Domain Admin Dude, where is my SPAM?

Domain Admin Dude, where is my SPAM?

In our previous post we discussed how users can get to their own SPAM quarantines but did you know that you as the domain administrator have access to EVERYONE’s junk mail?

ExchangeDefender Admin Portal features a SPAM Admin section where you can release ANY message caught by ExchangeDefender to ANY user in your organization.

The three icons next to the message are Release Message, Allow Sender, and Mark as reviewed. Releasing a message will get it to the end users mailbox while allow sender will create an Allow policy for that email address so it skips SPAM checks in the future.

Many organizations designate a SPAM Admin that is in charge of fishing out important messages, attachments, and other content that was blocked by an IT or corporate policy. If you have a lot of users that are not tech-savvy this feature will save you a ton of time.

I already have an Allow Policy and my mail from this sender is always ending up in Junk Mail!

ExchangeDefender Advanced Features can help you here as this problem is so common we’ve built an entire feature to help solve it. The issue is, most of the messages coming are from automated systems (password reminders, newsletters, appointment confirmations, etc) that are sent by a computer instead of someone’s Outlook or phone. They all rely on mass/bulk mail systems like Amazon SES, Sendgrid, etc and those networks use a fake email address to send a message every time (so they can track bounces). You can’t create an allow policy (whitelist) for those addresses as they change every time, so take a look at the Bulk Mailer Policy section:

Here you can tweak the policy applied to each bulk mailer network to accommodate your users. By default we scan each message from these networks for SPAM contents but depending on the problem you are trying to solve with SPAM you can change it to Block or Allow messages from that network.

I already did all that, seriously, where is my email?

Most of policy enforcement problems stem from not knowing which message the user is looking. As mentioned earlier, automated systems forge the email address they send mail from so the address you see in Outlook is not the actual email address. It’s tough to make policies or find the message when you don’t know the senders email address: ExchangeDefender Mail Log to the rescue:

As the Domain Admin you have access to all the email logs for your domains.  Click on Mail log and you’ll be able to search for the message based on time, date, subject, etc.

You can also scroll through the mail log. See the [Full address] below some senders? Those are the fake tracking email addresses we’re talking about. Generally you can create a domain-wide allow policy for the entire domain if you trust that the sender isn’t going to send malicious content (we’ll still check if any attachments are infected and apply your file/extension policy).

To sum it up

As an ExchangeDefender Domain admin you have powerful tools to locate SPAM, apply allow or block policies, and to scope them down to the bulk mailer network that is usually the #1 culprit. Go figure, nobody wants these messages and they sometimes get inadvertently reported as junk anyhow.

ExchangeDefender can save hours of going through transaction and message logs by presenting all of your messages in a user-friendly way where you can quickly release them to your user, create an allow policy so it doesn’t get intercepted again, and designate clients trusted partners/networks that should always go straight to their mailbox.