This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

input for SEA Time of Click

 Just want to give an input for SEA, if ToC policy was enable then all email that send from external must be cover by ToC, including email in quarantine that could be manually release or forward, current it's not cover this condition



This thread was automatically locked due to age.
Parents
  • TOC is done last, toc will not be done on any message that is quarantined for any reason.

  • Hi Red_warrior,

    agree with message in quarantined, but when they are release manually from the quarantine it should still through ToC mechanism so the message that release to user must be protected from any malicious link

  • When mail is processed every rule is run against said mail. if the action of the message is quarantine the message is quarantined.  When mail is released from quarantine it is simply released, there is no additional processing done on it.

    Items that are quarantined are for all intents and purpose "trash" 

    You could post a feature request to have mail rescanned when released from quarantine but currently TOC is the last thing that is processed on deliverable mail.  On messages that are quarantined the quarantine process is before TOC ever sees the message. 

Reply
  • When mail is processed every rule is run against said mail. if the action of the message is quarantine the message is quarantined.  When mail is released from quarantine it is simply released, there is no additional processing done on it.

    Items that are quarantined are for all intents and purpose "trash" 

    You could post a feature request to have mail rescanned when released from quarantine but currently TOC is the last thing that is processed on deliverable mail.  On messages that are quarantined the quarantine process is before TOC ever sees the message. 

Children
  • Sorry for my poor english (I'm French).

    I agree with Ratmatn. He's right.

     

    If you don't scan mail for malicious links with Time of Click BEFORE sending mail to quarantine AND give user to release mail from qurantine, you have a failure into your protection.

    It could be not so difficult to scan mail for ToC before sending it in quarantine and it would correct this protection default.

    For exemple : what will you say if in case of emergency in your car your brake won't work if you push warning button before ?

     

    There are too many malicious mail and threats to let them pass thru SEA easily.

    I think it's a security breach because I can make a mail with malicious link that will be recognized as spam by SEA to bypass Time Of Click protection.

    It's only my opinion.

    Thank's