Jump to content

M.K.

ESET Staff
  • Posts

    54
  • Joined

  • Last visited

  • Days Won

    4

M.K. last won the day on September 4

M.K. had the most liked content!

About M.K.

  • Rank
    Newbie
    Newbie

Profile Information

  • Location
    Slovakia

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Just to be sure - are those emails blocked by the Sender Spoofing protection? If yes, then the IP range should be added either to the Ignored IP list and marked as an infrastructure IP, or added to the List of my own IP addresses under Sender Spoofing protection section.
  2. Hi, #2 and #3 should be already supported in released products. Top level domains (e.g. ".click") are accepted in Blocked Senders list. IPv6 addresses are accepted as parameters in the IP condition in rules. We will update the tooltips and help page accordingly. As for the #1 - we are tracking this requirement in our backlog, but currently there is no target date.
  3. Hi, you can create a transport rule: [if] Sender's domain ... is on the Blocked Sender's list [then] Quarantine message and/or [if] Sender's IP address ... is on the Blocked domain to IP list [then] Quarantine message
  4. Ad. "variable something like %HeaderFromDisplayName%": it's definitely doable. Ad. "Increase or Decrease SCL value": that's also doable, we can see the added value of such rule action.
  5. Ad %FROMADDRESS%: we will add all missing expandable macros to rule actions in the upcoming feature release. Ad. Exceptions for conditions in rules: we track this feature in our backlog. It didn't have a very high priority compared to other requirements, as there is a workaround available for most cases and we didn't want to overcomplicate the current design of rules. It's possible we will re-prioritize it again in the future. Ad. Infected status for attachments blocked by rules - we are aware of this situation and are analyzing possible solutions.
  6. Hello, the environment variable you mentioned should already work. Maybe the documentation hasn't been updated, but this is the list of currently supported macros (case insensitive): %ENVELOPESENDER% %ENVELOPEDOMAIN% %FROMADDRESS% %FROMDOMAIN% %REPLYTOADDRESS% %REPLYTODOMAIN% Ad #2 and #3 - will look at that. Ad #4 - all conditions should have a way how to define them also as a negation, i.e. "is" vs "is not", "contain" vs "doesn't contain" etc... Do you have some example where you can't define the rule now in a way that you want?
  7. Hi, once a rule has hit, by default no other rules are evaluated further. You can however add an action "Evaluate other rules" to any rule to continue with evaluation, so that possibly more rules can hit. If you refer to a situation when conditions for both (multiple) rules were true and you need to prioritize which action would be selected, the simplest solution is to change the order of rules, so that the rule with preferred action is on top.
  8. Hi, currently it's not possible. You could write a market requirement for this.
  9. Hi, one way to do it is to import a xml containing only the empty BlockedIPs property. This should remove all entries in the Blocked IP list. clean_BlockedIPs.txt
  10. Hi, a possible workaround is to switch the type of quarantine from "Local quarantine" to "Quarantine mailbox". That way you can access the quarantined emails also via Outlook/OWA/... and get access to the attachments before releasing them via ESET Mail Security.
  11. Hi, this should be possible. The condition "Internal message = false" should filter only the incoming messages.
  12. Hi, when there is a limit on number of IP addresses from Received headers set by user, they are counted from the most recent (appears on top). Local IP addresses and addresses on Ignore list are skipped i.e. not counted towards the limit. Note: besides Received headers, we also acquire the IP address of the connecting server from the SMTP session - this address is always checked against our cloud blacklists/whitelists, independent on whether it is part of Received headers or not.
  13. Hi, Ad. Internal: messages are consider as internal if the SMTP connection is not marked as external by Exchange server, or when the email comes from the internal mailbox, or when is submitted via local pickup. Ad. Outgoing: this is based on the email recipients categories. EMSX checks all recipients of the email to determine whether they are located in the same organization, in different organization, or are marked by Exchange as external.
  14. Hi, ESET Mail Security doesn't use any third party RBL by default, only our own cloud service.
  15. Hi Daenni, yes in Mail Quarantine you can check the original headers of quarantined emails, in the Details window.
×
×
  • Create New...