Table: What you can do with Mail Security lists the tasks that you can perform with Mail Security.
Table: What you can do with Mail Security
Manage your Exchange environment by using policies
You can configure Productname to scan email messages and their attachments for threats such as viruses, Trojan horses, adware, spyware, and spam. You can define policies to detect potential risks to your Microsoft Exchange email system and process email messages and attachments that contain threats.
Scan your Exchange server for risks and violations
You can keep your server protected by performing any of the following types of scans:
Protect against threats
Symantec engineers track reported outbreaks of threats (such as viruses, Trojan horses, and worms) to identify new risks. After a threat is identified, information about the threat (a signature) is stored in a definition file. This file contains information to detect and eliminate the threat. When Mail Security scans for threats, it searches for these signatures. Definition files are downloaded using LiveUpdate or Rapid Release.
Mail Security also uses Symantec Bloodhound heuristics technology to scan for threats for which no known definitions exist. Bloodhound heuristics technology scans for unusual behaviors such as self-replication to target potentially infected message bodies and attachments.
Keep your protection up-to-date
Mail Security relies on up-to-date information to detect and eliminate risks. One of the most common reasons computers are vulnerable to attacks is that definition files are out-of-date. Symantec regularly supplies updated definition files.
Using LiveUpdate, Mail Security connects to a Symantec server over the Internet and automatically determines if definitions need to be updated. If they do, the definition files are downloaded to the proper location and installed. If you need a quicker response for emerging threats, you can enable Rapid Release to get the most current definitions that are available.
See About licensing.
Identify spam email
Spam is unsolicited bulk email, which most often advertises messages for a product or service. It wastes productivity, time, and network bandwidth.
Symantec Premium AntiSpam provides continuous updates to the premium antispam filters to ensures that your Exchange server has the most current spam detection filters.
You must have a valid Symantec Premium AntiSpam license to enable Symantec Premium AntiSpam.
See About licensing.
Filter undesirable message content and attachments
Mail Security lets you create the content filtering rules that you can use to filter email messages and attachments. Mail Security provides some predefined file filtering rules that you can use to enforce email attachment policies. Mail Security also uses match lists to filter email messages and attachments for specific words, terms, and phrases. Mail Security also provides the predefined content filtering policy templates that help prevent data leakage.
Apply X-headers to messages for archiving
Mail Security provides default X-headers that you can apply to the email messages that contain content filtering rule violations or are spam or suspected spam. You can modify the default X-headers, or you can create your own.
An outbreak occurs when the number of threats to the Microsoft Exchange system that are detected over a period of time exceeds a specified limit. Mail Security lets you manage outbreaks quickly and effectively by setting outbreak rules and sending notifications when an outbreak is detected.
You can also select an action to take when an outbreak is detected, such as the following:
You can set rules to define an outbreak based on event. For example, the same threat occurs a specified number of times within a specified time period. You can also configure Mail Security to send notifications and alerts in the case of an outbreak.
Quarantine infected message bodies and attachments
Mail Security for Microsoft Exchange includes a local quarantine that can store the infected message bodies and attachments that are detected during scans. You can configure Mail Security to quarantine threats and security risks, and file filtering violations in the local quarantine.
The quarantined items that contain threats can be forwarded to the Symantec Central Quarantine, if it is installed. The Symantec Central Quarantine program is available on the Mail Security product CD.
You can quarantine the entire message or by parts.
See About the quarantine.
Monitor Mail Security events
Mail Security logs events to the Windows Application event log. You can view the events that are logged to the Windows Application event log from the console.
Mail Security logs extensive report data on threats, security risks, violations, spam, and server information to the reports database. You can use this data to generate summary or detailed reports based on different subsets of the data.
See About logging events.
Mail Security collects scan data from your Exchange servers and generates reports.
Mail Security provides the preconfigured report templates that you can modify. You can also create your own report templates.
You can create the following types of report templates:
Send notifications when a threat or violation is detected
Mail Security provides several options for notifying administrators, internal senders, and email recipients of threats and violations.
Mail Security lets you define the conditions in which to send an alert. You can also customize the alert message text for each alert condition that you define.
Manage single and multiple Exchange servers
Mail Security can protect one or more Exchange servers. If your organization has multiple Exchange servers, you can manage all the servers from the same console that you use to manage a single server.
By switching between the server view and group view, you can manage the following: