Creating a security profile

To create a new security profile, select the menu item “Security Profiles” in the menu path “Products -> Microsoft Exchange -> Settings” and then the “Create security profile” button. You will then go to the form view for creating a new profile.

The following options are available:

Option	Explaination
RBL Modus	Off Deactivate check, the mail will be delivered unchecked. Day The mail is marked and delivered. Quarantine Mail is moved to quarantine and listed in the junk mail report. Day & Quarantine The mail is marked, moved to quarantine and listed in the junk mail report. block The mail is rejected.
Black Tag	Define the string with which the subject line should be marked if the sender is listed on the RBL (Real Time Blacklist).
Spam Mode	Off Deactivate check, the mail will be delivered unchecked. Tag The mail is marked and delivered. block The message will be rejected after it has been identified as spam. The recipient receives the error code 5xx. Exception: If the message has more than one recipient, e.g. one of which has activated AS-Blocking and one recipient has activated mark spam or whitelisting, the message is silently blocked for the first (blocking) recipient, i.e. without a bounce message, and for the other recipients delivered as configured. (Not SMTP-RFC compliant!)
Spam Tag	Here you specify the string with which the subject line should be marked if spam is identified.
Greylisting Mode	Messages from unknown () senders are temporarily rejected the first time they are sent and only accepted the second time they are sent (repeated attempt to send by the SMTP server). () unknown in this context means that there is no valid entry for the triplet consisting of the email address of the sender / email address of the recipient / IP address of the sender server. Options: All The messages from all senders go through the process according to the greylisting principle, unless there is an entry in a whitelist or greylist whitelist for the sender Blacklisted Only senders specified on the blacklist go through the process according to the greylisting principle, unless there is an entry in a whitelist or greylist whitelist for the sender. Disabled Deactivate check.
Block No-PTR	If a sender IP address does not have a PTR, the mail will be rejected.
Blacklist	The use of the user-based lists can be activated or deactivated for this class.
Whitelist	The use of the user-based lists can be activated or deactivated for this class.
Greylist Whitelist	The use of the user-based lists can be activated or deactivated for this class.
BATV	By activating BATV, the MAIL FROM address in the return path of outgoing e-mails is provided with a prvs tag (Simple Private Signature). If an e-mail cannot be delivered, a bounce (delivery status notification) is generated by the responsible e-mail system and sent to the address in the return path. The SGG system can then use the prvs tag to check whether the bounce is legitimate. A bounce with a different or missing prvs tag is rejected with the error code 550. A legitimate bounce is delivered to the sender.
Antispam Cyren	Enable or disable cyren for this class. The e-mails can be processed based on the return value of the scanner. Options: Off No email is spam. Confirmed Confirmed Spam. Confirmed & Bulk Confirmed spam and advertising. Confirmed & Bulk & Suspect Confirmed spam, advertising, and unsafe rating. All All emails are spam.
Junk mail retention time	Specify after how many days the spam should be deleted from the user quarantine. The default is 30 days. A maximum of 180 days can be selected.
Junkmail Mode	Define the quarantine – User Quarantine or Domain Quarantine.
Junkmail Report	Specify the form in which the junk mail report should be delivered. Options: Off The user does not receive a welcome message or a report. Welcome message The user receives a welcome message and no report. report The user receives a report and no welcome message. Welcome message & report The user receives a welcome message and a report.
Junk Mail Delivery Time (UTC)	The junk mail report will be delivered at the time specified here. The time is specified in UTC and must be adjusted accordingly.
Junk Mail Report Interval (hours).	By default, the junk mail report is delivered every 24 hours. Here you can change the interval. The interval is only valid within one day and is always calculated from the point in time entered under Junk Mail Delivery Time. Possible settings: 1/2/3/4/6/8/12/24
Cyren VOD	nable or disable Cyren VOD (Virus Outbreak Protection) for this class. The e-mails can be processed based on the return value of the scanner: If an attachment is suspected of being infected with a virus, the e-mail is temporarily rejected with the SMTP error code 4xx. If a virus is confirmed, the email is immediately and permanently rejected with the SMTP error code 5xx.
Virenscanner	Sophos & ClamAV Select this option to set Sophos Antivirus and Clam Antivirus as the first and second virus scanners. ClamAV & CyrenAV Select this option to set Cyren Antivirus and Clam Antivirus as the first and second virus scanners. CyrenAV & ClamAV & Sophos Select this option to activate all 3 virus scanners.
Max. Message size (MB)	The specification is made in megabytes. The system-wide maximum message size always has priority. The maximum message size is 999 MB. If the system-wide settings are to apply, please enter the value 0.
Block file attachment	If Block file attachment is activated globally, settings can be made here for individual service classes. The feature can also be deactivated in this case, however, globally specified file types are always blocked. Options: Disabled Deactivate block The message is blocked, the sender receives the error code 5xx, the session is ended.
File extensions	Enter the extensions of the file attachments that are to be blocked. Mime types can also be blocked. Specification separated by “:” or line feed. The following wildcards can be used: “” – matches any character string “?” – corresponds to a single character You can prefix an entry with an exclamation mark (“!”), Which turns the entire list into an allow list. All file attachments from this list are then allowed. List entries without an exclamation mark are no longer taken into account. Example:! Text / :! application / * :! pdf Recommendation: ade: adp: bas: bat: chm: cmd: com: cpl: crt: exe: hlp: hta: inf: ins: isp: js: jse: lnk: mdb: mde: msc: msi: msp: mst: pcd: pif: reg: scr: sct: shs: shb: vb: vbe: vbs: wsc: wsf: wsh: application / x-rar: application / zip zippw: Password-protected ZIP archive. zipse: The ZIP archive could not be accessed. zipok: The ZIP archive has no password and could be scanned. zip: Any ZIP archive can still be blocked using this file extension.
Sender Policy Framework	Checks the IP address of the sending server to prevent forging sender addresses. Options: Disabled Deactivate check. block Messages are blocked, sender receives error code 5xx, session is ended. Tag Messages are delivered marked with the black tag.
Local Recipient Callout (Sek.)	For local recipients it is checked whether the sending e-mail address exists. Enter the waiting time for the response to the callout in seconds. The maximum waiting time is 999 seconds. If no check is to take place, please enter the value 0.

In the form, select the desired antivirus and antispam options that the profile should contain and save your details by selecting the “Save” button. You will then return to the overview page of the security profiles, on which the newly created security profile is displayed. If security profiles have been defined for your organization, you can assign security profiles to both mailboxes and distribution lists.

Cloud Manager online help

Pages

Creating a security profile