[Email Security] Let user decide whether Quarantined/Possible SPAM is legit or not?

TheITGuy · 2024-02-04T17:00:23+00:00

There was an error rendering this rich post.

Experts,

Just turned on Email Security in GZ, and I'm noticing that emails that are not outright considered Bat(TM) are not causing notifications to end users (mail recipients).

This is going to snowball into admin hell fast if I can't allow the users to decide to white/blacklist that and future emails like it.

I see that I can notify them (I have to create a 'From" email address), but then what? They send an email to me saying that they [alone] want this sender's mail? Applies to Potential Spam, Quarantines, etc. where messages are in limbo.

I can't find in the docs where the email I automatically craft to end user (via rule) offers them the choice of future allow or future delete (they never see it again).

This would seem like a feature/function necessary-especially with hundreds/thousands of endpoints...

TIA!

Find more posts tagged with

gravityzone

rules

Accepted answers

Andrei_S Enterprise

Hello @TheITGuy ,

The end-user role under Administrators will not grant access to the Quarantine, the Company Quarantine is available for the Administrators only, that have an admin account in GravityZone with the appropriate privileges, and once they first login to the EMS console, they will have the admin account created automatically and access to all features.

For the end-user access, the recommended solution is to have the digest feature set and the users will receive a Spam Quarantine report email when an email will go to their personal quarantine and will be able to release them from there, using the Portal Login in that email with the digest information. This will happen to the emails that go to the Personal Quarantine only, the emails that are Conformed Spam, Confirmed Phishing, Virus and so on will go to the Global Quarantine (Company Quarantine) and will not be digested because those should be checked by an Admin first before having them released, for security purposes.

Here you have the documentation regarding the digest settings:

https://www.bitdefender.com/business/support/en/77211-294989-digest-emails---personal-quarantine.html

If you still need assistance please reach out to our Enterprise Support Team and one of our engineers will be more than happy to assist you with this.

You can reach us through any of the channels available here: https://www.bitdefender.com/business/support/en/71263-85158-contact.html#UUID-3867147b-79f1-155e-cb22-0c21ee470e4c

Kind Regards

All comments

TheITGuy

To be more specific, I cannot create a situation/test where the end user (have to be added in "Administrators"?) gets a notification of a help SPAM inbound, and the process they go through to make a determination concerning it (spam allow, spam deny, etc.)

HTH!

Andrei_S Enterprise

Hello @TheITGuy ,

Here you have the documentation regarding the digest settings:

https://www.bitdefender.com/business/support/en/77211-294989-digest-emails---personal-quarantine.html

If you still need assistance please reach out to our Enterprise Support Team and one of our engineers will be more than happy to assist you with this.

You can reach us through any of the channels available here: https://www.bitdefender.com/business/support/en/71263-85158-contact.html#UUID-3867147b-79f1-155e-cb22-0c21ee470e4c

Kind Regards

TheITGuy

Thanks for writing, Andrei_S Enterprise

I cannot find a way to grant user portal access, though, or any role for that matter.

The documentation says things like, "Ensure user has portal access", but searches come up empty for any way to add, edit, delete user roles.

If I still get nothing, I'll try the link you sent.

Many thanks!

pat :)

dsherer

Just to piggy back off of this. I have Email Digest Enabled send out once every hour and have sent email that is caught in quarantine through Executive tracking (Done on purpose) but the email digest never sends an email to me saying I have items in quarantine. I have gone through the documentation for setting up the email digest and it is correct. What can I look for?

Andrei_S Enterprise

Hello @dsherer ,

By default, when you have Email Digest activated and you have an email in your personal quarantine, you should receive a notification to either release the email or connect to your personal quarantine where you would see all emails that have been quarantined.

As from your scenario this is not happening we need to investigate in more details to understand the root cause so please reach out to our Enterprise Support Team for assistance as they will be able to do an impersonation and check your config.

Kind Regards,