Enabling End-User Access

about IMSS [1]
activate
- license [1]
- product [1]
add
- administrator accounts [1]
address group
- add [1]
- delete [1]
- edit [1]
address groups
- examples of [1]
- understand [1]
administrator accounts
- add [1]
- delete [1]
- edit [1]
- manage [1]
Advanced Threat Scan Engine [1]
adware [1]
antivirus rule [1]
APOP [1]
approved list
- add hosts [1]
approved senders list
- configure [1]
archive
- configure settings [1]
archive areas
- manage [1]
archived messages
- view [1]
asterisk wildcard
- use [1]
attachment size
- scanning conditions [1]
audience [1]
back up
- IMSS [1]
blocked list
- add records [1]
blocked senders list
- configure [1]
bounced mail settings
- configure [1]
change
- management console password [1]
Cloud Pre-Filter
- configure DNS MX records [1]
- create account [1]
- create policy [1]
- policies [1]
- suggested settings [1]
- troubleshoot [1]
- understand [1]
- verify it works [1]
Cloud Pre-Filter tab [1]
Command & Control (C&C) Contact Alert Services [1]
commands [1]
community [1]
component update [1]
condition statements [1]
Configuration Wizard
- accessing [1]
configure
- approved senders list [1]
- archive settings [1]
- blocked senders list [1]
- connection settings [1] [2]
- Control Manager server settings [1]
- database maintenance schedule [1]
- delivery settings [1]
- Direct Harvest Attack (DHA) settings [1]
- DNS MX records [1]
- Email reputation [1]
- encrypted message scan actions [1]
- expressions [1]
- internal addresses [1] [2]
- LDAP settings [1]
- log settings [1]
- Messaged Delivery settings [1]
- Message Rule settings [1]
- notification messages [1]
- notification settings [1]
- other scanning exceptions scan actions [1] [2]
- POP3 settings [1] [2]
- product settings [1]
- quarantine settings [1]
- route [1]
- scan exceptions [1]
- scheduled reports [1]
- security setting violation exceptions [1] [2]
- security setting violation scan actions [1]
- Sender Filtering [1]
- Sender Filtering bounced mail settings [1]
- Sender Filtering spam settings [1]
- Sender Filtering virus settings [1]
- SMTP routing [1]
- SMTP settings [1]
- spam text exemption rules [1]
- TMCM settings [1]
- update source [1]
- Web EUQ Digest settings [1]
configure event criteria [1]
configuring
- Encryption settings [1]
connection settings
- configure [1] [2]
Control Manager
- enable agent [1]
- replicate settings [1]
- see Trend Micro Control Manager [1]
Control Manager server settings
- configure [1]
Conventional scan [1]
criteria
- customized expressions [1]
- keywords [1]
customized expressions [1] [2] [3]
- criteria [1]
- importing [1]
customized keywords [1]
- criteria [1]
- importing [1]
customized templates [1]
- creating [1]
- importing [1]
dashboard
- using [1]
database
- configure maintenance schedule [1]
data identifiers [1]
- expressions [1]
- file attributes [1]
- keywords [1]
Data Loss Prevention [1]
- data identifiers [1]
- expressions [1] [2] [3] [4] [5] [6]
- file attributes [1] [2] [3]
- keywords [1] [2] [3] [4] [5] [6] [7]
- templates [1] [2] [3] [4] [5] [6]
Data Loss Prevention (DLP) [1]
default tabs [1]
delete
- address group [1]
- administrator accounts [1]
delivery settings
- configure [1]
dialers [1]
Direct Harvest Attack (DHA) settings
- configure [1]
display
- domains [1]
- suspicious IP addresses [1]
DLP [1]
documentation [1]
domains
- display [1]
- Email Encryption [1] [2]
edit
- address group [1]
- administrator accounts [1]
Email Encryption
- managing domains [1]
- registering domains [1]
- understand [1]
email relay [1]
Email reputation [1]
- about [1]
- Administration Console [1]
- configure [1]
- enable [1]
- types [1]
email threats
- spam [1]
- unproductive messages [1]
enable
- Control Manager agent [1]
- Email reputation [1]
- End-User Access [1]
- EUQ [1]
- IP Profiler [1]
- POP3 scanning [1]
- sender filtering rules [1]
encrypting messages [1]
Encryption settings
- configuring [1]
End-User Access
- enable [1]
ERS
- MTA settings [1]
- using [1]
EUQ [1]
- authentication [1]
- disable [1]
- enable [1]
- open the console [1]
- start [1]
- web console [1]
- Web console [1]
event criteria
- configure [1]
event notifications [1]
export notes [1]
expression lists
- manage [1]
expressions [1] [2]
- configure [1]
- customized [1] [2]
  - criteria [1]
- predefined [1] [2]
- regular [1]
FAQ
- ERS [1]
- EUQ [1]
- IMSS components [1]
- IP Profiler [1]
- mail areas [1]
- postfix [1]
- queues [1]
file attributes [1] [2] [3] [4]
- creating [1]
- importing [1]
- wildcards [1]
File Reputation Services [1] [2]
filtering, how it works [1]
filters
- examples of [1]
generate
- reports [1]
graymail [1]
hacking tools [1]
import notes [1]
IMSA
- scripts [1]
IMSS
- about [1]
- backing up [1]
- restore [1]
- scripts [1]
internal addresses
- configure [1] [2]
IP Profiler [1]
- enable [1]
joke program [1]
keywords [1] [2]
- customized [1] [2] [3]
- predefined [1] [2] [3]
known hosts [1]
- add [1]
- export [1]
- import [1]
LDAP settings
- configure [1] [2]
LDAP User or Group
- search for [1]
license
- activate [1]
- renew [1]
logical operators [1]
logs [1]
- configure settings [1]
- query [1]
- query message tracking [1]
- query MTA event [1]
- query policy event [1]
- query quarantine event [1]
- query sender filtering [1]
- query system event [1]
- query URL click tracking [1]
manage
- administrator accounts [1]
- expression lists [1]
- notifications list [1]
- one-time reports [1]
- product licenses [1]
manage domains for Email Encryption [1]
management console password
- change [1]
manual update [1]
mass mailing viruses
- pattern [1]
message delivery [1]
Message Delivery settings
- configure [1]
Message Rule settings
- configure [1]
messages in the Virtual Analyzer queue
- view [1]
message size
- scanning conditions [1]
message traffic tab [1]
MIME content type
- scanning conditions [1]
MTA
- with ERS [1]
new features [1]
notes
- export [1]
- import [1]
notification messages
- configure [1]
notifications
- event [1]
notification settings
- configure [1]
notifications list
- manage [1]
one-time reports
- manage [1]
online
- community [1]
online help [1]
other rule [1]
password
- management console [1]
password cracking applications [1]
pattern files
- update [1]
PCRE [1]
Perle Compatible Regular Expressions [1]
permitted senders [1]
policies
- add [1]
- example 1 [1]
- finalize [1]
policy management
- DLP [1]
policy notification
- add [1]
- edit [1]
POP3 messages
- scan [1]
POP3 scanning
- enable [1]
POP3 settings
- configure [1] [2]
postponed messages
- view [1]
predefined expressions [1]
- viewing [1]
predefined keywords
- distance [1]
- number of keywords [1]
predefined templates [1]
product licenses
- manage [1]
- view [1]
product services [1]
product settings
- configure [1]
quarantine
- configure settings [1]
quarantine and archive [1]
quarantine areas
- manage [1]
quarantined messages
- view [1]
query
- archive areas [1]
- logs [1]
- messages [1]
- messages in the Virtual Analyzer queue [1]
- MTA event logs [1]
- policy event logs [1]
- postponed messages [1]
- quarantine areas [1]
- quarantine event logs [1]
- sender filtering logs [1]
- system event logs [1]
- URL click tracking logs [1]
readme file [1]
register domains for Email Encryption [1]
remote access tools [1]
renew
- license [1]
replicating settings [1]
reports
- content [1]
- generate [1]
- manage one-time [1]
- scheduled reports [1] [2]
restore
- IMSS [1]
roll back
- components [1]
route
- configure [1]
- specify [1]
scan
- POP3 messages [1]
- SMTP messages [1]
scan actions
- configure encrypted message settings [1]
- configure other scanning exceptions settings [1] [2]
scan engine
- update [1]
scan exceptions
- configure [1]
Scan methods [1]
scanning conditions [1]
- attachment names [1]
- attachment number [1] [2]
- attachments [1]
- attachment size [1]
- extensions [1]
- message size [1]
- MIME content type [1]
- spam [1]
- specify [1]
- true file type [1]
scheduled reports
- access [1]
- configure [1]
- use [1]
scheduled updates [1]
security risks
- spyware/grayware [1]
security setting violations
- configure exceptions [1] [2]
- configure scan actions [1]
Sender Filtering
- configure [1]
- configure bounced mail settings [1]
- configure Direct Harvest Attack (DHA) settings [1]
- configure spam settings [1]
- configure virus settings [1]
Sender Filtering Service
- about [1]
Sender Filtering tab [1]
services [1]
- Sender Filtering Service [1]
smart protection [1] [2]
- source [1] [2]
- sources
  - comparison [1]
  - protocols [1]
Smart Protection [1] [2]
Smart Protection Network [1] [2]
Smart Scan [1]
SMTP
- notification server [1]
SMTP messages
- scan [1]
SMTP routing [1]
- configure [1]
SMTP settings
- configure [1]
spam settings
- configure [1]
spam text exemption rules
- configure [1]
specify
- actions [1]
- route [1]
- scanning conditions [1]
- update source [1]
spyware/grayware [1]
- adware [1]
- dialers [1]
- entering the network [1]
- hacking tools [1]
- joke program [1]
- password cracking applications [1]
- remote access tools [1]
- risks and threats [1]
start
- EUQ [1]
support
- knowledge base [1]
- resolve issues faster [1]
- TrendLabs [1]
suspicious IP addresses
- display [1]
system overview tab [1]
System Status screen [1]
tabs
- add a tab [1]
- Cloud Pre-Filter [1]
- configure a tab [1]
- default tabs [1]
- message traffic [1]
- Sender Filtering [1]
- system overview [1]
- understand [1]
tag subject
- add [1]
templates [1] [2] [3] [4] [5] [6]
- condition statements [1]
- customized [1] [2] [3]
- logical operators [1]
- predefined [1]
TMCM settings
- configure [1]
transport layer [1]
TrendLabs [1]
Trend Micro Control Manager [1]
- agent [1]
- server [1]
troubleshooting [1]
- imssps daemon [1]
true file type [1]
understand
- Email Encryption [1]
- widgets [1]
update
- automatically [1]
- manually [1]
- pattern files [1]
- scan engine [1]
- system and application [1]
update source
- configure [1]
- specify [1]
view
- archived messages [1]
- messages in the Virtual Analyzer queue [1]
- postponed messages [1]
- product licenses [1]
- quarantined messages [1]
Virtual Analyzer [1]
virus settings
- configure [1]
Web EUQ Digest
- configure settings [1]
Web Reputation Services [1] [2]
what’s new [1]
widgets
- add a widget [1]
- configure a widget [1]
- edit a widget [1]
- understanding [1]
- using a widget [1]
wildcards [1]
- file attributes [1]

Enabling End-User Access

Enable end user access to allow the users to access quarantined spam items that IMSS might have misidentified as spam. The clients use LDAP or SMTP authentication to access the IMSS EUQ service.

Note

To allow users to manage messages on the EUQ management console, add their individual and distribution list email addresses to the list of users on your LDAP server.

When using SMTP authentication, you do not need to configure LDAP settings.

Procedure

Go to Administration → End-User Quarantine.

The EUQ Management tab appears.
Click the User Quarantine Access tab.

The User Quarantine Access screen appears. The displayed screen depends on the authentication method you selected during the enabling process.
Select Enable access.
Select Enable management of distribution list EUQ to allow users to manage the EUQ of distribution lists that they belong to.
Select Allow end user to deliver quarantined mail in EUQ directly to allow end users to deliver quarantined messages directly to the recipient. The message bypasses all rules except virus scanning rules.
Select Control the "auto-add" approved sender behavior when an end user reprocesses a message and select a value from the drop-down list.
Select Enable NTLM to allow end users single sign-on access the EUQ management console using the NTLM authentication protocol.
To enable Kerberos single sign-on:
1. Select Enable Kerberos to allow end users single sign-on access to the EUQ management console using Kerberos authentication protocol.
2. Create a new user account in your domain for the host on which IMSS is installed.
3. On the Active Directory domain controller, use the following command to generate a keytab file for IMSS:
  
  C:\>ktpass.exe -out filename -princ HTTP/instance@REALM -mapuser account -ptype KRB5_NT_PRINCIPAL -pass password
  
  Where:
  
  filename is where the generated keytab file will be stored. For example, C:\test.keytab.
  
  instance is the hostname of the computer where IMSS is installed. For example, imss.test.com.
  
  REALM is the uppercase name of the realm you want to authenticate with, normally the same with the domain name on DNS server. For example, TEST.COM.
  
  account is the account created for IMSS. For example, user@test.com.
  
  password is the password of the account.
4. Click Browse… to locate the generated keytab file.
5. Click Upload to upload the keytab file to IMSS.
  
  If ktpass.exe is not found, you can install support tools using the Windows server installation CD/DVD or download the file from the Microsoft website.
  
  If Kerberos single sign-on is enabled, use the hostname for IMSS when accessing the EUQ management console.
Select the number of days to keep quarantined spam.
Select the maximum number of approved senders for each end-user.
Specify a logon notice that appears on the user's browser when he/she starts to access the quarantined messages.
Under Select LDAP groups, select the check box next to Enable all to allow all LDAP group users to access quarantined spam.
To add individual LDAP groups, clear the Enable all check box and do either of the following:
- Search for groups:
  1. From the drop-down list, select Search LDAP groups.
  2. Specify the group name.
  3. Click Search. The groups appear in the table below.
  4. Click the LDAP groups to add.
  5. Click >>. The groups appear in the Selected Groups table.
- Browse existing groups:
  1. From the drop-down list, select Browse LDAP groups. The groups appear in the table below.
  2. Click the LDAP groups to add.
  3. Click >>. The groups appear in the Selected Groups table.
Click Save.

Trend Micro InterScan™ Messaging Security Suite Online Help

Enabling End-User Access

Note

Procedure