|Email Plug-in (Reporting):||1.1.0-114|
|Email Plug-in (Encryption):||1.2.1-118|
Hi. some crucial emails being blocked by content filter. that is way I added it to whitelist on HAT overview by adding mail.company.com server name. But unfortunately some emails form company.com still being blocked. Any solution?
Solved! Go to Solution.
Adding hostname of the sending server to the WHITELIST sendergroup will only skip the Anti-spam engine not help in skipping the Content filter engine in the email security pipeline.
For your requirement, I would recommend you to create another content filter (place it in the order above the content filter blocking the emails). In the newly created content filter use the condition as "Envelope Sender" with value contains (sending domain name) "company.com" and action as "Skip Remaining Content Filters (Final Action)".
Below articles will be helpful to you in creating the content filter as per the requirement:
I hope this explains and helps!
Thank you. you helped me again ) I really appreciate that.
I am going to create new Incoming Mail Policy called WhiteList above Default mail policy. then it would be more flexible to manage I guess. For instance if mail comes from company.com I can scan with antispam or antivirus. Or I can let that email to reach destination without scanning by antispam,content filter or antivirus. Is my thought correct?
Yes, you are thinking correct. However, in the new incoming mail policy, I would recommend having anti-virus engine enabled as it will help protect your network from virus threats and as per your requirement, you can go ahead and disable the anti-spam and content filters engine.
However, to can keep the hostname in the Whitelist sendergroup as it will be matching against the TRUSTED (by default) mail flow policy which will provide more leniency to the sender domain (if it is trusted by your end) against various security measures including having more simultaneous connections to your ESA appliance.
So let me summarize this issue. I will create new incoming mail policy and enable antivirus but disable the rest. More over I will remove company.com from hat->whitelist. When I need to add some trusted domain to whitelist it would be new created Incoming Mail Policy.
One more guestions I want to ask. what if someone spoofed company.com domain and send to our users? What would hat->whitelist or My new created Incoming mail policy do for it.
That is great explanation. But what if company.com seen by esa as spam(false positive)? It will be droped before reaching to content filter.
So i will add domains to hat-whitelist that i want not to be blocked and will create content filter appropriate to it. It is clear. Thank you so much.
One last question I want to make sure. Suppose email comes from mail.company.com and sender is firstname.lastname@example.org. according to your post (screenshot) hostname here is company.com? Don't you think host name must be ccns90? maybe I am wrong. I would be pleased if you explain this