• No results found

Chapter 6: ScanMail emanager

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Chapter 6: ScanMail emanager"

Copied!
8
0
0

Loading.... (view fulltext now)

Download now ( 8 Page )

Full text

(1)

Chapter 6: ScanMail eManager

Chapter Objectives

After completing this chapter, you should be able to achieve the following objectives: • Describe the purpose of ScanMail eManager 5.1

• Describe the ScanMail eManager architecture

• Describe the features and functions of ScanMail eManager • Describe how spam filtering works

(2)

ScanMail eManager Overview

ScanMail eManager detects spam sent to users on the corporate LAN. With eManager, the Exchange server does not process rejected spam nor does it deliver it to client mailboxes. As new spam is released and as spam senders jump from routing domain to routing domain to obscure their identities, Trend Micro collects blocking information and incorporates it into new anti-spam rule and import files.

ScanMail eManager also supports content filtering, which allows you to check inbound mail for content deemed offensive or otherwise undesirable. A content-filter policy consists of a group of conceptually related words and phrases that are matched against the text of email messages. You can use the included Trend Micro content-filter policies as well as define policies of your own.

Program Architecture

This section explains the general architecture of ScanMail, including the following: • Architecture overview

• Filter architecture

¡ Spam filtering ¡ Content filtering

Architecture Overview

You can install ScanMail eManager on any server that is running the ScanMail Core Module (ScanMail main program). ScanMail eManager is a content filtering plug-in that you can add to ScanMail for Exchange. The ScanMail scanning engine performs the actual scanning.

(3)

Figure 6-1 illustrates the relationship between ScanMail for Exchange and ScanMail eManager.

Client

eManager

ScanMail

ScanMail accepts email and sends it to the eManager module using a Distributed Component Object Module interface.

Spam Filter Content Filter 1. Event Logging 2. Notification Information for ScanMail

3. Action Information for ScanMail Deleted, Quarantined, or Archived Deleted, Quarantined, or Archived Not Matched Not Matched Message and Attachment are scanned. Infected messages are Cleaned, Deleted, or Quarantined Matched: Matched:

Exchange Information Store

Archive Uninfected and cleaned messages are returned to the Exchange Information Store

Figure 6-1: The relationship between the ScanMail eManager plug-in and ScanMail for Exchange

Filter Architecture

Spam Filtering

(4)

Spam rules are completely user-definable—you can define an unlimited number of rules. Trend Micro also provides a comprehensive list, the rule file list, of the most flagrant spam messages, identified by subject, recipient, or sender. This list can be updated manually or at scheduled intervals.

Spam Filter

Exchange Information Store

Exception Rules Regular Rules No Match No Match Trend Anti-Spam Rules No Match

Content Filter Module Match ScanMail Logging Notification Action Logging Notification Action Match

Figure 6-2: Anti-spam process flow

(5)

Content Filtering

The content filter in ScanMail eManager performs a more sophisticated analysis of the message text. Like the spam filter, the content filter evaluates messages based on user-defined policies. You can create these rule sets or policies to check for the use of inappropriate or offensive language before the message is delivered (see Figure 6-3).

Content Filter Spam Filter Module

More Policies?

Match Keywords for Take No Action No Policy Matched? ScanMail 1. Logging 2. Action Recorded Yes Not Matched Matched Yes No

Any Match? 1. Logging2. Notifications 3. Actions

Yes

(6)

Installation

You can install ScanMail eManager locally or remotely, using the same installation program. You can also install ScanMail eManager on multiple servers.

Preparing for the Installation

• ScanMail for Exchange must be installed on your Exchange server before you can install ScanMail eManager.

• ScanMail eManager should be installed on the same server as the ScanMail Core Module (the main ScanMail program).

• ScanMail eManager does not need to be installed on the same computer on which the ScanMail Management Console is installed.

User Rights/Roles needed to Install ScanMail eManager

In order to install ScanMail eManager, you must use a Windows Administrator account that has Domain Admin privileges.

System Requirements

Target Servers

• Microsoft Exchange 2000 Server with Service Pack 1 or above

• Windows 2000 Server or Windows 2000 Advanced Server with Service Pack 1 or above

• Intel Pentium 200 MHz or equivalent • 128 MB minimum, 256 MB recommended • 30 MB of free disk space for the program files

• 100–500 MB of free disk space for swap and temporary files • A monitor with 800 x 600 resolution or better

Microsoft Cluster Servers (Optional)

• Microsoft Exchange 2000 Advanced Server

Setup PC

(7)

Stopping ScanMail for Exchange

You must stop the ScanMail for Exchange services before you install or upgrade ScanMail eManager. To stop ScanMail for Exchange, complete the following steps:

1. Click Windows Start | Programs | Administrative Tools | Services. 2. Stop the ScanMail_Monitor, ScanMail_Web, and ScanMail_RealTimeScan

services.

Cluster Installation

In ScanMail for Exchange, you can install to all nodes in the same installation session. In order to install ScanMail eManager, you must use a Windows Administrator account that has Domain Admin privileges.

(8)

Chapter 6 Summary and Review Questions

Summary

ScanMail eManager is a plug-in module that filters incoming and outgoing email for spam and objectionable material. eManager comes with content-filter policies from Trend Micro and also allows for user-defined filters.

Review Questions

1. When ScanMail eManager is installed, in which order do the various components receive incoming email?

a. ScanMail, eManager, ScanMail, Exchange, recipient b. eManager, ScanMail, Exchange, recipient

c. eManager, ScanMail, recipient

d. Exchange, ScanMail, eManager, ScanMail, Exchange, recipient 2. What does the spam filter evaluate?

a. The attachments b. The subject line c. The message content d. All of the above

References

Download now ( PDF - 8 Page - 165.67 KB )

Related documents

Network-driven reputation in online scientific communities

We amend the real EF data by generating a certain number of papers by author X and linking each of them with 35 randomly chosen users (35 is the average paper degree in the

6 Heart Myths That Can Kill You

Stenting and bypass surgery are measures that buy you that time, but the true “fix” for coronary artery disease comes with living a heart healthy lifestyle. This means losing

Benefits Of Upgrading To The Latest CIX Processor

• License Display Screen enhancement – Network eManager now displays the total number of Port, Endpoint, and Strata Net channel licenses installed on the CIX processor and the

Brass Team

Get together with a group of friends (for example, horn, trombone, electronic keyboard and drums), play through the piece twice, then take turns to improvise over the

Makalah interkoneksi

Rute yang akan dilewati proyek pembangunan interkoneksi Sumatera – Jawa adalah di wilayah Sumatera : Interkoneksi Sumatera-Jawa diperkirakan akan menghubungkan

Trauma and Stress Reduction Training

Introduction: Listed below are training sessions developed to help caring professionals cope with the inevitable trauma and stress they encounter in their work.. A primary goal

Evaluation of digital library websites

For this purpose, four digital libraries, namely the Public Library of Science PLoS, International Children’s digital Library, North South University, and International Centre

A Beginner’s Guide to the DeadLock Analysis Model

Speaking a Java idiom, methods are synchronized, that is each method of the same object is executed in mutual exclusion, and method invocations are asynchronous, that is the