Home » Symantec Manuals » Networking » Symantec 10744983 » Manual Viewer

Symantec 10744983 Administration Guide - Page 235

Reputation Service, Open Proxy Senders is a sender group in Symantec Mail

UPC - 037648279321

Add to My Manuals
Save this manual to your list of manuals

Page 235 highlights

Glossary 235 notification Notifier Open Proxy Senders packet parameter password phishing ping (Packet Internet Groper) 1. In Symantec Mail Security, a separate email that can be automatically sent to the sender, recipients, or other email addresses when a specified condition is met. For example, if you have a policy that strips .exe attachments from incoming messages, you may want to also notify the sender that the attachment has been stripped. 2. In Symantec Mail Security, a periodic email summary sent by Spam Quarantine to users, listing the newly quarantined spam messages, and including links for users to immediately release messages to their inbox or to log in to their personal quarantines. See also Notifier. A component of Spam Quarantine, which resides on the Control Center in Symantec Mail Security. Notifier sends periodic email messages to users, providing a digest of their spam. The Notifier message (notification) is customizable; it can contain a list of the subject lines and senders of all spam messages. A dynamic list of IP addresses of identity-masking relays, including proxy servers with open or insecure ports, provided by Symantec based on data from the Probe Network. Because open proxy servers allow spammers to conceal their identities and off-load the cost of emailing to other parties, spammers will continually misuse a vulnerable server until it is brought offline or secured. Part of the Sender Reputation Service, Open Proxy Senders is a sender group in Symantec Mail Security. You can specify actions to take on messages from each sender group. A unit of data that is formed when a protocol breaks down messages that are sent along the Internet or other networks. Messages are broken down into standard-sized packets to avoid overloading lines of transmission with large chunks of data. Each of these packets is separately numbered and includes the Internet address of the destination. Upon arrival at the recipient computer, the protocol recombines the packets into the original message. A value that is assigned to a variable. In communications, a parameter is a means of customizing program (software) and hardware operation. A unique string of characters that a user types as an identification code to restrict access to computers and sensitive files. The system compares the code against a stored list of authorized passwords and users. If the code is legitimate, the system allows access at the security level approved for the owner of the password. An attempt to illegally gather personal and financial information by sending a message that appears to be from a well known and trusted company. A phishing message typically includes at least one link to a fake Web site, designed to mimic the site of a legitimate business and entice the recipient to provide information that can be used for identity theft or online financial theft. A program that system administrators and hackers or crackers use to determine whether a specific computer is currently online and accessible. Pinging works by sending a packet to the specified IP address and waiting for a reply; if a reply is received, the computer is deemed to be online and accessible.

Section	Page
Symantec Mail Security Administration Guide	1
Technical Support	3
Contents	9
1. About Symantec Mail Security	15
Key features	15
New features	16
Functional overview	18
Architecture	19
Where to get more information	20
2. Configuring system settings	23
Configuring certificate settings	23
Manage certificates	24
Configuring host (Scanner) settings	25
Working with Services	26
HTTP proxies	27
SMTP Scanner settings	27
Configuring Default SMTP Settings	31
Configuring internal mail hosts	35
Testing Scanners	35
Configuring LDAP settings	36
Configure LDAP settings	37
Synchronization status information	43
Replicating data to Scanners	45
Starting and stopping replication	46
Replication status information	46
Troubleshooting replication	47
Configuring Control Center settings	48
Control Center administration	49
Control Center certificate	50
Configuring, enabling and scheduling Scanner replication	50
Control Center Settings	51
System locale	52
3. Configuring email settings	53
Configuring address masquerading	53
Importing masqueraded entries	54
Configuring aliases	55
Managing aliases	56
Importing aliases	57
Configuring local domains	58
Importing local domains and email addresses	59
Understanding spam settings	60
Configuring suspected spam	61
Choosing language identification type	61
Software acceleration	62
Configuring spam settings	62
Configuring virus settings	62
Configuring LiveUpdate	63
Excluding files from virus scanning	64
Configuring Bloodhound settings	64
Configuring invalid recipient handling	65
Configuring scanning settings	66
Configuring container settings	66
Configuring content filtering settings	67
4. Configuring email filtering	69
About email filtering	69
Notes on filtering actions	78
Multiple actions per verdict	79
Multiple group policies	81
Security risks	81
About precedence	83
Creating groups and adding members	84
Add or remove members from a group	84
Assigning filter policies to a group	87
Selecting virus policies for a group	87
Selecting spam policies for a group	89
Selecting compliance policies for a group	89
Enabling and disabling end user settings	90
Allowing or blocking email based on language	92
Managing Group Policies	92
Manage Group Policies	93
Creating virus, spam, and compliance filter policies	94
Creating virus policies	94
Creating spam policies	96
Creating compliance policies	98
Managing Email Firewall policies	107
Configuring attack recognition	107
Configuring sender groups	108
Configuring Sender Authentication	119
Managing policy resources	120
Annotating messages	120
Archiving messages	122
Configuring attachment lists	124
Configuring dictionaries	126
Adding and editing notifications	128
5. Working with Spam Quarantine	131
About Spam Quarantine	131
Delivering messages to Spam Quarantine	132
Working with messages in Spam Quarantine for administrators	132
Accessing Spam Quarantine	132
Checking for new Spam Quarantine messages	133
Administrator message list page	133
Administrator message details page	135
Searching messages	137
Configuring Spam Quarantine	140
Delivering messages to Spam Quarantine from the Scanner	140
Configuring Spam Quarantine port for incoming email	141
Configuring Spam Quarantine for administrator-only access	141
Configuring the Delete Unresolved Email setting	142
Configuring the login help	142
Configuring recipients for misidentified messages	142
Configuring the user and distribution list notification digests	143
Configuring the Spam Quarantine Expunger	149
Specifying Spam Quarantine message and size thresholds	150
Troubleshooting Spam Quarantine	150
6. Working with Suspect Virus Quarantine	157
About Suspect Virus Quarantine	157
Routing messages to Suspect Virus Quarantine	157
Accessing Suspect Virus Quarantine	158
Checking for new Suspect Virus Quarantine messages	158
Suspect Virus Quarantine messages page	158
Searching messages	160
Configuring Suspect Virus Quarantine	162
Configuring Suspect Virus Quarantine port for incoming email	162
Configuring the size for Suspect Virus Quarantine	163
7. Testing Symantec Mail Security	165
Verifying normal delivery	165
Verifying spam filtering	165
Testing antivirus filtering	166
Verifying filtering to Spam Quarantine	167
8. Configuring alerts and logs	169
About alerts	169
Configuring alerts	171
Viewing logs	171
Working with logs	172
About logs	173
Configuring logs	173
9. Working with Reports	177
About reports	177
Selecting report data to track	178
Choosing a report	178
About charts and tables	188
Setting the retention period for report data	188
Running reports	189
Saving and editing Favorite Reports	190
Running and deleting favorite reports	190
Troubleshooting report generation	191
No data available for the report type specified	191
Sender HELO domain or IP connection shows gateway information	191
Reports presented in local time of Control Center	191
By default, data are saved for one week	192
Processed message count recorded per message, not per recipient	192
Recipient count equals message count	193
Deferred or rejected messages are not counted as received	193
Reports limited to 1,000 rows	193
Printing, saving, and emailing reports	193
Print, save, or email reports	194
Scheduling reports to be emailed	194
Schedule, Edit, or Delete Reports	194
10. Administering the system	197
Getting status information	197
Overview of system information	198
Message status	198
Host details	203
LDAP Synchronization	204
Log details	204
Version Information	204
Scanner replication	205
Managing Scanners	205
Editing Scanners	205
Enabling and disabling Scanners	206
Deleting Scanners	207
Administering the system through the Control Center	208
Managing system administrators	208
Managing software licenses	209
Administering the Control Center	209
Starting and stopping the Control Center	209
Checking the Control Center error log	210
Increasing the amount of information in BrightmailLog.log	211
Starting and stopping UNIX and Windows services	213
Starting and stopping Windows services	213
Starting and stopping UNIX services	215
Periodic system maintenance	215
Backing up logs data	216
Backing up the Spam and Virus Quarantine databases	216
Maintaining adequate disk space	219
A. Integrating Symantec Mail Security with Symantec Security Information Manager	221
About Symantec Security Information Manager	221
Interpreting events in the Information Manager	222
Configuring data sources	223
Firewall events that are sent to the Information Manager	224
Definition Update events that are sent to the Information Manager	224
Message events that are sent to the Information Manager	225
Administration events that are sent to the Information Manager	226
Glossary	229

Match case Limit results 1 per page

notification

1. In Symantec Mail Security, a separate email that can be automatically sent to

the sender, recipients, or other email addresses when a specified condition is met.

For example, if you have a policy that strips .exe attachments from incoming

messages, you may want to also notify the sender that the attachment has been

stripped. 2. In Symantec Mail Security, a periodic email summary sent by Spam

Quarantine to users, listing the newly quarantined spam messages, and including

links for users to immediately release messages to their inbox or to log in to their

personal quarantines. See also Notifier.

Notifier

A component of Spam Quarantine, which resides on the Control Center in Symantec

Mail Security. Notifier sends periodic email messages to users, providing a digest

of their spam. The Notifier message (notification) is customizable; it can contain

a list of the subject lines and senders of all spam messages.

Open Proxy Senders

A dynamic list of IP addresses of identity-masking relays, including proxy servers

with open or insecure ports, provided by Symantec based on data from the Probe

Network. Because open proxy servers allow spammers to conceal their identities

and off-load the cost of emailing to other parties, spammers will continually

misuse a vulnerable server until it is brought offline or secured. Part of the Sender

Reputation Service, Open Proxy Senders is a sender group in Symantec Mail

Security. You can specify actions to take on messages from each sender group.

packet

A unit of data that is formed when a protocol breaks down messages that are sent

along the Internet or other networks. Messages are broken down into

standard-sized packets to avoid overloading lines of transmission with large

chunks of data. Each of these packets is separately numbered and includes the

Internet address of the destination. Upon arrival at the recipient computer, the

protocol recombines the packets into the original message.

parameter

A value that is assigned to a variable. In communications, a parameter is a means

of customizing program (software) and hardware operation.

password

A unique string of characters that a user types as an identification code to restrict

access to computers and sensitive files. The system compares the code against a

stored list of authorized passwords and users. If the code is legitimate, the system

allows access at the security level approved for the owner of the password.

phishing

An attempt to illegally gather personal and financial information by sending a

message that appears to be from a well known and trusted company. A phishing

message typically includes at least one link to a fake Web site, designed to mimic

the site of a legitimate business and entice the recipient to provide information

that can be used for identity theft or online financial theft.

ping (Packet Internet

Groper)

A program that system administrators and hackers or crackers use to determine

whether a specific computer is currently online and accessible. Pinging works by

sending a packet to the specified IP address and waiting for a reply; if a reply is

received, the computer is deemed to be online and accessible.

235

Glossary