Escan/english/webprotection and Escan/english/antispam: Difference between pages

From eScan Wiki
(Difference between pages)
Jump to navigation Jump to search
No edit summary
 
No edit summary
 
Line 1: Line 1:
'''Web Protection '''
== '''Anti-Spam''' ==
   
   
'''Description''' :- Anti-Spam based on the NILP (Non Intrusive Learning Pattern) technology, intelligently filters all your junk and spam emails.


=='''Description'''==


Web Protection prevents viruses from penetrating your system during your online activities.
'''Status displayed in the main Protection Window''':-


The green colored Tick mark indicates the Anti-Spam  is active and running.


=='''Status in main Protection Center Window'''==
The red colored Cross mark indicates the Anti-Spam is inactive and stopped.


The <B><font color="Green"> '''green''' </font></B> colored Tick <U><B><font color="Green">(√)</font></B></U> mark indicates the Web Protection is active and running.


The <B><font color="Red"> '''red''' </font></B> colored Cross <U><B><font color="Red">(X)</font></B></U> mark indicates the Web Protection is inactive and stopped.
'''Configuration section'''  


''Status''


=='''Configuration section'''==
Anti-Spam Status – This will display the status of the Anti-Spam in Running or Disabled mode.


<U>''Status''</U>
Anti-Phishing Status – This will display the status of Anti-Phishing module is in Enabled or Disabled mode. (For more detail please check below in the section '''B. Spam Filter Configuration Section''')''' '''  


:''Web Protection Status '' This will display the status of Web Protection either in Running or Disabled mode.
Action – This will display the Action that will be taken on the email considered as Spam i.e. Quarantine/Delete.


:''Selected Profile –'' This will display the User Profile selected.


''Stop / Start buttons'' – Clicking stop / start button will disable or enable the Anti Spam.


:''Stop / Start buttons'' – Clicking stop / start button will disable or enable the Web Protection.
''Settings button'' – To configure the Anti-Spam for email scanning click on the Settings button.


:''Settings button'' – To configure the Web Protection for web traffic/ access control click on the Settings button.


'''I. Advanced'''


'''I. Select User Profile – '''This contains the various categories defined by MicroWorld, for controlling the access level to different web-sites for various types of users i.e. children to adult.


:# '''Walled Garden – '''This profile blocks all access to the net except the website in the whitelist. Recommended for children up to the age of 10. Default Status setting is Block Web Access (for more details refer to Webpage Filtering options below).
'''A. General Options section'''
:# '''Teenager – '''This profile blocks websites that are blacklisted and activates other filters like Webpage filter, Domain name filter, HTML Tags including page titles, Reserved word threshold of 1 and blocks all Java applets and activeX scripts except from predefined sites list.Recommended for kids in the age group of 11 to 15. Default Status setting is Block Web Access(for more details refer to Webpage Filtering options).
:# '''Adolescent – '''This profile blocks websites that are blacklisted and activates other filters like Webpage filter, Domain name filter, HTML Tags including page titles, Reserved word threshold of 5. Default Status setting is Active (for more details refer to Webpage Filtering options). Recommended for kids in the age group of 16 to 18.
:# '''Adult  ( default )– '''This profile allows all traffic except for the websites in the blacklists. No reserved word threshold value is used. Default Status setting is Active (for more details refer to Webpage Filtering options).


:The general buttons in User Profile window:
# Send Original Mail to User (default) - This option when enabled will send the email (though tagged as spam) to the original recipient of the email also. '''Note:''' If the email has been tagged as '''SPAM''', the email will be in the SPAM folder of the email client (i.e. Outlook Express). SPAM folder in the mail client is created by eScan.
# Do not check content of Replied or Forwarded Mails – This option when enabled will not check contents of email that are either replied or forwarded.
# Check Content of Outgoing Mails – This option when enabled will also check outgoing emails for restricted contents.


::* Activate :- This will activate the selected user profile and Web Protection will run as per the rules defined.
::* Default :- Clicking on this button, the default settings will be enabled.
::* Custom :- Clicking this buttons, users can customize the rulesets as per required.


'''Buttons'''


<font size=4><U>'''WEB PROTECTION SETTINGS:-'''</U></font>
'''a) Phrases – '''Clicking on this button, will enable the users to define a list of phrases to be checked in the body of an email and take the necessary actions i.e. either Quarantine / Delete the email.


:The various Webpage Filtering option available in the User Profiles Categories for customization (when clicked on Custom) as per user requirements:
* '''Enable E-Mail Content Scanning''' – When this option is enabled, body of the email will be checked for any listed words/phrases is found and the defined action will be taken.


* '''User specified whitelist of words/phrases '''- This will list the words/phrases defined and whitelisted by the users.


'''I) Filtering options '''
* '''User specified List of Blocked words/phrases''' - This will list the words/phrases defined and block listed by the users.
This section has pre-defined categories that help to control and block access to the Web.
 
'''Status Section: '''


* '''Active: '''This option when selected will block all the websites listed in the Filter Categories where the status column shows Block.
* '''Inactive: '''Web Protection is disabled.
* '''Block Web-Access: '''This option when selected will block all the website access except websites listed in the Websites_Allowed Filter Categories.


'''Filter Categories Section:'''
'''Options on Right Click:'''


1. Pornography – This category contains the list of sites / phrases based on pornographic contents.  
* '''Add Phrase:''' To add a word/phrase, right click and select Add Phrase. Add the word/phrase in the section and select the Action (Quarantine the Mail/Delete the Mail) to be taken on the email if the word/phrase is found in the content of the email.


2. Gambling This category contains the list of sites / phrases based on gambling contents.  
* '''Edit Phrase '''select this option to edit/modify the word/phrase or the action to be taken.


3. Chat - This category contains the list of sites / phrases based on chat contents. The words and phrases and /or sites defined can be added or deleted based on requirements.
* '''Enable Phrase – '''shall enable the listed word/phrase for Content check in the email and the defined action will be taken.


4. Alcohol - This category contains the list of sites / phrases based on contents based / related to violence. The words and phrases and /or sites defined can be added or deleted based on requirements.
* '''Disable Phrase – '''shall disable the listed word/phrase for Content check in the email and no action will be taken.


5. Violence - This category contains the list of sites / phrases based on contents based / related to violence. The words and phrases and /or sites defined can be added or deleted based on requirements.
* '''White List – '''shall add the listed word/phrase in the White list for Content check. White listed word/phrase will not be checked for Email Content Scanning.


6. Drugs - This category contains the list of sites / phrases based on contents based / related to drugs. The words and phrases and /or sites defined can be added or deleted based on requirements.
* '''Block List – '''shall add the listed word/phrase in the Block List for content check. Block listed word/phrase will be checked for Email Content Scanning.


7. Ratings_block_category This category helps to control and block access to the web and is kept open for any words/phrases and site names to be added to the words /phrases and to the site name list.  
* '''Find '''this will help to search and locate a word / phrase.


8. Websites Allowed – This category contains list of sites that are allowed to be accessed and not blocked. The site names listed within can be customized as per requirements.


'''Filter Options section: '''
'''B. Spam Filter Configuration Section '''  


'''Add sites rejected by the filter to lock Category -''' The sites that are denied access would automatically be added to the Block category database.
# Check for Mail Phishing – This option when enabled will check for fraudulent emails and will be quarantined.
# Treat Mails with Chinese / Korean character set as SPAM - This option when enabled will scan emails with Chinese / Korean characters. This check is based on our research done on various spam email samples collected world wide, wherein it is observed that spammers do use Chinese / Korean characters in their emails.
# Treat Subject with more than 5 whitespaces as SPAM – This option when enabled will check if "spacing" between characters / words in the subject of emails. This is also as per our research  and studies on various types of spam emails.
# Check content of HTML mails – This option when enabled will scan emails in HTML format along with Text.
# Quaranting Advertisement mails – This option when enabled, will check for advertisement types of emails and will be quarantined.




'''II) Scanning options (this option is not available in Walled Green User Profile) –'''  
'''Button'''
This option has many sub- features and functionalities that help to control and block access to the web.


'''Content Matching section '''
'''Advanced (Advanced Spam Filtering options) – '''For advance setting in Spam Filter Configuration click on the Advanced button.


This option is helpful in controlling and blocking access to the web based on matching content and which works on different criteria:-
# Enable Non Intrusive Learning Pattern (NILP) check – Non Intrusive Learning Pattern (NILP) is an advanced Bayesian Filtering method with the intelligence to analyze each mail according to the Behavioral Patterns of the user and comes with a self learning capability. It is one of the component of the Anti-Spam Module that helps prevent spam emails from reaching the user’s mailbox/inbox.
# Enable eMail Header check – This option when enabled, will check the validity of certain generic fields like From id, To id, CC id.
# Enable X-Spam Rules check – This option when enabled, will check the contents in the body of the email as per defined in the database of eScan. The database contains a list of  words / phrases each assigned a score / threshold. This database will referred and accordingly action on the email will be taken.
# Enable Sender Policy Framework (SPF) check – This option when enabled will check the SPF record of the sender domain. (This option, when enabled, requires direct internet connection).
# Enable Spam URI Realtime Blacklist (SURBL) check – This option when enabled, will check the URL’s in the message body of an email. If the URL is listed in the SURBL site, the email will be blocked from being downloaded..(''This option, when enabled it is recommended to have a  direct internet connection)''.
# Enable Realtime Blackhole List (RBL) check – This option when enabled, will check the senders IP address in the RBL sites. If the sender ip address is blacklisted in the RBL site, the email will be blocked from being downloaded''.(This option when enabled it is recommended to have a  direct internet connection)''.
# RBL Servers - This contains a list of servers / sites which maintains a list of Spammers details and can be changed as per one’s requirement (add / delete).
# Auto Spam Whitelist – This contains a list of valid email addresses which can bypass the above Spam filtering options. Thus allowing emails from the whitelisted are allowed to download to the recipient’s inbox.


i. Search in Site Name - The site name or url typed would be checked if it contains any reserved words / phrases listed in the restricted or blocked categories.


ii. Search in HTML Tags - The HTML tags would be checked if it contains any reserved words / phrases listed in the restricted or blocked categories.
'''C. Mail Tagging Options –'''
# Do not change email at all – This option when enabled will not add Spam Tag to the email, identified as Spam
# Both subject and body is changed. [Spam] tag is added in Subject. Actual spam content is embedded in Body – This option when enabled will add a Spam Tag in the Subject and the Body of email identified as Spam. This helps to identify the Spam emails.
# "X-Mailscan Spam: 1" header line is added. Actual spam content is embedded in Body – This option when enabled will add a Spam Tag in the Body of the email identified as Spam and a header line is added to the email
# Only [Spam] tag is added in Subject. Body is left unchanged – This option when enabled will add the Spam Tag only in the Subject of the email identified as Spam.
# "X-Mailscan-Spam: 1" header line is added. Body and subject both remain unchanged - This option when enabled will add a header line to the email but no tag is added to the Subject or body of the email.


iii. Search in Title - The site Title would be checked if it contains any reserved words / phrases listed in the restricted or blocked categories.


iv. Search in Page Text - The website’s text / page would be checked if it contains any reserved words/phrases listed in the restricted or blocked categories.  
'''II. Disclaimer'''
The disclaimer is a footer or signature that gets added /appended to all emails. The disclaimer can be added in the space provided.  


v. Search in Description and Keywords – The website’s description would be checked if it contains any reserved words / phrases listed in the restricted or blocked categories.
(a) Add Disclaimer to Outgoing emails - This option when enabled adds the disclaimer to all outgoing emails and as a result the recipient is made aware that the email received is scanned and virus free.  


vi. Reserved Word Threshold Level - This is a threshold level/limit set that keeps a count of the number of times a reserved word/s found in the website. If the word/s have appeared as per the Threshold level value or more, the access to the web is blocked.
(b) Add Disclaimer to Incoming emails - This option when enabled adds the disclaimer to all incoming emails and as a result the recipient is made aware that the email received is scanned and virus free.


'''Actions section'''
(c) Outgoing mails excluded from adding disclaimer – This option is activated /enabled when the option (a) is enabled. Using this option, the disclaimer is restricted from being added /appended to certain or specific email addresses or domains.


i. Log Violations - All violations are logged for easy administration and for future reference. (by default this is enabled).


ii. Shutdown Program in 30 secs If any of the rules/policies that are defined are found to be violated, then the software has a in-built functionality to automatically shutdown the program (browser) in 30 seconds
''Notification Setting button'' To configure the eScan Warning Notification Settings on actions taken on the emails click on the Notification button.
'''Content Type Section'''


i. Block Images - Images on websites will be blocked from being viewed


ii. Block Applications - Applications on websites will be blocked from being run / executed
* '''Virus Alerts section – '''Selecting the Alert Dialog-box will pop-up an alert window displaying the action taken on a particular email.


iii. Block eMails ([http://www.ietf.org/rfc/rfc822.txt RFC 822]) - Messages of [http://www.ietf.org/rfc/rfc822.txt RFC 822] would be blocked by default.


iv. Block Audio files - Audio files on websites will be blocked from being run / executed.  
* '''Warning Mails section – '''This contains a  predefined Notifications which will be sent either to the recipient.  


v. Block Video files - Video files on websites will be blocked from being run / executed.  
## Attachment Removed Warning to Sender – When selected a notification email will be sent to the sender of the email informing about the Attachment removed by eScan attached in the email.
## Attachment Removed Warning to Recepient – When selected a notification email will be sent to the recepient of the email informing about the Attachment removed by eScan attached in the email.
## Virus Warning to Sender – When selected a notification email will be sent to the sender of the email informing about the virus in the email and the action taken by eScan.
## Virus Warning to Recepient – When selected a notification email will be sent to the recepient of the email informing about the virus in the email and the action taken by eScan.
## Content Warning to Sender – When selected a notification email will be sent to the Sender of the email informing about the email sent has been considered as SPAM and has been quarantined at the recipient end.  
## Content Warning to Recepient – When selected a notification email will be sent to the recepeint of the email informing about the email sent has been considered as SPAM and has been quarantined.


'''Rating Systems section '''


This sections contains rules / policies as set by the World renowned organization that cater to Content Filtering on the internet viz. RSACI, ICRA, SafeSurf.  
* '''Delete Mails From User section – '''If any email from a particular sender or a domain has to be banned or not allowed to be downloaded, can be listed in this section. For eg. [mailto:xyz@domain.com xyz@domain.com] (for a single sender) or [mailto:*@domain.com *@domain.com] (for an entire domain).


i. RSACi (Recreational Software Advisory Council for the Internet) - Based on the work of Dr.Donal F. Roberts of Stanford University, who has studied the effects of media for nearly 20 years. Is a rating service of websites for content on the Internet.


ii. ICRA (Internet Content Rating Association) - Is a global, cross-cultural rating and filtering service of websites for content on the Internet.
'''Reports section –'''


iii. SafeSurf - Designed with inputs from thousand of  parents and Net Citizens to empower each family to make informed choice related to the online content.
''Statistics''


'''Advance Button '''
'' Total Quarantined Mails'' – Shows the total number of emails Quarantined.


* Set Ratings  - Clicking on this button can customize the level of the Ratings Systems to be configured.
''Total Clear Mails'' – Shows the total number of clean emails received and
delivered.


'''ActiveX Blocking Section'''


An ActiveX control is similar to a Java applet. An ActiveX control can be automatically downloaded and executed by a Web browser. But, there is also a risk that this may damage software or data on your system.
'''a. View Quarantined Mails –''' This displays all the emails that have been quarantined (i.e. marked as spam) by eScan for any of the defined rules /policies in eScan.  


i. Java Applets – Selecting this option will block the downloading and execution of Java Applets from the internet.
Java is a programming language from Sun Microsystems and in which an applet is written, it can be included in an HTML page, much in the same way an image is included in a page. When you use a Java technology-enabled browser to view a page that contains an applet, the applet’s code is transferred to your system and executed by the browser. For example - to enhance interactive control, primarily in Web browsers and other network-oriented interactive software applications.
ii. Scripts (Java and VB) – Selecting this option will block downloading and execution of Scripts from the internet.
Is a list of commands that can be executed without user interaction, to automate certain application tasks or to work in a particular computing environment/scenario. So, when any script be it Java or VB (Visual Basic) is found to contain any malicious code, it is blocked.
iii. Check for virus (default) - This option scans and blocks all activities carried out while browsing (reading of data on the website, downloading the files, etc...) if found to contain any malicious code.
'''Port Setting section'''
Internet Access (HTTP Port) - 80,8080,3128,6588,4480,88. (predefined commonly used ports for Internet access by browsers).
This will contain the ports used for web-access that will be monitored by Web Protection.
'''III) Define Time-Restriction '''
This option helps to customize the access to the web / internet. Here a time restriction can be defined in-order for the Web-Protection policies will be applied.


'''Buttons '''


'''IV) Popup Filtering section'''


This option enables in blocking popup’s from a Website
* Refresh – Clicking on this button refreshes the View Quarantined Mails Window.
* Stop – Clicking on this button stops the current process if started - for example – searching for a quarantined email.
* View – Clicking on this button will open the email and can be viewed.
* Find – Clicking on this button will search for a specific quarantined email.
* Delete – Clicking on this button will permanently delete the selected quarantined email.
* Message Source – Clicking on this button will provide more detail of the quarantined email like the Sender id, Sender IP address, etc…
* Hide emails – Clicking on this option will hide the quarantined emails.


'''Notification Section'''
This section alerts / notifies the user when a popup is blocked from a Website.
i. Block Popup - This option when enabled will block pop-ups from websites.
ii. Beep via PC Speaker - This option when enabled would beep (makes a sound) when a popup is encountered and blocked.
iii. Play Sound - This option when enabled will play a selected sound when a popup is encountered and filtered/blocked. Clicking on the Sound file button can customize the required sound file to be played.
'''White List Section'''
This section contains white listed website internet address, from where pop-ups would not be blocked by Web-Protection’s Pop-up filter.
'''Buttons:'''
* Add - This option enables the user or administrator to add a website to the White List so that the next time when this website is accessed, popup’s appear, are visible.
* Delete - This option enables the user or administrator to delete a website from the White List so that the next time when the same website is accessed, it gets filtered /blocked.
* Remove All - This option enables the user or administrator to remove all listed websites from the White List so that when any of these websites are being accessed and a popup tries to appear, they are filtered /blocked.
* Browse - This option enables the user to browse any of the listed websites in the White List.


Other Options –
** Subfolder Also – Selecting this option will show all the quarantined emails received on the current day including those received on the previous days.
** Show Attachment (s) – Selecting this option will show the attachment in the list.
** Open email(s) with MailClient – Selecting this option, the quarantined email can be opened / viewed using the default mail-client, for eg. Outlook Express, Microsoft Outlook. If this option is unchecked, then the email can be viewed using the eScan mail viewer.
** Show Only Hidden eMails – Selecting this option will only display the hidden emails.
** Show Only Unhidden eMails - Selecting this option will only display the unhidden emails.
** Show all eMails – Selecting this option will display all the email including hidden emails.
** Add Sender’s eMail-ID to White List - This option is accessible when right clicking on a particular email. Clicking on this option will add the email-id of the sender in the eScan white list. When next time the email is received from the whitelisted sender id, will not be quarantined and delivered to the recepient.


'''Violation Logs section '''


All activity related to popup’s (allowed /blocked) is logged for future reference.  
'''b. View Ham Mails -''' This displays all the emails that have not been quarantined (not marked as spam) by eScan.  


'''1. Log Violations -''' All violations that occured are logged for future reference like for which user the popup was blocked along with date & time, website(url) address.


'''Buttons '''
'''Buttons '''


* Add to White List – Clicking on this button enables the user or administrator to add the violated (blocked) popup website to the White (allowed) list.
* Clear Log - This option will clear the log file completely (empty).
* Browse - This option enables the user to browse the listed websites.
* Refresh Log - This option refreshes the logs and displays the latest status.
* Hot Key - Allows you to assign a key that when kept pressed temporarily allows popup’s on the website being accessed.


* Refresh – Clicking on this button refreshes the View Ham Mails Window.
* Stop – Clicking on this button stops the current process if started - for example – searching for a Ham email.
* View – Clicking on this button will open the email and can be viewed.
* Find – Clicking on this button will search for a specific quarantined email.
* Delete – Clicking on this button will permanently delete the selected quarantined email.
* Message Source – Clicking on this button will provide more detail of the quarantined email like the Sender id, Sender IP address, etc…


=='''Reports section '''==


''Statistics''
Other Options –


* Total Sites Scanned – Total websites scanned by Web Protection..
* Total Sites Blocked – Total web sites blocked by Web Protection.
* Last Site Scanned – Name of the last site scanned by Web Protection.


** Subfolder Also – Selecting this option will show all the Ham emails received on the current day including those received on the previous days.
** Show Attachment (s) – Selecting this option will show the attachment in the list.
** Open email(s) with MailClient – Selecting this option, the Ham email can be opened / viewed using the default mail-client, for eg. Outlook Express, Microsoft Outlook. If this option is unchecked, then the email can be viewed using the eScan mail viewer.
** Train as Spam - This option is accessible when right clicking on a particular email. Clicking on this option will add the email-id of the sender in the eScan Black list. When next time the email is received from the blacklisted sender id, will be quarantined.


'''a. View Web Protection Log -'''  This displays the web scan activity done on the system in detail like the user, date and time, url, reason, word, etc…on which the violation was found.


'''b. View Popup Filter Log –''' This displays the popup scan activity done on the system in detail like the user, date and time, url, reason, word, etc…on which the violation was found.  
'''c. View Report – '''This will display a summary / report of all the emails that has been received (including quarantined and allowed emails).


'''c. View Report –''' This will provide a detail report for Web Protection containing informations about websites allowed and blocked.






==<I>'''[http://download1.mwti.net/wiki/index.php/Glossary Glossary]'''</I>==
*'''[http://193.34.136.70/wiki/index.php/EScan_ver.10 Click here to return to Main Index of eScan v.10 Online Help]'''
==<I>'''[http://download1.mwti.net/wiki/index.php/EScan_ver.10 Main Feature Index]'''</I>==

Revision as of 19:55, 26 November 2008

Anti-Spam

Description :- Anti-Spam based on the NILP (Non Intrusive Learning Pattern) technology, intelligently filters all your junk and spam emails.


Status displayed in the main Protection Window:-

The green colored Tick mark indicates the Anti-Spam is active and running.

The red colored Cross mark indicates the Anti-Spam is inactive and stopped.


Configuration section

Status

Anti-Spam Status – This will display the status of the Anti-Spam in Running or Disabled mode.

Anti-Phishing Status – This will display the status of Anti-Phishing module is in Enabled or Disabled mode. (For more detail please check below in the section B. Spam Filter Configuration Section)

Action – This will display the Action that will be taken on the email considered as Spam i.e. Quarantine/Delete.


Stop / Start buttons – Clicking stop / start button will disable or enable the Anti Spam.

Settings button – To configure the Anti-Spam for email scanning click on the Settings button.


I. Advanced


A. General Options section

  1. Send Original Mail to User (default) - This option when enabled will send the email (though tagged as spam) to the original recipient of the email also. Note: If the email has been tagged as SPAM, the email will be in the SPAM folder of the email client (i.e. Outlook Express). SPAM folder in the mail client is created by eScan.
  2. Do not check content of Replied or Forwarded Mails – This option when enabled will not check contents of email that are either replied or forwarded.
  3. Check Content of Outgoing Mails – This option when enabled will also check outgoing emails for restricted contents.


Buttons

a) Phrases – Clicking on this button, will enable the users to define a list of phrases to be checked in the body of an email and take the necessary actions i.e. either Quarantine / Delete the email.

  • Enable E-Mail Content Scanning – When this option is enabled, body of the email will be checked for any listed words/phrases is found and the defined action will be taken.
  • User specified whitelist of words/phrases - This will list the words/phrases defined and whitelisted by the users.
  • User specified List of Blocked words/phrases - This will list the words/phrases defined and block listed by the users.


Options on Right Click:

  • Add Phrase: To add a word/phrase, right click and select Add Phrase. Add the word/phrase in the section and select the Action (Quarantine the Mail/Delete the Mail) to be taken on the email if the word/phrase is found in the content of the email.
  • Edit Phrase – select this option to edit/modify the word/phrase or the action to be taken.
  • Enable Phrase – shall enable the listed word/phrase for Content check in the email and the defined action will be taken.
  • Disable Phrase – shall disable the listed word/phrase for Content check in the email and no action will be taken.
  • White List – shall add the listed word/phrase in the White list for Content check. White listed word/phrase will not be checked for Email Content Scanning.
  • Block List – shall add the listed word/phrase in the Block List for content check. Block listed word/phrase will be checked for Email Content Scanning.
  • Find – this will help to search and locate a word / phrase.


B. Spam Filter Configuration Section

  1. Check for Mail Phishing – This option when enabled will check for fraudulent emails and will be quarantined.
  2. Treat Mails with Chinese / Korean character set as SPAM - This option when enabled will scan emails with Chinese / Korean characters. This check is based on our research done on various spam email samples collected world wide, wherein it is observed that spammers do use Chinese / Korean characters in their emails.
  3. Treat Subject with more than 5 whitespaces as SPAM – This option when enabled will check if "spacing" between characters / words in the subject of emails. This is also as per our research and studies on various types of spam emails.
  4. Check content of HTML mails – This option when enabled will scan emails in HTML format along with Text.
  5. Quaranting Advertisement mails – This option when enabled, will check for advertisement types of emails and will be quarantined.


Button

Advanced (Advanced Spam Filtering options) – For advance setting in Spam Filter Configuration click on the Advanced button.

  1. Enable Non Intrusive Learning Pattern (NILP) check – Non Intrusive Learning Pattern (NILP) is an advanced Bayesian Filtering method with the intelligence to analyze each mail according to the Behavioral Patterns of the user and comes with a self learning capability. It is one of the component of the Anti-Spam Module that helps prevent spam emails from reaching the user’s mailbox/inbox.
  2. Enable eMail Header check – This option when enabled, will check the validity of certain generic fields like From id, To id, CC id.
  3. Enable X-Spam Rules check – This option when enabled, will check the contents in the body of the email as per defined in the database of eScan. The database contains a list of words / phrases each assigned a score / threshold. This database will referred and accordingly action on the email will be taken.
  4. Enable Sender Policy Framework (SPF) check – This option when enabled will check the SPF record of the sender domain. (This option, when enabled, requires direct internet connection).
  5. Enable Spam URI Realtime Blacklist (SURBL) check – This option when enabled, will check the URL’s in the message body of an email. If the URL is listed in the SURBL site, the email will be blocked from being downloaded..(This option, when enabled it is recommended to have a direct internet connection).
  6. Enable Realtime Blackhole List (RBL) check – This option when enabled, will check the senders IP address in the RBL sites. If the sender ip address is blacklisted in the RBL site, the email will be blocked from being downloaded.(This option when enabled it is recommended to have a direct internet connection).
  7. RBL Servers - This contains a list of servers / sites which maintains a list of Spammers details and can be changed as per one’s requirement (add / delete).
  8. Auto Spam Whitelist – This contains a list of valid email addresses which can bypass the above Spam filtering options. Thus allowing emails from the whitelisted are allowed to download to the recipient’s inbox.


C. Mail Tagging Options –

  1. Do not change email at all – This option when enabled will not add Spam Tag to the email, identified as Spam
  2. Both subject and body is changed. [Spam] tag is added in Subject. Actual spam content is embedded in Body – This option when enabled will add a Spam Tag in the Subject and the Body of email identified as Spam. This helps to identify the Spam emails.
  3. "X-Mailscan Spam: 1" header line is added. Actual spam content is embedded in Body – This option when enabled will add a Spam Tag in the Body of the email identified as Spam and a header line is added to the email
  4. Only [Spam] tag is added in Subject. Body is left unchanged – This option when enabled will add the Spam Tag only in the Subject of the email identified as Spam.
  5. "X-Mailscan-Spam: 1" header line is added. Body and subject both remain unchanged - This option when enabled will add a header line to the email but no tag is added to the Subject or body of the email.


II. Disclaimer The disclaimer is a footer or signature that gets added /appended to all emails. The disclaimer can be added in the space provided.

(a) Add Disclaimer to Outgoing emails - This option when enabled adds the disclaimer to all outgoing emails and as a result the recipient is made aware that the email received is scanned and virus free.

(b) Add Disclaimer to Incoming emails - This option when enabled adds the disclaimer to all incoming emails and as a result the recipient is made aware that the email received is scanned and virus free.

(c) Outgoing mails excluded from adding disclaimer – This option is activated /enabled when the option (a) is enabled. Using this option, the disclaimer is restricted from being added /appended to certain or specific email addresses or domains.


Notification Setting button – To configure the eScan Warning Notification Settings on actions taken on the emails click on the Notification button.


  • Virus Alerts section – Selecting the Alert Dialog-box will pop-up an alert window displaying the action taken on a particular email.


  • Warning Mails section – This contains a predefined Notifications which will be sent either to the recipient.
    1. Attachment Removed Warning to Sender – When selected a notification email will be sent to the sender of the email informing about the Attachment removed by eScan attached in the email.
    2. Attachment Removed Warning to Recepient – When selected a notification email will be sent to the recepient of the email informing about the Attachment removed by eScan attached in the email.
    3. Virus Warning to Sender – When selected a notification email will be sent to the sender of the email informing about the virus in the email and the action taken by eScan.
    4. Virus Warning to Recepient – When selected a notification email will be sent to the recepient of the email informing about the virus in the email and the action taken by eScan.
    5. Content Warning to Sender – When selected a notification email will be sent to the Sender of the email informing about the email sent has been considered as SPAM and has been quarantined at the recipient end.
    6. Content Warning to Recepient – When selected a notification email will be sent to the recepeint of the email informing about the email sent has been considered as SPAM and has been quarantined.


  • Delete Mails From User section – If any email from a particular sender or a domain has to be banned or not allowed to be downloaded, can be listed in this section. For eg. xyz@domain.com (for a single sender) or *@domain.com (for an entire domain).


Reports section –

Statistics

Total Quarantined Mails – Shows the total number of emails Quarantined.

Total Clear Mails – Shows the total number of clean emails received and delivered.


a. View Quarantined Mails – This displays all the emails that have been quarantined (i.e. marked as spam) by eScan for any of the defined rules /policies in eScan.


Buttons


  • Refresh – Clicking on this button refreshes the View Quarantined Mails Window.
  • Stop – Clicking on this button stops the current process if started - for example – searching for a quarantined email.
  • View – Clicking on this button will open the email and can be viewed.
  • Find – Clicking on this button will search for a specific quarantined email.
  • Delete – Clicking on this button will permanently delete the selected quarantined email.
  • Message Source – Clicking on this button will provide more detail of the quarantined email like the Sender id, Sender IP address, etc…
  • Hide emails – Clicking on this option will hide the quarantined emails.


Other Options –

    • Subfolder Also – Selecting this option will show all the quarantined emails received on the current day including those received on the previous days.
    • Show Attachment (s) – Selecting this option will show the attachment in the list.
    • Open email(s) with MailClient – Selecting this option, the quarantined email can be opened / viewed using the default mail-client, for eg. Outlook Express, Microsoft Outlook. If this option is unchecked, then the email can be viewed using the eScan mail viewer.
    • Show Only Hidden eMails – Selecting this option will only display the hidden emails.
    • Show Only Unhidden eMails - Selecting this option will only display the unhidden emails.
    • Show all eMails – Selecting this option will display all the email including hidden emails.
    • Add Sender’s eMail-ID to White List - This option is accessible when right clicking on a particular email. Clicking on this option will add the email-id of the sender in the eScan white list. When next time the email is received from the whitelisted sender id, will not be quarantined and delivered to the recepient.


b. View Ham Mails - This displays all the emails that have not been quarantined (not marked as spam) by eScan.


Buttons


  • Refresh – Clicking on this button refreshes the View Ham Mails Window.
  • Stop – Clicking on this button stops the current process if started - for example – searching for a Ham email.
  • View – Clicking on this button will open the email and can be viewed.
  • Find – Clicking on this button will search for a specific quarantined email.
  • Delete – Clicking on this button will permanently delete the selected quarantined email.
  • Message Source – Clicking on this button will provide more detail of the quarantined email like the Sender id, Sender IP address, etc…


Other Options –


    • Subfolder Also – Selecting this option will show all the Ham emails received on the current day including those received on the previous days.
    • Show Attachment (s) – Selecting this option will show the attachment in the list.
    • Open email(s) with MailClient – Selecting this option, the Ham email can be opened / viewed using the default mail-client, for eg. Outlook Express, Microsoft Outlook. If this option is unchecked, then the email can be viewed using the eScan mail viewer.
    • Train as Spam - This option is accessible when right clicking on a particular email. Clicking on this option will add the email-id of the sender in the eScan Black list. When next time the email is received from the blacklisted sender id, will be quarantined.


c. View Report – This will display a summary / report of all the emails that has been received (including quarantined and allowed emails).



Retrieved from "https://wiki.escanav.com/index.php?title=Escan/english/webprotection&oldid=3833"