Configure Detected malware alerts for Email Security
search cancel

Configure Detected malware alerts for Email Security

book

Article ID: 273771

calendar_today

Updated On:

Products

Email Security.cloud

Issue/Introduction

This document describes how to configure detected malware alerts for Email Security.

Environment

Email Security.cloud

Cause

Instructions on configuring detected malware alerts for Email Security.

Resolution

The Email Threat Detection and Response service can send detected malware alerts under these conditions:

Inbound Alerts are sent when emails that are addressed to internal users are quarantined because they contain suspected malware.
Outbound Alerts are issued when internal users send emails that are found to contain suspected malware.

For each alert, you can specify whether administrators, recipients, or both receive alerts.


You can also create custom alert messages for inbound and outbound detected malware. 


To configure Detected malware alerts


1. Select Services> Email Services> Anti-Malware.

2. On the Alert Settings tab, Detected Malware Alert section, select Administrators or Recipient(s) as appropriate.

      - Under Inbound Alerts, check Administrators to send these alerts to all administrator emails that are configured to receive alerts. Check Recipient(s) to send alerts to the internal users to which the quarantined emails were addressed.-

      - Under Outbound Alerts, check Administrators to send these alerts to all administrator emails that are configured to receive alerts. Check Recipient(s) to send alerts to the internal users who attempted to send the emails that were quarantined.

3. To view the default text for inbound or outbound detected malware alerts, or to create custom alert messages, click Edit Alerts.

4.In the Detected Malware Alert Settings dialog box, when Default is selected, you can view, but not edit, the default alert messages.

       -  To use the default messages, click Cancel.
       -  To customize an alert message, change Default to Custom. You can now edit the subject line and body text of the selected message or replace the text completely. You can also choose placeholders from the dropdown list to insert variables into the alert emails. These variables are replaced by data before the alerts are sent.

Note : Your custom blocked malware alert should include the Pen number placeholder. You use the Pen number to locate a message when you want to release it from quarantine.

5. When you finish editing alerts, click Save.

6. At the bottom of the Alert Settings tab, click Save.