You can configure Email Security gateway profiles to provide advanced protection against email threats.
Cloud Edge does not scan IPv6 email traffic using either Cloud Message Scan or local scan. IPv6 email traffic passes through the appliance without scanning.
Configure Cloud Edge anti-malware settings for email to:
Intelligently inspect and detect malware in email.
Send suspicious email attachments to cloud-based Virtual Analyzer for sandbox analysis to determine if the attachment contains malware. For details, see Virtual Analyzer.
Either block or add a tag to the subject and message body of emails containing malware.
Define the tag used in the subject line and the body message of an email containing malware.
Send suspicious email attachments to cloud-based Predictive Machine Learning to determine if the attachment contains malware. For details, see Predictive Machine Learning.
Detect phishing violations
Enabling anti-spam also enables detection of phishing violations. Cloud Edge records phishing violations as a separate message type in widgets and logs. Additionally, you can generate reports specific to phishing violations. For details, see Phishing Detection.
Use ERS to determine spam based on the reputation of the originating MTA.
Anti-spam uses Email Reputation Services (ERS) technology, which is a Smart Protection Network component that verifies IP addresses of incoming email messages using one of the world's largest, most trusted reputation databases, along with a dynamic reputation database to identify new spam and phishing sources, stopping even zombies and botnets when they first emerge. For details, see Email Reputation Technology.
Set the spam "sensitivity" level or catch rate.
Enable Business Email Compromise (BEC) scanning to protect against BEC scams.
BEC scams target companies who conduct wire transfers and have suppliers abroad. BEC compromises legitimate business email accounts through social engineering for the purpose of conducting unauthorized transfers of funds.
Take default intelligent actions on spam or customize the action setting for the organization.
The action you can configure is to either block spam or to add a tag to the subject and message body of spam. This action is also used when an email is compromised with a BEC scam.
If the action is tag, you can define the tag used in the subject line and the body message of a spam email message. This tag is also used when an email is compromised with a BEC scam.
Configure content filtering to:
Filter content by message size.
Filter the message header, message, or attachment name by using keywords or patterns.
Filter the message body by MyNumber.
My Number is a nickname for Japan’s new Social Security and Tax Number System. It is used for administrative purposes related to social security administration, taxation, and disaster response. Companies also use My Number for various legally required documents.
Either block or add a tag to the subject and message body of emails with compliance violations.
Define the tag used in the subject line and the body message of an email message with a compliance violation.
Configure other email security settings to:
Create approved and blocked email senders lists.
Approved senders are excluded from spam and content filters and from Virtual Analyzer/Predictive Machine Learning analysis. Cloud Edge blocks all messages from blocked senders.
Configure approved and blocked file types used in malware detection.
Enable or disable individual email messaging protocols and specify custom SSL ports for the SMTPS, IMAPS, and POP3S protocols.
Configure Cloud Edge to send notifications to internal senders regarding spam and malware email messages that originated from them or if content filtering security restricts message content.
Cloud Edge automatically uses cloud-based Cloud Message Scan (CMS) for email security scanning. If CMS is not available, Cloud Edge automatically switches to local email security scanning. There are certain differences between CMS and local scan. For more information, see Cloud Message Scan (CMS) and Local Scan.
You can determine whether a gateway is using cloud-based scanning or local scan by going to Gateways > (Selected Gateway) > Gateway Information and looking at the Mail security status field.