ESET Mail Security and user spam whitelisting

Discussion in 'ESET NOD32 Antivirus' started by Swad, Nov 30, 2010.

Thread Status:
Not open for further replies.
  1. Swad

    Swad Registered Member

    Joined:
    Nov 30, 2010
    Posts:
    3
    We are about to install ESET Mail Security for Exchange for the AV component, but we are considering the anti-spam filtering as well. One thing I haven't been able to readily find documented is if there is a means for users to whitelist addresses without asking an admin to do-so. Right now our current spam filter solution allows users to drop a copy of an email they want whitelisted into a secure public folder in outlook (users can't see what's in there--only allowed to drop emails in) and our spam filter will check the folder periodically to add the sender address of the emails to the whitelist. It's a good way to allow users to handle this without bothering admins.

    Is there some sort of mechanism for ESET Mail Security for Exchange (2007) that allows users to whitelist addresses themselves? Thanks for any responses.
     
  2. TyeF

    TyeF Former Eset Moderator

    Joined:
    Feb 19, 2010
    Posts:
    78
    Yes, ESET Mail Security 4 offers users the ability to add to the whitelist.
    For detailed instructions, please review the following ESET knowledgebase article (NOTE: this article applies to both ESET Smart Security and ESET Mail Security 4 products):
    http://kb.eset.com/esetkb/index?page=content&id=SOLN2108


    Regards,
    Tye
     
  3. Swad

    Swad Registered Member

    Joined:
    Nov 30, 2010
    Posts:
    3
    I don't see how this is possible when the user interface is installed on the Exchange email server. Users will have no gui interface to interact with as the mail server will be the only place the software is installed.
     
  4. tony_m

    tony_m Eset Staff Account

    Joined:
    Nov 22, 2010
    Posts:
    239
    Hi,

    The above solution is for clients where the ESET security solution is also installed on client workstations.

    AFAIK, there's currently no option to do that by means of ESET Mail Security.
     
  5. Swad

    Swad Registered Member

    Joined:
    Nov 30, 2010
    Posts:
    3
    Ok, here is actually what we have going on for our setup. We do actually use ESET NOD32 Antivirus for our clients, but this is on a terminal server as all of our users log into terminal servers to do their work. As a result, we hide the GUI per this article:

    http://kb.eset.com/esetkb/index?page=content&id=SOLN2340

    Can what was linked by you be done on a terminal server with the ESET NOD32 Antivirus client? Or only with the Smart Security client? I'm just asking because if I can use NOD32 Antivirus client to do this, I might consider un-hiding the GUI so people can use it to add email addresses to the whitelist.
     
  6. akrummrich

    akrummrich Registered Member

    Joined:
    Dec 16, 2010
    Posts:
    3
    Hi,

    I have a similar issue.

    Does this mean, there is now way to configure white- or blacklists on the exchange server? I understand that the client protection is doesn't work, but what about the mail server protection? I tried to enter some domains under allowed and blocked domains, but without success.

    Is there any special format, I need to use?

    Kind Regards,
    Andreas
     
  7. tony_m

    tony_m Eset Staff Account

    Joined:
    Nov 22, 2010
    Posts:
    239
    Hi,

    Configuration of the antispam engine (even if the values are entered through the GUI) is stored in the spamcatcher.conf file. "Allowed domains" textbox in the GUI is linked to "approved_domain_list" parameter in the spamcatcher.conf, and as stated in both of them, they allow specifying domain names found in the EMAIL BODY, which should always be approved.

    To make the whitelist work in a way that most people would expect it to be working, you need to use "Global Approved List" which is in the "approvedsenders" file.

    In case of any troubles, please open a support ticket including a copy of the spamcarcher.conf file and exported EMSX settings for analysis.

    Regards,
    tony
     
  8. akrummrich

    akrummrich Registered Member

    Joined:
    Dec 16, 2010
    Posts:
    3
    Hi Tony,

    Thank's for the information. I found the files blockedsenders and approvedsenders in the ProgramData Folder.

    Just to make this clear. This function does only "look" into the BODY? It DOES NOT look into the mailheader?
    If this is the case a mail without any signatur or information about the sender address would never be scanned. Is this correct?

    Kind Regards,
    Andreas
     
  9. tony_m

    tony_m Eset Staff Account

    Joined:
    Nov 22, 2010
    Posts:
    239
    Hi Andreas,

    Yes, the approved_domain_list checks the domains in the body, not the header.

    You need to use the "Global Approved List" which is in the "approvedsenders" file.
     
  10. akrummrich

    akrummrich Registered Member

    Joined:
    Dec 16, 2010
    Posts:
    3
    Hi Tony,

    thanks again. I got it working. The trick was to disable and enable the mailserver SPAM protection after changing the approvedsenders or blockedsenders list.

    Now it's working and checking the email header :rolleyes:

    Thanks for your help and have a nice weekend!

    Kind Regards,
    Andreas
     
Thread Status:
Not open for further replies.