Welcome!

This community is for professionals and enthusiasts of our products and services. Share and discuss the best content and new marketing ideas, build your professional profile and become a better marketer together.

Hide Intro Register

How does the Secure-ISS Email Gateway work?

Paul McIntyre

on 9/13/19, 1:47 AM • 2,202 views

Flag

Reply
Comment
Share

--Administrator--

Administrator

On 9/13/19, 2:41 AM

The Email Security Gateway (ESG) services has a number of layers and engines to determine if inbound mail is SPAM, contains a virus/ malware or other suspicious attachments or is part of a phishing campaign.

Each of the engines performs a different function and an email is allowed, denied or the subject modified according to these process outcomes.

The following diagram outlines the decision tree and data flow associated with each of the engines and how an email may or may not be quarantined by the ESG.

When an email flows through the decision tree email subjects will be prefixed with an attack type (or engine outcome). For example, if someone sends an email with the subject "50% off website SEO" that is determined to possibly be spam the subject will read "[SISSESG: Probable spam email] 50% off website SEO"

To provide our uses with the applicable policy and associated text, please refer to the following tables.

Anti-Spam

Email type

Additional Text to Subject

Result

Spam detected

[SISSESG: Spam]

Delete email and backup

Probable spam

[SISSESG: Probable spam email]

Allow through

Sender Blacklisted

[SISSESG: WARNING - Sender is Blacklisted in RBL]

Allow through

Mass mailing

[SISSESG: MASSMAIL]

Allow through

Anti-Virus

Email type

Additional Text to Subject

Result

Scan Errors

[SISSESG: scanning error - contact administrator if this message is required]

Delete email and backup

Encrypted object

[SISSESG: Encrypted attachment]

Attachment Deleted

Infected Email

[SISSESG: Infected]

Attachment Deleted

Disinfect Email

[SISSESG: Cured]

Attachment Deleted

Macro Detected

[SISSESG: Attachments with Macros]

Attachment Deleted

Anti-Phishing

Email type

Additional Text to Subject

Result

Phishing

[SISSESG: Phishing]

Delete email and backup

Malicious URL

[SISSESG: Malicious link]

Delete email and backup

Content Filtering

Email type

Additional Text to Subject

Result

Size is exceeded

[SISSESG: Message too large]

Reject email

Banned attachment type

[SISSESG: banned attachment]

Attachment Deleted

SPF Failure

[SISSESG: SPF FAILURE]

Reject email

An example of the email messages follows

Scan Status Alert (as per "Delete email and backup" above) an email will be sent to the user to notify them of the deletion.

The following screen-shot displays an example of an email that has failed two checks with the subject line adjusted accordingly.

Flag

Comment

Your Answer

Please try to give a substantial answer. If you wanted to comment on the question or answer, just use the commenting tool. Please remember that you can always revise your answers - no need to answer the same question twice. Also, please don't forget to vote - it really helps to select the best questions and answers!

Ask a Question

Keep Informed

About This Community

This community is for customers and partners of our products and services (Cloud or Cyber Security). Feel free to post any queries you have around our services and you are sure to get an answer from our team or one of the greater community. Read Guidelines

Question tools

2 follower(s)

Stats

Asked: 9/13/19, 1:47 AM
Seen: 2202 times
Last updated: 9/13/19, 2:41 AM