Heimdal™ Email Security is a module that detects unsolicited and unwanted email and prevents those messages from getting to a user's Inbox. E-Mail Security allows you to scan for the most intrusive method cybercriminals use to introduce malware and viruses into corporate systems. In addition to the danger of infection with ransomware, spyware, or a crypto-miner, important workflows can also be interrupted by the annoying flood of unwanted emails.
You can check out the Heimdal™ Email Security diagram below:
Heimdal™ E-Mail Security can be found in the Heimdal Dashboard under the EMAIL PROTECTION section.
In this view, you are able to see all your Inbound and Outbound emails, but also the Domain Status of the domains set up on your account. The Inbound/Outbound View displays a table with all inbound/outbound emails, the recipient, the sender, the timestamp, the email subject, the action, the email status, and the details of each email.
The Search allows you to filter all emails based on Subject while the Advanced Search allows you to filter by Domain, Recipient (To), Sender (From), Type of Email, Status, Spam Classification, and Spam Score Level.
This view also allows you to select an email and take the following actions:
Release - this action will release the selected email in case it has been quarantined and you think is safe
Resend - this action will resend the selected email
Report - this action will automatically mark the selected email as Spam
This feature is meant to allow you to search emails in the ADVANCED SEARCH area, by using a SPAM score interval. As we already have the minimum score box we also added a maximum spam score box and thus, allowing you to select a SPAM interval based on which emails will be searched and displayed. This options will be in In bound and Outbound views.
The Show Details button will display a popup with various email details (Properties, History, Header, Body, and Attachments). If the Status of the log is other than Quarantine, the Body tab and Attachment tab are disabled.
In the case of quarantined emails, the Heimdal Dashboard will provide verification links for the infection detected on the attachments (if present).
In the Properties tab, you can use the Select a domain dropdown field to take actions for the specified domains.
Blacklist sender - adds the sender (the one who sends the email) to the blacklist of the selected domain(s).
Whitelist sender - adds the sender (the one who sends the email) to the whitelist of the selected domain(s).
Blacklist domain - adds the sender's domain (the one who sends the email) to the blacklist of the selected domain(s).
Whitelist domain - adds the sender's domain (the one who sends the email) to the whitelist of the selected domain(s).
In the Domain Status view, you can see the domain(s) for which you have activated the E-mail Security/
Heimdal™ Email Security calls Google URL Resolvers to check the MX, SPF, and DMARC records for the domains listed in the grid.
Green light - the function is Enabled
Orange light - the Google Resolver is not called
Red light - the function is Disabled
The names of the TABS changed, and we added 4 new buttons for allowing/ blocking (white/ blacklisting) the destination and source IPs in EMS.
The header names changed as per below: “PROPERTIES” becomes “MAIN”; “HISTORY” becomes “ADVANCED”; “HEADER” and “BODY” remain the same.
The dropdown “Select a domain” will list all individual domains for that perimeter Group Policy, as well as an option (first in the list) called “All domains”, so that when one of the “BLACKLIST SENDER”, “WHITELIST SENDER”, “BLACKLIST DOMAIN”, “WHITELIST DOMAIN” buttons is pressed, the desired command is either applied to individual domains or to all the domains in the perimeter.
We will also display by default, in the “select a domain” drop down list, the domain which the email was received from. The dropdown “Select a domain” will list all individual domains for that perimeter Group Policy, as well as an option (first in the list), called “All domains”, so that when one of the “BLACKLIST SOURCE IP”, “WHITELIST SOURCE IP”, “BLACKLIST DESTINATION IP”, “WHITELIST DESTINATION IP” buttons is pressed, the desired command is either applied to individual domains or, to all the domains in the perimeter; we will also display by default, in the “select a domain” drop down list, the domain which the email was received from).
Please note that on this dialog (modal) when saving, the domains that generate validation errors are skipped from saving.
For more details about the Email Security module, also check the following article:
Find out more about this module from the Heimdal™ Email Security product overview: