Home » Symantec Manuals » Networking » Symantec 10490452 » Manual Viewer

Symantec 10490452 Administration Guide - Page 246

SSL Secure Sockets, SPF Sender Policy

UPC - 037648265683

Add to My Manuals
Save this manual to your list of manuals

Page 246 highlights

246 Glossary signature site SMTP (Simple Mail Transfer Protocol) spam spam attack Spam Quarantine spam scoring SSH (Secure Shell) SSL (Secure Sockets Layer) SPF (Sender Policy Framework) spyware 1. A state or pattern of activity that indicates a violation of policy, a vulnerable state, or an activity that may relate to an intrusion. 2. Logic in a product that detects a violation of policy, a vulnerable state, or an activity that may relate to an intrusion. This can also be referred to as a signature definition, an expression, a rule, a trigger, or signature logic. 3. Information about a signature including attributes and descriptive text. This is more precisely referred to as signature data. A collection of one or more computers hosting Symantec Mail Security for SMTP, in which exactly one computer hosts a Control Center, and one or more computers host Scanners. If the site consists of one computer, that computer will include the Control Center and a Scanner. The protocol that allows email messages to be exchanged between mail servers. Then, clients retrieve email, typically via the POP or IMAP protocol. 1. Unsolicited commercial bulk email. 2. An email message identified as spam by Symantec Mail Security for SMTP, using its filters. A series of spam emails from a specific domain. Symantec Mail Security for SMTP allows you to choose an action to perform on these messages; by default, messages received from violating senders are deferred. A database that stores email messages separately from the normal message flow, and allows access to those messages. In Symantec Mail Security for SMTP, Spam Quarantine is located on the Control Center computer, and provides users with Web access to their spam messages. Users can browse, search, and delete their spam messages and can also redeliver misidentified messages to their inbox. An administrator account provides access to all quarantined messages. Spam Quarantine can also be configured for administratoronly access. The process of grading messages when filtering email for spam. Symantec Mail Security for SMTP assigns a spam score to each message that expresses the likelihood that the message is actually spam. See also suspected spam. A program that allows a user to log on to another computer securely over a network by using encryption. SSH prevents third parties from intercepting or otherwise gaining access to information sent over the network. A protocol that allows mutual authentication between a client and server and the establishment of an authenticated and encrypted connection, thus ensuring the secure transmission of information over the Internet. See also TLS. A set of standard practices for authenticating email. If the sender's domain owner participates in SPF, the recipient MTA can check for forged return addresses. Symantec Mail Security for SMTP allows you to specify an action for messages that fail SPF authentication. Stand-alone programs that can secretly monitor system activity and detect passwords and other confidential information and relay the information back to another computer.

Section	Page
About Symantec Mail Security for SMTP	11
Key features	11
Functional overview	12
Architecture	13
Where to get more information	14
Configuring system settings	17
Configuring certificate settings	17
Configuring host (Scanner) settings	20
Working with the Services page	20
HTTP proxies	21
SMTP Scanner settings	22
Advanced SMTP settings	25
Configuring internal mail hosts	28
Testing Scanners	28
Configuring LDAP settings	29
Synchronization status information	36
Replicating data to Scanners	37
Starting and stopping replication	38
Replication status information	38
Troubleshooting replication	39
Configuring Control Center settings	40
Control Center administration	41
About specifying host names for Control Center access	42
Control Center certificate	42
Configuring, enabling and scheduling Scanner replication	42
Local replication settings	43
SMTP host	44
System locale	44
Configuring email settings	45
Configuring address masquerading	45
Importing masqueraded entries	46
Configuring aliases	47
Importing aliases	49
Configuring local domains	50
Importing local domains and email addresses	51
Understanding spam settings	51
Configuring suspected spam	52
Choosing language identification type	52
Software acceleration	53
Configuring spam settings	53
Configuring virus settings	54
Configuring LiveUpdate	54
Configuring Rapid Response updates	55
Installing non-default definitions	55
Excluding files from virus scanning	55
Configuring general settings	56
Configuring invalid recipient handling	56
Configuring scanning settings	57
Configuring container settings	57
Configuring content filtering settings	58
Configuring email filtering	61
About email filtering	61
Notes on filtering actions	66
Multiple actions	67
Multiple policies	69
Security risks	70
About precedence	71
Creating groups and adding members	72
Assigning filter policies to a group	75
Selecting virus policies for a group	75
Selecting spam policies for a group	77
Selecting compliance policies for a group	78
Enabling and disabling end user settings	79
Requirements for enabling end user settings	79
Allowing or blocking email based on language	80
Managing Group Policies	81
Creating virus, spam, and compliance filter policies	82
Creating virus policies	83
Determining your suspicious attachment policy	84
Changing default virus actions	84
Creating spam policies	85
Creating compliance policies	86
Guidelines for creating compliance policy conditions	86
Adding conditions to compliance policies	88
Determining compliance policy order	93
Enabling and disabling compliance policies	93
Managing Email Firewall policies	93
Configuring attack recognition	94
Configuring sender groups	95
About Allowed and Blocked Senders Lists	97
How Symantec Mail Security for SMTP identifies senders and connections	98
Adding senders to Blocked Senders Lists	99
Adding senders to Allowed Senders Lists	100
Deleting senders from lists	101
Editing senders	101
Enabling or disabling senders	101
Importing allowed and blocked sender information	102
Exporting sender information	104
Enabling Open Proxy Senders, Safe Senders, and Suspected Spammers lists	105
Configuring Sender Authentication	105
Managing policy resources	106
Annotating messages	106
Editing an annotation	108
Archiving messages	109
Configuring optional archive tags	109
Configuring attachment lists	110
Configuring dictionaries	112
Importing dictionary keywords	113
Editing a dictionary	114
Adding and editing notifications	114
Working with Spam Quarantine	117
About Spam Quarantine	117
Delivering messages to Spam Quarantine	117
Working with messages in Spam Quarantine for administrators	118
Accessing Spam Quarantine	118
Checking for new Spam Quarantine messages	118
Administrator message list page	118
Details on the administrator message list page	120
Differences between the administrator and user message list pages	121
Administrator message details page	121
Differences between the administrator and user message pages	123
Searching messages	123
Search details	125
Differences between the administrator and user search pages	126
Configuring Spam Quarantine	126
Delivering messages to Spam Quarantine from the Scanner	126
Configuring Spam Quarantine port for incoming email	127
Configuring Spam Quarantine for administrator-only access	128
Configuring the Delete Unresolved Email setting	128
Configuring the login help	128
Configuring recipients for misidentified messages	129
Configuring the user and distribution list notification digests	130
Notification for distribution lists/aliases	130
Separate notification templates for standard and distribution list messages	131
Changing the notification digest frequency	131
Changing the notification digest templates	132
Enabling notification for distribution lists	133
Selecting the notification digest format	134
Configuring the Spam Quarantine Expunger	135
Setting the retention period for messages	135
Setting the Expunger frequency and start time	135
Specifying Spam Quarantine message and size thresholds	136
Troubleshooting Spam Quarantine	137
Message “The operation could not be performed” is displayed	137
Can’t log in due to conflicting LDAP and Control Center accounts	137
Error in log file due to very large spam messages	137
Error in log file “cannot release mail” from Spam Quarantine	138
Users don’t see distribution list messages in their Spam Quarantine	138
Undeliverable quarantined messages go to Spam Quarantine postmaster	139
Error in log file due to running out of disk space	139
Users receive notification messages, but can’t access messages	140
Duplicate messages appear in Spam Quarantine	141
Maximum number of messages in Spam Quarantine	141
Copies of misidentified messages aren’t delivered to administrator	141
Message “Unable to release the message” is displayed	141
Working with Suspect Virus Quarantine	143
About Suspect Virus Quarantine	143
Accessing Suspect Virus Quarantine	143
Checking for new Suspect Virus Quarantine messages	144
Suspect Virus Quarantine messages page	144
Details on the message list page	146
Searching messages	146
Search details	147
Configuring Suspect Virus Quarantine	148
Configuring Suspect Virus Quarantine port for incoming email	148
Configuring the size for Suspect Virus Quarantine	148
Testing Symantec Mail Security for SMTP	151
Verifying normal delivery	151
Verifying spam filtering	151
Testing antivirus filtering	152
Verifying filtering to the Spam Quarantine	153
Configuring alerts and logs	155
Configuring alerts	155
Viewing logs	157
Configuring logs	159
Working with reports	163
About reports	163
Choosing a report	164
About charts and tables	172
Selecting report data to track	172
Setting the retention period for report data	173
Running reports	173
Saving and editing Favorite Reports	174
Running and deleting favorite reports	175
Troubleshooting report generation	175
No data available for the report type specified	175
Sender HELO domain or IP connection shows gateway information	176
Reports presented in local time of Control Center	176
By default, data are saved for one week	176
Processed message count recorded per message, not per recipient	176
Recipient count equals message count	177
Deferred or rejected messages are not counted as received	177
Reports limited to 1,000 rows	177
Printing, saving, and emailing reports	177
Scheduling reports to be emailed	178
Administering the system	181
Getting status information	181
Overview of system information	182
Message status	182
Message details	182
Message queues	183
Message tracking	184
Host status	186
Host details	186
LDAP synchronization	187
Log details	188
Scanner replication	188
Version Information	188
Managing Scanners	188
Editing Scanners	189
Enabling and disabling Scanners	189
Deleting Scanners	190
Administering the system through the Control Center	191
Managing system administrators	191
Managing software licenses	192
Administering the Control Center	193
Starting and stopping the Control Center	193
Checking the Control Center error log	194
Increasing the amount of information in BrightmailLog.log	195
Starting and stopping UNIX and Windows services	196
Starting and stopping Windows services	196
Starting and stopping UNIX services	198
Periodic system maintenance	198
Backing up logs data	198
Backing up the Spam and Virus Quarantine databases	199
Maintaining adequate disk space	200
Feature Cross-Reference	201
New features for all users	202
Changes for Symantec Mail Security for SMTP users	203
New feature names	204
Discontinued features	204
Changes for Symantec Brightmail Antispam users	205
About email filtering and message handling options	206
Spam foldering and the Symantec Outlook Spam Plug-in	209
About foldering and the plug-in	209
Installing the Symantec Outlook Spam Plug-in	210
Usage scenarios	210
End user experience	210
Software requirements	212
Configuring automatic spam foldering	217
Configuring the Symantec Spam Folder Agent for Exchange	217
Configuring the Symantec Spam Folder Agent for Domino	218
Distributing end-user help	220
Uninstalling the Symantec Spam Folder Agent for Domino	221
Enabling automatic spam foldering	221
Enabling language identification	222
Integrating Symantec Mail Security with Symantec Security Information Manager	223
About Symantec Security Information Manager	223
Interpreting events in the Information Manager	224
Configuring data sources	225
Firewall events that are sent to the Information Manager	226
Definition Update events that are sent to the Information Manager	226
Message events that are sent to the Information Manager	227
Administration events that are sent to the Information Manager	228
Editing antivirus notification messages	231
Modifying notification files	231
Changing the notification file character set	232
Editing messages in the notification file	232
Notification file contents	233
Glossary	237

Match case Limit results 1 per page

246

Glossary

signature

1. A state or pattern of activity that indicates a violation of policy, a vulnerable state, or an

activity that may relate to an intrusion. 2. Logic in a product that detects a violation of

policy, a vulnerable state, or an activity that may relate to an intrusion. This can also be

referred to as a signature definition, an expression, a rule, a trigger, or signature logic. 3.

Information about a signature including attributes and descriptive text. This is more

precisely referred to as signature data.

site

A collection of one or more computers hosting Symantec Mail Security for SMTP, in which

exactly one computer hosts a Control Center, and one or more computers host Scanners. If

the site consists of one computer, that computer will include the Control Center and a

Scanner.

SMTP (Simple Mail

Transfer Protocol)

The protocol that allows email messages to be exchanged between mail servers. Then,

clients retrieve email, typically via the POP or IMAP protocol.

spam

1. Unsolicited commercial bulk email.

2. An email message identified as spam by

Symantec Mail Security for SMTP, using its filters.

spam attack

A series of spam emails from a specific domain. Symantec Mail Security for SMTP allows

you to choose an action to perform on these messages; by default, messages received from

violating senders are deferred.

Spam Quarantine

A database that stores email messages separately from the normal message flow, and

allows access to those messages. In Symantec Mail Security for SMTP, Spam Quarantine is

located on the Control Center computer, and provides users with Web access to their spam

messages. Users can browse, search, and delete their spam messages and can also

redeliver misidentified messages to their inbox. An administrator account provides access

to all quarantined messages. Spam Quarantine can also be configured for administrator-

only access.

spam scoring

The process of grading messages when filtering email for spam. Symantec Mail Security

for SMTP assigns a spam score to each message that expresses the likelihood that the

message is actually spam. See also suspected spam.

SSH (Secure Shell)

A program that allows a user to log on to another computer securely over a network by

using encryption. SSH prevents third parties from intercepting or otherwise gaining

access to information sent over the network.

SSL (Secure Sockets

Layer)

A protocol that allows mutual authentication between a client and server and the

establishment of an authenticated and encrypted connection, thus ensuring the secure

transmission of information over the Internet. See also TLS.

SPF (Sender Policy

Framework)

A set of standard practices for authenticating email. If the sender’s domain owner

participates in SPF, the recipient MTA can check for forged return addresses. Symantec

Mail Security for SMTP allows you to specify an action for messages that fail SPF

authentication.

spyware

Stand-alone programs that can secretly monitor system activity and detect passwords and

other confidential information and relay the information back to another computer.