The Email Security engines scan for the most intrusive method cybercriminals use to introduce malware and viruses into corporate systems. Lightweight, easy to deploy, and highly responsive, our Email Security anti-malware and anti-spam filter can be scaled to any number of endpoints within your organization.
When it comes to Email Security and antispam filtering, environments might differ from one organization to another and come with different needs and requirements. For this reason, we offer these recommended settings as a starting point for the objective of adjusting/tweaking the Email Security settings to best fit your needs.
Disclaimer: The settings below are not the best settings, but the ones Heimdal recommends as a starting point in configuring the product according to your needs.
Details about all the options discussed in the above view can be found here.
Additional Domain Settings
- Resend Retention time - 90 Days.
- Put inbound delivery on pause - OFF.
- Recipient verification - ON.
- DMARC - ON.
- SPF - ON.
- Sender Rewriting Scheme (SRS) - OFF.
- Block emails without TLS - ON, with Action on Detection set on Quarantine.
- Add all Internal Domains to the Allowlist - Yes.
- Block outbound Danish CPR number if no TLS transmission - ON (only in the situation where you use Email Security outbound filtering and your company is Danish).
- Always block outbound Danish CPR number - OFF.
- Forced TLS - No.
- Force TLS transmission to any domain - OFF.
- DKIM Signing - Yes, only if you use Email Security outbound filtering.
- SEPO In - OFF.
- SEPO Out - OFF.
Anti-Spam Settings
- Anti-Spam Settings - ON
- Confirmed Spam - Score Level set on 100 (can’t be changed) and the Action on Quarantine.
- High Possible Spam – Score Level set on -0.1 and the Action on Quarantine.
- Possible Spam - Score Level set on 4 and the Action on Quarantine.
- Suspected Spam – Score Level set on 3 and the Action on Quarantine.
- All Other Emails - Score Level set on 2 and the Action on Quarantine.
- Newsletter scanning - ON with Action on Detection set to Quarantine.
Security Settings
- Email Security Anti-Malware - ON.
- Email Security Advanced Threat Protection - ON.
- Email Security Macro Analyzer - ON.
- Email Security PDF Analyzer - ON.
- Email Security SHA256 Analyzer - ON.
- Email Security Phishing Protection - ON.
- Force ATP scanning if released - ON.
- Action on Detection – 1) Malware - Quarantine 2) ATP - Quarantine.
Blocklist, Allowlist & Greylist
- Blocklist - all entries can be set on Reject Action.
- Allowlist - all entries are recommended to have enabled the SPF/DMARC Scanning and Virus Scanning.
- Domain greylist threshold - ON, with the limit set on 1.
- Tag greylisted emails - ON.
Attachment Settings
- Executables - ON.
- Dangerous Files - ON.
- Password Protected Files - ON.
- Multiple file extensions - ON.
- Action on Detection - Quarantine.
Quarantine Settings
- General Quarantine Report Settings (Quarantine Retention 90 days) - Time Zone set on your timezone, with reports set to be sent Every hour.
- Admin Quarantine Report by Email - ON (only if the IT Administrator is the person designated to monitor and release quarantined emails).
- User Quarantine Report By Email - ON (if Admin Quarantine Report is turned OFF).
- Spam Limits - Include in Report values to be the same as the ones on Anti-Spam Settings.
- Include in Report: - ON on all categories.
- Preview: - ON on all categories.
- Release: - ON on all categories.
- Allow Sender: - ON on all categories.
Limits
- Outbound limits - ON.
- Outbound minute rate - 200.
- Outbound daily rate - 10000.