7.7 Using Folders and Message Classifications

MailMarshal uses a Microsoft SQL Server database to log basic information about each message it has processed. This information includes the sender, recipient, message size, and actions taken.

If MailMarshal moves or copies a message to a folder, it logs this event in the database.

Using Message Classifications is another way to add detail to the log records. You can add Message Classifications by including an action within a MailMarshal Content Analysis Policy rule. You can view the classification given to a particular message using the Console Message History or reports from Marshal Reporting Console.

You should include at least one logging action (either a folder action or a Classification action) in each Content Analysis Policy rule. MailMarshal default rules include such actions.

7.7.1 Working with Message Classifications

Message Classifications are useful for reporting on broad categories, such as viruses or executable files quarantined. You can also use classifications to record very specific occurrences such as a specific file or size of file being sent. For example you could answer the question “How many PDF files over 500K in size are sent by Sales each week?” by creating a rule to log sending of such files. If several rules place messages in a single MailMarshal folder, you can use classifications to give additional granularity for searching and reporting.

To work with classifications, in the left pane of the Management Console, select Policy Elements. Then select Classifications from the right pane menu. To create a message classification:

1.On the menu above the list, choose Add.

2.In the window, enter a meaningful name for the classification.

3.Give a brief description of the classification and its purpose. This description will be used in the Console and Reports, and can contain { } variables as in message stamps and templates.

4.To add the classification, click Save.

7.7.1.1 Editing Message Classifications

You can edit the name and description of a classification.

To edit a message classification:

1.Double-click the classification name in the right pane of the Management Console to view its properties.

2.Make any required changes.

3.Click Save.

7.7.1.2 Duplicating Message Classifications

You can make a copy of a classification if you want to use it as the starting point for another classification.

To duplicate a message classification:

1.Right-click the classification name in the Management Console.

2.Choose Duplicate from the context menu.

3.After duplicating the classification, make any required changes to the copy.

7.7.1.3 Deleting Message Classifications

You can delete a classification if it is not used in any rules.

To delete a message classification:

1.Select the classification name in the right pane of the Management Console.

2.Click the Delete icon in the toolbar.

7.7.2 Working with Folders

MailMarshal uses folders to store messages that it has quarantined, parked for later delivery, or archived. You can delete quarantined messages, release them to the recipient, and manage quarantined messages in other ways.

MailMarshal also uses special “Dead Letter” folders to store messages that it could not completely process. You can manage messages in these folders in many of the same ways that you can manage quarantined messages.

You can configure folders with specific security settings. You can configure folders to be available for end-user management through the Spam Quarantine Management console. You can configure folders to allow “fingerprinting” of released messages.

MailMarshal includes predefined folders that address common email security issues and automatically categorize quarantined mail. MailMarshal provides many predefined folder types, including folders that:

•Hold messages quarantined due to rule action (for instance, messages that are categorized as spam, virus infected, contain disallowed attachments, or blocked for other policy reasons).

•Hold archived messages.

•Hold historical information about delivered messages (Sent History).

•Hold messages that MailMarshal cannot process or cannot deliver, called dead letters. Dead Letters can result from bad email addresses, from corrupted data, from differing interpretations of Internet standards, or when a message is intentionally malformed in an attempt to exploit a security vulnerabil­ity.

Predefined and newly-created folders have default properties that you can modify. For example you can specify a custom file system location for a folder.

If existing MailMarshal folders are not appropriate for your needs, modify the properties of an existing folder or create your own folders.

7.7.3 Creating Folders

You can create as many folders as your policy requires. You can create the following types of folders:

Standard Folder

Used to quarantine dangerous or suspect mail. You can specify that an administrator or regular user can manage the folder contents through SQM. You can specify that messages released from the folder are eligible for attachment fingerprinting.

Archive Folder

Used to keep historic copies of delivered mail. MailMarshal saves messages stored in the folder for a specific period of time. You cannot manually delete mail stored in an archive folder. You can specify that messages released from the folder are eligible for attachment fingerprinting.

Parking Folder

Used to delay the delivery of mail. MailMarshal releases messages stored in the folder according to a predefined schedule.

To create a folder:

1.In the left pane of the Management Console, select Policy Elements. Then select Folders from the right pane menu.

2.On the menu above the list, click Add.

3.Specify the appropriate values. For more information about available settings, click Help.

4.Click Save.

7.7.4 Editing Folders

You can change the name and most features of a folder. You cannot change the type of an existing folder. You cannot change the name of dead letter folders.

To edit a folder:

1.In the left pane of the Management Console, select Policy Elements. Then select Folders from the right pane menu.

2.Double-click the folder you want to modify.

3.Specify the appropriate values. For more information about available settings, click Help.

4.Click Save.

7.7.4.1 Deleting Folders

You can delete a folder if it is not used in any rules. You cannot delete dead letter folders.

To delete a folder:

1.In the left pane of the Management Console, select Policy Elements. Then select Folders from the right pane menu.

2.Click the Delete icon on the menu above the list.

Deleting a folder in the Management Console deletes only the link to the folder that appears in the Management Console. This action does not delete the physical folder or any email messages it contains. To delete email messages use the Folders or Message History items in the Management section of the Management Console. To delete the folder on disk and its contents use Windows tools.

7.7.4.2 Configuring Default Folder Access

You can set the default folder permissions to control user ability to view and manipulate items in most MailMarshal folders.

To configure default access permissions for MailMarshal folders:

1.In the left pane of the Management Console, select Policy Elements. Then select Folders from the right pane menu. Click Default Folder Security.

2.This pane displays a list of security objects. Available object types include MailMarshal roles, MailMarshal Users, and Windows users and groups. Click an object name to show the permissions that role has over the features of MailMarshal folders.

•To add items to the list, click Add then select the items. You can see and add individual users by selecting an item and selecting Show Users. Each item you add is given full permissions by default.

•To delete an item from the list, select it and click Delete.

3.To change permissions for an item highlight the name. The lower pane shows the current permissions for this item. Set permissions by selecting the appropriate options.

•A user could be a member of more than one role, and can also be listed individually. In this case, you can choose how permissions are applied by ordering the list. For details, see Help.

4.To save the changes, click Save.

7.7.4.3 Configuring Access for a Specific Folder

Set the permissions on a particular folder to control user ability to view and manipulate items in that folder. Permissions on a specific folder override the default folder permissions.

To configure access permissions for a specific MailMarshal folder:

1.In the left pane of the Management Console, select Policy Elements. Then select Folders from the right pane menu.

2.In the right pane, edit a specific folder. Enable the item Override default folder security to show the Security tab.

3.This pane displays a list of security objects as described above. Click a name to show the permissions that role has over the features of the specific MailMarshal folder.

•To add items to the list, click Add then select the items. Each item you add is given full permis­sions by default.

•To delete an item from the list, select it and click Delete.

4.To change permissions for an item highlight the name. The lower pane shows the current permissions for this item. Set permissions by selecting the appropriate options.

•A user could be a member of more than one role, and can also be listed individually. In this case, you can choose how permissions are applied by ordering the list. For details, see Help.

5.To save the changes, click Save.

6.To apply the changes, click the Commit button in the toolbar.