Quarantine
The GFI MailSecurity QuarantineA email database where emails detected as spam and/or malware are stored in a controlled enviornment. Quarantined emails are not a threat to the network provides a central store where all emails detected as spam or malwareAll malicious types of software that are designed to compromise computer security and which usually spread through malicious methods. are retained. This ensures that users do not receive unwanted messages in their mailbox and processing on the mail server is reduced.
Administrators and end-users can review quarantined emails by accessing the quarantine interface from a web browser. GFI MailSecurity can also send regular quarantine email reports to end-users to review their blocked emails.
This chapter describes the quarantine management system, and how the administrator manages the organization's quarantined messages. End-users can also review their personal quarantine.
Using the quarantine
The Quarantine is accessible by logging in to GFI MailSecurity. From the Quarantine, administrators can review blocked emails and apply various actions, for example, release a false positive, whitelist the sender or permanently delete emails.
To access the organization's Quarantine:
- Login to GFI MailSecurity.
- Key in your Administrator account credentials in the login screen.
- Choose the Domain Group Administrator role from the top-right corner Role field.
- Go to Quarantine > Manage Quarantine.
The Manage Quarantine page shows the emails in quarantine.
Use the Search Filters tab to filter through the list of quarantined emails on a number of different criteria including message type, email address, score, subject and message flow direction.
The following actions may be performed on messages in the Quarantine:
Action | Description |
---|---|
View Message |
To safely view a message that is in the quarantine click the From, To, or Subject of a particular quarantined message from the list. This opens the message in a separate window.
Note that the images are blocked from this preview to prevent possible inappropriate content. If a message is subsequently released and delivered, then the original images are present.
|
Release Message |
Messages in the quarantine that are misidentified as spam (False positivesLegitimate emails that are incorrectly identified as spam.) can be released for delivery to their intended recipients. Click Release to perform this action. |
Delete Message |
Users can choose to permanently delete messages one at a time, or in bulk by checking the check boxes of messages to delete. Note that if a message is deleted from the quarantine then that message does not appear in the quarantine report. NOTE Deleted messages are permanently purged and are not recoverable. |
WhitelistA list of email addresses and domains from which emails are always received. Sender |
Adds the sender of the selected message(s) to the whitelist so that all future emails from this sender bypass the GFI MailSecurity anti-spam engine. Selecting this option also automatically releases the message from the quarantine. Note that the sender email address that is added to the Whitelist is the envelope email address. This is sometimes different from the address that appears in the From header of the message. |
NOTE
Quarantined items are automatically deleted from the quarantine store after 21 days. Deleted items are not recoverable.
Enabling Quarantine reports for the users
Administrators can enable quarantine reports to be sent to users on a daily basis. A quarantine report is generated for each recipient who has at least one email quarantined.
The report contains a list of items in quarantine and a link for the users to access their personal quarantine.
To enable quarantine reports for the users:
- Login to GFI MailSecurity.
- Key in your Administrator account credentials in the login screen.
- Choose the Domain Group Administrator role from the top-right corner Role field.
- Navigate to Anti-SpamAn irrelevant or unsolicited email sent over for the purposes of advertising, phishing, spreading malware, etc. Engine > Domains Policies.
- Choose a domain and click the icon to configure the domain's filtering options.
- On the Quarantine Report option click Enable.