5 Whether and when the email was delivered to the recipient's network. Or, in the event of an unsuccessful first delivery attempt, whether retry attempts are in progress. Which of the Email Services intercepted the email and the action that was taken on it. The Email Track and Trace tool enforces a security policy that ensures you can only search for the emails that you have permission to view. The security policy is based on the following criteria: The organization you work for. The access privileges that are associated with your portal login ID. Access rights for Email Track and Trace are applied across all of the domains that are provisioned for your account. The user role. An administrator with the Edit Configuration permission can access Email Track and Trace. An administrator can grant an Email Track And Trace user role for other portal users. You can find Email Track and Trace in the portal under the Tools tab. See Searching for an email with Email Track and Trace on page 5. See Searching by message ID in Email Track and Trace on page 7. See Requesting Email Track and Trace results by email on page 13. See Viewing Email Track and Trace search results on page 8. See Viewing email delivery details in Email Track and Trace on page 10. See Enabling a user for Email Track and Trace on page 13. Searching for an email with Email Track and Trace To perform a search, you must specify at least one of the following criteria: Recipient Sender Subject line To identify a specific email, we recommend that you provide as much information as possible when defining your search criteria. You can view your results on screen or have them emailed to you.

Searching for an email with Email Track and Trace 6 To search for an email 1 Select Tools > Email Track and Trace. 2 In the Search tab, enter your search criteria. To display additional search options, select Show All. The following search options are available: Search options Recipient Description Search for the recipient's email address. The email address must conform to valid email address format, including an @ symbol and a period. An asterisk (*) can be used as a wildcard to represent one or more characters, for example *@domain.* The maximum field length is 255 characters. Sender Search for the sender's email address. The email address must conform to valid email address format, including an @ symbol and a period. An asterisk (*) can be used as a wildcard to represent one or more characters, for example *@domain.* The maximum field length is 255 characters. Date range Specify the time range for your search. You can search for any emails that were processed within the last 30 days. An email is typically searchable within 15 minutes of it entering the infrastructure. You can select from a preset range of hours or days, or you can select a specific time range. The timezone defaults to the one that is defined in your Profile. You can change the timezone for a search as required. Subject line Search by subject line. If you only know part of the subject line, select one of the options in the drop-down menu: "Contains", "Begins with", or "Ends with". Then, enter the characters to search for. An asterisk character (*) cannot be used as wildcard in this search box. If you search with an asterisk, the Email Track and Trace tool searches for any emails that contain an asterisk within the subject line.

Searching by message ID in Email Track and Trace 7 Search options Attachment filename Receiving server external IP Sending server external IP Service Helo Attachment MD5 checksum Email size Description Search for the name of the attachment file. The maximum field length is 255 characters. Search for emails that have been delivered to a specific IP address. Wildcards are not supported. Search for the IP address of the sending mail server. Wildcards are not supported. Note: You cannot search for the sending host name details. If you suspect that one of the Email Services intercepted an email, you can search by the service name, for example "Content Control". You can use the Helo string as one of your search parameters (part of the SMTP receiving server identification process). Asterisk wildcards are not supported. Search for an email attachment's unique MD5 checksum string. The search box must contain an MD5 checksum string in valid format (32 alphanumeric characters). Search for emails within a preset size range. 3 Select whether to receive your results on screen or by email. 4 Click Search. See About Email Track and Trace on page 4. See Viewing Email Track and Trace search results on page 8. See Searching by message ID in Email Track and Trace on page 7. Searching by message ID in Email Track and Trace Mail servers generate a unique message ID for each email that is sent out. An Email Track and Trace search by message ID pinpoints an individual email. To search for an email by message ID 1 Select Tools > Email Track and Trace. 2 Select the Search by ID tab. 3 Enter the message ID in the Message ID box.

Viewing Email Track and Trace search results 8 4 Select whether to receive your results on screen or by email. 5 Click Search. See Searching for an email with Email Track and Trace on page 5. See About Email Track and Trace on page 4. See Viewing Email Track and Trace search results on page 8. Viewing Email Track and Trace search results When you submit your search, a progress bar is displayed while the search runs. When the search completes, the page displays a list of entries that match your search criteria. You can sort the results once all of the results are returned by clicking on a column heading of your choice. The results list remains available in the portal for 24 hours or until you submit a new search. Your search criteria also remain on screen when your results are displayed so that you can refine your search if necessary. The Email Track and Trace tool searches across multiple datacenters and can display up to 1,000 results from each datacenter. However, if more than 1,000 results are found, we recommend that you refine your search criteria. As well as viewing your search results on screen, you can also send them in CSV format to an email address. Note: If an email was sent to multiple recipients, each instance of the email is shown in the search results list. The following table shows the information that is displayed in the results list. Table 1-1 Column heading Message direction Subject Recipient Sender Email Track and Trace results list Description The icon to the left of the subject field shows whether the email is inbound to your domain or outbound from your domain. The subject line of the email. The email address of the intended recipient. The email address of the sender.

Viewing Email Track and Trace search results 9 Table 1-1 Column heading Accepted Email Track and Trace results list (continued) Description If the email was accepted into the infrastructure, this column displays a check mark icon and the date and time that the email was received. Any email that is not accepted into the infrastructure is listed as rejected because the address is not registered. The infrastructure rejects all emails that are sent to addresses that are not on your organization's valid address list. Therefore, to avoid an email being rejected, ensure that your Address Registration address list is always up to date. Delivered If the email was delivered to the recipient's network, the date and time of delivery are displayed along with a check mark icon. Note: In some circumstances, the email appears as delivered to the recipient's network, but may not have reached the intended recipient. Typically, the recipient organization's email security policies for inbound email are the reason for an email not reaching an intended recipient. If the email was not delivered to the recipient's network, it could be for one of the following reasons: Not delivered The email was not delivered into the recipient s network. One of the Email Services may have intercepted it, or the email was not accepted into the Email Services infrastructure in the first place. Pending information The complete log for the email is not available yet. Typically, an email is searchable within 15 minutes of entering the infrastructure. Try your search again in a short while. Retrying delivery The email is in the process of being sent. An email enters a retry schedule if it cannot be delivered immediately. Delivery failed We tried to deliver the email, but were unsuccessful. The delivery failure may be due to a connection problem between our infrastructure and the recipient's network. Note: When malware is detected in an outgoing email and that email is blocked and not sent, a Track and Trace log record is not created because the recipient never receives the blocked message. The recipient's email administrator may be notified, depending on the policies of the recipient network. Because no log entry is created, Track and Trace searches will not find blocked messages, nor will the messages be included in Track and Trace reports. This can cause a discrepancy between the total number of messages sent and the number of messages found by Track and Trace, which can give the appearance that messages are missing.

Viewing email delivery details in Email Track and Trace 10 Table 1-1 Column heading Service Email Track and Trace results list (continued) Description Which of the Email Services that the email has triggered during processing. See Searching for an email with Email Track and Trace on page 5. See Viewing email delivery details in Email Track and Trace on page 10. Viewing email delivery details in Email Track and Trace When you submit an Email Track and Trace search, a list of results is displayed on screen. To view detailed information about a specific email, click on the associated item in the results list. To view full delivery information 1 Select Tools > Email Track and Trace. Enter your search criteria and submit your search. 2 When you have received your search results, click on the required entry in the results list. A pop-up window displays the delivery details in the Summary tab. One of the following main delivery status messages is displayed at the top of the page: Delivered to recipient network The email was delivered to the recipient's network. Note: In some circumstances, the email appears as delivered to the recipient's network, but may not have reached the intended recipient. Typically, the recipient organization's email security policies for inbound email are the reason for an email not reaching an intended recipient. Not delivered The email was not delivered to the recipient s network. One of the Email Services may have intercepted it, or the email was not accepted into the Email Services infrastructure in the first place. Pending information The complete log for the email is not available yet. Typically, an email is searchable within 15 minutes of entering the infrastructure. Try your search again in a short while.

Viewing email delivery details in Email Track and Trace 11 Retrying delivery The email is in the process of being sent. An email enters a retry schedule if it cannot be delivered immediately. Delivery failed We tried to deliver the email, but were unsuccessful. The delivery failure may be due to a connection problem between our infrastructure and the recipient's network. The following information is provided in the Summary page: Detail Sender Recipient Subject Message Size Message ID Message Reference Connection Description The email address of the sender. The email address of the recipient. The subject line of the email. The total size of the email message, including any attachments. The message ID, as shown in the header of most emails. The message reference number. If the email was accepted into the infrastructure for scanning, a check mark icon and the Accepted label are displayed. If the email was rejected, an "X" icon and the Email rejected label are displayed. The infrastructure rejects all emails that are not on your organization's valid address list. To avoid an email being rejected, ensure that your Address Registration address list is always up to date. Sending Server Sending Server Helo The IP address of the sending mail server. The Helo string that identifies the sending SMTP server.

Viewing email delivery details in Email Track and Trace 12 Detail Connection Started Connection Finished Status Security Scan Delivery result Delivery Attempts Latest Attempt Recipient Server View advanced delivery information Description The date and time in GMT that the sending server has connected to our infrastructure. The date and time in GMT that the sending server has disconnected from our infrastructure. If the delivery status is Retrying delivery, this field provides detailed information about the delivery retries. If one or more of your Email Services intercepted the email, the service that applied the most severe action is provided. The main delivery status of the email message. The number of delivery attempts. The date and time in GMT of the most recent delivery attempt. The IP address of the recipient server. Clicking this link opens the Log View tab, which displays detailed connection information in chronological order according to dates and times in GMT.

Requesting Email Track and Trace results by email 13 3 Click on the Attachments tab for information about any email attachment. You cannot open the Attachments tab if the email did not have an attachment. If the email has an associated attachment, the attachment's name is displayed along with its MD5 checksum value. 4 Click on the Log View tab for detailed connection information. Detailed connection information is displayed in chronological order according to dates and times in GMT. See Viewing Email Track and Trace search results on page 8. See About Email Track and Trace on page 4. Requesting Email Track and Trace results by email You can have the results of an Email Track and Trace search sent to you or to another recipient in an email. The results are sent as a CSV file attachment. The CSV file is password protected. To request search results by email 1 Select Tools > Email Track and Trace. The Search tab opens. 2 Define your search criteria. 3 At the bottom of the Search page, select Email the results as a CSV file when the search is complete. 4 Enter a valid email address. 5 Create a password for the CSV file and enter it in the Password for results file box. 6 Click Search. See About Email Track and Trace on page 4. See Searching for an email with Email Track and Trace on page 5. See Viewing Email Track and Trace search results on page 8. Enabling a user for Email Track and Trace An administrator with the Edit Configuration user role can access Email Track and Trace. An administrator can assign the Email Track And Trace user role to other portal users who are within the administrator's organization.

Enabling a user for Email Track and Trace 14 To enable a user for Email Track and Trace 1 Select Administration > User Management. 2 Add the new user, or locate an existing user. 3 Assign the Email Track and Trace custom role to the user. See About Email Track and Trace on page 4.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information