5.11 Services

The Add Header service injects the specified header line or lines into messages. To add a line or lines to a new header for the message, simply specify the desired line(s) in the provided field. Messages referred to this service will have these lines added to the beginning of the message.

The Admin Quarantine service sends messages into the Quarantine system under administrator rights. Mail which has been quarantined will remain in the Quarantine system for 30 days by default. Normally, users are able to release messages from their own quarantine, however, the admin quarantine only allows users with administrator rights to release these messages.

The block service prevents delivery of a message to the intended recipient(s). A filter that has exceptions connected to it will override the block service.

The Carbon Copy service creates a BCC message and sends it to the specified address. This Service will be active on any filter that it is associated with. To add addresses to the list, simply enter them into the provided area. Multiple addresses may be used, each on an individual line.

The DKIM Sign allows for the signing of outgoing messages. See Enabling DKIM Signing Enabling DKIM Signingfor more information.

The Event Writer creates a file associated with each time a connected filter or service is activated. The Event Writer is a simple way to create a custom log of whenever an event occurs. When attached to any event, the writer will create the specified file with the specified text. This is in addition to any notifications. If a desired event is to be recorded, or a file is to be created whenever an event occurs, the Event Writer should be used in association with that event. Tie the event writer to the desired event in the workbench and specify the destination file name and contents. While the file name may be anything desired, the contents will be created as shown in the Event Text window. You can also write the event to the scanner log and enable meta-data tags in the event text.

Ham Reporting adds a link to a suspect message to allow the user to confirm thatit is a valid (ham) message rather then an undesired (spam) message.

Use this node to override actions of the interface that requested a message scan. Setting the delivery response overrides the default response sent to the connected mail system. This service is typically coupled with the block/quarantine service combination, where messages are blocked by Secure Messaging Gateway and placed in quarantine. In this situation, the sender is informed that the message was blocked, and may attempt to resend the message, even though it was in fact received - but not delivered on to the intended recipient. Overriding the response in this condition with an 'Accepted' response overrides the rejection response caused by the block service.

The Message Signature Service appends a signature onto the end of messages. To dictate a signature to be added to messages, simply add the desired signature into the configuration field utilizing the tools provided.

Use the Message Tag service to replace or alter the subject line of a message.

The Message Tracker service saves information about the message and results of the scanning process. The Message Tracker System contains detailed information about the message and the scanning process as well as information about the receipt and delivery of the message. Information will be recorded for all triggered filters unless you select the checkbox to only track filters that are connected to the message tracker service.

When a filter is triggered there is the option of sending a notification. If you create a filter group and connect the Notify service only to the group then the only the group will be referenced in the message. If you connect all the filters in the group to the Notify service then they will each be referenced, if activated. This is useful if you want to hide a function such as a forward for record keeping purposes. If the forward is in a filter group then only the group will be seen.

For example, if an Attachment Size filter triggered because a an attachment was too large, a notification can be sent to the sender reminding them of the attachment size limitation. A notification can also be sent to the recipient to tell them that a message was received but could not be delivered due to the attachment size limitation. Another notification can be sent to the system administrator to alert them of the issue.

The Quarantine service places messages into the Quarantine Management System, (QMS). The Quarantine Management System is the holding location, where messages await possible review and, or, release to mailboxes. Users may manage their own quarantine if given rights to do so. Administrators may restrict specific types or filter-flagged messages from being released from QMS. All configuration of Quarantine activity is completed with User rights and the within QMS itself. This service building block is only for placing messages in the QMS system.

Quarantine control provides the ability to selectively control what actions are available to the quarantine system for individual messages based on the configured filters. To implement this service, link the quarantine control node to the event that contains the filter that determines the control point. For example, to prevent dangerous attachments from being accessed, create a fingerprint filter to detect program file types and attach it to a quarantine control node with the disable release and disable attachment download options selected. With this setup, any messages that are placed in quarantine that have dangerous attachments can be reviewed by users, but not accessed. Disable digest - Prevents the quarantine service from including messages in the digest process Disable message release - Prevents users from releasing messages from the quarantine system. Disable attachment download - Prevents users from downloading attachments from the quarantine message viewer. Disable message view - Prevents users from opening and viewing messages. Messages are still listed in the users quarantine. Disable HTML view - Prevents users from viewing the HTML portion of messages which may contain objectionable images. Where 'User' is specified, this refers to controlling the end user functionality of the quarantine system. Where 'All' is specified, this refers to controlling all users of the quarantine system, including system administrators. This option provides safety against human error only, as admins can override the setting from the quarantine.

Spam Reporting adds a link to a suspect message to allow the user to confirm thatit is an undesired (spam) message rather then a valid (ham) message.

The statistics recorder records data on messages passing through the system where it is connected to events, exceptions, and filters. This is used with the Message Received filter. This Service requires no configuration. Simply set it in the correct listening spot in the system.