5 Replies Latest reply: Mar 27, 2014 4:17 AM by danielsch RSS

    Whitelist Content Handling


      In the old MEG 6.7.2, when we added someone to a whitelist, we got select what engines to bypass when we received an email.  I'm not seeing this option in 7.5.  Basically we have some encrypted attachments coming in from known vendors and we would just like to bypass the content handling part for certain addresses.  Is this even possible?  Right now we have it wide open and we don't like that setting either.



        • 1. Re: Whitelist Content Handling

          In MEG 6.7.2, whitelisting applied to all the various tools within the product.  This is not the case with MEG 7.5 and above.  In MEG 7.5 and above, whitelisting applies only to anti-spam.  So long as the issue in question is an anti-spam issue, you're golden.  However, if you need to allow a user to bypass a feature, there are two ways to do this.


          First, if you are on 7.5.x or above, you can create a new policy which applies to this sender or recipient email address and disable the feature in question.


          Second, if you are on 7.6.1 or higher, we have a policy exception feature which allows you to create exceptions to only certain parts of the policy for particular senders or recipients.  That would allow this.


          I would recommend checking out KB79065 for more information on configuring policy exceptions on MEG 7.6 and above.

          • 2. Re: Whitelist Content Handling

            Can I use this exceptions too to get mails whitelisted which are bocked or quarantined with status Blocked: Anti-Spam or Blocked: Message Reputation?


            In my case somethimes to types or mails get blocked:

            1. Mails that are automatic replys with no sender address. At the subject there are a string like "Auto-Reply:..."

            2. Mails that are automatic undelivered responses with also no sender address: At the sujbect there are a string like "Undelivered Mail:..."


            At the moment we use MEG 7.5.2. Can I define exceptions/whitelists for this kind of automatic mails?



            • 3. Re: Whitelist Content Handling

              Hi danielsch,


              You can implement an exception for the anti-spam configuration of a rule, if needed. It is not possible to implement an exception to the reputation checks, though, which means you would need a separate rule if you need to exclude a given sender from the message reputation check.


              On another note, you mention you are having issues with messages that have a null sender being blocked. Any change this appliance may have BATV (bounce address tag validation) enabled? What is the disposition of the blocked messages, are they incoming or outgoing of your organization?

              • 4. Re: Whitelist Content Handling

                Hi Marcelo,


                this mails are incoming mail (that's are automatic response mails from MTAs or mailservers).

                AT the MEG "Email | Email Configuration | Receiving Email | Bounce Address Tag Validation | Bounce Address Tag Validation Configuration" is not enabled.


                Exceptions of the anti-spam configuration works global when I need this for any email? I can not select sender addresses or IP addresses.

                What kind of exception can I define at the Policy Rule | Spam | Enable anti-spam scanning part?



                • 5. Re: Whitelist Content Handling

                  Hi Marcelo,

                  I found a way to get this automatic reply mails through the MEG without get stopped because of the Message Reputation or Spam trigger.

                  I created a new Dictionary which contains the subject strings, which only get triggert for the mail "Subject line" of the mail.

                  Email Gateway 7.5-Compliance-Dictionary.jpg


                  This Dictionary I use at my Inbound Policy Rule at the Compliance Part of the rule.

                  Email Gateway 7.5-Compliance-Rule.jpg

                  The "Allow-Automatic-Reply-Messages" rule acts against the "Message Reputation" and the "Spam-Whitlist-Automatic-Relpay-Messages" rule acts against the spam scoure.


                  That is working so far. I hope there is no other hint that speaks against this solution.