Symantec Hosted Mail Security Administration Guide

(1)

(2)

Symantec Hosted Mail Security

Administration Guide

Federal acquisitions: Commercial Software - Government Users Subject to Standard License Terms and Conditions.

Symantec, the Symantec logo, and Norton AntiVirus are U.S. registered trademarks of Symantec Corporation. LiveUpdate, Symantec AntiVirus, Symantec Enterprise Security Architecture, and Symantec Security Response are trademarks or registered trademarks of Symantec Corporation in the United States and certain other countries.

pages is a trademark of Microsoft Corporation. Additional company and product names may be trademarks or registered trademarks of the individual companies and are respectfully acknowledged.

The product described in this document is distributed under licenses restricting its use, copying, distribution, and decompilation/reverse engineering. No part of this document may be reproduced in any form by any means without prior written authorization of Symantec Corporation and its licensors, if any.

THIS DOCUMENTATION IS PROVIDED “AS IS” AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH

DISCLAIMERS ARE HELD TO BE LEGALLY INVALID, SYMANTEC CORPORATION SHALL NOT BE LIABLE FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES IN CONNECTION WITH THE FURNISHING PERFORMANCE, OR USE OF THIS DOCUMENTATION. THE INFORMATION CONTAINED IN THIS DOCUMENTATION IS SUBJECT TO CHANGE WITHOUT NOTICE.

Symantec Corporation 20330 Stevens Creek Blvd. Cupertino, CA 95014 http://www.symantec.com

(3)

Technical Support

Symantec Technical Support maintains support centers globally. Technical Support’s primary role is to respond to specific queries about product feature and function, installation, and configuration. The Technical Support group also authors content for our online Knowledge Base. The Technical Support group works collaboratively with the other functional areas within Symantec to answer your questions in a timely fashion. For example, the Technical Support group works with Product Engineering and Symantec Security Response to provide alerting services and virus definition updates.

Symantec’s maintenance offerings include the following:

■ A range of support options that give you the flexibility to select the right amount of service for any size organization

■ Telephone and Web-based support that provides rapid response and up-to-the-minute information

■ Upgrade insurance that delivers automatic software upgrade protection

■ Global support that is available 24 hours a day, 7 days a week worldwide. Support is provided in a variety of languages for those customers that are enrolled in the Platinum Support program

■ Advanced features, including Technical Account Management

For information about Symantec’s Maintenance Programs, you can visit our Web site at the following URL:

www.symantec.com/techsupp/ent/enterprise.html

Select your country or language under Global Support. The specific features that are available may vary based on the level of maintenance that was purchased and the specific product that you use.

Contacting Technical Support

Customers with a current maintenance agreement may access Technical Support information at the following URL:

Select your region or language under Global Support.

(4)

When you contact Technical Support, please have the following information available:

■ Product release level

■ Hardware information

■ Available memory, disk space, NIC information

■ Operating system

■ Version and patch level

■ Network topology

■ Router, gateway, and IP address information

■ Problem description:

■ Error messages and log files

■ Troubleshooting that was performed before contacting Symantec

■ Recent software configuration changes and network changes

Licensing and registration

If your Symantec product requires registration or a license key, access our technical support Web page at the following URL:

www.symantec.com/techsupp/ent/enterprise.html.

Select your region or language under Global Support, and then select the Licensing and Registration page.

Customer service

Customer service information is available at the following URL:

Select your country or language under Global Support.

Customer Service is available to assist with the following types of issues:

■ Questions regarding product licensing or serialization

■ Product registration updates such as address or name changes

■ General product information (features, language availability, local dealers)

■ Latest information about product updates and upgrades

■ Information about upgrade insurance and maintenance contracts

■ Information about Symantec Value License Program

(5)

5

■ Nontechnical presales questions

■ Issues that are related to CD-ROMs or manuals

Maintenance agreement resources

If you want to contact Symantec regarding an existing maintenance agreement, please contact the maintenance agreement administration team for your region as follows:

■ Asia-Pacific and Japan: contractsadmin@symantec.com

■ Europe, Middle-East, and Africa: semea@symantec.com

■ North America and Latin America: supportsolutions@symantec.com

Additional enterprise services

Symantec offers a comprehensive set of services that allow you to maximize your investment in Symantec products and to develop your knowledge, expertise, and global insight, which enable you to manage your business risks proactively. Additional services that are available include the following:

To access more information about Enterprise Services, please visit our Web site at the following URL:

www.symantec.com

Select your country or language from the site index.

Symantec Early Warning Solutions

These solutions provide early warning of cyber attacks, comprehensive threat analysis, and countermeasures to prevent attacks before they occur.

Managed Security Services

These services remove the burden of managing and monitoring security devices and events, ensuring rapid response to real threats.

Consulting services Symantec Consulting Services provide on-site technical expertise from Symantec and its trusted partners. Symantec Consulting Services offer a variety of prepackaged and customizable options that include assessment, design, implementation, monitoring and management capabilities, each focused on establishing and maintaining the integrity and availability of your IT resources.

(6)

(7)

Chapter 1 Introducing Symantec Hosted Mail Security

About Symantec Hosted Mail Security ... 12

How Symantec Hosted Mail Security works ... 12

How Symantec Hosted Mail Security protects against virus threats ... 13

What happens during a virus scan ... 14

If a virus is detected ... 15

How Symantec Hosted Mail Security protects against spam ... 16

About automatic spam filters ... 16

About customized allow and deny lists ... 19

How Symantec Hosted Mail Security protects against undesirable content 20 How content filtering dictionaries work ... 21

About URL click-through protection ... 21

About spam beacon blocking ... 21

About language identification blocking ... 22

Where to find more information about Symantec Hosted Mail Security ... 22

Contacting Technical Support ... 23

Contacting Customer Service ... 23

Reporting missed spam to Symantec ... 23

Reporting false positives to Symantec ... 24

Chapter 2 Configuring Symantec Hosted Mail Security

About the Symantec Hosted Mail Security Console ... 26

Redirecting your inbound MX records ... 27

Setting up your outbound server ... 29

Understanding hierarchy levels and user roles ... 30

Managing domain accounts ... 32

Searching for a domain or alias domain ... 32

Viewing domain configuration information ... 33

Adding alias domain names ... 34

Deleting alias domain names ... 35

Managing user accounts ... 35

Designating how user accounts are created or deleted ... 36

Creating user accounts manually ... 36

Manually deleting user accounts ... 40

(8)

8 Contents

Deleting user accounts automatically through SMTP Discovery ... 42

About access rights for the User role ... 42

Using alias email addresses to manage user accounts ... 43

Preventing users from adding their own aliases ... 44

Limiting the number of email aliases per user ... 44

Adding alias email addresses ... 44

Deleting email addresses ... 45

Converting primary addresses to aliases ... 47

Viewing information about user configuration ... 48

Editing user accounts ... 48

About user authentication methods ... 49

Selecting password authentication ... 49

Selecting LDAP authentication ... 50

Selecting POP3 authentication ... 52

Selecting IMAP authentication ... 53

About groups and group policy sets ... 54

Chapter 3 Managing domain and user policies

About domain policies ... 58

Editing domain policies ... 58

Working with Sender Allow and Deny lists ... 60

About the Recipient Shield list ... 63

Working with antivirus policies ... 64

Specifying actions for antivirus classification ... 65

Configuring antivirus notifications ... 66

About antispam filtering policies ... 66

Specifying actions for antispam classifications ... 66

Specifying actions for antispam content groups ... 68

Configuring Spam Quarantine reporting ... 70

About content policies ... 74

Editing and creating content groups ... 74

Specifying HTML Shield polices ... 76

Specifying ClickProtect policies ... 77

Specifying language policies ... 78

Configuring file attachment policies ... 79

Specifying notification policies ... 83

Viewing and editing notification options ... 85

About user-level policy configurations ... 88

About distribution lists ... 88

About Fail Safe protection ... 89

(9)

9 Contents Viruses Quarantine ... 93 Spam Quarantine ... 94 Attachments Quarantine ... 95 Content Quarantine ... 96

Safe Message View ... 97

Chapter 5 Reports and logs

About reports and logs ...100

Traffic Overview report ...100

Threats Overview report ...102

Virus Threats report ...104

Spam Threats report ...105

Content Threats report ...106

Attachments Threats report ...107

ClickProtect Overview report ...108

ClickProtect Log report ...109

Quarantine Release Overview report ...109

Quarantine Release Log report ...111

User Activity report ...112

Event Log report ...113

Audit Trail report ...114

Inbound Server Connections report ...115

FailSafe Overview report ...116

FailSafe Event Log report ...117

Chapter 6 Troubleshooting and frequently asked questions

Glossary

(10)

(11)

Chapter

1

Introducing Symantec

Hosted Mail Security

This chapter includes the following topics:

■ About Symantec Hosted Mail Security

■ How Symantec Hosted Mail Security works

■ How Symantec Hosted Mail Security protects against virus threats

■ How Symantec Hosted Mail Security protects against spam

■ How Symantec Hosted Mail Security protects against undesirable content

■ Where to find more information about Symantec Hosted Mail Security

(12)

12 Introducing Symantec Hosted Mail Security About Symantec Hosted Mail Security

About Symantec Hosted Mail Security

Symantec Hosted Mail Security provides comprehensive protection from viruses, spam, unwanted message content, and other threats that spread through email. It protects your mail servers and internal network by scanning and filtering your incoming Internet email traffic before it enters your mail system. It lets you scan and filter your outgoing Internet email traffic to prevent the spread of malicious or inappropriate content and to enforce mail security policies. You set and manage your mail security policies, access quarantined mail, and view reports through a secure Web portal.

You can configure Symantec Hosted Mail Security to protect your network perimeter from the following types of threats:

■ Computer viruses, worms, Trojan horses, and mass-mailers

■ Denial-of-service attacks and messages that overload the system

■ Directory harvesting attacks and other email-based attacks

■ Unsolicited bulk email messages (spam), email fraud, and other spam threats

■ Inappropriate or malicious message content

How Symantec Hosted Mail Security works

Symantec Hosted Mail Security is a protective filter that scans all of your incoming Internet email traffic before it enters your mail system. You can also configure it to scan all of your outgoing Internet email traffic to prevent the spread of malicious or inappropriate content and to enforce mail security policies. Symantec Hosted Mail Security resides outside your firewall, which reduces the processing burden on your mail servers and reduces your network’s exposure to vulnerabilities and attacks.

Symantec Hosted Mail Security creates a proxy gateway for your inbound and outbound Internet email traffic. Messages are filtered in real-time as they pass to and from the Symantec Hosted Mail Security gateway and your mail servers. Symantec Hosted Mail Security handles the filtering processes in its cache. Only messages that are quarantined for virus, spam, or content filtering violations are stored on disk.

(13)

13 Introducing Symantec Hosted Mail Security How Symantec Hosted Mail Security protects against virus threats

your configuration, it scans first for viruses or virus behavior, then for spam, and then for content filtering rules.

When a violation is detected or if a scan error occurs, Symantec Hosted Mail Security stops scanning and handles the message based on the filtering policy settings that you have configured.

Figure 1-1 Figure 1: Email Traffic Flow

How Symantec Hosted Mail Security protects

against virus threats

Symantec Hosted Mail Security includes all of the virus scanning technologies that are available in Symantec antivirus products. It protects against viruses, worms, and Trojan horses in all major file types, including compressed files and archive file formats. It also protects against mobile code (for example, ActiveX® or JavaScript™) and script-based threats.

(14)

14 Introducing Symantec Hosted Mail Security

How Symantec Hosted Mail Security protects against virus threats

compressed files, or that are otherwise designed to maliciously use resources and degrade performance.

Symantec Hosted Mail Security provides the following types of protection from virus threats that spread through email:

■ Automatic scanning for virus signatures

Symantec engineers continually track reported outbreaks of computer viruses and threats. When a new virus or other threat is identified, information about that virus (a signature) is stored in a virus definitions file. The virus definitions file contains the necessary information to detect and eliminate the virus.

Symantec Hosted Mail Security updates its virus definitions every 5 minutes. Updates are handled automatically without having to restart services or redeploy software. This ensures no interruption in scanning services during the updates.

■ Automatic scanning for virus-like characteristics using advanced heuristics Heuristic methods of virus detection are designed to detect viruses for which no known definitions exist. Advanced heuristics analyze a program’s structure, behavior, and other attributes for virus-like characteristics, such as self-replication.

Symantec Hosted Mail Security uses advanced heuristics to analyze a file if it detects certain behaviors in the file that warrant further analysis.

■ Automatic protection from messages and attachments that can cause denial of service

Symantec Hosted Mail Security includes maximum size and scanning depth levels to reduce exposure to denial-of-service attacks.

■ Blocking by subject line

You can configure Symantec Hosted Mail Security to block messages by the subject line. This lets you handle emerging threats for which a virus definition has not been created.

Note: Internet email is only one avenue by which a virus or threat can infiltrate your network. For comprehensive protection, you should ensure that every server and workstation at your site is protected by a server or desktop antivirus solution.

What happens during a virus scan

When Symantec Hosted Mail Security scans a file, it first decodes and

(15)

15 Introducing Symantec Hosted Mail Security How Symantec Hosted Mail Security protects against virus threats

contains nonmalicious bits of code, or virus definitions, for thousands of viruses. If Symantec Hosted Mail Security finds a match, the file is considered infected, and it is handled according to your configuration settings.

Advanced heuristics, which includes Symantec Bloodhound™ technology, help detect viruses for which no known definitions exist. Symantec Hosted Mail Security uses advanced heuristics to analyze a file if it detects certain behaviors in the file that warrant further analysis.

During a heuristics scan, the file is copied into a self-contained virtual computer that emulates the operating system environment. The antivirus scanner then runs the file and probes for and assesses suspicious behavior, such as whether the file replicates itself a number of times in a specified time frame. In most cases, the antivirus scanner can determine in milliseconds whether a file is likely to be infected by a virus. If it considers the file likely to be infected, it handles the file according to the settings that you have configured for handling infected files.

If Symantec Hosted Mail Security encounters a file that it cannot scan or it encounters a file attachment that violates a scanning rule, it logs the error and handles the file according to your configuration settings.

If a virus is detected

You can configure Symantec Hosted Mail Security to handle infected files in the following ways:

Table 1-1 Actions for infected files

Action Result

Clean the message Attempts to remove the virus and preserve the attachment. If the file is successfully repaired, text is added to the email message to notify recipients that a virus was detected and that the file was cleaned.

Quarantine the message after attachment is stripped

Removes the infected attachment from the email message and sends the message to the quarantine for administrator review.

Strip Attachment Removes the infected attachment from the email message and delivers the rest of the message. Text is added to the message to notify recipients that a virus was detected in the attachment and that the attachment was removed. Deny Delivery Blocks delivery of the email message and its attachments. Do Nothing or Allow

Delivery

(16)

How Symantec Hosted Mail Security protects against spam

How Symantec Hosted Mail Security protects

against spam

Symantec Hosted Mail Security lets you handle spam in the following ways:

■ Spam filters are continuously and automatically updated to protect against new and emerging spam threats.

■ Symantec Hosted Mail Security uses multiple filtering technologies to maximize spam detection and minimize false positives.

■ You can define specific email addresses, DNS names, and IP addresses from which email is always accepted or always denied.

About automatic spam filters

Symantec Hosted Mail Security provides multiple layers of filtering technology to protect your network environment from spam. As incoming messages pass through these filters, they are scored and classified as spam, potential spam, or legitimate messages. Legitimate messages are sent to the recipient. Based on how you configure Symantec Hosted Mail Security, spam and potential spam messages can be rejected, quarantined, or copied to another recipient, for example, an administrator.

Symantec maintains a global network of over 2 million decoy email addresses and domains that attracts and collects the latest spam. Tens of millions of email messages pass through the Symantec Probe Network™ each month. These messages are sent to Symantec Security Response for analysis to identify new spamming techniques and threats. Symantec technicians continuously fine-tune existing filters and develop new filters to respond to new and evolving threats. These filters are automatically updated every 10 minutes to ensure that your environment stays protected.

(17)

17 Introducing Symantec Hosted Mail Security How Symantec Hosted Mail Security protects against spam

Table 1-2 Spam Filtering Technologies

Filter type Description Protection type

Reputation Service Symantec monitors email sources from around the world to determine how much of the email messages that are sent from those sources are legitimate. Email from those sources can then be blocked or allowed based on the reputation value of the source as determined by Symantec. The Reputation Service is a dynamic database of IP addresses that is continuously compiled and updated. It consists of the following lists:

■ Open proxy list: A list of IP addresses of identity-masking relays that are used by spammers. This includes proxy servers with open or unsecured ports.

■ Safe list: A list of IP addresses from which virtually no outgoing email is spam.

■ Suspect list: A list of IP addresses from which virtually all outgoing email is spam.

■ Protects against high-volume spam sources and messages from open or unsecured relays.

■ Protects against false positives by allowing email traffic from sources that are contained on the safe list.

Heuristic filters Heuristic filters scan all parts of a message to test for characteristics that are usually inherent in spam, such as opt-out links, specific phrases, and forged headers. The filters assign an overall score to the message that is based on the number of spam characteristics that are found. If the message exceeds the spam threshold, it is considered spam.

(18)

How Symantec Hosted Mail Security protects against spam

Language filters Language filters can detect whether a message is written in one of 11 supported languages and then apply only the heuristic filters that were created for that language. This helps improve performance.

The supported languages include Chinese, Dutch, English, French, German, Italian, Japanese, Korean, Portuguese, Russian, and Spanish.

Protects global network environments from spam that is written in a language other than English.

MIME attachment signature filters Attachment signatures target specific types of MIME attachments, such as ZIP files, for objectionable or malicious content.

Symantec Hosted Mail Security treats any message as spam if any MIME attachment in the message matches a Symantec MIME filter.

Protects against embedded images and executables in MIME attachments that contain objectionable or malicious content.

Signature filters Messages that flow into Symantec Security Response (SSR) are analyzed for unique signatures and variations of signatures that are characteristic of a spam attack. Using this signature, Symantec can group and match seemingly random messages that originated from a single attack. Symantec continuously updates its database of known spam based on these signatures.

■ Protects against highly randomized, HTML-based spam attacks.

■ Protects against HTML-based evasion techniques that are used by spammers.

URL filters URL filters scan messages bodies for embedded URLs. The filters compare the URLs to the known-spammer list. The filters can identify and remove special characters that have been added to the URL link to conceal the Web address.

Symantec builds its known-spammer list based on URLs that are collected by the Symantec Probe Network and trusted third-party spam URL lists.

■ Protects against spam messages that direct recipients to inappropriate Web sites, such as pornographic sites.

■ Protects against spam messages that direct recipients to fraudulent Web sites.

■ Protects against tactics that spammers use to evade spam filters, such as disguised URLs and extreme randomization.

(19)

19 Introducing Symantec Hosted Mail Security How Symantec Hosted Mail Security protects against spam

About customized allow and deny lists

You can define specific email addresses, DNS names, and IP addresses from which email is always accepted or always denied.

Email addresses that you add to the deny list are always blocked. Deny lists are better suited for handling unwanted email messages from senders that you know, such as an individual or company whose sender address is unlikely to change frequently. Spammers use a variety of techniques to evade detection, such as changing or masking their sender addresses. Deny lists are not an effective tool against this type of threat.

(20)

How Symantec Hosted Mail Security protects against undesirable content

How Symantec Hosted Mail Security protects

against undesirable content

Symantec Hosted Mail Security lets you monitor incoming and outgoing email messages and attachments for inappropriate content to enforce corporate mail policies, reduce legal liability, and ensure compliance with regulatory

requirements. The content filtering features in Symantec Hosted Mail Security can detect and remove malicious HTML tags, scripting objects, and certain types of embedded images to protect your network from email-based threats. You can configure whether email messages that violate content or attachment policies are quarantined, rejected, stripped of the file attachment, or copied to another recipient, for example, an administrator.

Table 1-3 describes content compliance and security features provided by Symantec Hosted Mail Security.

Table 1-3 Content compliance and security features

Feature Description

Predefined content keyword categories Lets you filter content by keywords and phrases that are contained in the Symantec-provided content dictionary.

The content dictionary consists of the following categories:

■ Profanity

■ Sexual Overtones

■ Racially Insensitive

Customized content keyword categories Lets you add custom categories to the content dictionary and add your own keywords and phrases to satisfy your own security and business needs.

Spam-specific keyword categories Lets you define customized lists of keywords that are used to filter email for spam.

URL click-through protection Lets you enable or disable a user’s ability to follow a URL or other Web hyperlink that is contained in the body of an email message. You can also monitor information about the Web sites that users are visiting and other statistics.

Spam beacon blocking Removes certain types of embedded images from email messages that are used to send information about the user the source of the message.

(21)

21 Introducing Symantec Hosted Mail Security How Symantec Hosted Mail Security protects against undesirable content

How content filtering dictionaries work

The content dictionary that is provided by Symantec contains commonly filtered words and phrases that are grouped by categories. You can select the categories that you want to use to filter content. You can also define your own custom categories and keywords to use for filtering.

When you enable content filtering, Symantec Hosted Mail Security matches the individual words that are contained in an email message to the words that are contained in the content filtering categories that you have selected for filtering. As the filtering process continues, the content filtering scanner builds a word chain so that it can examine the context. For example, if the word cancer succeeds the word breast in a word chain, it is likely that the message is about a medical condition and is not inappropriate.

The content filtering scanner scores a message based on the number of matches that are found and adjusts the score based on the context of the words. If the score exceeds the built-in threshold, the message is considered to be a content filtering violation, and it is handled according to the configuration settings.

About URL click-through protection

You can enable or disable a user’s ability to follow a URL or other Web hyperlink that is contained in the body of an email message. This lets you enforce email security policies, reduce legal liabilities, and protect your network environment from security risks. Symantec Hosted Mail Security maintains information about the hyperlinks that were followed, who visited the sites, who sent the email message, and other statistical information so that you can monitor activities.

You can configure whether a site is automatically blocked, whether the user must respond to a confirmation prompt before proceeding, and whether the user receives a notification message. You can also create an allow list of URLs that you want to exclude from click-through protection.

About spam beacon blocking

Spam beacons or Web bugs are small graphics that are embedded in HTML content that can gather and send information about your system to the source (usually a URL). They typically are transparent, 1x1 pixel graphics and are nearly invisible.

(22)

Where to find more information about Symantec Hosted Mail Security

You can configure Symantec Hosted Mail Security to automatically remove these types of images from HTML content that is contained in incoming Internet email messages.

About language identification blocking

Symantec Hosted Mail Security can identify what language an email is written in, and filter email based on this information. You can choose to allow Symantec Hosted Mail Security to only deliver email in certain languages, or you can allow all languages, which is the default setting. The default policy is to allow email in all languages.

Where to find more information about Symantec

Hosted Mail Security

The following documentation is available to assist you with using and configuring Symantec Hosted Mail Security:

■ Symantec Hosted Mail Security Console and Spam Quarantine User’s Guide

If you are connected to the Symantec Hosted Mail Security Console, the console contains embedded help to assist you with using and configuring Symantec Hosted Mail Security. What’s This links provide information about each option. If you are connected to the Internet, the following online resources are available on the Symantec Web site:

■ Symantec.com/techsupp/ent/enterprise.html: Provides access to the technical support Knowledge Base, newsgroups, contact information, downloads, and mailing list subscriptions

(23)

Contacting Technical Support

Customers with a current support agreement may contact the Technical Support group via phone or online at www.symantec.com/techsupp. When contacting the Technical Support group, please have the following:

■ The page where you were working and details of the particular function you were trying to perform

■ The exact wording of any messages that appeared in the message box or in the status line

■ Any software or hardware behavior that seemed unusual

■ A description of how you tried to solve the problem

■ The version of the product you were using

Contacting Customer Service

To contact Enterprise Customer Service online, go to www.symantec.com, select the appropriate Global Site for your country, and then choose Service and Support. Customer Service is available to assist with the following types of issues:

■ Questions regarding product licensing or serialization

■ Product registration updates such as address or name changes

■ General product information (features, language availability, local dealers)

■ Latest information on product updates and upgrades

■ Information on upgrade insurance and maintenance contracts

■ Information on Symantec Value License Program

■ Advice on Symantec technical support options

■ Nontechnical presales questions

■ Missing or defective CD-ROMs or manuals

Reporting missed spam to Symantec

(24)

24 Introducing Symantec Hosted Mail Security Contacting Technical Support

You should submit the missed spam within 24 hours of when you received the message to ensure timely updates and to avoid analyzing messages for which updated rules have already been issued.

You can submit the missed spam to one of the following email addresses:

Note: These addresses are for missed spam messages only. You must submit the message as an RFC-822 MIME-encoded attachment.

Reporting false positives to Symantec

You can submit messages that were incorrectly tagged as spam to the Symantec Brightmail Logistics and Operations Center (BLOC). Symantec engineers will analyze the message and issue updates to the spam filtering rules as needed.

■ You can submit false positives to one of the following email addresses:

Note: These addresses are for false-positive messages only. You must send the message as an RFC-822 MIME-encoded attachment.

North America Gsubmit@submit-1.brightmail.com Europe, Middle East, Africa eurosubmit@submit-23.brightmail.com Japan, Asia, Pacific Rim apacsubmit@submit-22.brightmail.com

(25)

Chapter

2

Configuring Symantec

Hosted Mail Security

This chapter includes the following topics:

■ About the Symantec Hosted Mail Security Console

■ Redirecting your inbound MX records

■ Setting up your outbound server

■ Understanding hierarchy levels and user roles

■ Managing domain accounts

■ Managing user accounts

■ About user authentication methods

(26)

26 Configuring Symantec Hosted Mail Security About the Symantec Hosted Mail Security Console

About the Symantec Hosted Mail Security Console

The Symantec Hosted Mail Security Console is a browser-based interface. You access the console through a secure Web portal at the following URL:

https:\\hostedmailsecurity.symantec.com

When you subscribe to Symantec Hosted Mail Security, you will receive a welcome kit that includes your initial log on name and password. You can change this password.

For more information about requesting a new password, setting passwords, and changing passwords and for more information about working in the console, see the Symantec Hosted Mail Security Console and Spam Quarantine Report User’s

Guide.

You can do the following configuration tasks from the Symantec Hosted Mail Security Console:

■ Configure the inbound and outbound server settings

■ Set domain-level and user-level policies

■ Create groups of users and assign policies to them

■ Add and configure alias domain accounts

■ Add and configure user accounts and aliases

■ Configure the authentication settings for user logons

When you log on to the console as an Administrator, the Overview page is displayed by default. The Overview page provides high-level information about the email traffic to your domains over the previous 24 hours. Customer Administrators will see the information for all the domains that have been defined for the customer. Domain Administrators will see the information for only the domain in which the user role was defined.

You can configure Symantec Hosted Mail Security so that users can access their spam message quarantines through their Spam Quarantine Reports. The reports contain links that take them directly to their spam quarantine without having to log on through the console.

(27)

27 Configuring Symantec Hosted Mail Security

Redirecting your inbound MX records

Symantec Hosted Mail Security creates a proxy gateway for your inbound and outbound Internet email traffic. Messages are filtered in real-time as they pass to and from the Symantec Hosted Mail Security gateway and your mail servers. Before you can enable scanning of your incoming or outgoing Internet email, you must change the Mail Exchange (MX) records on your Internet-facing mail server or with your Internet Service Provider (ISP) to direct your email traffic to Symantec.

When you subscribe to Symantec Hosted Mail Security, Symantec sends you instructions that are specific to your organization on how to configure the Mail Exchange (MX) records for your domain name server (DNS) to direct your inbound and outbound email traffic to Symantec.

Table 2-1 provides general information about the settings for inbound email traffic:

You should remove all previous listings of your mail server. Additional domains should be redirected in the same manner.

To ensure that all inbound email traffic is filtered and protected by Symantec Hosted Mail Security, you must restrict all IP access to your mail servers with the exception of the following Symantec subnets:

198.65.127.0/24

216.183.112.64/26

You must also configure your inbound server information on the console. You must have Administrator rights to perform this task on the console.

Table 2-1 MX settings for inbound email

MX record Preference level

(28)

28 Configuring Symantec Hosted Mail Security Redirecting your inbound MX records

Note: It may take several days for your MX record redirect to propagate to all the email servers that may be sending email to your email server. During that time, your email server may still receive email directly from those email servers until they are updated with your latest MX record information.

To configure your inbound server settings

1 On the Symantec Hosted Mail Security Console, on the console toolbar, click Setup.

2 On the Configuration toolbar, click Inbound Servers.

3 On the Inbound Servers Setup page, in the SMTP Host Address field, type the fully qualified IP address or DNS address of your SMTP host server. 4 In the Port field, type the port number on your SMTP host server to which

the Symantec Hosted Mail Security service should connect. The default port number is 25.

5 In the Preference field, type a number to indicate the order of connection preference if you are configuring multiple servers.

The Symantec Hosted Mail Security service will attempt to connect to the server that has the lowest preference number first. If you assign the same preference number to multiple servers, Symantec Hosted Mail Security will balance the delivery.

6 If the server is immediately available to accept connections, check the Active checkbox.

You must check this checkbox to allow Symantec Hosted Mail Security to connect to the server.

(29)

Setting up your outbound server

To enable outbound filtering, you must configure the outbound configuration settings on the security console to include the IP addresses that are associated with the outbound service on your mail server. You must also establish a relay to send outbound traffic to the appropriate outbound domains.

Table 2-2 provides general information about the settings for outbound email traffic.

You must also configure your outbound server information on the console. You must have Administrator rights to perform this task on the console.

To set up your outbound server

2 On the Configuration toolbar, click Outbound Servers.

3 On the Outbound Server page, in the Server IP Address Range field, type the fully qualified IP address of the outbound SMTP host server.

4 Click Add New Address. 5 Click Save.

Table 2-2 Settings for outbound email

Domain Preference level

(30)

30 Configuring Symantec Hosted Mail Security Understanding hierarchy levels and user roles

Understanding hierarchy levels and user roles

Symantec Hosted Mail Security uses a hierarchical architecture to control data and security. User roles are assigned for each level in the hierarchy.

Table 2-3 describes user roles and hierarchy levels.

You must define at least one entity for each hierarchy level. Depending on the hierarchy level, an entity may be a full domain name, email domain name, or a user’s email address.

The name of each entity within a hierarchy level must be unique. For example, the same domain name cannot be defined in multiple customer entities.

Administrator and user roles define the level of access that a user has within the Symantec Hosted Mail Security console.

Table 2-3 Roles and hierarchy levels User role Description

Customer Contains one or more domain entries. For example, you can group all of the domain names that are used by your company or division within a company.

Symantec sets up this account information for you when you purchase your license.

Domain Contains the primary and alias domains that your organization uses for its email addresses.

The domain is the part of the email address that follows the at (@) symbol. For example, in the email address user@mycompany.com, the domain is mycompany.com.

You must own the rights to these domain names and your mail transfer agent (MTA) must be configured to receive email for these domains. Primary domain accounts can only be added by Symantec. Users with Customer Administrator rights can add alias domains.

User accounts Contains the complete email addresses (email accounts) in your organization that can receive email. The complete email address (user@mycompany.com) is considered the primary email account. You can also add alias email accounts.

You can add user accounts manually or automatically through the SMTP discovery feature.

(31)

31 Configuring Symantec Hosted Mail Security Understanding hierarchy levels and user roles

Table 2-4 describes administrator and user roles. Table 2-4 Administrator and user roles

Role Description

Customer Administrator The Customer Administrator can do the following:

■ Add, edit, and delete alias domains, user accounts, and user aliases

■ Configure global and domain-level filtering policies for incoming and outgoing email

■ Add, edit, or delete mail server hosts

■ View and manage all quarantine areas for each domain

■ View reports and statistical information that is generated for each domain

Domain Administrator The Domain Administrator can do the following:

■ Add, edit, and delete user information for a specific email domain

■ Configure domain-level filtering policies for incoming and outgoing email messages

■ Add, edit, or delete mail server hosts at the domain level

■ View and manage all quarantine areas for the email domain

■ View reports and statistical information that is generated for the domain

Quarantine Manager The Quarantine Manager can do the following:

■ View all quarantine areas for the primary and alias domains to which they are assigned

■ View reports and statistical information

Quarantine Managers cannot cross boundaries between primary domains and cannot change filtering policies. Reports Manager Reports Managers can view reports and statistical

information for the primary and alias domains to which they are assigned.

Reports Managers cannot cross boundaries between primary domains and cannot change filtering policies.

(32)

32 Configuring Symantec Hosted Mail Security Managing domain accounts

Users who are assigned to the Domain Administrator, Quarantine Manager, or Reports Manager roles can perform any of the functions of their role and any role that has a lower level of rights.

Managing domain accounts

When you subscribe to Symantec Hosted Mail Security, Symantec sets up a domain account for your company on the Symantec Hosted Mail Security Console. Symantec uses the fully qualified name of your domain name server (DNS) for this account. You must own the rights to this domain name.

Primary domain accounts can only be added or deleted by Symantec. However, you can add alias domains to map to your primary domain to manage your user and domain configurations.

Searching for a domain or alias domain

The Search Domains feature lets you search for a specific primary domain or alias domain or for a range of domain names, for example, all domain names that begin with a specific letter.

To search for a domain or alias domain

2 On the Configuration toolbar, click Domains. 3 On the Configuration page, click Search.

4 In the Domain list, select one of the following search criteria:

5 In the text field, type the text for which you want to search. 6 Click Search.

The domain names that match the search criteria are listed in the Domain list. To include alias domains in the list, check Show Domain Aliases.

starts with Searches for domain names that start with the characters that you type in the text field.

is Searches for the exact characters that you type in the text field. The text that you type must exactly match the domain name.

(33)

Managing domain accounts

Viewing domain configuration information

You can view basic configuration information about your primary domain and alias domain accounts.

Table 2-5 describes information you can view about the account.

To view domain configuration information

2 On the Configuration toolbar, click Domains.

3 On the Configuration page, under Domain, click the name of the domain for which you want to view configuration information.

The Domain Details field shows the basic configuration information about the domain that you selected.

Table 2-5 Domain configuration Domain account Description

Domain Indicates the name of the domain whose information is being displayed.

Created Indicates the date and time when the domain was added to Symantec Hosted Mail Security.

Contact Email Indicates the email address that is used to contact a representative for the domain.

Existing Users Qty Indicates the total number of user accounts (email addresses) defined in the domain.

Inbound Package Specifies whether Symantec Hosted Mail Security is being used to filter inbound mail.

Outbound Package Specifies whether Symantec Hosted Mail Security is being used to filter outbound mail.

Quarantine Period Indicates the number of days that data for quarantined emails are stored before being automatically deleted. User Aliasing Indicates whether users can define and manage alias email

addresses associated to their primary email addresses and, if enabled, how many alias email addresses can be defined per primary email address.

(34)

34 Configuring Symantec Hosted Mail Security Managing domain accounts

Adding alias domain names

Symantec Hosted Mail Security lets you associate alias domain names to your primary domain. Alias domain names are virtual domains in which all email addresses in the alias domain name are automatically aliased to equivalent email addresses in the primary domain.

For example, your primary domain account contains the email address jsmith@primary.com. If you add an alias domain called alias.com to the primary.com domain, an email address is automatically created for jsmith@alias.com.

All email addresses that are defined for an alias domain must be aliased to primary email addresses in the associated primary domain. Because the alias domain is only a virtual domain, it can only contain alias email addresses. It cannot contain primary email addresses.

The policies and configuration settings for the primary domain apply to all alias domains that are associated with it. Email messages that are addressed to an alias domain are routed to the primary domain server. If a message violates a filtering policy, it is stored in the quarantine for the primary domain. You must have Customer Administrator or higher level rights to add an alias domain. You must own the rights to the alias domain name, and your mail transfer agent (MTA) must be configured to accept email that is addressed to the alias domain.

To add alias domain names

3 On the Configuration page, under Domain, select the primary domain to which you want to add an alias domain.

4 On the Configuration page, under Domain Details, click Manage Aliases. 5 On the Domain Management page, in the Add text field, type the fully

qualified alias domain name. 6 Click Add.

If you want to add additional alias domains, repeat steps 5-6. 7 When you are finished, click Done to save your changes.

(35)

Managing user accounts

Deleting alias domain names

If you delete an alias domain, any email messages that are addressed to the alias domain will be denied. Quarantined messages that are associated with the alias domain will be kept until you manually delete them or until the quarantine is automatically purged.

To delete alias domain names

3 On the Configuration page, under Domain, select the primary domain to which you want to add an alias domain.

4 On the Configuration page, under Domain Details, click Manage Aliases. 5 On the Domain Management page, in the Delete list, select the aliases that

you want to delete. 6 Click Delete.

7 To continue, on the confirmation page, click OK. This action cannot be undone.

8 When you are finished, click Done.

Managing user accounts

User accounts (or email accounts) are the specific email addresses that receive email. A complete email address includes the prefix and the domain name (for example, username@sampledomain.com).

Users must have a primary email address defined in Symantec Hosted Mail Security for their mail to be filtered for viruses, spam, or content. This is also required for them to log into the Symantec Hosted Mail Security Console or to receive a Spam Quarantine Report.

Each user can have multiple primary email addresses. A user with multiple primary email addresses has multiple quarantine areas and receives a Spam Quarantine Report for each primary email address. You can also define alias email addresses to combine the reporting and quarantines for multiple email addresses.

(36)

36 Configuring Symantec Hosted Mail Security Managing user accounts

You can add user accounts in the following ways:

■ Manually create or delete user accounts

■ Automatically create or delete users accounts through SMTP Discovery

Designating how user accounts are created or deleted

Symantec Hosted Mail Security lets you add or delete user accounts manually or automatically using SMTP discovery. You can configure a domain to allow only the manual creation or deletion of user accounts for security purposes. If you configure a domain to allow only manually created user accounts, messages that cannot be delivered because the email address is not defined in Symantec Hosted Mail Security or because your mail transfer agent (MTA) does not recognize the address as valid are handled according to the Recipient Shield policy settings that you have configured. For information about Recipient Shield, See“About the Recipient Shield list” on page 63.

To designate how user accounts are created or deleted

1 On the Symantec Hosted Mail Security Console, on the toolbar, click Setup. 2 On the Configuration page, on the toolbar, click User Creation.

3 If applicable, in the Domain list, select the domain that you want to configure.

4 Under User Creation Settings, select one of the following:

■ SMTP Discovery: Lets you create and delete user accounts automatically through SMTP discovery or by manually adding and deleting them

The SMTP Discovery feature creates user accounts from message transactions.

■ Explicit: Sets the User Creation Settings to manual mode User accounts must be added and deleted manually. 5 Click Save Changes.

Creating user accounts manually

(37)

You can only create new user accounts in a primary domain. You cannot create new user accounts in an alias domain.

Table 2-6 describes characters that can and cannot be used in the user account name.

You can add user accounts by using a batch file that contains the email

addresses and optional alias email addresses that you want to add. The batch file must be a text file. Each entry must be on its own line, and each entry must be terminated with a line-break character.

Each entry should use the following format:

new_email@domain.com optional_alias_prefix optional_alias_prefix2

Table 2-6 User account name characters Allowed Not Allowed

Alphanumeric characters (A-Z) Spaces before or after the account name Numeric characters 0-1 Comma ( , )

Spaces within the name Plus sign ( + ) Hyphen ( - ) Double quotes ( “ ) Single apostrophe ( ‘ ) Backslash ( \ ) Ampersand ( & ) Left arrow ( < )

(38)

Table 2-7 describes the user account entries format you should follow.

For example:

jsmith@exampledomain.com johnsmith

All user accounts that are added by the batch method are assigned the default filtering policies and are assigned to the User role. When you add user accounts by using a batch file, users are not assigned passwords. Passwords are required to access the console.

To add an individual user account manually

1 On the Symantec Hosted Mail Security Console, on the console toolbar, click Users.

2 On the User Management page, if applicable, in the Domain drop-down list, select the name of the domain to which you want to assign the user.

3 On the User Management toolbar, click Create Users. 4 In the Creation Mode drop-down list, select Individual.

5 In the Email field, type the prefix (user account name) of the email address that you want to add.

The prefix is the part of the email address before the at (@) symbol in the email address. For example, sampleuser in the email address

sampleuser@sampledomain.com.

Table 2-7 User account entries Entry format Description

new_email@domain.com The complete email address, including the domain, of the user account that you want to add.

The domain must match the domain name that appears on the console.

optional_alias_prefix The prefix for the alias email address that you want to associate with the user account. Use a space between the new_email@domain.com entry and the

optional_alias_prefix.

(39)

All email addresses in Symantec Hosted Mail Security must be unique. 6 In the Role list, select the user role to which you want to assign the user: 7 In the Password field, type the password for the user account.

This is the password that users will use to log on to the console. Passwords must be at least 6 characters and must not include spaces. Passwords are case-sensitive.

8 In the Verify Password field, retype the password to confirm it.

You can configure the filtering policies for the user and set custom spam filtering policies.

9 If the you want the user to be added to a group, select that group from the Group Membership drop-down list.

You can create groups of users and create custom policies for those groups. If you do not select a group for this user, the user will be a member of the default group, and have the default policy assigned. If you have not created any groups, the only options available will be the default value for

‘ungrouped’ users. For more information about groups and group policies, see “About groups and group policy sets” on page 54.

10 If this user is to be exempt from all filtering or from outbound filtering, check the appropriate checkbox.

11 Check or uncheck the available Filter Policies for this user’s email as desired.

12 Click Create.

This saves your changes and adds the user account. If you exit this page before you click Create, your information will be discarded.

To add multiple user accounts in batches manually

2 On the User Management page, if applicable, in the Domain list, select the name of the domain to which you want to assign the user.

3 On the User Management toolbar, click Create Users. 4 In the Creation Mode list, click Batch.

5 Under the Email Addresses field, do one of the following:

■ Type the full path and file name of the batch file. ■ Click Browse to navigate to the location of the batch file. 6 On the User Management page, click Upload File.

(40)

This saves your changes and adds the user account. If you exit this page before you click Create, your information will be discarded.

Manually deleting user accounts

User accounts can only be deleted by users with Domain Administrator or higher-level rights. When you delete an account, all of the information that is associated with that account is removed. This includes quarantine and reporting information. This action is recorded in the Audit Trail report.

You can only delete accounts for users that have lower level rights. For example, Domain Administrators can delete Quarantine Managers, Reports Managers, and Users, but cannot delete other Domain Administrators or Customer Administrators.

Note: Deletion of a user account cannot be undone. If the domain is configured to add users automatically through SMTP discovery, it is possible that a deleted user account may be added back automatically.

To delete user accounts manually

2 On the User Management toolbar, click Delete Users.

3 On the User Management page, if applicable, in the Domain list, select the domain name from which you want to delete a user account.

4 In the Users list, select from the following to narrow the search criteria:

All users Lists the first 1000 user accounts for the designated domain in alphabetical order.

Last login over 15/30/60 days ago

Lists the first 1000 user accounts whose users have not logged in during the previous 15/30/60 days either by using the console or through the Spam Quarantine Report.

Created less than 24 hours/ 7days/15 days ago

(41)

5 To further narrow the search for a user account, select one of the following search filters, type the search criteria in the text field, and click Search:

You can use wildcard characters. The search is performed only on the prefix of the email address. If you want to include the domain in the search, you must type the at (@) symbol in the text field.

6 In the Users list, select the user accounts that you want to delete. You can select up to 100 items in the list.

7 Under Add/Remove Users from Delete List, click the right-pointing arrow (the arrow that points to the Delete List).

8 Review the items in the Delete List to confirm your selections.

If the list includes items that you do not want to delete, select the items and click the left-pointing arrow (the arrow that points to the Users list). 9 Click Delete to remove the items that are listed in the Delete List.

You will be prompted to confirm the action. This action cannot be undone.

Adding user accounts automatically through SMTP Discovery

When you enable the SMTP Discovery option for a domain, Symantec Hosted Mail Security automatically adds user accounts to the domain based on SMTP message transactions. It creates the account only after several messages have been successfully delivered to the recipient within a certain time period and the account does not already exist. The number of delivered messages varies due to system-related factors. The typical range is three to seven messages. The time period within which the messages must be received varies by the configuration settings for your mail transfer agent (MTA). The time range is typically one day. The email messages must be addressed to a primary domain and must

successfully pass through the filtering policies. Symantec Hosted Mail Security does not automatically create user accounts for alias domains. For security reasons, if the messages were denied delivery by your MTA or if the messages were quarantined or denied because of filtering policy violations, the user account is not added.

equals The user account must match exactly with the text that you type in the text field.

starts The user account must start with the characters that you type in the text field.

(42)

When Symantec Hosted Mail Security automatically creates a new user account, it assigns the user account to the User role and assigns it the default

configurations that are defined for that domain. It does not automatically create a password for the user account. For the purposes of group policies, the user is also included in the default ungrouped users group for that user’s domain.

Deleting user accounts automatically through SMTP Discovery

When you enable the SMTP Discovery option for a domain, Symantec Hosted Mail Security will automatically delete user accounts if all of the following criteria are met:

■ Your mail transfer agent (MTA) permanently denies delivery of the email because of an invalid email address.

Messages are not automatically deleted if the failed delivery is caused by a temporary condition.

■ No logons have been recorded for the user account.

■ None of the configuration settings for the user account have changed (for example, Allow or Deny lists, Spam Quarantine Report settings).

■ No Spam Quarantine Report has been generated for the user account. When an account is deleted, all of the information that is associated with that account is removed. This includes quarantine and reporting information.

About access rights for the User role

Users that you assign to the User role have limited rights within Symantec Hosted Mail Security. They can view information about messages that were quarantined for spam and have limited control over spam policy settings. They cannot change virus or content filtering policy settings and cannot view messages or attachments that have been quarantined for virus or content filtering violations.

Depending on your configuration settings, those assigned to the User role can do the following:

■ View, release, or delete email messages from the Spam Quarantine.

■ Add, edit, or delete sender email addresses in their personal Allow and Deny lists.

(43)

■ If enabled, choose to receive a text-only notification message instead of a Spam Quarantine Report.

■ If enabled, select whether email messages are filtered for potential spam content.

Users can also select the action to take on messages that are identified as having a medium or high likelihood of being spam.

■ Select how often they want to receive the Spam Quarantine Report.

■ If enabled, select the languages in which they wish to receive email.

■ If enabled, add or delete email addresses that are aliased to their primary email address.

Users can perform these actions only for the email addresses that an administrator has assigned to them.

For more information, see the Symantec Hosted Mail Security Console and Spam

Quarantine User’s Guide.

Using alias email addresses to manage user accounts

Symantec Hosted Mail Security lets you use alias email addresses to associate multiple email addresses with one primary email address. Alias email addresses let users who have multiple email addresses manage all of their quarantine areas and reports from a primary account. The configuration settings for the primary email address apply to all alias email addresses that are associated with it.

When an email message passes successfully through the filtering process, it is delivered to the designated primary or alias email address. Symantec Hosted Mail Security redirects the message to a primary address only if a filtering violation occurs. Messages that are addressed to an alias email address that are quarantined for a filtering violation are sent to the quarantine for the primary email address. If the message is released from the quarantine, it is sent to the primary email address.

By default, all users who have rights to access Symantec Hosted Mail Security can add aliases for their own primary email address. The maximum number of user aliases is five aliases per user. Users can add aliases by logging on to the console directly or through a Spam Quarantine report.

(44)

Preventing users from adding their own aliases

The User Aliases feature is enabled by default, which lets all users who have rights to access Symantec Hosted Mail Security add aliases for their own primary email address. You can prevent users from adding their own aliases by disabling this feature. If you disable the User Aliases feature, only users with Domain Administrator or higher level rights can add user aliases.

To prevent users from adding their own aliases

2 On the User Management toolbar, click Alias Settings.

3 On the User Management page, if applicable, in the Domain list, select the domain name that you want to configure.

4 Under User Aliases, click Disabled. 5 Click Update.

Limiting the number of email aliases per user

By default, the maximum number of user aliases is five aliases per user. If you are assigned to a Domain Administrator role or higher, you can lower this limit. To limit the number of email aliases per user

2 On the User Management toolbar, click Alias Settings.

3 On the User Management page, if applicable, in the Domain list, select the domain name that you want to configure.

4 In the Aliases per user field, type the number of aliases that you want to allow per user.

This field is available only if the Enabled option is selected. 5 Click Update.

Adding alias email addresses

(45)

Users who are assigned to the Quarantine Manager, Reports Manager, or User role can only add alias email addresses to their own primary addresses.

Depending on your configuration settings, they can add alias email addresses by logging on to the console directly or through a Spam Quarantine Report. For more information, see the Symantec Hosted Mail Security Console and Spam

Quarantine Report User’s Guide.

User aliases must be unique names. They must also be valid email addresses that your mail server is configured to recognize.

Note: You must have Domain Administrator or higher level rights to perform this procedure.

To add alias email addresses

2 On the User Management page, select the user name (email address) to which you want to add an alias email address.

3 Under User Details, click Edit User Aliases.

4 Under Add a User Alias Email Address, in the field, type the alias name that you want to use.

5 Click Add.

6 Repeat steps 4-5 for each alias that you want to add. 7 When you are finished, click Done.

Deleting email addresses

Any user can delete alias email addresses. You must have Domain Administrator or higher level rights to delete primary email addresses. Users with lower-level rights who need to delete a primary account can convert the primary address to an alias address and then delete the former primary address.

If you delete an alias email address, its association with the primary email address is removed. If the user continues to receive messages that are addressed to the email address that you deleted, the SMTP Discovery feature may

(46)

To delete a primary email address

2 On the User Management page, select the user name (email address) that you want to delete.

3 Under User Details, click Delete User.

You will receive a confirmation prompt to confirm the action. 4 To continue, click OK.

This action cannot be undone. To delete an alias email address

2 On the User Management page, check Show User Aliases. 3 Select the alias email address that you want to delete. 4 Under User Details, click Delete User.

You will receive a confirmation prompt to confirm the action. 5 To continue, click OK.