CP HTML Manual
  1. About this Manual
  2. Introduction
    1. Prerequisites
    2. Version Information
  3. Login
    1. Reset Password
  4. User Settings
    1. Open the User Settings
      1. Changing Password
      2. Changing Location and Language
    2. Create API Token
    3. Create an Out of Office Note
    4. Configure Spam Report as User
  5. Rights Management in the Control Panel
    1. Roles
    2. Application Scopes
      1. Selection of Scopes
  6. Email Live Tracking
    1. Overview
    2. Customizing Email Display
    3. Filtering Emails
    4. Advanced Search (DAP)
    5. Email Details
      1. Open the Email Details
      2. Initiate an ATP Scan Manually
      3. Extended Email Information
    6. Email Fields
    7. Processing Emails
    8. Processing Actions
    9. Export list as CSV
  7. 365 Total Protection (DAP)
    1. Onboard Office 365 customers (P)
      1. Create Onboarding Link (P)
      2. Onboard 365 Customers in the Control Panel (P)
    2. Set up 365 Total Protection (DAP)
    3. Configuration of Microsoft Services (DAP)
      1. Configure email traffic automatically
      2. Deactivate the Office 365 spam filter for the IP address range of Hornetsecurity
      3. Adjust SPF Records
      4. Adding MX Records to the DNS Zone
      5. Set Autodiscover for 365 Total Protection
      6. Setup Archiving for Internal Emails
        1. Archiving Internal Emails
        2. Option A: Relaying Internal Traffic
        3. Option B: Use Journaling to Archive Internal Emails
          1. Create a New Journal Rule
          2. Create a New Connector for Journal Reports
    4. Email Encryption
      1. Activate Encryption
    5. Activate Contingency Covering
    6. Group Management in the Control Panel (DAP)
      1. Creating Groups in the Control Panel manually
      2. Add Users to a Group
      3. Synchronized Attributes from the Azure Active Directory
    7. Order 365 Total Protection
    8. Offboarding
      1. Delete or Deactivate Connector
      2. Delete Customer in Test Stage
  8. Reporting & Compliance
    1. Statistic
      1. Filter diagrams and statistics
      2. Emails by type
      3. Emails by time
      4. Emails by use
    2. Threat Live Report (DAP)
      1. Displaying Global Data
      2. Selecting the Period
      3. Description of Statistics and Diagrams
        1. Live Attack Overview
        2. Attempted attacks – Attack Type by Date
        3. Threat Statistic – By Attack Type
        4. Threat Statistic - By Attack Vector
        5. Attempted Attacks - Attack Vectors by Date
      4. URL Rewriting Statistic
        1. Clicks by Time of Day
        2. Clicks by Device
        3. Clicks by Operating System
      5. Description of Attack Vectors
      6. Description of Attack Types
    3. Auditing 2.0 (DAP)
      1. Description of Categories
      2. Filtering Events
        1. Select Displayed Categories in the Auditing
        2. Search for Events
        3. Filter by Action
        4. Filter by Event Type
        5. Select Period
      3. Reset Settings
  9. Webfilter (DAP)
    1. Edit Settings in the Webfilter Module (DAP)
      1. Release Requests (DAP)
      2. Blocked sites (DAP)
      3. Valid sites (DAP)
      4. Report Incorrectly Categorized Website (DAP)
      5. Group URLs (DAP)
    2. Black- & Whitelist
      1. Block or release domains via black- or whitelist
      2. Release Website Specifically
      3. Log Websites Specifically
    3. Configuration
      1. Activate Webfilter for an individual Domain (DAP)
      2. Description of Group Settings (DAP)
        1. Define Break Times (DAP)
        2. Control applications (DAP)
      3. Webfilter Categories (DAP)
        1. Define Webfiter Catefories for a Group (DAP)
      4. Webfilter Templates (DAP)
      5. Exceptions (DAP)
        1. Define Exceptions (DAP)
    4. Statistic
      1. Webfilter Statistics (DAP)
  10. Customer Settings (DAP)
    1. Mailboxes
      1. Administration of User Settings
      2. Create Mailboxes automatically
      3. Create Mailboxes manually
      4. Import Mailboxes
    2. Groups
      1. Add new group
      2. Manage members
      3. Rename group
      4. Customize description
      5. Delete Group
    3. Domains
      1. Add domain
      2. Delete domains
    4. Restrictions
      1. Assign Password Restrictions
      2. Reset password restrictions
      3. Add IP restriction
      4. Delete IP restriction
    5. CSV Import
      1. Import List from CSV File
  11. Black-/Whitelist
    1. About the Black- and Whitelist
    2. Create Blacklist and Whitelist Entries
    3. Delete Blacklist or Whitelist Entries
    4. Search Functionality
    5. Hierarchy of Blacklist and Whitelist Entries
  12. Security Settings (DAP)
    1. Advanced Threat Protection (ATP)
      1. ATP Engines
      2. Activate ATP
      3. Adding a Recipient of Alerts
      4. Removing Recipients of Alerts
      5. Initiate an ATP Scan Manually
      6. Real-Time Alert
      7. ATP-Report
      8. Ex Post Alert
      9. Exclude Websites from ATP Scanning
    2. Spam Filter
    3. Spam Report
    4. Content Control
      1. Activate Content Control
      2. Add new Group
      3. Setup Content Control
      4. Forbidden File Types
    5. Compliance Filter
      1. Setup Compliance Filter
      2. Add Filter
      3. Define Filter Rules
      4. Define Actions
      5. Filter Sequence and Classification
      6. Regular Expressions
    6. Advanced Routing
    7. Signature and Disclaimer
      1. Mobile use of Signature and Disclaimer
      2. Activate LDAP for Signature and Disclaimer
      3. Activate Signature and Disclaimer
      4. Create Signatures and Disclaimers
      5. Edit or Delete Signature and Disclaimer Templates
        1. Using the WYSIWYG-Editor
          1. Synchronized Attributes from the Azure Active Directory
          2. Hide Empty Active Directory Elements
          3. Include Subsignatures
          4. Insert HTML Source Code
          5. Preview Signatures and Disclaimers
      6. Embed images in Signature & Disclaimer
        1. Insert and link images via drag & drop
        2. Embed images using a URL
      7. Data synchronization via LDAP
      8. Troubleshooting
        1. Missing HTML Signature in Emails sent from Mail (Apple) or Thunderbird
        2. Variables Are Not Referenced
    8. Signature & Disclaimer - Static Version
      1. Mobile use of Signature & Disclaimer
      2. Activate Signature & Disclaimer
      3. Create Signatures and Disclaimers
      4. Edit or Delete Signature and Disclaimer Templates
      5. WYSIWYG Editor
        1. Insert HTML Source Code
      6. Embed images in Signature & Disclaimer
        1. Embed images using a URL
        2. Insert and link images via drag & drop
      7. Troubleshooting
        1. Missing HTML Signature in Emails sent from Mail (Apple) or Thunderbird
    9. Archive Audit
      1. Archive Audit
      2. Set up and activate audit accesses
    10. Archive
      1. Setup and Activate Archiving
      2. Add exceptions
      3. Deactivate Archiving
    11. Contingency Covering
    12. Enryption
      1. Activate Encryption
      2. Check Encryption Capability
      3. Encryption Methods
      4. Sequence of Encryption Methods
      5. Display Encryption Method in Subject
      6. Certificate Administration
        1. Ordering Certificates
        2. Certificate Settings
      7. Websafe
        1. Setup Websafe
        2. Encrypt Emails with Websafe
        3. Websafe Encryption through Email Subject
        4. Select Websafe Templates
    13. Hornetdrive
      1. Perform Actions
        1. Create Account
        2. Upgrade Account
        3. Assign Accounts to Other Partners or Customers
        4. Delete Accounts
        5. Export Data as CSV
      2. Account Area
        1. Open the Account Details
        2. Account Details
  13. Service Dashboard (DAP)
    1. Role Management
      1. Assign a role
      2. Delete role
    2. Basic Partner Settings
      1. User Data
      2. Contact Data
      3. Add Contact Data
    3. LDAP Connection
      1. Activate the LDAP Connection
      2. Secure the LDAP Connection
      3. Limit the Directory Service to the IP Address Range of Hornetsecurity
      4. Control Panel Login through LDAP
      5. Synchronize users with LDAP
      6. Webfilter Login via LDAP
      7. Activate LDAP for Signature & Disclaimer
    4. Setup Customers / Domains (P)
      1. Create New Partners (P)
      2. Create new Customers/Domains (P)
      3. Create new Office 365 Customer (P)
  14. Whitelabeling – Control Panel Customization (DAP)
    1. Prerequisites to Customize the Control Panel
    2. Customize the Control Panel
    3. Customize the Progressive Web App
    4. Example: Customize the Control Panel
    5. Fallback Design
    6. Displayed Email Information
      1. Add Email Information
    7. Contact Data in the Control Panel
      1. Contact Data Processing
      2. Add Support Information in the Control Panel
  15. Email Categories
  16. Classification Reasons
    1. Classifications ATP, Rejected and Virus
    2. Classification Content
    3. Classification Spam
    4. Classification Valid
    5. Old Classification Reasons
  17. Ruleset Order
  18. Email Authentication Methods (DAP)
    1. SPF Functionality
    2. DKIM Functionality
    3. Combination of SPF and DKIM
    4. DMARC Functionality
    5. Setting up SPF
      1. SPF Variants
      2. SPF logic
      3. Add SPF Record to DNS Zone
      4. Activate SPF
    6. Setting up DKIM
      1. Set the CNAME Record
      2. Activate DKIM
    7. Setting up DMARC
      1. Activate DMARC
      2. Decision Matrix of DMARC Policies
    8. Emails in the Control Panel
      1. Troubleshooting: Increased Outbound False Positive Rate
      2. Troubleshooting: Increased False Positive Rate on Inbound Emails with SPF Variant 2
  19. Glossary

About this Manual #

This manual is for both users and administrators of the Control Panel. It describes the usage as well as the administrative tasks. The administrative roles are divided into two levels:
  • Domain administrator: Is responsible for a primary email domain, the related alias email domains and all email addresses.
  • Partner: Is responsible for several clients. Each client corresponds to a primary email domain, its alias email domains and all email addresses.
The administrative sections in this manual are marked as follows:
  • DA: This section is for domain administrators only.
  • P: This section is for partners only.
  • DAP: This section is for both domain administrators and partners.
All unmarked sections are for users and all administrator levels.
Note: Depending on the level of rights assigned to you, it is possible that you cannot see all the menus described.

Introduction #

The Control Panel is designed for handling incoming emails and evaluating the email traffic. It provides you with an easy-to-use web interface with a responsive design. Thus you can use it on your desktop and on your mobile device from everywhere you are. You can install the progressive web app to use the Control Panel on your mobile device. Read the documentation of the progressive web app for further information. The main functionality of the Control Panel is to monitor and control the flow of your emails. For example, you can mark emails as spam or release emails that have been marked as spam. You can also blacklist or whitelist senders.
Note: The email search has been completely revised and new functions have been added. The modules from the old version are included, so that you can use them as usual until the development is completed.

Prerequisites #

The new Control Panel is designed to run on all relevant web browsers in the latest versions. The support of the browsers starts with the following versions:
  • Chrome version 55
  • Firefox version 50
  • IE Version 11
  • Safari version 9
  • Edge version 38

Important:   The private mode of the listed browsers is not supported.

Version Information #

  1. Check the current version of the Control Panel by clicking on next to the user settings in the upper right corner of the window.
  2. To view the version information, click on the version number.

Login #

  1. Go to the Control Panel website provided by your partner or the support department.
    The login screen appears:
    CP HTML Manual
  2. Enter your username.
    Note: Enter your personal email address as username. You can change the role after logging in. After a new registration, you will receive your access data from your partner or support.
  3. Click on Continue.
  4. Perform the following steps if your account is synchronized with LDAP or was created in the Control Panel directly. Go to step 5 if your account is synchronized with Office 365.
    • Enter your password in the Password field. CP HTML Manual
    • Click on Login.
You are logged in at the Control Panel.

Note: When you log in for the first time, you must select a time zone that determines the language of the Control Panel as well as the time and date. You can change the time zone and the language at any time in the user settings.

  1. Perform the following steps if your account is synchronized with Office 365.
    • Enter your email address in the application form of Microsoft again. CP HTML Manual
    • Click on Next.
    • Enter your password. CP HTML Manual
    • Click on Sign in.
    • Select if you would like to stay signed in or not. CP HTML Manual
You are logged in at the Control Panel.

Note: When you log in for the first time, you must select a time zone that determines the language of the Control Panel as well as the time and date. You can change the time zone and the language at any time in the user settings.

Reset Password #

Prerequisite: Your account is not synchronized via LDAP or Office 365. You cannot reset your password if your account is synchronized via LDAP or Office 365. If you want to reset your password, contact your administrator.
  1. Click on Reset password?. CP HTML Manual
You get an email with a new password and an activation link.  
  1. Click on the activation link in the email.
A window with the application form for the Control Panel opens.  
  1. Enter the password which you got in the email.
You are logged in.

User Settings #

You can change your password and your location in the user settings. The location is responsible for the language and timezone used in the Control Panel. Under API Token you can generate a token for the usage of the API.
Note: It is possible to change the settings individually or all at once.

Open the User Settings #

  • Click on in the upper right corner of the window.
CP HTML Manual User Settings have been opened.

Changing Password #

Change your current password
  1. Enter your current password in the text field Old Password.
  2. Enter your new password in the text fields New Password and Repeat.
  3. Click on Save, to save your new password.
CP HTML Manual

Changing Location and Language #

The location and language are selected independently and do not influence each other.
Note: You select a location and a language at your first login but you can change these in the user settings at any time.
  1. Note: The selected location determines the time zone to which the time entries in the Control Panel are adapted.
    Select the location from the dropdown menu.
  2. Select the language in the lower dropdown menu.
  3. Click on Save to save the selected location.
The location and the language have been changed. CP HTML Manual

Create API Token #

You can use an API token to grant applications access to the Control Panel API. Each application has its own personal access token.
  1. Click on CP HTML Manual to open the user settings.
  2. Select the tab API Token.
  3. Click on Create Token. CP HTML Manual
  4. In the field App Name, enter a name for the application that uses the token.

    Note: The actions performed are recorded under the app name entered in the audit log.

    CP HTML Manual
  5. Optional: Under Expires you can select an expiration date for the token.

    Note: After the token has expired, it is no longer possible to use it for API calls. Never is selected as the default value.

  6. Click on Create Token.
The token has been created.

Important: Be sure to save the token directly. It will not be displayed again for security reasons.

CP HTML Manual

Create an Out of Office Note #

You have the option to add a personal out of office note to your existing email account.

When you activate the personal out of office note, all incoming email senders automatically receive feedback on your absence. The out of office note can be written individually and activated or deactivated at any time.

  1. Click on in the upper right corner of the window to open the user settings.
  2. Select the tab Out of Office Note.
  3. Write an individual text about your absence.
  4. Click on Save to save the out of office note.Your Out of Office Note is saved.
  5. Click the Activate check box to activate or deactivate the out of office note.
    CP HTML Manual

Your out of office note has been created.

Configure Spam Report as User #

You can specify whether you want to receive a spam report and, depending on the setting, configure the delivery times. You can also activate the infomail filter.
Note: The spam report can only be activated when your administrator has activated the spam report for you.
  1. Open the user settings .
  2. Select Filter & Reports aus.
  3. Activate the switch Activate infomail filter to classify advertising email as infomails.
  4. Activate the switch Spam Report if you would like to receive the spam report.
  5. Note: The delivery times can only be adjusted if your administrator allowed that.
    Under Delivery time configure the times at which you want to receive the spam report. CP HTML Manual
  6. Click on Save.

Rights Management in the Control Panel #

In the Control Panel, there are various authorization profiles referred to as roles. The corresponding rights are assigned to different scopes, which the authorized users can then select in the scope selection

Roles #

In the Control Panel, the following standard roles are defined:
  • Administrator: The administrator has comprehensive administration rights. In this role, the user has access to all navigation points of the Control Panel.
  • Service Desk: This is the role for Service Desk employees. In this role, the user has access to statistics modules, Black & Whitelist and Threat Live Report as well as to all modules related to email security.
  • Reporting: This role gives the user access to the statistics for the respective scope. A user with this role only has access to the statistics modules.
  • Default user: This role does not have access to administrative modules. It is assigned automatically if no other role has been assigned, and it cannot be assigned manually
Important: No new individual roles can be created in the Control Panel.

Application Scopes #

In the Control Panel, there are three types of scopes which can be selected by users with sufficient rights. These scopes are organized hierarchically:

  1. Partner: Is the top-level scope. It can contain customers and additional partners.
  2. Customer: This scope corresponds to a domain and is below a partner. It contains all mailboxes that belong to a domain.
  3. User: This scope corresponds to a mailbox and is below a customer.

Selection of Scopes #

If you have been assigned a role other than the user role, the Control Panel provides an easy way to change the scope of your role.
You can find the Scope selection in the upper right corner:
CP HTML Manual

The scope selection contains all scopes of the roles assigned to you. You have two options for selecting the scope. The first option is to select the partner, customer, or user directly from the drop-down menu:

CP HTML Manual

The second option is to enter the name of the partner, customer or user in the search bar.

CP HTML Manual

You do not need to spell out the name of the scope you are looking for: It is also enough if you enter a part of the name to limit the selection list to the elements that contain this string.

By default, the search is limited to partners and customers. To search for users as well, enable the user search.

Notice:
As soon as you insert the @ character in the scope search, the search for users is automatically enabled.
To limit the search for partners and customers, deactivate the search for users.

Email Live Tracking #

In the Email Live Tracking you can examine your email traffic.
Note: You can only see the emails which correspond to your level of authorization.
  • Users will only see their own emails including the emails of their alias addresses.
  • Domain administrators can see all emails of the domain they administrate, including the alias domains.
  • Partners can see all emails of their clients’ domains.
All users including the administrators will view their own personal emails after logging in. To administrate emails, you must change the scope.
The following sections start with an overview of the Email Live Tracking module. The functionalities are explained individually afterwards.

Overview #

The Email Live Tracking module is divided into three sections:

Filter Section

You can filter the emails shown in the email display. The different functions are described in Filtering Emails. The filter section inherits the selection and processing actions for emails.
CP HTML Manual

Filter options

Email Display

The email display is the main component of the window and shows all the emails following your search and filter criteria.
CP HTML Manual

Email display

You can customize the email display individually by changing the email fields. All emails that match your filter definition can be exported using the CP HTML Manual function. You can select the fields to be exported. Extensive e-mail lists can be searched with the scroll function CP HTML Manual . The scroll function is located in the center of the lower display area. By selecting the arrow CP HTML Manual at the bottom right, the statistics can be hidden and displayed.

Email Category Statistics

The statistics evaluate the categories of your emails shown in the email display. The statistics can be hidden and displayed using the arrow  CP HTML Manual in the lower right area of the email display.
CP HTML Manual

Amount of emails per category

Customizing Email Display #

You can customize the email display individually by
  • Selecting and deselecting email fields.
  • Changing the positions of email fields.
  • Resizing the fields.
  Customize the email fields
  1. Click on the button on the right. CP HTML Manual
  2. Select the desired field from the drop-down menu. CP HTML Manual
  3. Click on Default to retrieve the original settings.
Note: You can select or deselect multiple fields at once.
Change the position of email fields
  1. Drag the field you want to reposition. CP HTML Manual
  2. Drop it in the position you desire. CP HTML Manual
Resizing the fields
  1. Place the mouse between two fields. CP HTML Manual A green line appears.
  2. Drag the line and resize the field as desired. CP HTML Manual
 

Filtering Emails #

The Email Live Tracking module provides various filter functions. You can use them individual or in combination on your emails.

Category Filter

You can filter your emails by categories.
Note: Rejected emails are not shown per default. To view them, activate the category Rejected.
Filter your emails by category
  • Select or deselect the category in the filter section.
CP HTML Manual

Note: To only display emails of a specific category, double-click on the desired category and all other categories will be disabled.

Search Bar

You can filter your results entering terms in the search bar. All email fields are searched unless you select a field suggested to search for.

Note: You must enter at least three characters to use the search.

Search your emails
  • Enter a term in the search bar.
The results in the email display are filtered while typing. CP HTML Manual Search only in certain fields
  1. Select a field from the suggestions.
  2. Enter a term in the field to be searched for.
CP HTML Manual

Email Field Filters

Filter your results with the following email field filters:
Field Filter Description
Date You can select a time interval from the drop-down menu or define a custom range. The current day (“Today”) is the default setting.
Direction Filters for incoming or outgoing emails. The default is both.
Encryption Selects the encryption type you want to filter for, multi-selection is possible. The default includes all encryption types and no encryption.
Status Filters for delivered, deferred, rejected  and detained emails.
Size Filters for emails with a specific size, selected from the drop-down menu.

Filter results from Email Display

You can directly select a value of an email from the email display to filter for.
  • Double-click on the desired field value (e.g. Communication-Partner) of an email.
CP HTML Manual

Reset all Filters

  • You have the option of resetting your filter settings or updating your search with the filters used:
    • to reset your filter/search, right click on the button Reset.
    • to update your search with the current filters, click on the button Refresh.
    CP HTML Manual
Your filter settings have been reset or the search has been updated with the current filters.

Advanced Search (DAP) #

In the Email Live Tracking module, you can search the individual email fields combined or use the full-text search to search in all fields at once. Defining queries, the search is completing and you can search for word beginnings. It is not intended to search within words. For each individual field, there are delimiters to separate words. The following table shows examples for valid and invalid queries as well as the delimiters for the individual fields.
Type Delimiter Example valid search query invalid search query
Email address “@” and last “.” info@test.com info; test; com o@test; nfo@
Hostname “-” and “.” gateway07-rz01.test.com gate; rz01; test; com eway; 07; 01;
Attachments “;” and last “.” text.txt; image.jpg text; txt; image.jpg xt; mage; pg
Text special characters
Reason “:” linktag:lt_exprx_15_10_442:auto linktag; lt_exprx; auto tag; exprx; 10_442

Email Details #

You can view the details of a single email and perform the following actions:
  • Report the email as spam.
  • Report the email as infomail.
  • Deliver the email.
The email details contain meta information, that are described in Email Fields, as well as the email header and the SMPT dialog for the email.

Open the Email Details #

  1. Click on the arrow symbol.
    Note: The colour indicates the category of the email.
  2. Click on the action that you would like to perform on the email.
CP HTML Manual
Note: To blacklist or whitelist the email sender, use the Selection.

Initiate an ATP Scan Manually #

You can scan incoming emails with potentially dangerous attachments in the Control Panel using ATP. You can perform two ATP scans for email attachments each month for free. For additional analyzes you have to activate Advanced Threat Protection.

Note: The ATP scan is only available for emails with executable attachments (e.g. .exe file). Furthermore, clean emails that have already been delivered can only be scanned when the products Aeternum (email archive) or the Continuity Service are active.

 
  1. Open the module Email Live Tracking in the Control Panel.
  2. Open the details for the email you want to scan by ATP.
  3. Click on the magnifying glass ATP to start the scan.CP HTML Manual
  You will get a notification that the scan has been started. The scan process can take up to 15 minutes until it is finished.   After the scan is done, you can open the ATP report for the analyzed file under ATP in the extended information for the scanned email. CP HTML Manual  

Extended Email Information #

You can find detailed information about the selected email under Infos. The detailed information of a specific email is separated in three sections.
Details Header SMTP ATP
Here, you can find further information concerning the selected email.The following email fields are shown:
  • Owner
  • Communication partner
  • Subject
  • Message-ID
  • Category filter
  • Reason
  • Connect
  • SMTP-Code
  • Encryption
  • Date
The header tab provides the header information of the selected email. The header is not shown for rejected emails. In the SMTP tab, the whole SMTP-Dialog is shown. The last row is also shown in the details under SMTP-Code After an ATP analysis has been performed, the ATP reports for the attached files are displayed here.
You can find a description of the shown email fields under Email fields.

Email Fields #

The following table describes the email fields shown in the email display and the email details.  
Field Description
Date The date and time when the email was sent. Depending on the selected time zone.
Communication partner The owner’s communication partner. Sender or receiver of emails to/from the owner.
Direction Incoming or outgoing message from the owner’s point of view.
Owner The email was sent or received by the owner.
Subject The subject of the email.
Encryption The lock only shows, whether the email is encrypted or not. You can see the encryption type in the email details.
Status Indicates, whether the email is delivered, deferred or rejected.
Size Size of the email.
Reason The reason, why the email has been classified as spam, virus etc.
msg id Internal id of the email.
source hostname Outgoing server hostname.
destination hostname Incoming server hostname.
gateway The gateway.
source IP Sender’s IP address.
destination IP Receiver’s IP address.
message id The id of the email.
Connect Depending on the direction of the email, the hostname of the incoming or outgoing mail server is shown.
SMTP-Code Shows the last row of the SMTP dialog.

Processing Emails #

To select and process emails:
  1. Click on the button in the filter section. A tool bar opens. CP HTML Manual
  2. Click on the emails in the result display to select them. CP HTML Manual

    Note: You can select and process multiple emails at once.

    Furthermore, it is possible to select all displayed emails at once: CP HTML Manual CP HTML Manual
  3. Click on the action you want to perform for the selected emails.
 
Note: All actions are described in Processing Actions.

Processing Actions #

The actions you can perform on emails in the Email Live Tracking module are described in the following table.
ActionDescription
Deliver EmailDelivers the selected email.
Report as SpamThe email is classified as spam and the support and quality management system is informed in order to conduct any further investigation. This is the preferred method of dealing with spam emails since the sender address is usually forged anyway.
Report as InfomailThe email is classified as infomail. The options for infomails are individually adjustable.
Blacklist SenderThe email from this sender is added to the user's blacklist. Any future emails from this sender will be classified as spam.
Whitelist + DeliverDeliver this email and additionally deliver all emails from this sender in the future automatically. The sender’s address is added to the user's whitelist.
Mark as privateThe selected emails are treated as private emails. Thus the access to them is blocked and can only be restored by our support. With an audit access, emails marked as private cannot be read. However, emails marked as private are exported with the Aeternum Export Manager.
Note:
Once you have marked an email as private, you cannot undo it.
Blacklist for All Users (DAP)The email from this sender is added to the public blacklist. Any future emails from this sender will be classified as spam.
Whitelist for all users (DAP)The sender’s address is added to the public whitelist.
Send email to adminThe email is sent to the provided email address of your administrator.
Note: The blacklisting and whitelisting rules are processed in the following order:
  • Administrator Blacklist
  • Administrator Whitelist
  • User Blacklist
  • User Whitelist
For Example: A user adds the account example@example.com to their whitelist and the administrator adds this account to the global blacklist. The emails from that account will be delivered to the user, but not to any other user who has not whitelisted that account.

Export list as CSV #

  1. Click on the button CP HTML Manual. A submenu with advanced settings opens. CP HTML Manual
  2. Select the table columns that you want to export to your list.
  3. Select the desired export type: Download or By Email.
  4. Click on Export, to export the email data of the selected table columns as CSV.
You have exported the email data as CSV.

365 Total Protection (DAP) #

365 Total Protection offers comprehensive protection for Microsoft cloud services – specially developed for Office 365 and seamlessly integrated. Benefit from the fact that it is easy to set up and extremely intuitive to use, simplifying your IT Security management from the very start. Here you get all the information you need to set up 365 Total Protection.  
Note: The 365 Total Protection onboarding addresses new customers. Existing customers and domains cannot be created again.

Onboard Office 365 customers (P) #

If your customer has an account at Microsoft Office 365, you have the option to set it up automatically using the Control Panel. All domains and users of the customer created in Office 365 are automatically transferred and displayed in the Control Panel.

Note: Groups are synchronized from Office 365 as well but cannot be used at the moment. View Create groups in the Control Panel to get information on how to add groups manually.

There are two ways to set up the customer: You can either login to Microsoft with the customer’s administrative credentials and perform the onboarding process yourself, or you can send the customer an onboarding link to do the setup themselves. Afterwards some DNS settings for the domains have to be done to redirect the email traffic.

Onboard 365 Customers in the Control Panel (P) #

Onboard the customer directly via the Control Panel if you have the administrative credentials for the Office 365 environment of the customer you are setting up.
  1. Open the Control Panel.
  2. In the scope selection, select the partner under which the new customer is to be created. CP HTML Manual
  1. Select 365 Total Protection. CP HTML Manual
  1. Click on the desired product. CP HTML Manual
You will then be redirected to the Onboarding form.

Set up 365 Total Protection (DAP) #

  1. Please enter your contact details in the onboarding form so that we can contact you in case of problems or questions.

Note: Enter your primary domain in the field Display name (domain) in the Control Panel. This domain will be displayed in the Control Panel. Do not enter your .onmicrosoft domain!

CP HTML Manual
  1. Then click on Start Now to start the process.
  2. Log in to Microsoft Office 365 with administrative rights.
CP HTML Manual  

Note: During the subsequent synchronization, only the domains and mailboxes are transferred. No changes are made to Microsoft’s configuration settings. Groups are synchronized from Office 365 as well but cannot be used at the moment. View Create groups in the Control Panel for information on how to add groups manually.

  1. Accept the requested permissions to connect our services with Microsoft.
CP HTML Manual CP HTML ManualYour domains and mailboxes are created in the Control Panel.   Example: 365 Total Protection customer in the Control Panel The new 365 Total Protection customer is always created with his .onmicrosoft domain.
CP HTML Manual

365 Total Protection customer with .onmicrosoft domain

CP HTML Manual365 Total Protection has been set up successfully. From now on, you can use your Microsoft Office 365 credentials to log in to the Control Panel and configure the services.   After the synchronization, you must adjust the DNS settings of the synchronized domains so that you can make full use of our services.

Configuration of Microsoft Services (DAP) #

To take advantage of all 365 Total Protection services, you must customize the configuration of Office 365.

Configure email traffic automatically #

Configure the in- and outbound email traffic automatically.

Note: The automatic configuration of the outbound email traffic also configures the inbound email traffic automatically.

  1. On the status page click on CONFIGURE AUTOMATICALLY to start the automatic configuration of the outbound email traffic. CP HTML Manual The outbound email traffic is configured. CP HTML Manual
The outbound email traffic was successfully configured. CP HTML Manual

Important: Already installed connectors can cause errors in the automatic configuration of the outbound email traffic.

Problem solving
  • Delete already configured connectors and click on CONFIGURE AGAIN to start the configuration OR
  • click on SUPPORT ASSISTANCE to contact the support. CP HTML Manual

Deactivate the Office 365 spam filter for the IP address range of Hornetsecurity #

This chapter explains how to deactivate the spam filter of Office 365 to set up filtering through our services.

The spam filter of Office 365 must be deactivated to prevent incoming emails from being classified as spam. The spam filtering is done by us.

Note:
The email authentication with SPF by Hornetsecurity is not activated automatically. Go to Email Authentication Methods to get more information about the configuration of the email authentication. Setting up email authentication is not mandatory, but recommended.

  1. Under office.com log in with your administrative credentials.
  2. Click on Admin.
    CP HTML Manual
  3. Select Admin centersExchangeprotectionconnection filter.
  4. Select Default.
  5. Click on Edit.
    CP HTML Manual
  6. Select Connection filtering.
  7. Under IP Allow list click on +.
  8. Enter the following IP addresses in the field Allowed IP Address:
    83.246.65.0/24, 94.100.128.0/24, 94.100.129.0/24, 94.100.130.0/24,
    94.100.131.0/24, 94.100.132.0/24, 94.100.133.0/24, 94.100.134.0/24,
    94.100.135.0/24, 94.100.136.0/24, 94.100.137.0/24, 94.100.138.0/24,
    94.100.139.0/24, 94.100.140.0/24, 94.100.141.0/24, 94.100.142.0/24,
    94.100.143.0/24, 185.140.207.0/24, 185.140.206.0/24, 185.140.205.0/24, 185.140.204.0/24, 173.45.18.0/24
  9. Activate the checkbox Enable safe list.
    CP HTML Manual
  10. Save your settings.

The Office 365 spam filter is deactivated for the IP address range of Hornetsecurity.

Adjust SPF Records #

To make sure that emails routed through the Hornetsecurity Services are not filtered as spam, add Hornetsecurity as valid sender for your domain.

  1. Open the Office 365 Admin Center.
  2. Navigate to SetupDomains.
  3. Select the domain you have registered with Hornetsecurity.
  4. Include the following SPF/TXT record: TXT “v=spf1 include:spf.protection.outlook.com include:antispameurope.com ~all”

Note:
If you have additional systems, which send outbound emails for the corresponding domain, include them to the SPF Record as well.

Adding MX Records to the DNS Zone #

To route and filter email traffic through our infrastructure, you need to adjust the MX records of all synchronized domains.
  1. Set the following MX records in the DNS settings of your domains in the Office 365 Admin Center:
DomainClassTYPEPRIORITYMAILSERVER
customerdomain.tldINMX10mx19a.antispameurope.com
customerdomain.tldINMX20mx19b.antispameurope.com
customerdomain.tldINMX30mx19c.antispameurope.com
customerdomain.tldINMX40mx19d.antispameurope.com

Note: Enter your actual domain for .

  1. To check if the MX records are set correctly, click on SHOW CONFIGURATION. CP HTML Manual
If you set the MX records correctly, a green hook appears under MX status report. CP HTML Manual

Set Autodiscover for 365 Total Protection #

Setting the Autodiscover service facilitates the process of setting up user accounts in email clients. Users do not need to enter a server name or port number, this information is automatically shared by the Autodiscover service. Additionally, the Autodiscover service passes information to the clients.  
  1. Set a CNAME record for the Autodiscover service:
TYPE PRIORITY HOSTNAME POINTS TO TTL
CNAME autodiscover autodiscover.hornetsecurity.com 1 hour
CP HTML ManualYou have set the Autodiscover service for 365 Total Protection.

Setup Archiving for Internal Emails #

This section explains in two options how to add internal emails to the archive. This configuration is necessary for 365 Total Protection Enterprise only.

Archiving Internal Emails #

If you want to archive internal emails with Aeternum, the archive service, you can forward internal emails or create a journaling mailbox.
Note: You cannot use both options at the same time. Also make sure to have the archiving service enabled within the Control Panel for all domains before you continue. (The archive is only available for 365 Total Protection Enterprise.)
CP HTML Manual

Option A: Relaying Internal Traffic #

If you choose this option, all internal emails leave your Office 365 environment and are routed to the archive. These emails are redirected to Office 365 after archiving.  
  1. In the Exchange Admin Center, select mail flowrulesCreate a new rule…. CP HTML Manual
  2. Select More options…. CP HTML Manual
  3. Define a name for the new rule.
  4. Select The recipient is located…Inside the organization… in the drop-down menu Apply this rule if…. CP HTML Manual
  5. Select Redirect the message to…the following connector in the drop-down menu Do the following….
  6. Select the connector created in Setup new connector.
  7. Click on add exception and select The sender  is external/internal Outside the organization in the drop-down menu Except if…. CP HTML Manual
  8. Save your settings.

Option B: Use Journaling to Archive Internal Emails #

Another option for archiving internal emails is the journaling feature. That means that Office 365 generates a journal report for each internal email and sends it to the archive, while keeping your internal emails routing within your organization.

Create a New Journal Rule #

  1. In the Exchange Admin Center, select compliance managementjournal rules.
  2. Click on New.
  3. Define an email address for undeliverable journal reports.
    Note: This can belong to any user in the Office 365 environment.
  4. Define a name in the field Name.
  5. Enter following in the input field Send journal reports to: _2007@journal.antispameurope.com
    Note: The placeholder represents the main domain which is defined in the Control Panel.
  6. Select [Aplly to all messages] in the drop-down menu If the message is sent to or received from….
  7. Select Internal messages only in the drop-down menu Journal the following messages…. CP HTML Manual
  8. Click on Save.

Create a New Connector for Journal Reports #

  1. In the Exchange Admin Center, select mail flowconnectorsNew.
  2. Select Office 365 in the drop-down menu From:.
  3. Select Partner organization in the drop-down menu To:. CP HTML Manual
  4. Click on New.
  5. Define a name for the new connector (e. g. Relay via HSE (Journal)). CP HTML Manual
  6. Click on Next.
  7. Select Only when email messages are sent to these domains and enter the following domain: journal.antispameurope.com CP HTML Manual
  8. Click on Next.
  9. Select Route email through these smart hosts and enter following domain: hsrelay01.antispameurope.com CP HTML Manual
  10. Click on Next on the following TLS configuration without making adjustments. CP HTML Manual
You can see a review of the configured connector. This should look similar to this: CP HTML Manual
  1. Click on Next.
  2. To confirm that the connector is working as intended, send a test email using the following email address scheme for this test email: _2007@journal.antispameurope.com
    Note: Replace with your actual domain.
    CP HTML Manual
  3. Save your settings if the test was successful.

Email Encryption #

The email encryption is part of the products 365 Total Protection Business and Enterprise. Encryption must be activated manually because some settings must be configured here. Open the file User guide Encryption Service in the PartnerDrive to get more information about setting up the Encryption Service.

Activate Encryption #

Achtung: The activation and use of the Encryption Service incur costs according to the price list.

  1. Navigate to Security Settings > Secure Transport in the Hornetsecurity Control Panel.
  2. Click on the tab Encryption under Email.
  3. Activate the checkbox Activate policy.
CP HTML Manual Encryption has been activated.

Activate Contingency Covering (Only 365 Total Protection Enterprise) #

Should the Microsoft services fail or the services be temporarily unavailable, this also affects your access to your mailbox. Emails can then be neither sent nor received, which can harm your entire business processes. In such an event, Contingency Covering is your stand-by system, which – activated in mere seconds – keeps your email correspondence up and running.

Note: Contingency Covering is only included in 365 Total Protection Enterprise and you must activate it manually to configure the settings.

  Proceed as described in the following:
  1. Navigate to Security SettingsContingency Covering.
  2. Activate the checkbox Continuity Service, stores clean Emails for 3 months. With 365 Total Protection Enterprise you do not have to pay any additional fees for this service.
  3. Select whether all mailboxes of the domain or only certain mailboxes should be covered by the service:
    1. If you select All users, all mailboxes of the domain will be covered.
    2. If you select Selected users only, then click Select and select the mailboxes you want.
CP HTML Manual

Activate Contingency Covering

Group Management in the Control Panel (DAP) #

The groups you want to use in the Control Panel have to be created again because Office 365 allows a different group management than our services.  

Creating Groups in the Control Panel manually #

You can create new groups to group users together for specific actions.
  1. Go to Customer Settings > Groups.
  2. Enter a group name.
  3. Click Add.
  4. Confirm the changes with Save. CP HTML Manual
You have created a new group. In the next step, you can add users to the created group.

Add Users to a Group #

You can add users to a group.

Note: A user can only belong to one group at a time. All users that are not assigned to a group are grouped in the group Default. That group is not displayed in the group definition.

  1. Under Customer Settings > Groups, select the Group Settings tab.
  2. Click on the preselected group to change it.
  3. Select the desired group. CP HTML Manual
  4. Click on Apply.
  5. Select the tab Member. The left part of the window shows users without a group assignment and the right part shows users in the selected group.
  6. Click on + behind a user to add it to the group. CP HTML Manual
  7. After you have added all desired users to the group, click on Save.

Synchronized Attributes from the Azure Active Directory #

With the Azure Active Directory of Microsoft only certain attributes are synchronized for Signature and Disclaimer.   The following attributes are synchronized and can be used to create signatures and disclaimers:
AD-Variable Description
countryCode Country Code
department Department
displayName Complete name
company Company
physicalDeliveryOfficeName Office
givenName First name
info Jobtitle/Position

Note: The field Title is often used for other purposes. Therefore, the term Info is used here for the LDAP-attribute Title (Jobtitle/Position).

l (lowercase L) City
mail Email adress
mobile Mobile phone number
postalCode Postal code
sn Surname
st State
streetAddress Street
telephoneNumber Phone number

Order 365 Total Protection #

If you would like to order the product after 14-day test, you have the possibility to order 365 Total Protection in the Control Panel directly.
  1. Select 365 Total Protection.
  2. Click on BUY NOW.
An overview appears showing the amount of postboxes and the prize. CP HTML Manual
  1. Click on ORDER NOW CHARGEABLE to buy 365 Total Protection.
You get a confirmation email with an overview of the product.

Offboarding #

At the end of the 365 Total Protection trial period, if you no longer wish to use the product, or if you canceled 365 Total Protection at any time, you will need to make some settings in your Office 365 configuration to ensure that your emails are delivered.
  1. Delete or deactivate the connector for the inbound email traffic. (firewall setting)
  2. If you have changed the outbound email traffic, delete or deactivate this connector as well. (Relaying)

Note: Information on how to delete or disable the connectors in your Office 365 environment can be found here.

  1. Remove the MX records in the DNS zone of your domains.
Your emails will then no longer be routed through our services.

Delete or Deactivate Connector #

  1. Open Office.com and log in with your administrative credentials.
  2. Navigate to AdminAdmin centersExchange.
  3. Select mail flow and click on the tab connectors.
  4. Select the corresponding connector.
  5. You can either delete or deactivate the connector:
  • To delete the connector, click on Delete.
  • To deactivate the connector, click on Deactivate in the connector overview.
CP HTML Manual
  1. Confirm the notification with Yes.
You have deleted or deactivated the selected connector.

Delete Customer in Test Stage #

Delete a customer in the test stage from the 365 Total Protection environment. Depending on your rights, you can delete an existing customer in the test stage of 365 Total Protection from the 365 Total Protection environment.

The selected customer will be deleted permanently! There is no possibility to restore the customer’s data!

  1. In the scope selection in the top right corner of the Control Panel select the desired .onmicrosoft customer to be deleted under your partner role. The product 365 Total Protection appears in the main navigation on the left.
  2. Click on 365 Total Protection in the main navigation on the left. The page with the setup status of 365 Total Protection is displayed.
  3. Scroll with the mouse to the lower position of the status page. You will see the contract status and the buttons BUY NOW and DELETE CUSTOMER. CP HTML Manual
  4. Click on the button DELETE CUSTOMER. A warning about the deletion of the existing customer is displayed. CP HTML Manual
  5. Click on Delete to permanently delete the selected customer.
You have successfully deleted the selected 365 Total Protection customer.

Reporting & Compliance #

The menu item Reports & Compliance bundles all statistics, as well as the overview of the audit logs.

Statistic #

The email statistics show the entire volume of the email traffic for a selected domain.   Depending on the selection of the period and the direction, the statistics under Reporting & Compliance show all incoming and/or outgoing emails and groups them into the email categories. You can find a detailed explanation of the email categories under Email Categories.   The statistical analysis has three different representation types:
  • Emails by type
  • Emails by time
  • Emails by user (Top 100)
It is possible to save the data from the diagram Emails by time in the .csv format with an export function. Click on the button CP HTML Manual.

Filter diagrams and statistics #

The statistics and diagrams can be filtered by period and the direction of the email traffic.

 

  1. To filter the emails for a certain period, click on the date button CP HTML Manual.

    Note:
    You can display emails from the last three months maximally.

    CP HTML Manual

  2. Optional: In the drop-down menu Direction select the direction of the displayed email traffic:
  • Both (incoming and outgoing)
  • Incoming
  • Outgoing

CP HTML Manual

Emails by type #

The diagram Emails by type shows an overview of emails per category.

 

The diagram shows how many emails of the domain were sent and/or received in the selected period displayed in absolute and relative numbers.

CP HTML Manual

Emails by time #

The statistic shows emails according to the receiving or sending time.

 

The statistic Emails by time shows an overview of incoming and/or outgoing emails in the selected period. The number of emails per category are shown in absolute numbers.

CP HTML Manual

Emails by use #

The statistic shows the amount of emails per user. In the statistic users of the domain are sequentially listed according to their total amount of emails in one week. Furthermore, the statistic shows how many emails are sent and/or received per category in the selected period. CP HTML Manual

Threat Live Report (DAP) #

Note: The Threat Live Report is only available for Advanced Threat Protection (ATP) customers.

In this documentation the module Threat Live Report is explained. You can find the texts used here in the module in the Control Panel. Move over the CP HTML Manual behind the respective statistic or diagram.

Displaying Global Data #

When displaying global data, you can choose between the data of all customers and the data of the customer selected in the scope selection.  
Important: This function is only available for partners.
With the global button you can switch the LIVE ATTACK OVERVIEW and diagrams and statistics under ATTEMPTED ATTACKS and THREAT STATISTIC to the available data of all Hornetsecurity customers. If global is activated, you can see attacks and threats which have been occurred to all customers of Hornetsecurity in the chosen period. If global is deactivated, you can only see those attacks and threats for the customer chosen in the scope selection. CP HTML Manual

Selecting the Period #

Here you can select the period for the displayed statistics. The selection of the period affects the diagrams and statistics under ATTEMPTED ATTACKS, THREAT STATISTIC and URL REWRITING STATISTIC. CP HTML Manual

Description of Statistics and Diagrams #

In this chapter the categories and diagrams are explained which are displayed by the Threat Live Report.

Live Attack Overview #

The LIVE ATTACK OVERVIEW shows all attacks with their source and destination caught at this moment. Furthermore, the attack type is shown. Here you can find a description of all attacks types. CP HTML Manual

Attempted attacks – Attack Type by Date #

The statistic shows how many attacks per attack type took place at a certain time in the chosen period. Move the mouse over the vertical lines to display the absolute numbers of the attacks per attack type for a certain time. Move over the points of each attack type to display the respective diagram and information about the number of attacks. CP HTML Manual

Threat Statistic – By Attack Type #

The diagram shows the proportions of attack types in relation to the total number of attacks in the selected period. The total number of attacks that took place is shown in the middle. It refers to the selected period. Here you can find a description of all attack types. CP HTML Manual

Threat Statistic - By Attack Vector #

The diagram shows the proportions of attack vectors in relation to the total number of attacks in this period. The total number of attacks that took place is shown in the middle. It refers to the selected period. Here you can find a description of all attack vectors. CP HTML Manual

Attempted Attacks - Attack Vectors by Date #

The statistic shows how many attacks per attack vector took place at a certain time in the chosen period. Move the mouse over the vertical lines to display the absolute numbers of the attacks per attack vector for a certain time. Move over the points of each attack vector to display the respective diagram and information about the number of attacks.
CP HTML Manual

URL Rewriting Statistic #

The statistics and charts under URL REWRITING STATISTIC each represent the number of clicked links in emails rewritten by the URL rewriting engine in the selected time period.

Clicks by Time of Day #

The statistic shows the percentage of clicks on a link at a certain time.
CP HTML Manual

Clicks by Device #

The statistic shows the distribution of clicks per device in percent.
CP HTML Manual

Clicks by Operating System #

The diagram shows the distribution of clicks per operating system in percent. CP HTML Manual

Description of Attack Vectors #

Name of the Attack Vector Description
Attachment An attachment of an email is a file which can contain malware.
Link A link in an email is a connection to another website. Malware can hide behind this link.
Link Dropper Link Droppers are links that serve as carriers for malware. The link itself is not harmful but allows the malware behind it to execute itself.
Link Downloader Link Downloaders are links in emails that contain malware. If the victim clicks on this link, the malware is downloaded.
Malware Downloader Malware Downloaders are considered Trojans because they secretly download malicious files from a remote server.
Malware Dropper Malware Droppers are not malware, but transport malware into the system. From the outside, the Malware Dropper appears harmless and can camouflage itself as a file. However, the files it contains can run themselves and infect the system with malware.
Malware Packer Malware Packers are a malware type in which criminals compress their malicious programs using a variety of methods. This is an attempt to bypass malware analysis.
Fraud Fraud in relation to the Internet means obtaining sensitive data, money or bank details of users through Internet services. For example, websites or transactions can pretend to be real, but are programmed by cybercriminals. A well-known variant is the CEO fraud, in which criminals pose as managing directors and contact the accounting department of a company by phone or email to instruct the transfer of large sums of money.
Phishing Phishing is a combination of the words “password” and “fishing” and thus refers to “fishing for passwords”. Cyber criminals claim that emails or websites are genuine and thus cause users to enter sensitive data there. Users thus voluntarily disclose their data without knowing that the data will fall into the hands of the criminals.

Description of Attack Types #

Name des Angriffsvektors Erklärung
Backdoor A Backdoor malware has a similar goal as a remote access Trojan but uses a different approach. The attackers use so-called backdoors, which are sometimes deliberately placed in programs or operating systems. However, they may also have been installed secretly. The peculiarity of backdoors is the fact that they bypass the usual defense mechanisms and are therefore very attractive for cyber criminals. For example, they are very popular for creating botnets.
Banking Trojans Banking Trojans are a malware type that attempts to steal sensitive data such as bank details or email data. Attackers often succeed by combining this with phishing attacks, where a website pretends to be an official bank website.
Bot A Bot does not always have to be a malware, initially a bot is a computer program that executes tasks independently and automatically. If several bots communicate with each other, this is called a botnet. Botnets are large collections of infected computers that an attacker builds up. An attacker can send commands to all computers simultaneously to trigger activities. The perfidious thing is that the owners of the computers do not notice the “membership” in a botnet until it already executes the externally controlled activities.
Crypto Miner A Crypto Miner is a malware used to mine digital currencies. Criminals infect computers with Crypto Miners to take advantage of their computing power or cloud CPU load. This reduces the performance of the computer as well as the lifespan. Furthermore, entire company networks can be shut down by Crypto Miners.
Keylogger Keyloggers are malware types that can be implemented by hardware or software. Keyloggers record a user’s keystrokes and speech and are able to access sensitive data or passwords.
Point-of-Sale Trojans Point-of-Sale Trojans are a type of malware that attacks sales systems in which transactions with sensitive payment data take place. Cyber criminals use point-of-sale Trojans to gain access to  unencrypted customer data from bank and credit cards.
Ransomware Ransomware is an attack that encrypts files on the target system. The files cannot be opened without a key. The attackers demand a large sum of ransom money to hand over the key. Even if only one computer is infected initially, Ransomware can spread across the entire network.
Remote Access Trojans (RAT) A Remote Access Trojan (RAT) allows attackers to take over computers and control them remotely. This allows them to execute commands on the victim’s systems and distribute RATs to other computers with the goal of building a botnet.
Root Kit A Root Kit can be used to hide malicious code from detection. This form of attack involves the attacker intruding deeply into the computer system, gaining root privileges and general access rights. Cyber criminals then change the system so that the user no longer recognizes when processes and activities are started. Attacks based on rootkit obfuscations are therefore very difficult to detect.
Spyware Spyware is malware that collects information on the victim’s computer. This information can be, for example, access data for user accounts, sensitive banking data or surfing behavior. Users usually do not know that they have become victims of spyware.
Trojan Horses Trojan Horses are programs that disguise themselves as benign but contain harmful code. The user only detects the clean application, while the background execution of malicious code infects the system. The user can no longer influence the effects from this point on.

Auditing 2.0 (DAP) #

This documentation explains the function of the Auditing in the Control Panel. The options for filtering events and executable actions are explained.   With the Auditing you can track the activities of users in the Control Panel. As an administrator, you can find out who is responsible for creating, editing or deleting data sets and when the event occurred. This enables you to undo the actions if required.

Description of Categories #

CP HTML Manual

Example: Data in categories of audit protocol

Every event is divided into different categories and is displayed in the Auditing. These categories are explained in the list below.  
Property Explanation
Timestamp Shows at which time the action was performed.
User Shows which user has performed the action.
Target Shows the user for whom the action was performed.
Action Explains if an event has created, updated or deleted something. Success or failure indicate if a login was successful or not.
Event Shows if the action is a modification of the user setting, the black- or whitelist, the credentials or the login.
Target path Shows under which domain the user is created for whom the action is executed.
App ID Shows the identification numbers of the applications which use the API. Applications can communicate with the services via the API.
App version Shows the version of the application which communicates with the API.
IP Shows the IP address of the user who performed the action.
URL Shows the path to the API endpoint which is used.
  The categories Timestamp, User, Target, Action and Event type are displayed per default. Furthermore, you can activate Target path, App ID, App version, IP and URL. To that go to the chapter Select Displayed Categories.

Filtering Events #

This section explains how you can filter for events in the Auditing.

Select Displayed Categories in the Auditing #

  1. Click on the button on the right side. CP HTML Manual
  2. Select the category which you would like to display. CP HTML Manual
A multi-selection is possible.

Search for Events #

You can search for specific events in the search bar.
  • Select a category in the search bar and enter a term to search the events listed. CP HTML Manual
  You can find a description of all categories in the chapter Description of Categories.

Filter by Action #

You can filter the displayed events by actions in the appropriate drop-down menu. After the selection only results of the chosen action are displayed. You can only filter by one action at a time.  
CP HTML Manual

Filterable actions

The following table lists the user actions by which you can filter. The actions Success and Failure are only relevant for the event type Login.
Action Explanation
All Shows all actions that took place in the selected period.
Created Shows all actions that created something.
Updated Shows all actions that updated something.
Deleted Shows all actions that deleted something.
Success Shows all logins that were successful.
Failure Shows all logins that failed.

Filter by Event Type #

You can filter the displayed action by the event type in the appropriate drop-down menu. Depending on the filtering you can show or hide certain modules. You can only filter by one event type at a time. CP HTML Manual In the following table event types are listed by which you can filter.
Module Explanation
All Shows all types of events.
User settings Filters for all events that modified the user settings.
Black-/Whitelist Filters for all events that modified the black- or whitelist.
Credentials Filters for all events that modified user credentials.
Login Filters for all login events.
Appearance Filters for all events that modified the appearance in the Whitelabeling module.
Support information Filters for all events that modified the support information in the Whitelabeling module.
Email informationen Filters for all events that modified the email information in the Whitelabeling module.
Customer Filters for customers that were created, updated or deleted.
365TP Onboarding Filters for Office 365 customers that were either created or updated.
Role Assignment Filters by events that led to the creation, update, or deletion of role assignments.
Restrictions Filters for events that have led to changes in password and IP restrictions..
Spam report Filters for events that have led to changes in the spam report settings.

Additional events

The following table lists event types by which you cannot filter, but which are still displayed in the audit log.
Module Explanation
ATP configuration Contains information on changes to ATP settings.
API token Contains information about changes on API tokens.
Domain Contains information about changes on domain settings.
Group Contains information about changes on group settings.

Select Period #

  1. Click on the data selection.
    CP HTML Manual
  2. Select the period for which logged events should be displayed.

Reset Settings #

  • Click on Reset to set all filter values on default. CP HTML Manual

Webfilter (DAP) #

Edit Settings in the Webfilter Module (DAP) #

Basically websites can be filtered by different categories whereby you can only change the displayed period of time for Blocked websites and Valid websites. If desired, you can add the categories User, Group and IP address to the Webfilter display range. Only the domain administrator can add these categories for all users of the domain. There are different editing functions for the websites marked on the left column:
  • Release Requests can be rejected or added to the whitelist on a user, group or global level.
  • Blocked websites can be added to the whitelist on a user, group or global level.
  • Valid websites can be added to the blacklist on a user, group or global level.

Release Requests (DAP) #

In this area all release requests are displayed.
CP HTML Manual

Example: release requests

The automatic sorting of the release requests is done according to the the actuality. The latest release request is ranked first. If you want to see the oldest release request at the top of the table, click on Date. Additionally, you can sort the requests by Status and Reason. You can reject release requests or put them on the appropriate whitelist and thus release the requests. The administrator also receives every release request with related information via email. These release requests can be rejected or released directly in the email. The user asking for a release subsequently receives an appropriate message automatically.

Blocked sites (DAP) #

CP HTML Manual

Blocked websites

In this area all blocked websites are displayed. The automatic sorting of the blocked websites is done according to the actuality. The latest blocked website thus is ranked first. If you would like to see the oldest blocked website at the top of the table, click on Date. Click on the drop-down menu in the first column Date to select the period for which you would like to display blocked websites. Additionally, you can sort by Reason.

Valid sites (DAP) #

In this area all valid sites are displayed.
CP HTML Manual

Allowed websites

The automatic sorting of the released websites is done according to the the actuality. The latest valid website is ranked first. If you would like to see the oldest allowed website at the top of the table, click on Date. Click on the drop-down menu in the first column Date to select a period. Additionally, you can sort the websites by Reason.

Report Incorrectly Categorized Website (DAP) #

You can report websites that are assigned to an incorrect category. The category of the website is then checked and if necessary reclassified.  
  1. Under WebfilterWorkspaceRelease requests, Blocked sites or Valid sites in the Control Panel select the websites with the wrong category. CP HTML Manual
  2. Click on Wrong category to have the category of the website checked. CP HTML Manual

Group URLs (DAP) #

CP HTML Manual

Activate group URLs

With the function Group URL websites, which are opened several times, are summarized and only displayed once. If you activate the function, the Control Panel summarizes all URLs that are opened multiple times. The appropriate URL is only displayed once. You can find the appropriate function under Webfilter WorkspaceRelease request, Blocked sites and Valid sites. Example: Group URLs If a user visits the website www.searchengine.com several times per day, the Webfilter module shows the URL only once. The date shows the time when the website was visited for the first time.

Black- & Whitelist #

Block or release domains via black- or whitelist #

  1. Open the Control Panel.
  2. Select the desired domain customer from the scope selection.
  3. Go to Webfilter > Black- & Whitelist. CP HTML Manual
  4. Select the desired list:
    • User Whitelist
    • User Blacklist
    • Groups Whitelist
    • Groups Blacklist
    • Global Whitelist
    • Global Blacklist
  5. Enter the domain to be released or blocked in the field Domain. CP HTML Manual
  6. Select the appropriate user or group. CP HTML Manual
  7. Click on Add, to add the domain. CP HTML Manual
  8. Confirm with Save. CP HTML Manual
  9. The domains have been blocked or released via black- or whitelist.

Release Website Specifically #

Do the following if you would like to block the whole category but release certain websites of the same category for your users:

  1. Block the relevant category (e.g. Social media) as shown in Define Webfilter Categories for a Group (DAP).
  2. Put the desired website (e.g. XING) on the whitelist of the Webfilter.

The website has been released specifically.

Log Websites Specifically #

Do the following if you would to release the whole category but block certain websites of the same category for your users:

  1. Unlock the appropriate category (e.g. Social media) as shown in Define Webfilter Categories for a Group (DAP).
  2. Put the prohibited websites on the blacklist of the Webfilter as shown in Black- and Whitelist for the Webfilter (DAP).

The websites have been locked specifically.

Configuration #

Activate Webfilter for an individual Domain (DAP) #

  1. Navigate to your primary domain in the Control Panel. CP HTML Manual
  2. Select Webfilter > Configuration.
  3. Check the box Activate Web filter. CP HTML Manual
  4. Enter the email address, which gets Webfilter requests (e.g. requests for releases), in the field Administrator Email.
    If you check the box Email on release requests, requests for releases and corrections from users are sent to the entered administrator’s email address.
  5. Select the desired method for authentication: A multiple selection is possible.
    • If you activate the checkbox user-based access, you activate the authentication by the Webfilter Connector or by entering the user address and the password manually.
    • If you activate the checkbox IP address-based access, you allow access to the Webfilter Service for a certain IP address. If an access is made by an authorized IP address, no user authentication is necessary. However, the Webfilter rules of the group “Default” are applied. Further adjustment of the rights management is not possible in this case.
      You can enter IP addresses with slash notation (0.0.0.0/24) or you can separate IPs with a semicolon.
    • If you activate the checkbox LDAP authentication, users are authenticated by a directory service (e.g. Active Directory).
      Note that this configuration needs to be adjusted to the installation of a LDAP comparison by the support.
  6. Optional: Activate the checkbox Check HTTPS data to be able to check and filter encrypted website calls by the Webfilter.
    In addition to the activation in the Control Panel, you have to install the SSL certificate on all client computers. This is described in Install HTTPS certificate.
    The field Download HTTPS – Certificate appears in the menu. Download link for HTTPs certificate CP HTML Manual
  7. Optional: Activate the checkbox Select individual email recipient for release request to add a person who can also get release requests besides an administrator. Enter this person in the area Group. Confirm the booking of the Webfilter with Save.
  8. The Webfilter has been activated for an individual domain.
Example: Activate Webfilter Services for the domain talltara.com In this screenshot the previous steps are marked. CP HTML Manual

Description of Group Settings (DAP) #

In the Control Panel you can configure group specific rules for the internet usage under Webfilter > Configuration > Groups > Settings. You can set different rules for the Webfilter for each group. It is possible to define a group leader for each group who can reject or confirm release requests for websites.
  • Activate group: Check this box to activate or block the internet usage for the appropriate group generally.
  • Allow user to request a release: Check this box to allow users to request releases for blocked websites.
  • E-mail group leader: Enter the email address of a person who belongs to the group. This person decides upon release requests within a group.
  • Enable advertising filter: Check this box to specify that advertising banners are to be blocked.
  • Block uncategorized URLs: Check this box to define how the Webfilter should behave in case of unknown websites.
  • Enable virus protection: The virus protection is always active and cannot be deactivated.
  • Block hacked server: Check this box to specify if the access to manipulated websites should be blocked.
  • Enable ftp connections: Activate this option to allow FTP connections. This option is obsolete because FTP is supported in general.
  • Allow temporary release: Check this box to allow users to unlock blocked websites for a certain period of time (15 minutes). There are three differences:
    • If you check the box Off, it is not possible to unlock blocked websites temporary.
    • If you check the box All, all users are able to unlock all blocked websites.
    • If you select a Group leader, all categories that have a red lock in the categories are excluded from the release option. See Categories for more information.
It is important for this function that the administrator can view all temporary releases in the Webfilter display. Forbidden file extensions: To block the download of certain file extensions, enter the file extensions here and click on Add to create a list of file extensions that should be blocked.
Always enter file extensions with a dot before the letters (.exe).
If you would like to reset the settings to default, click on Default in the upper right corner.

Define Break Times (DAP) #

You can define break times, which deactivate the Webfilter for certain groups in this time, under Webfilter > Configuration > Groups > Break times.
    1. Select the tab Break times under the tab Groups.
    2. Select the appropriate group.
      1. Click on Select. CP HTML Manual
      2. Select a group from the list. CP HTML Manual
      3. Click on Apply.
      4. Click on + to add the group. CP HTML Manual You have added the group. CP HTML Manual
  1. Click on Add break times.
  2. Adjust the regulators on the timeline so that the desired break time appears in the window underneath.
  3. Select the days for which this break time should apply.
    Repeat steps 3 to 5 to add further break times.
  4. Click on Save to apply the defined break times.
The break times have been defined. Example: Define break times for a certain group CP HTML Manual

Control applications (DAP) #

You can block, release or temporarily release the access to the internet for certain applications (e. g., Skype, MSN, ICQ) with the Application control under Webfilter > Configuration > Groups > Application Control. You can only use this function when the Webfilter Connector is installed.
  1. Select the tab Application control under Groups.
  2. Select the appropriate group.
    1. Click on Select. CP HTML Manual
    2. Select a group from the list. CP HTML Manual
    3. Click on Apply.
    4. Click on + to add the group. CP HTML Manual You have added the group. CP HTML Manual
  3. In the right area of the window you can select if the predefined programs should be Allowed, Blocked or just be Break times for the selected group.
  4. Click on Save to confirm.
The applications for a certain group have been controlled. Example: Control applications for a certain group In this screenshot, the application Skype is changed for the group marketing from the setting Like default to Allowed. CP HTML Manual

Webfilter Categories (DAP) #

The setting for allowed and blocked website categories is made group-specific. The categories are separated in root and subcategories. For example, under the category Internet is the subcategory Chat. For each category you can select if it is Allowed, Disabled or Break times.

After the activation of the Webfilter all categories are disabled. To have a basis for your group settings, you can set rules for the group Default. This group applies to all users if you have not set further rules yet.

Click on Default to select a group setting.

Basic configuration for the group Default

CP HTML Manual

Furthermore, you can define which categories can be temporarily unlocked by a group leader after a release request.

If a category is blocked, the lock turns green. If you click on the green lock, it turns red and is blocked for temporary releases by the group leader.

Lock temporary release

CP HTML Manual

Define Webfiter Catefories for a Group (DAP) #

Starting from the basic settings for the Default group, you define group-specific settings for the Webfilter.
  1. Select the tab Categories in the Webfilter settings.
  2. Select the appropriate group.
    1. Click on Select. CP HTML Manual
    2. Select a group from the list. CP HTML Manual
    3. Click on Apply.
    4. Click on + to add the group. CP HTML Manual You have added the group. CP HTML Manual
  3. Select a category for which you would like to specify a setting differing from the default setting.
  4. To open a subcategory, click on the arrow to the left of the category.
  5. Select an action from the drop-down menu on the right side of the selected category.
  6. Click on Save to confirm your changes.
The Webfilter categories for a group have been defined.

Webfilter Templates (DAP) #

In the tab Templates you can choose between different templates, which appear, e.g., when surfing on a blocked website. You also have the option of setting the languages of the various web filter templates. No new templates can be created in the HTML-CP! Templates CP HTML Manual

Exceptions (DAP) #

You can define website requests that are not be regulated by the Webfilter, in the area Exceptions.
The divergent settings are only active in connection with the Proxy Pac.
If you do not want to regulate the traffic for certain web servers (e.g. internal web servers which are directly addressed by the IP address) by the Webfilter, you can add web server addresses to the exception list. The IP address access to websites is also possible by dynamical IP addresses.
You can enter keywords with regular expressions. If these can be found in an URL, these pages will not be filtered either.

Define Exceptions (DAP) #

  1. Select the tab Exceptions in the Webfilter settings.
  2. Enter the exceptions. Use a ; (semicolon) as a separator between the exceptions. CP HTML Manual
  3. Click on Save to confirm your settings.
Exceptions have been defined.

Statistic #

Webfilter Statistics (DAP) #

The Webfilter statistics enable a comprehensive evaluation of the email traffic. In the Control Panel you can display comprehensive statistics of the email traffic under WebfilterStatistic. The period can be the current day, the preceding three days or the preceding months. When a day is selected, all blocked and allowed domains as well as the most frequently blocked and allowed domains per hour are displayed. When a month is selected, the distribution per day is shown. Additionally, you have the possibility to show the hourly distribution of the respective day if you click on a day of the month. If you select a month, the distribution per day is displayed. The information of the percentage distribution are independent from the period. They show the current distribution of blocked and allowed domains of the current hour, the current day or the month. In addition to the total value, the distribution per topic is displayed.

Customer Settings (DAP) #

Customer Settings Under Customer Settings, you can view and manage the basic settings for mailboxes, groups, domains, and password restrictions. To make settings for a customer, switch to the corresponding customer level (domain) in the scope selection. As an administrator, you can view settings for deposited mailboxes, groups, domains, and password restrictions and change them as follows:
  • Managing basic user data
  • Adding/removing active or disable mailboxes
  • Defining a deputy
  • Setting delivery times for filters & reports
  • Managing group members
  • Changing group names
  • Adjusting group descriptions
  • Deleting groups
  • Deleting domains
  • Adding new mailboxes / forwarding mailboxes / groups / domains
  • Exporting existing mailboxes / forwarding mailboxes / groups / domains as a CSV file
  • Importing existing CSV files with mailboxes / forward mailboxes / groups / domains
  • Defining password restrictions
  • Defining IP restrictions

Mailboxes #

Postboxes are the license basis for all services. In addition to a main mailbox, several associated alias mailboxes can be created for which no fees are incurred. There are three options for creating mailboxes:
  • Automatic creation of postboxes in the Control Panel
  • Manual creation of main postboxes
  • Importing of postboxes
Addresses listed under Postboxes have no influence on the acceptance, filtering or delivery of emails (exception: LDAP address matching). The addresses are used primarily for the generating and delivery of daily spam reports.   Alias addresses as main addresses If alias addresses are assigned to a main address, the end user additionally sees all emails in the email search. The addresses are used to authenticate the user when the web filter system is activated. New users can be added either manually or via the Import interface.   Function Relay The function Relay is only available for customers who have configured and retrieved their email messages via POP3 accounts using the setting Security Settings Spamfilter. Customers can only use this functionality for the domain whose postboxes are assigned to the manufacturer’s servers.   If POP3/IMAP is not configured as a destination server, the management element is not displayed in the Control Panel. If the user sets up a redirection, all emails are delivered to the destination address(es) specified by the customer, regardless of which domain it is assigned to.   Blacklists and whitelists can also be created for the redirection addresses. A list of all users can be read out via the Export (csv.) button.

Administration of User Settings #

The tab User Settings allows you to manage the settings for registered users. The following settings can be made:
  • Entry of user data such as user name, password, email, status
  • Setting the time zone
  • Setting up redirects
  • Activate/deactivate the Infomail filter
  • Delivery times of spam reports
  • Creating alias addresses
  • Setting a proxy for the user’s email traffic
CP HTML Manual

Administration of user settings

Create Mailboxes automatically #

Control Panel offers various options for automatically creating mailboxes. These settings can be found in the Control Panel under Security Settings Spam FilterFiltering →  Relay check (check recipient adress).
CP HTML Manual

Automatic creation of mailboxes

  SMTP All emails marked as spam-free (Clean) will be delivered to the customer environment. If three emails are accepted for the same email address within eight hours, a main mailbox is automatically created. This is the default configuration. The disadvantage of this configuration is that alias addresses cannot be identified. There is consequently a risk of a high number of incorrectly created mailboxes.   LDAP You can synchronize the mailboxes with a directory service, such as Active Directory (AD). This ensures that the correct mailboxes and their alias mailboxes are always created in the system. A disadvantage can be the increased configuration effort, where the customer has to transmit the directory service information.   Control Panel Control Panel is the easiest way to control a large number of mailboxes. You can create postboxes manually or using the function Import. If this method is selected, mailboxes are not created automatically.

Create Mailboxes manually #

  1. Click Customer Settings in the Control Panel.
  2. Select the tab Mailboxes → Postboxes.
  3. Enter a name for the postbox in the field User name.
  4. Select the domain for which you want to enter the mailbox.

    Info: You can also enter postboxes for created alias domains. These mailboxes are main mailboxes and will be charged separately.

  5. Enter a password for the mailbox in the field provided.
  6. Select one of the following options: User: Creates a main mailbox Forward: Creates a mailbox for redirection

    Note: A Forward feature is only available to customers who use email filtering to retrieve their email messages from POP3 accounts.

  7. Click Add to create the mailbox.
  8. Click Save to create the mailbox for a fee.
Mailbox is created.
CP HTML Manual

Steps for creating a mailbox

Import Mailboxes #

In addition to manually creating mailboxes, you can import mailboxes using a .csv file. This can be done both initially, if no addresses have yet been entered, and additionally during operation.
  1. Click Customer Settings in the Control Panel.
  2. Select Mailboxes → Import.
  3. Click Select file. CP HTML Manual A window opens in which the corresponding .csv file can be selected. After selection, the mailboxes are displayed in the User Import field.
  4. Click Import.

    Note: The import process checks all addresses for the validity of the customer domain and for syntactical correctness.

  5. Click Import to transfer mailboxes.

    Attention: If you want to replace all existing mailboxes, select the option Add + delete old. This option deletes all existing mailboxes!

Mailboxes have been imported.

Note: The imported mailboxes are then displayed as main mailboxes under the tab Postboxes. Alias mailboxes are assigned to the respective main mailbox and displayed in User Settings under the tab Aliases.

Groups #

Under Groups you can create new groups, combine several mailboxes into one group and manage the existing groups. Existing group lists can be exported as CSV files and be re-imported at the appropriate locations (see CSV import). CP HTML Manual The following options are available for managing groups: CP HTML Manual

Add new group #

Create a new group from existing mailboxes.
  1. Navigate to Customer Settings –> Groups.
  2. Click on + Add group.
A drop-down menu opens . CP HTML Manual
  1. Assign a group name under Name (1) and optionally describe the group in the field Description (1a).
  2. Under Mailboxes (2), select at least one mailbox to add to the group.
    Existing group lists can be imported here as a CSV file (2a).
    The selected mailbox is displayed in the window Assigned to group (3).
  3. Click Add Group to combine the selected mailboxes into one group (4).
You have added selected mailboxes to a group.

Manage members #

Manage the members of an existing group.
  1. Navigate to Customer Settings –> Groups and click on the arrow for the desired group. CP HTML Manual
  2. Click on Manage members. A drop-down menu with two windows will open, showing all registered mailboxes (left) and all mailboxes assigned to the group (right). CP HTML Manual
    Manage the members of a group:
  • If you want to add more members to the group, click on the members to be added in the Mailboxes (left) window.
    You can also import existing group lists as a CSV file (see Import CSV).
  • If you want to remove already existing members from the group, click within the window Assigned to Group (right) on the group members to be removed.You have assigned or removed members from the selected group.
  1. Click Save Changes to save the updated group.
You have successfully managed the group.

Rename group #

  1. Navigate to Customer Settings –> Groups and click on the arrow for the desired group. CP HTML Manual
  2. Click on Rename. A drop-down menu opens.CP HTML Manual
  3. Enter the desired name for the group and click Save changes.
You have successfully renamed a group.

Customize description #

  1. Navigate to Customer Settings –> Groups and click on the arrow for the desired group. CP HTML Manual
  2. Click on Customize description. A drop-down menu opens.CP HTML Manual
  3. Enter the desired description for the group and click on Save changes.
You have successfully added the group description.

Delete Group #

  1. Navigate to Customer Settings –> Groups and click on the arrow for the desired group. CP HTML Manual
  2. Click Delete group.
When the group is deleted, all settings and group members are irrevocably deleted.
A warning message is displayed. CP HTML Manual
  1. Confirm the warning message by clicking Delete.
You have deleted the group.

Domains #

Under Domains you will find an overview of all existing domains and alias domains. You have the possibility to create new domains and delete existing ones. You can also export displayed domains in CSV format and re-import them at the designated locations .

Add domain #

  1. Navigate to Customer Settings –> Domains.
  2. Click on +Add Domain.
A drop-down menu opens. CP HTML Manual
  1. Enter a valid domain under Domain.
    Already existing domain lists can be imported here as CSV files.
  2. Click Add to add the registered domain.
You have successfully added new domains.

Delete domains #

  1. Navigate to Customer Settings –> Domains and click on the menu arrow of the desired domain.
    Deleting the domain irrevocably deletes all settings!
  2. Click Delete.
A warning message appears.
  1. Confirm warning message by clicking Delete.
You have successfully deleted the domain.

Restrictions #

Under Restrictions, you can define individual password and IP restrictions for the Control Panel login. CP HTML Manual

Assign Password Restriction #

Set your own password restrictions.
  1. Navigate to Customer Settings –> Restrictions.
  2. The password restrictions will be inherited to all subordinate domains!
  3. Activate the desired password restrictions.
  4. Click Save to apply the settings.
    You have successfully assigned the password restrictions.

Reset password restrictions #

Reset the password restrictions to default settings. You have the option of resetting the assigned password restrictions to default settings. Default settings are settings that have been specified by parent administrators.
  1. Navigate to Customer Settings –> Restrictions.
  2. Click on Default settings to reset the restrictions to default settings.
    The password restrictions are inherited by all subordinate domains!
  3. Click Save to apply the settings. 
You have reset the password restrictions to default settings.

Add IP restriction #

Assign your own IP restriction for the Control Panel login. The IP resrictions allow you to specify whether only selected IP addresses or IP address ranges are allowed when logging in to the Control Panel. If no IP restrictions are assigned, all IP addresses are allowed for the Control Panel login.
  1. Navigate to Customer Settings > Restrictions.
  2. Click on Add restriction.
  3. Enter a valid IP address or range of IP addresses and click Add.
You have set a password restriction.

Delete IP restriction #

Delete a specified IP restriction. If no IP restrictions are assigned, all IP addresses are permitted for the Control Panel login.
  1. Navigate to Customer Settings > Restrictions.
  2. Click on the menu arrow on the right in the line of the inserted IP restriction.
  3. Click on Delete to delete the IP address or IP address range.
You have deleted an IP restriction.

CSV Import #

The CSV import allows in special cases to import existing mailboxes, forwarding mailboxes, groups or domains via a CSV file. The Control Panel allows to import external data. Existing mailboxes, domains or groups that were previously exported or saved in the form of a CSV file can, for example, be re-imported at suitable locations. To ensure that an external CSV file can be imported into the Control Panel without errors, special rules must be observed regarding the format of the file, its content structure and a valid syntax.     Rules for the structure of a CSV file to be imported
  • The extension of the import file is always .csv. Other file extensions like .txt or .docx are not allowed and will not be accepted.
  • The CSV file contains only one column in which individual entries are registered with each other.
  • The first row is always the column name and can be named individually.
  • If alias addresses are assigned to a main address, they must be entered after the main address in the same line, separated by a comma (without spaces).
  • Double entries will not be considered.
  • When you try to upload the same file again, no data will be imported and an error message will appear.
  • Mailboxes, forwarding mailboxes and domains are only allowed to use valid addresses contain.
    Example: Structure of a CSV file with mailboxes/forwarding mailboxes CP HTML Manual
  • All entries are in one column and contain only valid email addresses.
  • The first row corresponds to an individually selected column caption.
  • Individual entries are located in individual lines below each other.
  • Alias addresses are entered after the main address in the same line and separated by a comma.
  Example: Structure of a CSV file with domains/alias domains
  • All entries are in one column and contain only valid domain names or alias addresses.
  • The first row corresponds to an individually selected column caption.
  • Individual entries are located in individual lines below each other.

Import List from CSV File #

In some cases, you can import data such as mailboxes, groups, or domains via a CSV file. In addition to manually creating mailboxes, forwarding mailboxes, groups or domains, you have the option of importing them via a CSV list. This can be done both initially, if no data has been entered yet, and additionally during operation.
  1. In the top right corner of the Control Panel, select the scope for which you want to make the changes.
The navigation menu Customer settings on the left side is displayed.
  1. Select under Customer Settings whether you want to import the CSV list for groups or for domains:
 
To ensure that an external CSV file can be imported correctly into the Control Panel at a suitable location, special rules must be observed regarding the format of the file, its content structure and a valid syntax (see here ).
 
  • If you want to import a list of groups, click Groups –> + Add group –> Import list from CSV file.
  • If you want to import a list of domains/alias domains, click on Domains –> Import list from CSV file.
 
  1. Select the file you want to import, and then click Open to import the selected list.
The groups or domains are imported from the CSV file.   You have imported the list from the CSV file.

Black-/Whitelist #

About the Black- and Whitelist #

In the blacklist and whitelist module you can define that emails from specific senders or domains are always quarantined (blacklist) or delivered (whitelist).

Create Blacklist and Whitelist Entries #

      1. In the scope search, select the scope for which you want to create a blacklist or whitelist entry.
        Note: It is not possible to create blacklist or whitelist entries on partner scope or for groups.
        Note: If you have not selected a role from the selection, the user you logged in with is selected.
        CP HTML Manual Depending on the selected scope, you can create entries that are valid globally for the domain or specific users.
      2. Select the module Black- & Whitelist. CP HTML Manual
      3. Select the tab with the corresponding list: Choose from:
        • a. Blacklist
        • b. Whitelist
      4. Click on Insert.
        An input field opens.
      5. Enter an email address or domain name into the field Value.
        Note: If entering a domain name use the following syntax: domainname.tld
        Domain blacklist entry CP HTML Manual User blacklist entry CP HTML Manual
      6. Click on Submit.
     
    The entry is displayed in the list in the lower part of the module.
     

Delete Blacklist or Whitelist Entries #

  1. Open the Black- & whitelist module.
  2. Select the tab with the desired list.
  3. Click on the arrow symbol on the right side of the entry you would like to delete.
  4. Click on Delete.
You will receive a notification after successfully deleting the entry.
Example: Deleting entries from black- or whitelists
Following, the blacklist entry test@testdomain is deleted. CP HTML Manual

Search Functionality #

The search functionality is similar to the search in the Email Live Tracking. Just enter the search phrase into the search field and the results are filtered dynamically.
Example: Search entries in the blacklist and whitelist module
The blacklist of the user admin@talltara.com is searched for the term test. Only results starting with test are shown. Search the blacklist CP HTML Manual

Hierarchy of Blacklist and Whitelist Entries #

The blacklist and whitelist entries are processed in the following order from the highest to the lowest priority:
  • User whitelist
  • User blacklist
  • Domain and group whitelist
  • Domain and group blacklist
If the system finds a fitting entry on either list, the execution is stopped and the remaining entries are not checked.
Example: Processing hierarchy of blacklist and whitelist entries
A user adds the sender address example@example.com to the user whitelist. The domain administrator adds this account to the domain blacklist. The emails from that account will be delivered to the user, but not to any other user who has not whitelisted that account.

Security Settings (DAP) #

In the security settings you will find configuration options for the following services:

  • Signature & Disclaimer
  • Hornetdrive

Advanced Threat Protection (ATP) #

Advanced Threat Protection (ATP) protects your business from targeted and individual attacks from the first malicious email. Highly innovative forensic analysis engines ensure that attacks are stopped immediately. At the same time, the solution provides detailed information about the attacks on your company. CP HTML Manual

ATP Engines #

ATP uses engines to detect and stop attacks:
  • Sandbox Engine: Attachments are executed in a variety of system environments and their behavior is analyzed. If it turns out to be malware, you are notified. Protects against ransomware and blended attacks.
 
  • URL Rewriting The URL rewriting engine secures all Internet calls from emails via the web filter. In the process, the sandbox engine also analyzes downloads.
 
  • URL Scanning A document (such as PDF, Microsoft Office) attached to an email may contain links. However, these cannot be replaced, as this would violate the integrity of the document. The URL scanning engine leaves the document in its original form and only checks the target of such links.
 
  • Freezing Emails that cannot be instantly classified but look suspicious are retained for a short period by freezing. An additional scan is performed later with updated signatures. Protects against ransomware, blended attacks and phishing attacks.
 
  • Ex post alerts If it turns out that an already delivered email must be considered as potentially harmful, the respective company’s IT security team is notified about the extent and possible countermeasures as soon as this is known. This permits rapid containment of a dangerous situation.
 
  • Targeted Fraud Forensics Targeted fraud forensics detects targeted personalized attacks without malware or links. The following detection mechanisms are used for this:
    • Intention recognition system: alerts about content patterns that indicate malicious intent.
    • Fraud attempt analysis: checks the authenticity and integrity of metadata and email content.
    • Identity Spoofing Recognition: detection and blocking of forged sender identities.
    • Spy-out detection: Protects against attacks trying to obtain sensitive information.
    • Feign facts identification: content analysis of messages based on provision of feigned facts.
    • Targeted attack detection: detection of targeted attacks on individuals.
 

Activate ATP #

Attention: Activating the ATP may cause additional costs!
  1. Navigate to Security Settings Advanced Threat Protection within the Control Panel.
  2. Click on the Advanced Threat Protection slider. CP HTML ManualA confirmation window with information on fees pops up.
  3. Confirm the activation with OK. CP HTML Manual

Info: From now on there is the possibility to start the ATP scan for incoming emails with potentially dangerous attachments in the email display (see: Email Live Tracking) also on administrator level, who do not yet use ATP.

You have activated ATP.

Adding a Recipient of Alerts #

Enter the email addresses of the users who should receive real-time alerts and Ex Post alerts.

Before you start: Enable Advanced Threat Protection.

  1. Navigate to Security Settings –> Advanced Threat Protection.
  2. Click on Add recipient.
    It is strongly recommended that you register your company’s security officers as recipients.
    CP HTML Manual
    A new input field appears below the button.
  3. Enter the desired email address in the input field.
    CP HTML Manual
  4. Enter an email address.
  5. Click on Add.
    The email address you entered appears in the Email section at the bottom of the page.

    You have entered an email address for the reception of alerts.

Removing Recipients of Alerts #

Remove one or all email addresses from the list of recipients of alerts. Advanced Threat Protection is enabled and recipients of alerts are registered.
  1. Navigate to Security SettingsAdvanced Threat Protection.
  2. To delete a single email address, follow these steps:
    1. Navigate to the bottom of the page. You will find the registered email addresses under Email. CP HTML Manual
    2. Click on the icon Delete on the right side of the row of the desired e-mail address. The desired e-mail address is removed from the recipient list.
 
    To delete all recipients at once, follow these steps:
  1. Click Delete all recipients. CP HTML Manual A confirmation window opens.
  2. Acknowledge by clicking the button Confirm. All email addresses have been deleted from the recipient list.
You have removed some or all email addresses from the recipient list for alerts.

Initiate an ATP Scan Manually #

You can scan incoming emails with potentially dangerous attachments in the Control Panel using ATP.

Note: The ATP scan is only available for emails with executable attachments (e.g. .exe file). Furthermore, clean emails that have already been delivered can only be scanned when the products Email Archive  or the Contingency Covering are active.

Info: You can perform two ATP scans for email attachments each month for free. For additional analyzes you have to activate Advanced Threat Protection.

  1. Open the workspace Email Live Tracking in the Control Panel.
  2. Open the details for the email you want to scan by ATP. CP HTML Manual
  3. Click on the magnifying glass to start the scan. CP HTML Manual
After you have started the ATP Scan, you will get a notification.

Note: The scan process can take up to 15 minutes until it is finished.

After the scan is done, you can open the ATP report for the analyzed file under ATP in the extended information for the scanned email. CP HTML Manual CP HTML Manual

Real-Time Alert #

As soon as ATP detects an attack, a notification is sent to your company to inform you immediately about a possible threat. The person in charge receives various details about the type and target of the attack, the sender and the reason why an email was intercepted.
Info: Alerts are sent when:
  • Malware code was found in the sandbox.
  • URL scanning has found a suspect URL.
  • URL rewriting has blocked a website or download.
CP HTML Manual

Real-time alert

Incoming emails that are classified as potentially dangerous by ATP are grouped together in the Control Panel under the ATP category and displayed in dark blue.
CP HTML Manual

ATP category

ATP-Report #

The ATP report gives you detailed information about the analyzed file. To view an ATP report, select ATP ReportView ATP Report from the details window to the right of the selected email.
CP HTML Manual

View ATP-Report

  The ATP report is divided into four main sections:
  • Summary
  • Static Analysis
  • Network Analysis
  • Behavioral Analysis
    Summary Here you will find an overview of the analyzed file. In addition, the file is rated with a score from 0 to 10, where 0 is no danger and 10 is the most dangerous rating. The Signatures section classifies the behavior of the file into three categories:
  • Information
  • Attention
  • Warning
If you click on a signature, the advanced process information is displayed.
CP HTML Manual

ATP-Summary

  Static Analysis The static analysis is divided into three subcategories:
  • Static Analysis – Static analysis of the file (depending on the file format).
  • Strings – Output of the occurring strings of the file.
  • Antivirus – analysis of the file by different antivirus programs.
CP HTML Manual

ATP-Static Analysis

  Network Analysis In the network analysis, all network traffic is analyzed and listed according to protocols (e.g. HTTP, TCP, UDP).
CP HTML Manual

ATP-Network Analysis

  Behavioral Analysis The behavior analysis analyzes the behavior of the file at runtime. Displays all system API calls and processes logged during dynamic sandbox analysis. The results are divided into two sections:
  • Process Tree: Here the processes are displayed in hierarchical order.
  • Process Contents: If you select a process from the Process Tree, the executed API queries are displayed here in chronological order.
CP HTML Manual

ATP-Behavioral Analysis

Ex Post Alert #

If it turns out that an already delivered email must after all be considered as potentially harmful, the respective company’s IT security team is notified about the extent and possible countermeasures as soon as this is known. This permits rapid containment of a dangerous situation.   With Ex Post Alerts, your IT security team receives an automatic notification if an email that has already been delivered is subsequently classified as malicious. You will receive a detailed evaluation of the attack so that you can immediately initiate actions such as checking the systems or sensitizing your own employees.

Note: Ex Post Alerts is automatically activated for all ATP customers.

Exclude Websites from ATP Scanning #

Exclude websites from the automatic ATP scan by putting them on the whitelist.
  1. Open the Control Panel.
  2. Select the domain for which you want to create the desired whitelist entry. CP HTML Manual
  3. Under Webfilter, click on Black- & Whitelist. CP HTML Manual
  4. Select the whitelist, you want to create an entry for:
    1. User Whitelist
    2. Groups Whitelist
    3. Global Whitelist CP HTML Manual
  5. Enter the domain name of the website, you want to exclude form ATP scanning into the field Domain. CP HTML Manual
  6. If you want to enter an whitelist entry for a specific user or group:
    1. Click on Select.
    2. Select the user or group from the window.
      You can search for the user/group in the field search.
    3. Click on apply, to select the user/group. CP HTML Manual
  7. Click on Add. The whitelist entry shows up in the list.
  8. Click on Save, to confirm the creation of the whitelist entry. CP HTML Manual
  You have created a whitelist entry. ATP will neither scan the website nor rewrite links in emails for this website.

Spam Filter #

Filtering options:
Option Funktion
Domain Selection of the domain (or alias domain).
Filter type Select whether premium filtering (spam and viruses, high filtering rate) or only blocking based on blacklists and some mass spam rules (lower filtering rate) should be carried out.
Destination Server to which filtered emails are sent.
Note: If you specify a host name, an MX record resolution is always performed first, followed by an A record resolution. Several addresses can be entered. Addresses must be separated from each other by a comma. It is possible to enter CIDR ranges.
Outgoing relay / Email traffic Specifies mail servers whose outgoing email is to be sent via the spam filter service. Several addresses can be entered here.
Info: Bounce Management checks incoming undeliverability notifications to determine whether outgoing emails were actually sent via the domain’s relay server or via a fake sender address as a return of a spam attack.
Relay check Rejects non-existent email addresses.
Relay check per SMTP Checks the validity of the email address using the address of the target server.
Note: For Relaycheck via SMTP, you can select an alternative IP address for Relay Check. It is useful, for example, if the valid emails are first sent to a relay gateway after the check.
Relay check per LDAP Checks the validity of the email address.
Important: LDAP synchronization must first be set up for this function. Please contact our support team.
Relay check per Control Panel For incoming emails, the system checks whether the recipient is already configured as a user in the Control Panel.
Email Spam handling Configuration for handling with spam mails:
  • Store in quarantine (default, recommended): Lists of detected spam mails are sent to recipients at intervals (digest).
  • Tag: All spam mails with a prefix in the subject will be delivered. You can enter the prefix in the field Phrase.
CP HTML Manual

Spam Report #

Spam report allows to configure individual settings for spam corrections of a domain. Following settings can be activated or deactivated via the spam report:

  • Delivery of certain types of email such as Infomail, Spam, Virus, Content
  • Setting for user-defined delivery times
  • Delivery of a report for all detected and quarantined spam emails to an email address
  • Selection of an individual template for a spam report
CP HTML Manual

Setting the spam report

Content Control #

Content Filter provides domain administrators and partners with the ability to manage attachments from incoming and outgoing emails. The administrator can remove suspicious email attachments from emails or block affected emails after exceeding a maximum allowed size. Unwanted attachments can be explicitly forbidden by specifying file types. File types can be assigned in collective terms and excluded (see Forbidden File Types).

Activate Content Control #

Prerequisite: A group is entered under the level customer domain (see Create new Group).
  1. Select the tab Security Settings → Content control.
  2. Activate the checkbox Content Filter. CP HTML Manual
Content Control is activated.

Add new Group #

  1. Click Select under Group to select the stored groups. A new window opens.
  2. Select the desired group and click Apply. CP HTML Manual The selected group is displayed.
  3. Click CP HTML Manual  to add a group.
Group is added. Content Filter can be set for this group.

Setup Content Control #

Incoming and outgoing emails can be managed in the Content Control.
  1. Go to Security Settings > Content Control and select the policy for which you want to make filter settings: a) For incoming emails, click on Incoming Email Policy. b) For outgoing emails, click on Outgoing Email Policy. CP HTML Manual
  2. Specify the maximum email size in kilobytes.
    Note: The maximum email size must not exceed the size limit of the email server used.
  3. Select the action to be performed for emails with forbidden attachments: a) Cut the attachment and inform the receiver b) Block Email CP HTML Manual
  4. Optionally, activate Forbid encrypted attachments to detect encrypted attachments and define the file types that the content filter should prohibit. Click Add to save the file types.
    Note: Content Control not only checks the file extension but also the MIME type of the file. MIME type may differ from the file extension.
  5. Optionally, activate Settings like above to prohibit contained file types in archives. Click Add to save the file types.
  6. Confirm the changes with Save. CP HTML Manual
Content Control is set up.

Forbidden File Types #

Unwanted file types can be prohibited by specifying collective terms.
Colective term Forbidden file type
 .executable .action .apk .app .bas .bat .bin .cab .chm .cmd .com .command .cpl .csh .dll .exe .gadget .hta .inf .ins .inx .ipa .isu .job .jar .js .jse .ksh .lnk .msc .msi .msp .mst .osx .paf .pcd .pif .prg .ps1 .reg .rgs .run .scr .sct .sh .shb .shs .u3p .vb .vba .vbe .vbs .vbscript .vbx .workflow .ws .wsc .wsf .wsh
.mediafile .aif .flv .mp1 .mid .mp5 .mpa .wma .mp2 .mpe .swf .wmf .wav .mp4 .wmv .mpg .avi .mov .mp3 .mpv2 .mp2v .aiff .mpeg
.docmacro Heuristic detection of macro patterns in .doc attachments. Not all types of macros are captured by this filter.
.xlsmacro Heuristic detection of macro patterns in .xls attachments. Not all types of macros are captured by this filter.

Compliance Filter #

Compliance Filter lets you create custom filter rules to categorize incoming email as Clean, Spam, or Virus, for example. In addition, you can reject emails, send them to another email server or change the recipients.
Attention: The use of incorrect filter rules has a considerable negative effect on email traffic. Filter rules can also be used to override email services. Compliance Filter is also not suitable for address rewriting.
Compliance Filter checks both incoming and outgoing email traffic. You can set up three different filter types:
  • Advanced filter type where the sender, recipient, IP , hostname and subject are checked for search terms
  • Filter for content in the email header
  • Filter for content in the email body
In the email and body header, only the search term must be entered in the input field. With the extended filter type, several criteria can be evaluated in parallel. Actions can be defined for the individual filters, which are automatically executed by the filter if an email matches the set filter criteria. Different actions are possible for incoming and outgoing emails.

Setup Compliance Filter #

Note: Compliance Filter settings can only be made via a partner account or as a domain administrator.

  1. Open the Control Panel and log in.
  2. Select the domain for which you want to activate the Compliance Filter.CP HTML Manual
  3. Click on Security Settings Compliance Filter.
  4. Activate the checkbox Activate Compliance Filter. CP HTML Manual
  5. Confirm activation with Save.
The Compliance Filter is activated.

Add Filter #

To define a filter, you must add a new filter.
  1. Open Compliance Filter in the Control Panel and click Add. CP HTML Manual
    Note: Compliance Filter distinguishes between rules for incoming and outgoing emails.
  2. Select the email direction for your filter from the field Direction. 
  3. Select the type of filter with Type. Compliance Filter distinguishes between three filter types:
  • Email-Body: Expression searched in the email body.
  • Email-Header: Expression that is searched for in the email header.
  • Advanced: You can define expressions for each of the seven occurring fields and use them individually or in combination.
  1. Define your individual filter rules. Examples of this can be found in the chapters Filter Sequence and Classification.
  2. Optionally, add a description in the field Info.CP HTML Manual
    Info: The text entered into the field Info has no effect on the filter rule.
  3. Click OK to create the rule.
  4. Confirm your entries with Save.
Filter was added.
 

Define Filter Rules #

Compliance Filter searches emails for terms that you define in the fields provided. The following are simple examples of how to create filter rules in the different filter types.
Note: In order to define filters more precisely and versatilely, it is also possible to use regular expressions. For a description of the structure and functionality of regular expressions, see Regular Expressions.
Examples:
FeldKurzbeschreibungBeispiel
E-Mail-HeaderDurchsucht den E-Mail-Header auf den eingegebenen Begriff.Rechnung
FromFilterung auf Envelope-SenderAdresseuser@gevonne.com
ToFilterung auf EnvelopeRecipient-Adresse.user.extern@yahoo.com
IPÖffentliche IP-Adresse des absendenden E-Mail-Servers.
Anmerkung: Die Angabe der IP-Adresse erfolgt immer ohne Subnetzmaske.
Richtig: 0.0.0.0 Falsch: 0.0.0.0/24
HostnamePTR-Record (Hostname der Rückwärtsauflösung der IP).mailserver.gevonne.com
SubjectFilterung nach dem Betreff der E-Mail.Spammanagement
AttachmentsFilterung nach E-Mail-Anhängen..jpg
Greater than (KB/MB)Gewünschte Maximalgröße der E-Mails.500

Attachments

You can filter for email attachments within the field Types → Advanced. Enter the file type (e.g. .exe or .jpg) in the field Attachments .
Note: The Compliance Filter cannot apply the collective terms for file attachments.

Define Actions #

You can define an action for each filter rule, that is executed if the rule matches.
Note: Compliance Filter differs between actions for incoming and outgoing emails. The actions Tag as Clean, Spam or Virus can only be used on incoming emails. The action Notify Sender can only be used on outgoing emails.
Action Description
Reject The email server is informed about the disconnection error with an error code and a text. (554 5.6.9 customer rule based reject by compliance filter). The notification of the sender lies in responsibility of the email server.
Redirect The email is redirected to one or more email addresses.
Note: You can enter as many email addresses as you want. Separate the different addresses with spaces.
Reroute The email is sent to another IP address or hostname.
Note: You can only enter one IP address or hostname into the field.
Add BCC This action automatically adds one or more BCC Recipients. You can add as many email addresses as you want. Separate the email addresses with spaces.
Notify Sender The Sender automatically receives an infomail, as soon as their email is accepted by the destination server.
Tag as Clean Classifies the incoming email as clean.
Tag as Spam Classifies the incoming email as spam..
Tag as Virus Classifies the incoming email as Virus.

Filter Sequence and Classification #

You can change the sequence of the filter rules in the overview of the compliance filter.
Important: You must observe the predefined sequence of filter rules (see figure below). If a rule applies and a filter rule therefore takes precedence, processing is stopped and defined filter rules are not applied if necessary.
CP HTML Manual

Note: The compliance filter cannot be used to create exceptions for the content filter. In this case the content filter takes precedence over the compliance filter and thus deviates from the regular ruleset order.

The following examples illustrate the sequence in which rules are processed.

Example: Simple filter application sequence

Initial situation:: The filter rule above is defined as the only rule. There are no other rules applied to the case study. Procedure:
  1. An email from “rechnungen@kreditor.de” is sent to any user of the domain “debitor.de”.
  2. Compliance Filter first searches the Body rules, then the header rules and matches the rule in the advanced rules
  3. The rule is applied and the Compliance Filter does not search for further rules.
CP HTML Manual

Example: Simple sequence

Example: Conflict between two rules of one type

Initial situation: Two different rules are defined for outgoing emails to “order@anycompany.com”. In the overview the rule (ID 281503) stands before the rule (ID 281523). No other rules apply to that case. Procedure:
  1. An email from any user will be sent to “bestellungen@kreditor.de”.
  2. The Compliance Filter first searches the body rules, then the header rules and finds a match in the advanced rules.
  3. The rule to add the CEO to the BCC (ID 281503) is processed and the execution is stopped. The rule to add the purchase department to the BCC (ID 281523) is not being processed.
CP HTML Manual

Filter rile: Add BCC to ceo@

CP HTML Manual

Filter rule:  Add BCC to einkauf@

CP HTML Manual

Status of defined filters

Example: Conflict between multiple rules in different types

Initial situation: Incoming emails that contain a link to Facebook are marked as spam. The marketing department is partly excluded from that rule, when receiving emails from Facebook directly, they are marked as clean. In the overview the rule (ID 259163) stands before the rule (ID 259143). No other rules apply to that case. Procedure:
  1. A marketing recipient receives an email from Facebook containing a link.
  2. The Compliance Filter searches the body rules and hits the rule (ID 259143).
  3. The email is marked as spam, no other rule is applied.
  4. Rule (ID 259163) is being ignored, although it is above the other rule in the overview as the body rules are applied first.
CP HTML Manual

Filter rule: mark emails as “valid”

CP HTML Manual

Filter rule: mark emails as “spam”

CP HTML Manual

Filter rules

Example: conflict between Compliance Filter rule and an existing Hornetsecurity filter

Initial Situation: Due to an increased amount of spam from a certain IP address, a rule is defined that always marks emails from this IP address as spam. No further compliance filter rules are defined to that case. Procedure:
  1. A sender of the domain behind the IP address sends an email to any recipient.
  2. Compliance Filter first searches the body rules, then the header rules and matches a rule in the advanced rules.
  3. The email is marked as spam and the execution is stopped.
  4. Hornetsecurity has defined a filter rule for that specific domain and the increased spam occurrence could be localized to the sender “info@”. No other email address sent spam from that domain. The rule from Hornetsecurity is not being searched and therefore the defined filter rule has a to large scope. Clean emails could now be tagged as spam.
CP HTML Manual

Filter rule: mark emails as “spam”

Regular Expressions #

You can use regular expressions (RegEx) within the Compliance Filter to extract information from a string. This makes it possible to recognize patterns in subject lines or other email components and filter emails accordingly. Note that the system automatically places a “.*” in front of the beginning and end of the subject line and in the email body and header.
Note: Within the Compliance Filter you can create regular expressions according to Perl Compatible Regular Expressions. Other libraries are not supported. (Further information can be found at: http://www.pcre.org/). In addition, there are special restrictions, which are explained below.

Example: Using Regular Expressions in the Compliance Filter

Initial situation: Users often received emails with the subject containing the word “porn”. A filter rule has been defined to mark it as spam. Recently, however, there has been an increase in the number of emails using Leetspeak to bypass this filter. For example, emails with the subject “p0rn” are received that are not marked by the compliance filter. In this case, the use of a regular expression is more effective:
CP HTML Manual

Using a Regular Expression in the Compliance Filter

Instead of the dot any character is interpreted as valid. Therefore, the filter is not determined to an “o”, it reacts to any letter, digit and special character

Advanced Routing #

You can use the Advanced Routing function to assign different mail servers to individual users or groups. Email traffic is then routed through these servers.
  1. Navigate to Security SettingsAdvanced Routing.
  2. Activate the checkbox Activate Advanced Routing. Further selection windows are activated.
  3. Select whether routing is to be performed for specific users or a user group.
  4. Click Select to select a user or user group.
  5. Enter the IP or host address that you want to use to route email traffic.
  6. Click Add. The selected group is displayed in the list below.
  7. Confirm the changes with Save.
CP HTML Manual Advanced Routing is set up.

Signature and Disclaimer #

Signature & Disclaimer controls the automated provision of email signatures and disclaimers on all Hornetsecurity gates. The tool dynamically generates user specific signatures, matching the Active Directory. The signatures are based on predefined templates and are included automatically after the current text of the email.
Notice: There are two different variants of the Signature & Disclaimer. If you activated the checkbox at Mail Footer under Management > Email, did not activate an LDAP connection and do not use Total Protection Enterprise or Business, you can use a static variant of the Signature & Disclaimer. However, you cannot use all functions. For more information see the documentation Signature & Disclaimer – Static Version .

Mobile use of Signature and Disclaimer #

With the activation of Signature and Disclaimer, the created signatures and disclaimers are also attached to emails sent from mobile devices.

Note: When using a mobile device with the Android, the installed Android version must still be supported so that the signature and the disclaimer are properly attached. Make sure that you are using a supported version so that your emails are displayed correctly.

Activate LDAP for Signature and Disclaimer #

To use Signature and Disclaimer, you must first activate it in the Control Panel. After the activation, you can optionally configure a different LDAP server for the synchronization and enter filters for the user synchronization.  
  1. Select Service DashboardLDAP connectionAdvanced Signature and Disclaimer in the Control Panel.
  2. Activate the checkbox Activate Advanced Email Signature and Disclaimer.

    Note: Activating Advanced Email Signature and Disclaimer could be additionally charged depending on your license.

  3. Confirm the notification with OK.
  4. Note: Follow this step if you want to use a different directory service for the user synchronization with Signature and Disclaimer.

    Deactivate the checkbox Use LDAP information for Advanced Signature and Disclaimer.
    • Define the logon information in the appearing fields. CP HTML Manual
  5. Enter the desired filter in the field LDAP Filter.

    Note: The value proxyaddresses=* selects all users in an Active Directory.

    Note: If your template does not comply with your directory structure, you can customize it here individually.

  6. Click on Save in the lower left corner of the window. CP HTML Manual
  LDAP for Signature and Disclaimer has been activated in the Control Panel. Now you can configure Signature and Disclaimer for users and groups of your directory service.

Activate Signature and Disclaimer #

To use Signature and Disclaimer, you must organize the users in an Active Directory and have the LDAP synchronization for the domain activated in the Control Panel.

Note: Signature and Disclaimer can be used for plain text messages as well.

You can access the Signature and Disclaimer web interface in the Control Panel under Security SettingsSignature & Disclaimer.
  1. Select the domain from the scope selection for which you want to activate the product for.

    Note: Activate the checkbox Activate Advanced Email Signature and Disclaimer.

    CP HTML Manual

    Activate Signature and Disclaimer

  2. Click on OK to confirm the activation.

Create Signatures and Disclaimers #

The main functionality of the web interface is to create templates for signatures or disclaimers. The different templates for signatures and disclaimers are applied on groups. The groups are visible on the left side of the main window. If you have not created any groups in the Control Panel, you can select the group default to assign the same signature or disclaimer to all users.

Note: In the Control Panel you can create groups under the area Customer SettingsGroups. Further information about groups are available in the Control Panel manual at: Groups administrative component

  1. Select a group on the left side of the main window under Groups.

    Note: You can click on the Search field to search for and select a group from the drop-down menu.

    CP HTML Manual
  2. Select the group in the list of added groups to create signatures and disclaimers for. CP HTML Manual On the right side of the main window appears the selection of signatures and disclaimers.
  3. Click on the + under Disclaimer or Signature to create a new template. CP HTML Manual
  4. Enter a name for the new template. You can create the templates for signatures or disclaimers for both HTML and plain emails at the same time. The templates are created separately.
  5. Select the format for which you want to create the template:
    • HTML
    • Plain

    Note: You can switch between the formats during editing.

  6. Define the template in the What You See Is What You Get Editor (WYSIWYG). CP HTML Manual
  7. Click on Save and select the created template in the main window. CP HTML Manual
You have created a signature or a disclaimer.

Edit or Delete Signature and Disclaimer Templates #

Edit or delete the defined templates for signatures and disclaimers.
  1. Click on the field Search in the main window under Signature or Disclaimer and select the desired template. CP HTML Manual
  2. Select one of the following actions:
    • To edit the selected template, click on the pen next to the template’s name. The editor appears and you can edit the template. CP HTML Manual
    • To delete the selected template, click on the red and confirm the deletion with OK. CP HTML Manual
You have edited or deleted a signature or a disclaimer.

Using the WYSIWYG-Editor #

You can enter user attributes from the Active Directory into the WYSIWYG editor by selecting them from the drop-down menu AD-Variables. You can easily create templates for signatures and disclaimers in the WYSIWYG editor. The editor provides simple formatting options for example, paragraph alignment, font style and bulleting. Furthermore, you can use variables from the Active Directory to, for example, insert the first and last name of a user. The following table provides all Active Directory attributes that you can select under AD-Variables in the editor.

Note: You must have defined the variables in your Active Directory to use them in the editor.

Important: When using the Azure Active Directory, not all attributes from the following table are synchronized. You can find a table with usable attributes under Synchronized Attributes from the Azure Active Directory.

AD-Variable Description
cn Common name
company Company
countryCode Country Code
department Department
description Description
directReports Employee
displayName Complete name
facsimile TelephoneNumber Fax
givenName First name
homePhone Private phone number
info Jobtitle/Position

Note: The field Title is often used for other purposes. Therefore, the term Info is used here for the LDAP-attribute Title (Jobtitle/Position).

ipPhone IP Phone
I (lowercase L) City
mail Email address
manager Manager
mobile Mobile phone number
msExchlMAddress IM address
pager Pager number
physicalDeliveryOfficeName Office
postalCode Postal code
postOfficeBox Post office box
samAccountName User account name
sn Surname
st State
streetAddress Street
telephoneNumber Phone number
wwwHomepage Website
CP HTML Manual

Synchronized Attributes from the Azure Active Directory #

With the Azure Active Directory of Microsoft only certain attributes are synchronized for Signature and Disclaimer.   The following attributes are synchronized and can be used to create signatures and disclaimers:
AD-Variable Description
countryCode Country Code
department Department
displayName Complete name
company Company
physicalDeliveryOfficeName Office
givenName First name
info Jobtitle/Position

Note: The field Title is often used for other purposes. Therefore, the term Info is used here for the LDAP-attribute Title (Jobtitle/Position).

l (lowercase L) City
mail Email adress
mobile Mobile phone number
postalCode Postal code
sn Surname
st State
streetAddress Street
telephoneNumber Phone number

Hide Empty Active Directory Elements #

You can use the If Not Empty function to hide content in signatures and disclaimers if certain AD variables are not filled for users.
  1. Create a new signature or disclaimer or edit an existing one.
  2. Select the line in the editor in which you want to insert the AD variable.
  3. Click on If Not Empty. CP HTML Manual
  4. Select the desired AD variable from the field Variable. CP HTML Manual
  5. Enter the text that you want to hide if the element is not filled for the user.
  6. Confirm with OK.
  7. It is also possible to enter an AD variable in the text to be hidden:
    • Click on the position in the editor between the If Not Empty tag at which you want to insert the AD variable to be hidden.
    • Select the AD variable from the drop-down menu. CP HTML Manual
  8. Click on Save to save the signature or disclaimer.
Example: Hiding non-existent AD variables The following signature is created for all users:
CP HTML Manual

Signature in the Editor

The following signature is displayed for users with a mobile phone number: CP HTML Manual The following signature is displayed for users without a mobile phone number: CP HTML Manual

Include Subsignatures #

You can use subsignatures to include previously created signatures in a signature.

Important: Subsignatures can only be used in signatures. At least one signature must exist that you can include as a subsignature.

  1. Create a new signature or edit an existing one.
  2. Select the line in the editor, in which you want to insert the subsignature.
  3. Click on Sub-Signatures and select the subsignature from the existing signatures. CP HTML Manual A placeholder is inserted or the subsignature. CP HTML Manual
  4. Click on Save.
  5. Note: In order to use a signature as a subsignature, it must be activated first.

    To activate a signature to use as a subsignature:
      1. Open the edit mode of the signature you want to use as a subsignature.
      2. Set the toggle to Active. CP HTML Manual
    Activated and deactivated signatures are marked in the selection. CP HTML Manual CP HTML Manual

Insert HTML Source Code #

You can use the editor to insert HTML source code.
  1. In the WYSIWYG editor select the tab Tools and click on Source Code.

    Note: You can also edit the text that you have created previously in the WYSIWYG editor.

    CP HTML Manual A window appears.
  2. Enter the desired HTML source code and confirm with OK. CP HTML Manual
  3. In the editor click on Save to save your changes.

Preview Signatures and Disclaimers #

CP HTML Manual

Example: Preview of a signature

With the preview you can apply a templates to specific users of your Active Directory. You can get a preview of the template you are creating or editing. Therefore, you can select any user in your Active Directory.

Embed images in Signature & Disclaimer #

The WYSIWYG editor allows you to add images to your signature or disclaimer. After you have created your signature or disclaimer using the Web Interface and/or via LDAP, you can redesign them or edit already saved templates. Images can either be dragged and dropped directly into the WYSIWYG editor or embedded via URL.

Embed images using a URL #

  1. When creating or editing a disclaimer or signature in the WYSIWYG editor, click the position where you intend to insert the image.
  2. Within the editor navigate to InsertImage. An input window with further parameters opens. CP HTML Manual
  3. Under Source (1), enter the address of the image that is to be representative for your link. Search the internet for the desired image and copy the stored image location. CP HTML Manual The location of the desired image is stored.
  4. Alternatively, enter a description under Image Description (2).
  5. If necessary, adjust the size of the image individually under Dimensions and save your input with Ok. CP HTML Manual The parameters have been stored and the image is displayed in the editor.
  6. Right-click on the image and select Link to enter a specific URL. CP HTML Manual An input window with further parameters opens. CP HTML Manual
  7. Enter the destination address of the desired website under URL (4).
  8. Alternatively, enter a text under Title (5) which should be displayed over the image when the mouse hovers over it.
  9. Under Target (6) select New window to open the linked website in a new tab to leave.
  10. Click on Ok and then on Save to save all data.

    Note: If necessary, repeat steps 1-10 if you want to insert several images.

The image was embedded to your signature or disclaimer via an URL. CP HTML Manual CP HTML Manual

Data synchronization via LDAP #

Changes to the Active Directory cause a new synchronization.
If you change the Active Directory, these changes will be synchronized.

The changes in the Active_Directory are tracked using the USNChangedNr attribute. If the value changes, the dataset is synchronized.

Note:
If you perform a backup, the USNChangedNr is not increased but reset to an earlier value. The dataset is then also synchronized again.

Troubleshooting #

When using Signature & Disclaimer errors may occur. In the following chapters the cause and the solution of frequent errors is explained.

Missing HTML Signature in Emails sent from Mail (Apple) or Thunderbird #

Condition Emails sent from Thunderbird or Mail (Apple) do not attach the HTML signature, but the plain signature. If you have not specified a signature for plain text, the email will be sent without a signature.   Cause Some email clients such as Mail (Apple) and Thunderbird send emails by default as plain text and not in HTML format. Thus, the plain template is loaded in the Signature & Disclaimer.   Remedy for Mail (Apple) on MacOS   Workaround for Mail (Apple) on iOS
  • Format one or more characters bold, italic or underlined in your email text. The client sends the email in HTML format and Signature & Disclaimer attaches the HTML signature.
  Remedy for Thunderbird
  • For single emails: Select Write → Options → Delivery Format → Rich Text (HTML) Only aus. CP HTML Manual
  • For all emails: Select Write → Tools → Account Settings → Composition & Addressing and check the box Compose messages in HTML format. CP HTML Manual

Variables Are Not Referenced #

Condition: You have inserted an AD variable or a subsignature and they are displayed incorrectly in the signature created. Cause: AD Variable does not exist The variable is not defined in the Active Directory. CP HTML Manual Remedy: Select the AD variables in the editor from the drop-down menu.   Cause: Subsignature does not exist The referenced signature does not exist or the name of the signature has been changed. Therefore, it cannot be included. CP HTML Manual Remedy: Select the signature to be included again from the Sub-Signatures drop-down menu.

Signature & Disclaimer - Static Version #

You can create group-based signatures and disclaimers with the static version of Signature & Disclaimer manually if you did not configure an LDAP connection or if you do not use 365 Total Protection or Enterprise. The signature and the disclaimer are automatically attached to all emails of the user in the respective group.

Mobile use of Signature & Disclaimer #

With the activation of Signature & Disclaimer, the created signatures and disclaimers are also attached to emails sent from mobile devices.

Note: When using a mobile device with the Android, the installed Android version must still be supported so that the signature and the disclaimer are properly attached. Make sure that you are using a supported version so that your emails are displayed correctly.

Activate Signature & Disclaimer #

Contact the support in order to activate the static version of the Signature and Disclaimer.

Create Signatures and Disclaimers #

The main functionality of the web interface is to create templates for signatures or disclaimers. The different templates for signatures and disclaimers are applied on groups. The groups are visible on the left side of the main window. If you have not created any groups in the Control Panel, you can select the group default to assign the same signature or disclaimer to all users.

Note: In the Control Panel you can create groups under the area Customer Settings > Groups. Further information about groups are available in the Control Panel manual at: Groups administrative component

  1. Select Signature & Disclaimer under Security Settings.
  2. Select a group on the left side of the main window under Group.

    Note: You can click on the Search field to search for and select a group from the drop-down menu.

    CP HTML Manual
  3. Select the group in the list of added groups to create signatures and disclaimers for. CP HTML Manual On the right hand side of the main window appears the selection of signatures and disclaimers.
  4. Click on the + under Disclaimer or Signature to create a new template. CP HTML Manual
  5. Enter a name for the new template.
You can create templates for signatures or disclaimers for both HTML and plain emails at the same time. The templates are created separately.
  1. Select the format for which you want to create the template:
    • HTML
    • Plain

      Note: You can switch between the formats while editing.

  2. Define the template in the What You See Is What You Get Editor (WYSIWYG editor): CP HTML Manual
  3. If you would like to use the created signature/disclaimer, activate the signature/disclaimer. CP HTML Manual

    Note: If you do not want to use the signature/disclaimer, but do not want to delete it, you can deactivate the signature/disclaimer. Set the controller on Inactive. A deactivated signature/disclaimer is marked with a red cross in the overview.

    The activated signature/disclaimer is displayed as active in the overview with a green hook. CP HTML Manual
  4. Save your template.
  5. Select the template in the overview. CP HTML Manual
  6. In the overview, click on Save to assign the previously selected template to the selected group.
You have created a signature and/or a disclaimer and assigned them to a group.

Edit or Delete Signature and Disclaimer Templates #

Edit or delete the defined templates for signatures and disclaimers.
  1. Click on the field Search in the main window under Signature or Disclaimer and select the desired template. CP HTML Manual
  2. Select one of the following actions:
    • To edit the selected template, click on the pen next to the template’s name. The editor appears and you can edit the template. CP HTML Manual
    • To delete the selected template, click on the red and confirm the deletion with OK. CP HTML Manual
You have edited or deleted a signature or a disclaimer.

WYSIWYG Editor #

You can easily create templates for signatures and disclaimers in the WYSIWYG editor. The editor provides simple formatting options for example, paragraph alignment, font style and bulleting. Enter your data manually.

Insert HTML Source Code #

You can use the editor to insert HTML source code.
  1. In the WYSIWYG editor select the tab Tools and click on Source Code. CP HTML Manual A new window appears.
  2. Enter the desired HTML source code and confirm with Ok. CP HTML Manual
  3. In the editor click on Save to save your changes.
You have inserted HTML Source Code to be used as a signature or a disclaimer.

Embed images in Signature & Disclaimer #

The WYSIWYG editor allows you to add images to your signature or disclaimer.

After you have activated the static version of the Signature & Disclaimer, you can create new signatures and disclaimers or edit already saved templates. The graphics can either be copied directly into the WYSIWYG editor using the Drag & Drop function or embedded in the form of a graphic address via an input window.

Embed images using a URL #

  1. When creating or editing a disclaimer or signature in the WYSIWYG editor, click the position where you intend to insert the image.
  2. Within the editor navigate to InsertImage. An input window with further parameters opens. CP HTML Manual
  3. Under Source (1), enter the address of the image that is to be representative for your link. Search the internet for the desired image and copy the stored image location. CP HTML Manual The location of the desired image is stored.
  4. Alternatively, enter a description under Image Description (2).
  5. If necessary, adjust the size of the image individually under Dimensions and save your input with Ok. CP HTML Manual The parameters have been stored and the image is displayed in the editor.
  6. Right-click on the image and select Link to enter a specific URL. CP HTML Manual An input window with further parameters opens. CP HTML Manual
  7. Enter the destination address of the desired website under URL (4).
  8. Alternatively, enter a text under Title (5) which should be displayed over the image when the mouse hovers over it.
  9. Under Target (6) select New window to open the linked website in a new tab to leave.
  10. Click on Ok and then on Save to save all data.

    Note: If necessary, repeat steps 1-10 if you want to insert several images.

The image was embedded to your signature or disclaimer via an URL. CP HTML Manual CP HTML Manual

Troubleshooting #

When using Signature & Disclaimer errors may occur. In the following chapters the cause and the solution of frequent errors is explained.

Missing HTML Signature in Emails sent from Mail (Apple) or Thunderbird #

Condition Emails sent from Thunderbird or Mail (Apple) do not attach the HTML signature, but the plain signature. If you have not specified a signature for plain text, the email will be sent without a signature.   Cause Some email clients such as Mail (Apple) and Thunderbird send emails by default as plain text and not in HTML format. Thus, the plain template is loaded in the Signature & Disclaimer.   Remedy for Mail (Apple) on MacOS   Workaround for Mail (Apple) on iOS
  • Format one or more characters bold, italic or underlined in your email text. The client sends the email in HTML format and Signature & Disclaimer attaches the HTML signature.
  Remedy for Thunderbird
  • For single emails: Select Write → Options → Delivery Format → Rich Text (HTML) Only aus. CP HTML Manual
  • For all emails: Select Write → Tools → Account Settings → Composition & Addressing and check the box Compose messages in HTML format. CP HTML Manual

Archive Audit #

Archive Audit #

An audit access for authorized persons can be set up via the Archive Audit. With an audit access, authorized persons receive access to archived emails in certain mailboxes. The audit access is activated for a limited period of time. According to the two-man rule, two authorized auditors must be specified. The period of access granted and the audit-relevant archiving period can be defined individually. As an administrator, you can track audit activities with an audit log. Setup of an audit access CP HTML Manual

Set up and activate audit accesses #

Set up and activate audit accesses Before you can use the Archive Audit, the audit access must be set up for the authorized persons.
  1. Navigate to Security Settings > Archive Audit.
  2. Enter the email address of the external auditor in the field Select an auditor.
  3. Enter the email address of the internal auditor in the field Select second auditor. Together with the second auditor, a control function is performed according to the two-man rule.
  4. Under Access to emails (from – to), select the period for which achived emails are to be retrieved.
  5. Under Access active (from – to), select the period for which the access is to be activated. Click Activate audit access. The audit access has been set up and activated.
After setup, both auditors receive an email with personalized login data as well as a login address for audit access. Example: CP HTML Manual CP HTML Manual

Archive #

Note: To use the email archiving service, the use of the Spam Filter Service (Premium Filter) is required. Note that initially only external mails are archived. To also archive internal emails, you must configure redirection to the archive.
In order to archive outgoing emails, they must be sent via the spam filter service. You can archive internal emails in your email archive by setting up a journaling postbox. Instructions for this can be obtained from your provider, your mail server provider or from our support.

Setup and Activate Archiving #

  1. Navigate to Security SettingsArchive. CP HTML Manual
  2. Select the domain to be archived under Select.
  3. Insert the domain to be archived under Add. CP HTML Manual
  4. Confirm with Apply and then with Save. Email archiving is activated.
Email archiving is set up.
Info: The archived emails are available for the set archiving period from the end of the year in which the respective archived email was sent or received. The archiving period for emails is the number of years that was set as the “archive duration” in the Control Panel for the domain or, alternatively, for the user. After the deadline, all emails are deleted from the archive.

Add exceptions #

Groups / users that should be excluded for data protection reasons can be added to an exception list.
  1. Navigate to Security Settings → Archive.
  2. Select the domain concerned in the field Exceptions → Select and confirm with Apply. CP HTML Manual
  3. Select the desired archiving duration from the  drop-down menu Archive duration.
  4. Click Add and confirm the change with OK.
  5. Save your changes with Save.
Exceptions are added.

Deactivate archiving #

  1. Navigate to Security Settings → Archive.
  2. Select the domain concerned in the field Exceptions → Select.
  3. Select the entry Deactivated from the Archive duration drop-down menu.
  4. Select the type of deactivation: a) User/Group: Emails for the user/group are not archived in the user’s/group’s own archive. b) All: All email traffic with the group/user is not archived.CP HTML Manual
  5. Confirm the changes with Save.
Email Archiving is deactivated.

Contingency Covering #

Contingency Covering is an additional email service that guarantees continuous email functionality in the event of an email service failure. With Contingency Covering enabled, users can continue to receive and send email if their email server fails.
Attention: This service is subject to a charge!
If the Contingency Covering is set up for a domain or an individual user, automatic activation is set by default in the event of a mail server failure. In addition, the user can recognize in the email search which emails were delivered by the individual user via the Contingency Covering. Domains with Contingency Covering enabled can see their emails from the last three months in the email archive.

Note: The function “Send outgoing emails to own mail server during server failure” is deprecated, will be removed with future releases and should not be used.

CP HTML Manual

Enryption #

This guide explains how to configure and use Encryption. Starting from the basic configuration, the encryption methods that can be used are explained and different rules are created using examples. In addition, the options for ordering and managing certificates are presented to you. The use of the Websafe for encrypted communication as well as the use of keywords within the email subject are also part of this manual.

Activate Encryption #

Attention: The activation and use of Encryption incur costs according to the price list.

  1. Navigate to Security Settings →  Secure Transport.
  2. Activate the checkbox Activate Policy under Email > Encryption.
    Note: Activating the encryption service will incur a fee.
    CP HTML Manual
Secure Transport is activated.

Check Encryption Capability #

You can check the encryption capability before you configure the encryption policies further.
  1. In the tab Policy, click on Encryption capability of the communication partner.
  2. Enter the email addresses you want to check.CP HTML Manual
  3. Click Check to check the encryption capability of the entered email addresses.CP HTML ManualEncryption types are displayed.

Encryption Methods #

Under Encryption Methods, you can select the encryption methods to be used.
CP HTML Manual

Activate encryption methods

 
Encryption method Description
TLS  Encrypts the email between the outgoing and incoming servers. The check mark is set permanently, as this type of encryption is performed globally.
EmiG Email transmission according to the EmiG (Email made in Germany) standard is a special form of TLS encryption with special requirements for the TÜV-certified communication partners, their server security and the certificates used for encryption. The procedure corresponds to a particularly secure TLS encryption in a closed network of certified email providers with increased security guidelines. A separate configuration in the CP is not necessary.
DANE  Is currently in preparation for rollout. If you are interested contact the support for a quick implementation.
PGP Is a hybrid process for signing and encrypting emails. This procedure is based on the so-called Web of Trust: Instead of a hierarchical arrangement of the certification authorities, users are validating their keys among each other.
S/MIME  Is a standard for the encryption and signature of MIME-encapsulated emails using a hybrid encryption process. The certification authority (CA) assures the authenticity of the email address and the name of the sender.
WEBSAFE Is a fallback encryption method.
Note: After activation of the encryption service you can use PGP, S/MIME and Websafe in order to define encryption policies. However, you must explicitly specify who is to communicate with whom end-to-end encrypted. TLS and EmiG are automatically applied if the communication partner supports the encryption methods.

Sequence of Encryption Methods #

You can use several encryption methods at once. They are processed in the following sequence: S/MIMEPGPEmiG(DANE)TLSWebsafe Additionally, you can combine the different encryption methods.

Display Encryption Method in Subject #

For a simple handling of encrypted emails, you can tag them in the email subject. The tag content can be chosen freely.
CP HTML Manual

Subject tagging

Certificate Administration #

You will find the administration of certificates under Certificate. Here you can order and manage S/MIME certificates for users of the selected domain.

Ordering Certificates #

  1. Select the tab Certificate.
  2. Select one of the predefined users. CP HTML Manual
  3. Enter the first and last name of the user.
    Note: Be sure to enter the correct information before ordering the certificate. It is only valid as a signature if the entered name is valid.
  4.  Click on Order to complete the order bindingly. CP HTML Manual
Certificate is ordered.

Certificate Settings #

In the certificate overview, you can specify for each certificate whether it is to be used for the digital signature and/or for encryption. By default, signing and encrypting is enabled.   In addition, the overview offers to activate or deactivate a subscription for this certificate. Certificates with an active subscription will automatically be renewed 29 days before expiration. The subscription is activated by default.
Info: If you do not want a subscription, you should remove the checkmark at the latest 30 days before the expiration date of the old certificate at Overview on certificates in the overview for the user.
CP HTML Manual

Certificate overview and options

Websafe #

The Hornetsecurity Websafe is a method to encrypt the email communication with partners using no encryption technologies. The outgoing emails are sent to the Websafe and saved. After that, the communication partner receives an email with login credentials, but will need an additional PIN to unlock the personal Websafe. The email sender must provide the PIN on a separate communication channel (phone, text message, fax). With the PIN and the login credentials, the user can access his personal Websafe.  
Note: A Websafe account is automatically created and can be used for additional Websafe communication. As soon as the communication partner opens a new email in the Websafe, the sender receives a confirmation message that the email has been read.
Note: Messages remain stored in the Websafe for 12 months and are then automatically deleted
Important: Before configuring the Websafe, you must activate it in the encryption methods (see: Select Encryption Methods).

Setup Websafe #

  1. Navigate to Security Settings → Secure Transport.
  2. Under Policy, click on Add.
  3. Select Outgoing as the direction.
  4. Activate the checkbox at To.
  5. Enter the recipient in the text field.
  6. Select Encrypt always under Action.
  7. Activate the checkbox at Websafe.
CP HTML Manual Websafe is set up and now used.

Encrypt Emails with Websafe #

You can also use the Websafe to send encrypted emails whenever no other encryption method is available.
  1. Click on Add under Policy.
  2. Select Outgoing as the direction.
  3. Select the From and To checkboxes.
  4. Enter .* in both fields.
  5. Select Encrypt always as action and activate the checkbox Websafe.
  6. Save the entries with Save. CP HTML Manual
Websafe is set up. If no other encryption method can be used for the email communication, Websafe will be used.

Websafe Encryption through Email Subject #

You can create a rule to encrypt emails with the Websafe by marking them in the subject line.
  1. Click Add under Policy .
  2. Select Outgoing as the direction.
  3. Activate the checkbox Subject.
  4. Enter the keyword WEBSAFE in the field.
    Info: If you enter WEBSAFE in the subject of an email, this email will be encrypted via the Websafe.
  5. Select Encrypt always as action and activate the Websafe checkbox.
  6. Save the entries with Save. CP HTML Manual
Websafe activated via subject keyword.

Select Websafe Templates #

You can select different templates for the Websafe emails for sender and recipient as well as for the Websafe activation web page.
Note: As a partner, you can create new templates and modify existing ones.
  1. Navigate to Websafe Templates under the tab Secure Transport.
  2. Select the desired templates. CP HTML Manual
Websafe templates are selected. see also: Create new Templates

Hornetdrive #

The main component of the window is the Hornetdrive administration, which sorts and displays the existing accounts according to the current search criteria.
CP HTML Manual

View of Hornetdrive management

In the Actions area in the upper left corner, you can trigger certain actions for the selected accounts. To the right is the area Number of licenses. The number of licenses assigned to customers and partners is displayed here. The Help and View areas are located on the right-hand side. The existing Hornetdrive accounts are displayed in the account area in the middle part of the window.

Perform Actions #

In the Actions area in the upper left corner, you can trigger certain actions for the selected accounts.
  1. Click on the drop-down menu.
  2. Select the desired action.
A window appears with the respective setting options in the foreground. CP HTML Manual

Create Account #

  1. In the Actions area, select the action Create Account from the drop-down menu.
  2. Enter the email address of the new account in the field Email.
  3. Enter a password in the field Password.
  4. Select the desired license from the drop-down menu License.
  5. Select the language from the drop-down menu Language, in which emails to the user can be sent.
  6. Select Status from the drop-down menu which status the license should get.
  • active contract: An active contract license
  • NFR: A not for resale license
  • test customer: A test license

Note: If you have selected test customer, you can then enter the expiration date of the test license.

  1. Under Parent/Customer you can select the partner or the domain under which the new account is to be created.
  2. Read and confirm the license agreement with a single click to the checkbox Accept license agreements.
  3. Click on Save to create the account and close the window.

Note: To create another account directly, click Save & Continue.

A new Hornetdrive account has been created. CP HTML Manual

Upgrade Account #

This function allows various upgrades or extensions of an existing account:
  • Upgrade a test account into a contract account
  • Upgrade a guest account into a business or enterprise account
  • Upgrade business accounts in an enterprise account
  • Increasing the volume of storage space and traffic contained in an enterprise account
  1. Select one or more accounts in the account area of the Hornetdrive module.
  2. In the Actions area, select the Order/Upgrade action from the drop-down menu.
A new window opens.
  1. Select the desired licenses for the previously selected accounts.
  2. Read and confirm the license agreements with a click on the checkbox Accept license agreements.
  3. Click on OK to complete the order.
Account has been upgraded/extended. CP HTML Manual

Assign Accounts to Other Partners or Customers #

This action allows you to assign accounts to another partner or customer.

  1. Select one or more accounts in the account area of the Hornetdrive module.
  2. In the Actions area, select the Assign Account action from the drop-down menu.

A new window opens.

  1. Select the desired partner or customer from the drop-down menu.
  2. Click on OK to make the assignment.

Account has been assigned to a Partner/Customer.
CP HTML Manual

Delete Accounts #

  1. Select one or more accounts in the account area of the Hornetdrive module.
  2. In the Actions area, select the Delete Account action from the drop-down menu.
A new window opens in which all accounts to be deleted are listed. CP HTML Manual
  1. Click on OK to delete the previously selected accounts.
Accounts have been deleted.

Export Data as CSV #

You can export a list of accounts as a CSV file. A window with the corresponding settings opens.
  1. Select the columns you want to export in the upper area.

Note: The checkbox All activate/deactivate selects or deselects all columns in the upper area.

  1. Click on Export (.csv). The following window opens: CP HTML Manual
  2. Activate the checkbox Show column name in 1. row, to export the column headers as well.
  3. Activate the checkbox Export only selected rows to only export the previously selected rows.
  4. Select the format of the export under Export type.
  • Display: Displays the data to be exported in a new window..
  • Download: Downloads the data as a CSV file.
  • Email to: Sends the data to the entered email address.
  1. Click on Export to export the data.
Data has been exported as a CSV file.

Account Area #

In this area you can view the data of all assigned users. Search fields are located below the Partner/Customer, Email and License Number columns. These filter the data sets according to the value in the corresponding column. Selection menus are located under the licence and status column headings. These filter the data sets according to the value in the associated column. The following columns are available:
  • A selection box to select the data sets is located on the far left for each data set.
  • The column Partner/Customer displays the superordinate customer or partner for the user.
  • The column Created on displays the date on which the Hornetdrive account was created.
  • The column Email displays the email address provided by the user. This is also the username.
  • The column License number displays the user’s licence number.
  • The column License displays the type of user licence. A distinction is made between Guest, Business and Enterprise.
  • The column Last use displays when the user last signed in to a client.
  • The column Status displays whether the user is a contract customer, webshop customer or test customer. Test customers that have not purchased a full version within the test period are also listed as Expired for the period prior to the final cancellation of their account. Customers whose follow-up time has expired are no longer listed.
  • The column Valid until displays the date on which the current licence expires. For test customers this refers to the end of the test period, while for contract customers this refers to the end of the paid-up licensing period.

Open the Account Details #

  1. Double-click on an account row in the account area to open the detailed view for this account.
    CP HTML Manual

Account Details #

Username
  • Username: Displays the user’s email address, which is also the username.
  • Password: A new password is accepted on re-entering the password and saving the change.
  • License: This displays the user’s license. The license cannot be changed here.
  • Language: Either German or English can be selected. This setting determines the language in which emails are sent to the user.
  • Status: This allows a distinction to be made between contract customers and test customers. Another field appears for test customers for the end date of the test phase.
  • Partner/Customer: This function allows the new user to be created / to be allocated to a partner or customer.
  • License number: Displays the user’s license number.
  • Usage: Displays how much memory the user has used and how much is available in total.
  • Traffic: This display provides information on how much traffic volume the user has used this month and how much is available for this month in total.
CP HTML Manual

Account details under User name

Drive
  • Name of the drive
  • Date of creation
  • Memory
  • Currently used traffic
  • Volume used this month.
CP HTML Manual

Account details under Drive

The drive is deleted by clicking on the “Remove” cross in the corresponding row. Devices
  • Name of the device
  • Date of creation
  • Time of last use
  • Last IP address used
  • Version of the client installed on the device
  • Operating system version
You can delete the device by clicking on the x under Delete.

Note: This device can then no longer be used to access the drives.

CP HTML Manual

Account details under Devices

Service Dashboard (DAP) #

Service Dashboard forms the central part of the administrative work. Here you can configure settings for users and domains or book additional services. A registered partner can create new customers, manage existing customers and book new services for his customers. A registered domain administrator can manage his domain and book new services.

Role Management #

You can create new roles and manage existing roles using role management. Under Role management the following actions can be performed:

Assign a role #

  1. Log in to the Control Panel with your administrative credentials.
  2. Click on Service Dashboard.
  3. Click on Role management > Assign role. CP HTML Manual
  4. Under Select user enter a user to whom you want to assign a new role.
  5. In the drop-down menu, select the role authorization you want to assign to the user.
  6. Click on Add.
The role is assigned to the user. The user appears in the table with the assigned role.

Delete role #

  1. To delete a role assignment, click on the icon to the right of the row of the role assignment to be deleted. CP HTML Manual A warning message appears. CP HTML Manual
  2. Confirm the deletion of the role assignment with Delete.
The role assignment has been deleted.

Basic Partner Settings #

If a partner is selected on the left of the window, a window with two tab levels appears on the right. Under Settings you can make basic settings for the respective partner. CP HTML Manual

User Data #

The following basic settings can be assigned to the user in the Data area:
  • Username (corresponds to the login name)
  • Passwort
  • Email address for sending forgotten passwords
  • Account status (activated/deactivated)
  • Time zone
Basic setting of user data: CP HTML Manual

Contact Data #

The master data for companies and contact partners can be added in the tab Contact Data. Management of Contact data: CP HTML Manual

Add Contact Data #

Contact details for support information should be set under Control Panel→ Whitelabeling.
Setting Support Information in Whitelabeling: CP HTML Manual
  1. Select the tab Contact Data.
  2. Choose Add.
  3. Enter the required contact data and confirm with Add: a. Select the tab Company to add contact information for a company. Example: CP HTML Manual b. Select the tab Person to add contact information for a person. Example: CP HTML Manual
  4. Confirm your changes with Save.
Contact data is added.

LDAP Connection #

Your directory service, e. g. the Microsoft Active Directory, is directly connected with the Hornetsecurity service via LDAP. With LDAP you can authenticate your login to the Hornetsecurity Control Panel and the web filter through your directory service and configure an additional user and group synchronization for the managed service. Furthermore, you can activate the service Advanced Email Signature and Disclaimer.

Activate the LDAP Connection #

Activate LDAP to connect to your directory service. First create a new user on you directory service.
The user must have the rights to query email addresses and compare passwords. In order to achieve this, you can add the user to the group RAS and IAS Servers in the Microsoft Active Directory.
For standardization purposes the username Hornetsecurity is recommended.
To configure your LDAP server in the Control Panel, the following information is needed:
  • The password of the created user.
  • The LDAP path, where the user is found.
  • The hostname or the IP address of your LDAP server.
  • The port and which protocol (LDAP or LDAPS) the server uses.
Navigate in the Hornetsecurity Control Panel to Service Dashboard and select the primary domain you would like to activate the service for.
    1. Select the tab LDAP connection.
    2. Activate the checkbox LDAP connection activated.
    3. Enter the username of the previous defined user in the field User.
      Note: If you have created the user Hornetsecurity, enter that username.
    4. Enter the password of the user in the field Password.
    5. Enter the hostname or the IP address of your LDAP server in the field Server. e.g. myhost.mydomain.tld
    6. Enter the port of your LDAP server in the field Port. The default ports for the protocols are:
      • LDAP: Port 389
      • LDAPS: Port 636
      • GC LDAP: Port 3268
      • GC LDAPS: Port 3269
  1. Activate the checkbox LDAPs, if your connection is established via LDAPS.
  2. Enter the desired LDAP path in the field Base-DN. DC=myDomain,DC=tld
  3. Click on Save in the lower left corner of the window.
You have configured the LDAP connection to your directory service. In the following example an LDAP connection is established for the user hornetsecurity@mydomain.tld on the LDAP server myhost.mydomain.tld via the LDAP default port 389 with the LDAP path mydomain.tld. CP HTML Manual After that, you can:
      • Configure the user authentication for the Control Panel via LDAP.
      • Configure the user and group synchronization via LDAP.
      • Configure the webfilter login via LDAP.
      • Activate and configure Advanced Email Signature and Disclaimer.

Secure the LDAP Connection #

It is possible to secure the LDAP connection through different methods. To protect the transmitted data and the LDAP connection from unauthorized access, you have the following options:
  • Encrypt the communication with LDAPS through TLS/SSL.
    If you are using LDAPS, configure the port and activate LDAPS as shown in Activate the LDAP Connection.
  • Restrict the IP address range for connections to Hornetsecurity only.

Limit the Directory Service to the IP Address Range of Hornetsecurity #

Limit the IP address range of your directory service in your firewall to connections to Hornetsecurity only.
  1. Add the following IP address ranges to your firewall:
    • 1. range: 83.246.65.0 with subnet 255.255.255.0, corresponds from 83.246.65.0 to 83.246.65.255
    • 2. range: 185.140.204.0/22 with subnet 255.255.252.0, corresponds from 185.140.204.0 to 185.140.207.255
    • 3. range: 94.100.128.0/20 with subnet 255.255.240.0, corresponds from 94.100.128.0 to 94.100.143.255

Control Panel Login through LDAP #

Configure the Control Panel authentication to use the credentials from your Active Directory.
The Control Panel login is only possible through an Microsoft Active Directory (AD).
  1. In the advanced settings under Control Panel login, activate the checkbox Control Panel authentication with LDAP credentials. CP HTML Manual
If you want to use a different LDAP server for the Control Panel login:
  1. Deactivate the checkbox Use LDAP information for Control Panel login. a. Define the logon information in the appearing fields. CP HTML Manual
  2. You can filter users in the field LDAP Filter.
The default filter proxyAddresses=* gets all users from an Active Directory.
  1. Click on Login test, to test the login for a specific user from your Active Directory. a. Enter the email address and the password of an Active Directory user. b. Click on Ok. CP HTML Manualfancybox image
The authentication is checked and you will get a notification.
  1. Click on Save in the lower left corner of the window.
You have configured the Control Panel login through LDAP.

Synchronize users with LDAP #

Synchronize users from your directory service with LDAP. With the synchronization of users from your directory service, alias addresses are automatically assigned. The benefit is that only one spam report is sent out for the primary email address including all alias addresses.
To import users, you must create your directory service groups inside the Control Panel manually. To assign users to the correct groups, the groups must have exactly the same group names as in your directory service. For additional information about adding groups, see the Control Panel manual: Groups administrative component.
  1. Activate the checkbox Synchronize user/group into Control Panel.
If you want to use a different directory service for the user and group synchronization:
  1. Deactivate the checkbox Use LDAP information for User/Group Synchronization. a. Define the logon information in the appearing fields. CP HTML Manual
  2. Enter the LDAP filter for the user objects and exceptions in the field LDAP Filter.
    The default entry: (|(sAMAccountType=805306368)(sAMAccountType=268435456)(sAMAccountType=268435457)(objectclass=publicFolder)) selects all users of an Active Directory. If you want to change the filter, use the following syntax: (|(xxxxxxxxxx=xxxxxxxxxx)(xxxxxxxxxx=xxxxxxxxxx)) The preceding | defines an OR relation between the parameters in the following brackets. Therefore, only one parameter must match. If you want an AND relation between the parameters, you must use a preceding &. In addition, at least one entry must stand in the brackets.
  3. Enter the LDAP attributes in the corresponding fields.
    AttributeDescription
    EmailThe attribute where the email addresses are stored in your directory service. In an Active Directory this is the attribute proxyaddresses=*.
    E-Mail aliasesThe attribute, where the email alias addresses are stored.
    GroupThe attribute, where the groups are stored.
    sAM Account NameThe attribute where the users' account names are stored.
    min. userMinimum number of users, that have to be captured by the LDAP synchronization for a change.
    min. groupsMinimum number of groups, that have to be captured by the LDAP synchronization for a change.
    E-mail for alertsNotifications are sent to this email address.
    Alert after x minutes without UpdateMinutes without synchronization, after that a notification is sent.
  4. Click on Save in the lower left corner of the window.
CP HTML Manual

Webfilter Login via LDAP #

Activate the Webfilter login via LDAP.
  1. Navigate in the lower window area to the tab Webfilter login.
  2. Activate the checkbox Activate Webfilter login.
If you want to use a different directory service for the Webfilter login:
  1. Deactivate the checkbox Use LDAP information for Webfilter login. a. Define the logon information in the appearing fields. CP HTML Manual
  2. Enter the LDAP filter for the email addresses of the Webfilter user.
The filter for all users in the Microsoft Active Directory: proxyAddresses=* is set as default. If your directory service has a different structure, you can change the filter individually.
  1. Click on Save in the lower left corner of the window.
The Webfilter login via your directory service is now set up. CP HTML Manual

Activate LDAP for Signature & Disclaimer #

To use Signature & Disclaimer, activate it in the Control Panel. After the activation, optionally configure a different LDAP server for the synchronization and enter filters for the user synchronization.
  1. Select Service Dashboard > LDAP connection > Advanced Signature and Disclaimer in the Control Panel.
  2. Activate the checkbox Activate Signature and Disclaimer. a. Confirm the notificacion with OK.
Activating Signature & Disclaimer could be additionally charged depending on your license.
Follow this step if you want to use a different directory service for the user synchronization with Signature and Disclaimer.
  1. Deactivate the checkbox Use LDAP information for Signature and Disclaimer.
The value proxyaddresses=* selects all users in an Active Directory. If your template does not comply with your directory structure, you can customize it here individually.
  1. Enter the desired filter in the field LDAP Filter.
  2. Click on Save in the lower left corner of the window.
You have activated LDAP for Signature & Disclaimer in the Control Panel. CP HTML Manual Now you can configure Signature & Disclaimer for users and groups of your directory service. You’ll find further information on how to configure Signature & Disclaimer Signature & Disclaimer.

Setup Customers / Domains (P) #

You can create new partners and customers (domains) in the Service Dashboard. Here you will learn how to:
  • create new partners,
  • create new customers (domains ),
  • create new Office 365 customers/domains

Create New Partners (P) #

You can create a new partner in the Control Panel.
  1. Log on to the Control Panel with your administrative authentication data.
  2. Select the customer or partner from the scope selection under which a new customer or domain is to be created. CP HTML Manual
  3. Go to Service Dashboard.
  4. Click on .
  5. In the field User name enter the name of the new partner.
  6. Enter the administrator’s email address into the field Email:
    a)  If you select the Send login information to checkbox, the password will be sent to the email address entered in the Email field.
    b) Alternatively, you can manually enter a password in the Password field. In this case the password will not be sent.
  7. Select the status in the field Status.

    Note: If you set the status to Deactivated, the system tries to deliver emails to the mail server entered above for seven days without user verification. If the sender does not accept the emails after this time, a bounce email is sent to the sender with the information that the message could not be delivered.

  8. Select the predefined time zone.
  9. Click on Save, to safe your changes.
You have created a new partner.

Create new Customers/Domains (P) #

You can create a new customer (domain) in the Control Panel.
  1. Log in to the Control Panel of Hornetsecurity with your administrative login data.
  2. Select the partner from the scope selection under which you want to create a new customer/domain. CP HTML Manual
  3. Go to Service Dashboard.
  4. Click on .

    Note: A new customer corresponds to a primary email domain. Optionally, you can set up additional alias domains or additional services in a second step.

  5. Specify the name of the customer’s primary email domain in the field Primary domain. CP HTML Manual
  6. Enter the administrator’s email address into the field Email:
    a)  If you select the Send login information to check box, the password will be sent to the email address entered in the Email field.
    b) Alternatively, you can manually enter a password in the Password field. In this case the password will not be sent.
  7. Select the status in the field Status.

    Note: If you set the status to Deactivated, the system tries to deliver emails to the mail server entered above for seven days without user verification. If the sender does not accept the emails after this time, a bounce email is sent to the sender with the information that the message could not be delivered.

  8. Select the predefined time zone. You can directly activate the spam filter for the new customer. Information about the settings of the spam filter can be found under Filtering.
 

Attention: Activating filter options can cause additional license fees. Please inform yourself about the costs before activating!

  1. Optional: Activate the checkbox Activate Email Filtering and configure the necessary settings to activate the spam filter for the new customer.
  2. Click on Save, to safe your changes.
New customer / new domain has been created.

Create new Office 365 Customer (P) #

Prerequisite: A customer domain has been created.
  1. Enter the destination address of your Office 365 environment into the field IP/Host Address.

    Note: You can find the destination address in your Office 365 environment. At portal.office.com, navigate to Admin centerSetupDomains. You can find the corresponding entry under Exchange OnlineMX.

    CP HTML Manual
  2. Enter the following value under Outgoing relay / Email traffic in order to filter outgoing emails from Office 365 as well: 1.1.1.1 CP HTML Manual
  3. Click Save to save your changes.
A new Office365 customer has been created.

Whitelabeling – Control Panel Customization (DAP) #

You can customize the Control Panel to embed your company’s color, logo and favicon. Furthermore, you can select a theme for your Control Panel and add support and email information. The customization is displayed to all users logging in to the domain you provide.

Note: The operation of a customized Control Panel incurs costs according to the price list.

Prerequisites to Customize the Control Panel #

  • You have an administrator role or a partner role.
  • You have provided your domain’s certificate to the support.

    Note: The certificate must at least support SHA256 and use 2048 bit key length. Also check the note below about the automated generation of an SSL/TLS certificate.

  • Additionally, you must create a CNAME record for your domain. Otherwise, the URL of the original Control Panel domain is shown in the browser.
Following a CNAME record is set for the domain controlpanel.customerdomain.com   controlpanel.customerdomain.com IN CNAME cp.hornetsecurity.com  

Note: As part of the Whitelabeling, Hornetsecurity provides the opportunity to generate and renew an SSL/TLS certificate automatically for the whitelabeling URL. The only requirement is that the CNAME of your URL points to cp.hornetsecurity.com. The use of a certificate supplied by you is also possible on request.

Customize the Control Panel #

  1. Log in to the Control Panel.

Note: You need administration or partner authorization to customize the Control Panel.

  1. From the scope selection, select the partner or customer for which you want to customize the Control Panel.

Note: You can only make changes in the scope with which you made the adjustments.

  1. Select the section Whitelabeling on the left side.
  2. Select Appearance.
CP HTML Manual
  1. Enter the URL of your Control Panel website in the field URL.

Note: If you change the URL subsequently, you must also update the CNAME record for your domain.

  1. Select a primary color for your Control Panel. The primary color is responsible for the font color and other design elements.
    1. Click in the field under Primary color to open a color selection.CP HTML Manual
    2. Pick the desired color. The selected color is represented in the field as HEX or sRGB.
    3. You can insert the color code directly into the field as well.
  1. Select a theme for your Control Panel under Theme.
  • Activate the radio button Dark to select a dark theme. CP HTML Manual
  • Activate the radio button Bright to select a bright theme. CP HTML Manual
  1. Click on Browse… under Logo to select your Logo.

Note: For the best result, upload a logo with a minimum resolution of 160 × 80 pixel.

CP HTML Manual
  1. Click on Browse… under Favicon to select your favicon.

Note: The favicon must be uploaded in ICO file type (filename extension .ico). For the best result upload the favicon with a resolution of 128 × 128 pixel.

CP HTML Manual
  1. Click on Save to confirm your customization. The deployment can take up to five minutes.
  2. Refresh the Website to see your customized Control Panel.

Note: You must be logged in to your Control Panel domain to see the customization.

CP HTML Manual

Customize the Progressive Web App #

Customize the app name and the app icon of the progressive web app to the design of your company.  
  1. Select WhitelablingAppearance.
  2. Enter the desired app name in the field App Name. CP HTML Manual
  3. Upload a picture with the file type PNG under App Icon. CP HTML Manual
Underneath the file selection for the App icon you can see a preview of the icon in various sizes. As well as you can see a preview of the splashscreen under Splashscreen. The splashscreen is displayed while loading the progressive web app and contains the file that was uploaded under Logo. fancybox image
  1. Save your settings.
The logo and the app name is displayed on the homescreen of mobile devices.

Example: Customize the Control Panel #

Below is an example for customizing the Control Panel which explains and visualizes what the customizations do. CP HTML Manual

Fallback Design #

The fallback design ensures, that the Control Panel is shown without any company specific attributes, in case of misconfiguration. In the case, that your domain has not been recorded and your configuration cannot be set, an alternative design is selected. Therefore, the Control Panel gets the dark theme, without any logo or favicon. For the primary color a default green will be used.

Displayed Email Information #

The system automatically sends emails in various situations, for example when users reset their passwords. You can define a greeting formula, a contact person, the sender address and a disclaimer for these emails.

Add Email Information #

  1. Select Email information.
  2. Enter the name of the contact in the field Contact.
  3. Enter the sender address for outgoing system emails in the field Sender address for email templates.
  4. Enter the required information for a disclaimer in the field Disclaimer.
All data below is just an example. Inform yourself in your company which information is required for outgoing system emails. CP HTML Manual
  1. Click on Save to apply the settings.

Contact Data in the Control Panel #

The contact data phone number and email address is shown in the Control Panel. CP HTML Manual If you want to change the contact data, you must provide them under Support information (See: Add Support Information in the Control Panel).

Contact Data Processing #

The contact data is processed hierarchically from bottom up.

Underneath a customer are several domains. That customer has provided his contact data on the top level.
Thus, every user of the underlying domains gets the contact data of the customer. If contact data for a underlying domain is provided, it will be shown to the users of that specific domain.

Add Support Information in the Control Panel #

  1. Select Support information.
  2. Enter the support phone number of your company in the field Support phone number.
  3. Enter the support email address of your company in the field Support email address.
CP HTML Manual
  1. Click on Save.

Email Categories #

Your emails are classified into the following categories:
Email Category Description
Clean The category clean indicates that no threat was found.
Infomail Infomails are promotional emails that can either be classified as clean or spam.
Spam Emails classified as spam.
Content Emails with illegal attachments. Defined by the partner or domain administrator.
Virus Emails containing a virus.
ATP Emails containing threats identified by Advanced Threat Protection.
Rejected Rejected emails.

Classification Reasons #

The following sections are structured in the different classification types for emails. The tables list the reasons shown in the email display with their explanations.

Classifications ATP, Rejected and Virus #

ClassificationReasonDefinition
ATPBusiness Email CompromiseFraudulent email with a fake sender from your own company.
ATP, Rejected, VirusMalicious AttachmentAt least one attachment of the email is malicious.
ATP, Rejected, Virusmalicious Email ContentThe email contains malicious content.
ATP, Rejected, VirusMalicious URLThe email contains links to malicious websites or documents.
ATP, VirusMassive Attack PreventionThe email matches the pattern of a starting malware campaign.
ATP, VirusPhishingThe email contains characteristics of a phishing attack.
ATPSandboxAt least one attachment of the email was dynamically analyzed in the ATP sandbox and rated as malicious.
ATPTargeted FraudThe email matches the pattern of a targeted fraud attack.
RejectedBlock by Compliance Filter PolicyThe email was blocked by a compliance filter rule as a virus.
RejectedRBLThe sending host of the email has a negative reputation.
RejectedSPF FailureThe SPF check in the envelope of the email failed.

Classification Content #

ClassificationReasonDefinition
ContentDetached by Content Filter PolicyAt least one attachment is not permitted due to the settings in the Content Filter.
ContentRejected by Content Filter PolicyThe email was rejected according to the content filter guidelines because it contains at least one forbidden attachment.

Classification Spam #

ClassificationReasonDefinition
SpamBad Host ReputationThe sending host of the email has a negative reputation.
SpamBad IP ReputationThe IP address of the sending host of the email has a negative reputation.
SpamBad Sender ReputationThe sender of the email has a negative reputation.
SpamBad URL ReputationThe email contains at least one link to a web server with a negative reputation.
SpamBlacklisted by User PolicyThe sender or sending host of the email is listed on the recipient's blacklist.
SpamDKIM FailureThe DKIM validation failed.
Spam DMARC FailureThe DMARC validation failed.
SpamSPF FailureThe SPF check failed.
SpamSpam ContentThe email contains content that is classified as spam.
SpamSpam by Compliance PolicyThe email was classified as spam by a compliance filter rule.

Classification Valid #

ClassificationReasonDefinition
VaildClean by Compliance policyThe email was classified as valid by a compliance filter rule.
ValidGood Sender ReputationThe sender or sending host of the email has a positive reputation.
ValidHamHam is the opposite of spam. Thus a desirable email that matches a valid pattern.
VaildSender Whitelisted by PolicyThe sender or sending host of the email is listed on the domain administrator's whitelist.
ValidStatusmailAutomatically generated system notification, such as a spam report.
ValidWhitelisted by User PolicyThe sender or sending host of the email is listed on the recipient's whitelist.

Old Classification Reasons #

Important: The following classification reasons are deprecated, but are still used in the Flash Control Panel.

Classification ATP/Content/Virus

ReasonDefinitionActivity
Virus-scan01Found identical attributes of classified virus emails in metadataVirus
Virus-scan01-XARG-VFound known virus structure in multiple attributes of the emailVirus
Virus-scan02-Header-VFound virus signature in email headerVirus
Virus-scan03-Link-VaLinking of a compromised URLVirus
Virus-scan04-Body-VFound virus signature in email bodyVirus
Virus-scan05-<VirusName>Virus found – known, classified virusVirus
virus-scan07-doubleextensionFound a file with veiled or faked file type in an archiveVirus
Virus-scan07-archive-in.archiveFound nested archives in an archiveVirus
virus-scan07-heur-exploitFound minimum one unknown and potentially dangerous file in an archiveVirus
Virus-scan07-fakeoffice2003Found macro code of office 2007 in an office 2003 fileVirus
virus-scan07-potential-fake-archiveFound an archive with wrong declaration of content type (MIME-Content-Type)Virus
Virus-scan06-<VirusName>Virus scanner 2 found a virusVirus
Virus-scan08-executableFound potentially dangerous file in attachmentVirus
Virus-scan09-ASEzipHeuristicsEvidence of phishing and suspicious attachment foundVirus
Virus-scan09-asehtmlheuristicsEvidence of phishing and suspicious attachment foundVirus
Virus-scan09-ASEurl 0xHeuristicsEvidence of phishing and suspicious link foundVirus
Virus-scan10-<VirusName>Indistinct virus message through Heuristic intend analysisVirus
Virus-scan12-AttachmentVFound virus signature in attachmentVirus
Virus-scan13-ASE-PhishingHeuristicsEvidencce of phishing and suspicious email header foundVirus
Virus-scan14-Short-URL-obfuscationLinks are veiled through nested URL shorteningVirus
Virus-scan15-ASE-PhishingDirect link to malware or phishing websiteVirus
Virus-scan16-ASE-Phishing-heurEvidence of phishing and inconsistent sender address Virus
Virus-scan17-ASE-office-macro-exploitFound evidence of malware and office file with macros, OLE-object or VBS code as attachmentVirus
Virus-scan17-office-webarchive-exploit-heurEvidence of malware and attachment with suspicious content foundVirus
virus-scan17-office-rtf-exploit-heurEvidence of malware and attachment with suspicious content foundVirus
virus-scan17-MacroEvidence of malware and attachment with suspicious content foundVirus
Virus-scan17-office-macroEvidence of malware and attachment with suspicious content foundVirus
Virus-scan18Evidence of malware and the email was sent by different senders or email serversVirus
Virus-scan21-<Virusname>Virus message by optional virus scanner 3Virus
Virus-scan22-<Virusname>Virus message by optional virus scanner 4Virus
ContentfilterCustomer defined forbidden attachmentContent

Classification Blocked

GrundDefinitionAktion
450 4.1.1rejection when relay check is enabledBlocked
450 4.1.8sender address rejected : domain not foundBlocked
450 4.5.5early spam detection (temporarily blocked) Blocked
450 4.5.6temporary failure in MTA - please retryBlocked
450 4.5.7temporary failure in MTA - please retryBlocked
504 5.5.2recipient address rejected : fully - qualified adress is neededBlocked
504 5.5.2sender adress rejected: fully - qualified address is neededBlocked
550 5.1.1unknown recipient (SMTP check)Blocked
550 5.2.2explicit blocking of sender or recipient addressBlocked
550 5.5.3recipient address rejected: multi-recipient bounceBlocked
552 5.5.2message size (content filter)Blocked
554 5.5.3email rejected due to Content Filter Size LimitBlocked
554 5.5.4IP sender address with a negative reputationBlocked
554 5.5.5email rejection due to SpamBlocked
554 5.5.6loop detectionBlocked
554 5.5.7email rejected due to content of attachmentBlocked
554 5.6.1signature of spam in mail header resp. subjectBlocked
554 5.6.2spam link signature detectedBlocked
554 5.6.3spam text signature detectedBlocked
554 5.6.4virus email blockedBlocked
554 5.6.5TLS encryption required by customer ruleBlocked
554 5.7.1unknown domain or unknown recipient (LDAP check)Blocked

Classification Spam

ReasonDefinitionActivity
admin-blblacklist controlled by adminQuarantined
ase-blindividual blacklist controlled by support dep.Quarantined
ase-recap1diffuse spam fingerprintQuarantined
ase-rep1IP reputation list 1Quarantined
ase-rep2IP reputation list 2
Quarantined
ase-recap4diffuse spam fingerprintQuarantined
asespf7-1SPF filter variant 1Quarantined
asespf7-2SPF filter variant 2Quarantined
bodytagspam signature in mail textQuarantined
bouncetagbounce mail managementQuarantined
dirtyipreputation filter on IP basis Quarantined
fingerprintre - captured spam mail by hashQuarantined
headerspam signature in mail headerQuarantined
linkad linkQuarantined
rbl50pre-stage to 554 5.5.4 but not blocking yetQuarantined
sameipsignature recognition through spam enginesQuarantined
scoredynamic content evaluationQuarantined
Score Tagdynamic content evaluationQuarantined
spamreputation filter based on sender serverQuarantined
spamip-netIP range of servers with poor reputationQuarantined
spam-sumspam fingerprintQuarantined
subjecttagspam signature in subject lineQuarantined
user-blblacklist controlled by the userQuarantined
wcspam pattern recognitionQuarantined
xargbounce attack or individual customer ruleQuarantined
zombiebotnet computerQuarantined

Classification Valid

ReasonDefinitionActivity
asespf1familiar sender, type 1Valid
asespf2familiar sender, type 2Valid
asespf3familiar sender, type3Valid
ase-wlindividual whitelist controlled by the support dep.Valid
big2email size increased email reputation in multi-criterial scoring functionValid
bigmessageemail size increased email reputation in multi-criterial scoring functionValid
body-wlwhitelist signature in mail text, type 1Valid
body-wl2whitelist signature in mail text, type 2Valid
header-wlWhitelist signature in header, type 1Valid
header-wl2Whitelist signature in header, type 2Valid
knownsendersender address with positive reputation, type 1Valid
noreasonunevaluated emailValid
qsender2sender address with positive reputation, type 2Valid
realbouncesent via bounce managementValid
scoredynamic contents evaluationValid
sender-ipIP sender address with positive reputationValid
subject-wlwhitelist signature in subject line, type 1Valid
subject-wl2whitelist signature in subject line, type 2Valid
user-wlwhitelist controlled by userValid
xarg-wlbounce mail or individual customer ruleValid

Ruleset Order #

The spam filter rules are processed according to a specific priority. Once a higher level priority has taken effect, processing typically stops. In some cases, this can lead to messages being blocked despite a whitelist entry for the sender’s address, because the IP address of the sending server is on the RBL blacklist.   Rule order (from top to bottom in descending priority) mail inbox email arrival
  • RBL list (block)
  • Mass spam detection (block)
  • Compliance filter (deliver)
  • Virus check (quarantine)
  • Content filter, if activated (quarantine)
  • User-based whitelist string (deliver)
  • User-based blacklist string (quarantine)
  • Administrative whitelist (deliver)
  • Administrative blacklist (quarantine)
  • General whitelist (deliver)
  • General spam rules (quarantine)
Delivery

Note: The compliance filter cannot be used to create exceptions for the content filter, so in this case the content filter takes precedence over the compliance filter.

Email Authentication Methods (DAP) #

These email authentication capabilities are available at Hornetsecurity:

  • SPF validation (Sender Policy Framework)
  • DKIM validation and signing (DomainKeys Identified Mail)
  • DMARC validation (Domain-based Message Authentication, Reporting and Conformance)

All of these methods are designed to additionally protect your company’s email infrastructure from spam and phishing.

SPF Functionality #

SPF (Sender Policy Framework) is an email authentication method designed to prevent the forgery of sender addresses. For this purpose, the IP addresses of the authorized servers are entered in the DNS zone in the form of a TXT record. The receiving mail server can use this SPF entry of the domain to check whether the received email was sent from an authorized or an unauthorized mail server. If the sender information of the e-mail matches the TXT record, the email will be delivered, otherwise it will be rejected or treated as spam.

DKIM Functionality #

DKIM (DomainKeys Identified Mail) is a method of email authentication designed to prevent emails from being manipulated during transfer. DKIM adds a signature to the email header when an email is sent. When an email with a DKIM signature is received, the receiving mail server queries the public key that was entered in the DNS zone of the sending domain via TXT record. This key is used to check whether the signature is correct.

Combination of SPF and DKIM #

The introduced methods SPF and DKIM can be combined to provide better protection against forged senders and altered emails. If only DKIM is used, it is possible to exploit a valid email signed by DKIM. As long as it is not changed, this email can be sent in bulk to different people with a valid DKIM signature. To prevent this, SPF can be used additionally. SPF checks the origin of the email (real IP/DNS of the mail server) so that forwarding is prevented. This is because a valid email cannot be sent again and emails from other IP addresses are rejected. This prevents the re-sending of “valid” DKIM messages as spam.

DMARC Functionality #

DMARC (Domain-based Message Authentication, Reporting & Conformance) defines how the recipient should handle emails depending on the results of the SPF and DKIM checks.   With DMARC, email recipients should be able to determine whether the alleged message matches what the recipient knows about the sender. Otherwise DMARC contains instructions on how to handle inconsistent messages. Assuming a recipient uses SPF and DKIM, the procedure looks approximately like this: CP HTML Manual For information on how DMARC handles passed and failed SPF and DKIM checks, see the Decision Matrix of DMARC Policies.

Note: DMARC reporting is currently not supported.

Setting up SPF #

To set up SPF, it is necessary that you choose a SPF filter variant. Subsequently, enter the desired SPF entries in your DNS zone. Afterwards you can order the SPF filter.

SPF Variants #

Two different filter variants are available for SPF.   Variant 1: Verification for the same sender and recipient domain In variant 1, the SPF check only takes place if the sender domain matches the recipient domain of the email, thus only internal emails are checked. This method is recommended to prevent targeted attacks under fake email addresses of your own domain.   Variant 2: Check all sender domains Variant 2 runs the SPF check for every sender domain, if there is a TXT record for it.This method should be used if there is a high incidence of address forgery from different sender domains. Be aware that using this variant may cause the false-positive rate to increase if several communication partners have not configured the TXT records correctly.

SPF logic #

The IP addresses of the sending servers are checked with the stored entries from the TXT record. When checking the SPF entry, a distinction is made between a hard or soft fail. This check takes effect if the SPF entry does not match the sender information. A decision matrix then indicates how to handle the incoming email.   The following logic is taken into account when checking the TXT record:
Step Checked part of the email Configuration Type of fail Action
1 Envelope (MAIL FROM) -all Hardfail reject
2a Header (From) ~all Softfail quarantine
2b Header (From) -all Hardfail quarantine
Explanation: Step 1: Checking the envelope sender address (MAIL FROM) In the first step, an SPF check of the sending MAIL FROM address from the envelope of the email takes place. If this is not entered in the TXT record, the email is rejected (hardfail). If the sender address is authorized, a further check of the From address takes place in step 2. Step 2: Checking the header address (From) In the second step, the From address from the header of the email is checked. If the address is not entered in the TXT record, the email is quarantined, regardless of the configured setting to Hard- or Softfail (-all/~all).

Add SPF Record to DNS Zone #

Note:
If you are using the SPF filter of variant 1, you must set a TXT record in your DNS zone. This entry must contain all mail servers that are allowed to send emails from your own domain.
This entry is optional for variant 2 of the SPF filter.

  1. Set the TXT record for the Hornetsecurity mail servers in your DNS zone: v=spf1 include:antispameurope.com ~all
    With this TXT-Record, all mail servers of Hornetsecurity are authorized for sending. If emails are sent via other mail servers, they are marked as spam by the softfail mechanism.
  2. Optional:
    If you use other services that may send in the name of your respective domain such as newsletter services or ERP and ticket systems, you can also add them to the TXT record.

    Note:
    If you are not capable configuring the settings on your own, we recommend contacting the responsible provider.

Activate SPF #

Set the corresponding TXT record in your DNS zone before commissioning SPF.
  • To activate the SPF filter, send an email with the subject Enable SPF to support@hornetsecurity.com and inform the support about the following information:

Setting up DKIM #

To set up DKIM, you must use a CNAME record to refer to the public key in Hornetsecurity’s DNS. Then open a ticket at Hornetsecurity’s support to order DKIM.

Set the CNAME Record #

Set the following CNAME record in the corresponding DNS zone of your domain: hse._domainkey.DOMAIN.TLD CNAME hse._domainkey.hornetsecurity.com Enter your actual domain for DOMAIN.TLD.

Note: If you only want to use DKIM to check incoming emails (validate only), you do not need to set the CNAME record.

Activate DKIM #

Before commissioning DKIM, set the corresponding CNAME entry in your DNS zone.
  • Send an email with the subject Enable DKIM to support@hornetsecurtiy.com and inform the Hornetsecurity support in this email:
    • for which domains you want to activate DKIM;
    • Whether you want to use DKIM for validation and signing, only for validation or just for signing emails;
    • that you have set the CNAME record.

Setting up DMARC #

To set up DMARC, you must first activate SPF in variant 2 and/or DKIM. Then open a ticket at the Hornetsecurity support to activate DMARC.

Activate DMARC #

To use DMARC it is necessary to activate SPF in variant 2 and/or DKIM for the desired domain.
  • Send an email with the subject Enable DMARC to support@hornetsecurity.com and inform the Hornetsecurity support team in this email:
    • for which domains you want to activate DMARC;
    • whether SPF and/or DKIM are activated for these domains;

Decision Matrix of DMARC Policies #

The DMARC decision matrix shows how DMARC handles messages in case of passed or failed DKIM and SPF checks.
SPF and DKIM Check DMARC Result Result
SPF pass + DKIM pass DMARC pass Deliver
SPF pass + DKIM fail DMARC fail Quarantine
SPF fail + DKIM pass DMARC fail Quarantine
SPF fail + DKIM fail DMARC fail Quarantine
The table shows that only if both the SPF and DKIM checks have been passed, the DMARC result is positive and the email will be delivered. Otherwise the email will be quarantined.

Emails in the Control Panel #

DKIM Emails for which the DKIM signature does not match the corresponding entry in the DNS will be quarantined. In the spam report and in the control panel, the affected emails are marked as spam, so you can deliver them as required. Under the column Reason you will see DKIM Failure if DKIM applies to a specific email.   SPF Emails that have been detected by the SPF filter and found not to have been sent by a server registered in the DNS will be quarantined. In the spam report and in the control panel, the emails concerned are classified as spam and can be delivered as required. In the control panel these emails are displayed with the reason SPF Failure.   DMARC Emails detected by DMARC and found not to comply with the SPF and/or DKIM policies will be quarantined and displayed in the spam report and control panel, rejected or delivered (nothing) depending on the policy you have chosen. These emails are displayed in the control panel with DMARC Failure as reason.

Troubleshooting: Increased Outbound False Positive Rate #

Emails that should be delivered are reported as spam by the SPF filter. Condition:
  • Either the SPF filter in variant 1 is active and incoming internal emails are incorrectly detected as spam
  • Or you have activated the SPF filter of variant 2 and a communication partner informs you that emails from your domain are detected as spam.
Cause: Faulty TXT record The IP addresses of your mail servers entered in the TXT record are incorrect or missing. Remedy: Customize TXT Record
  • Add the IP addresses of your mail servers to the TXT record or correct the incorrect IP addresses.
Remedy: Adding IP addresses to the whitelist
  1. Open the Control Panel.
  2. Select the respective customer from the scope selection.
  3. Select Black- & Whitelist.
  4. Select the Tab Whitelist.
  5. Click on Insert and enter the corresponding IP address
  6. Click on Submit to confirm.

Troubleshooting: Increased False Positive Rate on Inbound Emails with SPF Variant 2 #

Emails that should be delivered are reported as spam by the SPF filter. Condition: Your SPF filter runs in variant 2 and incoming emails from certain domains are incorrectly detected as spam. Cause: Incorrect TXT record of the communication partner Remedy: Informing the communication partner
  • Inform the communication partner about a possibly incorrect SPF configuration.
Adding IP addresses to the whitelist
  1. Open the Control Panel.
  2. Select the respective customer from the scope selection.
  3. Select Black-/Whitelist.
  4. Select the Tab Whitelist.
  5. Click on Insert and enter the corresponding IP address of the sender domain.
  6. Click on Submit to confirm.

Glossary #

The Glossary defines all uncommon words used in this manual.

Note: Since the manual is not completed, the glossary will be updated.

WordDefinition
Control PanelUserinterface to manage the email traffic and services.
Domain administratorIs responsible for a primary email domain, the related alias mail domains, as well as all email addresses defined or definable by them.
Partner Is responsible for several clients. Each client corresponds to a primary email domain, its alias mail domains and all email addresses defined or definable by them.
InfomailAn email classified as advertisement
BlacklistSender emails that should always be classified as spam are entered on the blacklist.
WhitelistSender emails that should always be classified as clean are entered on the whitelist.
Suggest Edit