User Policies

By default, each recipient email address inherits the policy as set for that domain. GFI OneConnect SecurityA service provided by GFI OneConnect that protects your inbound email from viruses, filters out spam and provides mail monitoring features. enables administrators to apply custom email filtering policies to individual users, that override the domain policies. User policies have a higher priority than domain policies. When an email is received for a user who does not have a user policy, then GFI OneConnect uses the domain policy. If a user policy associated with the email address exists, then GFI OneConnect uses the user policy.

GFI OneConnect also enables end-users to customize their quarantineA email database where emails detected as spam and/or malware are stored in a controlled enviornment. Quarantined emails are not a threat to the network report preferences. The User policies screen shows these customizations, enabling administrators to track the changes applied.

User policies are created when:

  • A user logs into the GFI OneConnect Security UI the first time.
  • A user whitelists a sender from their quarantine report.
  • An existing user (who has already sent or received email) requests their password using the Forgot Password link on the GFI OneConnect Security login page.
  • An administrator manually creates a user policy rule as documented below.

User Policies page

To access the User Policies screen:

  1. Login to GFI OneConnect using an Administrator account and navigate to Manage > Security.
  2. Key in your Administrator account credentials in the Security login screen.
  3. Choose the DomainAddress or URL of a particular network. Group Administrator role from the top-right corner Role field.
  1. Navigate to Anti-SpamAn irrelevant or unsolicited email sent over for the purposes of advertising, phishing, spreading malware, etc. Engine > User Policies.
  2. To create new user policies click Add… . To edit an existing user policy, click the http://10.1.60.10/imgs/editblue.png icon in the options column.
  3. Configure the following options:
Option Description
Email Addresses

Specify one or more email addresses to create user policies for. Specify multiple email addresses in separate lines.

User Role

Choose User.

Spam Filtering

Specifies whether spam filtering is enabled for the selected user. Toggle Enable / Disable to switch this option on or off.

Consider mail spam when score is greater than

This is the anti-spam engine scoring threshold above which mail is considered to be spam.

Spam should be

Action to perform when a message is classified as spam:

  • Quarantined: The message is moved to the GFI OneConnect Security Quarantine. It appears in the recipient's Quarantine Report and may be later released from the quarantine if it is deemed by the user to be a false positive.
  • Passed (Tagged): Spam emails will be passed onto the end recipients, but headers are added to the message so that it will be possible to filter messages on the backend mail server and/or on the end-recipients mail client.
  • Rejected: The message will be rejected. The message are dropped before they are received by the mail server. Those messages cannot be recovered.
Discard Spam scoring above

Messages scoring above the specified score will be automatically discarded.

This option is only available when the action is set to Quarantined.

Spam Modifies Subject Enable this option to prepend text to the Subject header, indicating that the message has been identified as spam. Specify an appropriate Spam Subject Tag to be added to the subject. This option is only available when the action is set to Passed (Tagged).
Add X-Spam headers to non-spam mails

Specifies if additional headers are added to inbound messages, indicating the result of the spam analysis. The headers added are:

  • X-Spam-Status: This will show if the message exceeded the spam threshold and the score that it achieved. It will also list what rules were fired by the anti-spam engine.
  • X-Spam-Score: Lists the spam score achieved.

Toggle Enable / Disable to switch this option on or off.

Virus Filtering

Specifies whether virus filtering is enabled for the selected domain. Toggle Enable / Disable to switch this option on or off.

Viruses should be

The action to perform when a message is identified as containing a virus. Refer to the actions documented in the anti-spam section above.

Attachment Type Filtering

Specifies whether the default GFI OneConnect message attachment policy is applied to messages received by this recipient. Toggle Enable / Disable to switch this option on or off.

The default file types blocked are .bat, .cmd, .com, .dll, .exe, .flv, .js, .piv, .scr and .vbs.

Banned Attachments should be

The action to perform when a message is blocked by Attachment Type Filtering. The options are:

  • Quarantined: The message is moved to the GFI OneConnect Security Quarantine. It appears in the recipient's Quarantine Report and may be later released from the quarantine if it is deemed by the user to be a false positive.
  • Passed (Tagged): Spam emails will be passed onto the end recipients, but headers are added to the message so that it will be possible to filter messages on the backend mail server and/or on the end-recipients mail client.
  • Rejected: The message will be rejected. The message are dropped before they are received by the mail server. Those messages cannot be recovered.
ArchiveA feature provided by GFI OneConnect that can archive all internal and external email into the GFI OneConnect Data Center. Clean Email

Enable this setting to store all clean messages received by this domain in the history. (Go to Reporting > History to view clean emails.)

Toggle Enable / Disable to switch this option on or off.

Lock Policy When enabled, any changes applied to the parent domain policy will not affect the user policy. For example, if the domain policy for example.com changes the spam score to 1, any user policy under example.com will also see that change appears on their policy unless it has been locked.
Quarantine Report

This field specifies whether quarantine reports should be generated for recipients in this domain. A quarantine report will be generated for each recipient who has at least one email quarantined.

Toggle Enable / Disable to switch this option on or off.

Language

If enabling quarantine reports, select the default report language.

Email report every

If enabling quarantine reports, select the frequency of the reports.

Reports may be generated every day, every weekday (Monday to Friday), every Friday, or every month.

Report contains

If enabling quarantine reports, choose the items to show in the report.

The report may include:

  • All quarantined items
  • New items since last report only
  • All quarantined msgs (except viruses)
  • New items since last report (except viruses)
Exclude spam mails scoring above

If enabling quarantine reports, users are usually only interested in messages that fall just above the spam threshold to look for false positivesLegitimate emails that are incorrectly identified as spam.. Spam messages scoring above a certain threshold can be unequivocally deemed as spam.

If users get a significant amount of spam, then to keep the report size manageable you can exclude spam messages above, for example 30. This setting is set to 999 by default, meaning that no messages will be excluded (as a message cannot score that high).

  1. Click Add to save settings.

To impersonate a user, click on the http://10.1.60.10/imgs/person.png icon in the options column. This automatically log you into that user interface with the same permissions as they would have.