User Policies
By default, each recipient email address inherits the policy as set for that domain. GFI MailSecurity enables administrators to apply custom email filtering policies to individual users, that override the domain policies. User policies have a higher priority than domain policies. When an email is received for a user who does not have a user policy, then GFI MailSecurity uses the domain policy. If a user policy associated with the email address exists, then GFI MailSecurity uses the user policy.
GFI MailSecurity also enables end-users to customize their quarantineA email database where emails detected as spam and/or malware are stored in a controlled enviornment. Quarantined emails are not a threat to the network report preferences. The User policies screen shows these customizations, enabling administrators to track the changes applied.
User policies are created when:
- A user logs into the GFI MailSecurity UI the first time.
- A user whitelists a sender from their quarantine report.
- An existing user (who has already sent or received email) requests their password using the Forgot Password link on the GFI MailSecurity login page.
- An administrator manually creates a user policy rule as documented below.
User Policies page
To access the User Policies screen:
- Login to GFI MailSecurity.
- Key in your Administrator account credentials in the login screen.
- Choose the DomainAddress or URL of a particular network. Group Administrator role from the top-right corner Role field.
- Navigate to Anti-SpamAn irrelevant or unsolicited email sent over for the purposes of advertising, phishing, spreading malware, etc. Engine > User Policies.
- To create new user policies click Add… . To edit an existing user policy, click the
icon in the options column. - Configure the following options:
| Option | Description |
|---|---|
| Email Addresses |
Specify one or more email addresses to create user policies for. Specify multiple email addresses in separate lines. |
| User Role |
Choose User. |
| Spam Filtering |
Specifies whether spam filtering is enabled for the selected user. Toggle Enable / Disable to switch this option on or off. |
| Consider mail spam when score is greater than |
This is the anti-spam engine scoring threshold above which mail is considered to be spam. |
| Spam should be |
Action to perform when a message is classified as spam:
|
| Discard Spam scoring above |
Messages scoring above the specified score is automatically discarded. This option is only available when the action is set to Quarantined. |
| Spam Modifies Subject | Enable this option to prepend text to the Subject header, indicating that the message has been identified as spam. Specify an appropriate Spam Subject Tag to be added to the subject. This option is only available when the action is set to Passed (Tagged). |
| Add X-Spam headers to non-spam mails |
Specifies if additional headers are added to inbound messages, indicating the result of the spam analysis. The headers added are:
Toggle Enable / Disable to switch this option on or off. |
| Virus Filtering |
Specifies whether virus filtering is enabled for the selected domain. Toggle Enable / Disable to switch this option on or off. |
| Viruses should be |
The action to perform when a message is identified as containing a virus. Refer to the actions documented in the anti-spam section above. |
| Attachment Type Filtering |
Specifies whether the default GFI MailSecurity message attachment policy is applied to messages received by this recipient. Toggle Enable / Disable to switch this option on or off. The default file types blocked are .bat, .cmd, .com, .dll, .exe, .flv, .js, .piv, .scr and .vbs. |
| Banned Attachments should be |
The action to perform when a message is blocked by Attachment Type Filtering. The options are:
|
| Archive Clean Email |
Enable this setting to store all clean messages received by this domain in the history. (Go to Reporting > History to view clean emails.) Toggle Enable / Disable to switch this option on or off. |
| Lock Policy | When enabled, any changes applied to the parent domain policy does not affect the user policy. For example, if the domain policy for example.com changes the spam score to 1, any user policy under example.com also sees that change appears on their policy unless it has been locked. |
| Quarantine Report |
This field specifies whether quarantine reports should be generated for recipients in this domain. A quarantine report is generated for each recipient who has at least one email quarantined. Toggle Enable / Disable to switch this option on or off. |
| Language |
If enabling quarantine reports, select the default report language. |
| Email report every |
If enabling quarantine reports, select the frequency of the reports. Reports may be generated every day, every weekday (Monday to Friday), every Friday, or every month. |
| Report contains |
If enabling quarantine reports, choose the items to show in the report. The report may include:
|
| Exclude spam mails scoring above |
If enabling quarantine reports, users are usually only interested in messages that fall just above the spam threshold to look for false positivesLegitimate emails that are incorrectly identified as spam.. Spam messages scoring above a certain threshold can be unequivocally deemed as spam. If users get a significant amount of spam, then to keep the report size manageable you can exclude spam messages above, for example 30. This setting is set to 999 by default, meaning that no messages are excluded (as a message cannot score that high). |
- Click Add to save settings.
To impersonate a user, click on the 
icon in the options column. This automatically log you into that user interface with the same permissions as they would have.