About jjthomas

jjthomas · 03-09-2023

We have successfully configured our CES/Secure Email hosts to use SAML against Azure AD to authenticate our administrative users to access the web GUI for almost two years, and it was worked pretty flawlessly. Naturally, I was happy to see that they...

jjthomas · 05-05-2020

I seem to be doing something either incorrectly or am missing something, as I cannot seem to get an Incoming Content Filter to add a header item with a value based on the presence of another header item and its value. The content filter basically s...

jjthomas · 10-22-2019

I had a question concerning the executive names in the dictionary used by Forged Email Detection (FED). We have successfully implemented FED via a content filter, and it was worked pretty well thus far. I did tune the scoring, however, moving the ...

jjthomas · 05-11-2020

The filter is associated to the correct policy, and I can see log entries included on the email message in question (given that I added that as one of the actions on the content filter. I have included a screenshot below of what is happening. In ...

jjthomas · 05-11-2020

Each filter only looks for one condition, so there is no need to check the application of the AND/OR rule for the condition.

jjthomas · 10-22-2019

And a very quick update based on some spoof testing.If I change the dictionary entry to include a middle initial, that means an exact match of that name will score 100. (Splunk makes finding this scoring a lot easier.)In my testing, when I do not inc...

jjthomas · 10-22-2019

Hi Libin,Your reply is very helpful. Based on that, my two options would be to either:change our threshold to, say, 90, and monitor for false positives; oradd an entry to the dictionary that contains the middle initial for the executive in question,...

Member Since	‎08-08-2019 02:04 PM
Date Last Visited	‎03-16-2023 09:35 AM
Posts	7

User Statistics

User Activity

Configure SAML for EUQ using Azure AD

Incoming Content Filter to Add Header Item and Value

Forged Email Detection - Dealing with Middle Initials

Re: Incoming Content Filter to Add Header Item and Value

Re: Incoming Content Filter to Add Header Item and Value

Re: Forged Email Detection - Dealing wtih Middle Initials

Re: Forged Email Detection - Dealing wtih Middle Initials