filips

ESET Staff
  • Content count

    67
  • Joined

  • Last visited

  • Days Won

    2

filips last won the day on April 6

filips had the most liked content!

About filips

  • Rank
    N/A

Profile Information

  • Gender
    Not Telling

Recent Profile Visitors

411 profile views
  1. Hi, unfortunately current version of EMSX does not support what you need. Email can be released by user only if it was quarantined by our antispam protection.
  2. Users can manage their spam emails - both release and delete are allowed on spam emails. The type column in screenshot you posted says "rule" - it was not quarantined by antispam but by rules. Email can be quarantined by AV protection, AS protection or by rules - the release action depends on this. I filed an improvement to give administrator control over this behavior to be able to: 1. Create a rule that forbids certain content (e.g. file type policy) - user cannot release such emails 2. Create a rule that defers certain content (e.g. suspected spam) - user can release such emails
  3. Hi, Did you check event log for errors? Please try this: 1. start command prompt as administrator 2. run "msiexec" - this should open installer help - does it work? 3. run "msiexec /i emsx_nt64_ENU.msi /lvx* emsx.log" 4. attach log
  4. Hi, As i wrote above, this is not supported. Regular user cannot release emails quarantined by a content rule - only admin can. If you quarantined some emails with a rule and want to release them, you have 2 options: 1. log in to the web interface as administrator and release them 2. go to machine where EMSX is installed and release them using GUI If you want to allow regular users to release emails quarantined by content rule please submit a market requirement.
  5. Each user has access to his quarantined emails, but may not be able to do all operations. This is for security reasons. e.g. If admin creates a rule that prohibits .exe files it would be too easy for the user to just release emails with .exe files. Now he has to request the files from admin. If you have a specific content rule and want to allow users to release emails quarantined by this rule - this is currently not possible. Could you give us an example/use case of what you are trying to achieve? thanks
  6. Hi, the type column says "rule" which means that regular user is not permitted to release such email - only admin. You can specify quarantine administrators in advanced setup/server/mail quarantine
  7. That sounds like the quarantine page is somehow broken. Can you post a screenshot?
  8. Users are only permitted to release spam emails, emails quarantined by content rules or by antivirus can only be released by administrator. This behavior is by design. Maybe this is the problem in your case? If you are just testing the quarantine, you can use GTUBE string to quarantine email as spam.
  9. Hi, You can enable quarantine web interface to allow users manage their quarantined emails. (http://help.eset.com/emsx/6.5/en-US/index.html?idh_xmon_quarantine_web.htm) You can also add "Send mail quarantine reports" task in tools/scheduler, which will send reports to selected users periodically. (http://help.eset.com/emsx/6.5/en-US/index.html?idh_scheduler_task_qreports.htm)
  10. 1) Please, install ESHP 6.5.15006.0, which should resolve these errors seen in the logs: „ERROR 'SHARED_MEM_ERROR', object: SharePoint Agent: Reading updated memory size of stream failed.“ 2) BTW: You need to run the SHPIO under the same account as provided to our product. The SHPIO10 error looks like one reported when executing incorrect version (i.e. incompatible with the .NET used by the SharePoint). Did you run it from command line? Did it write anything to command line before/after the crash? Try executing SHPIO07 or 13 instead. Did it help? If there are still problems, please, open a support ticket and provide logs collected with ESET Log Collector.
  11. Hi, Try running: „shpioXX.exe displaystructure“ where XX is the number of your Sharepoint version (07,10,13). Any errors? You could also try looking for errors into SHPIO*.log diagnostic files in „%ProgramData%\ESET\ESET Security\Diagnostics\SharePoint\“
  12. Hi wolflord, You can use mail transport rules to achieve this, e.g.: Conditions: Internal message - False Recipient validation result - is - Contains invalid recipients Recipient validation result - is not - Contains valid recipients Actions: Log to events/Drop/Reject I suggest to do some testing with "Log to events" or "Reject message" action for some time and check logs if the rule works correctly. NOTE: Drop message action has one disadvantage - if a sender makes a typo in the email address, even a valid mail will be dropped (e.g. john.doe@mydomain.com vs. jonh.doe@mydomain.com)
  13. Hi, I'm not sure if this is what you're looking for, but there is a new feature in 6.5 products - you can choose which application statuses are shown on the server and which are transferred to ERA: http://help.eset.com/efsw/6.5/en-US/index.html?idh_config_disabled_statuses_dialog.htm
  14. Hi Jonathan, you could also try upgrading your EFSW to 6.4 and check if the issue persists
  15. Hi, this is probably a known issue of 4.5 - when VSAPI evaluates rules, it may use two values of sender - email address and display name. In that case the NOT operator does not work as expected. try something like this: NOT email@address.com AND NOT "display name" (both display name and email address used by VSAPI can be seen in log after enabling diagnostic logging)