BSC Home > Administration > Information Technology > Technology Systems & Networking

Proofpoint Anti-Spam

If you would like to log into the Anti-spam web interface, please use this link https://proofpoint3.bridgew.edu:10020/enduser/login.cgi
If you would like to download the Quick Start Guide, click here.

Introduction

The purpose of this Tech Document is to explain how the email that originates from outside this organization is processed, and to describe the tools that you can use to manage your personal spam quarantine. This memo does not apply to internal email messages.

To protect this organization from virus attacks and to protect you from receiving hundreds of spam messages, all incoming email is filtered by the Proofpoint Messaging Security Gateway - an anti-spam and anti-virus product. Proofpoint uses an advanced machine learning filtering technique called MLX^TM to ensure that no valid mail is improperly filtered. For more information about the Proofpoint Messaging Security Gateway and MLX, you can visit Proofpoint's web site at www.proofpoint.com.

How does email filtering work?

All incoming (and outgoing) email is filtered by the Proofpoint Protection Server. Depending upon Proofpoint Protection Server rules and policies, messages that contain a virus or spam are either deleted or "scored." In the case of spam, the message score indicates the probability that the message is spam - so a message scoring 100 would have 100% chance of being spam (definite spam) and a message scoring 0 would have 0% chance of being spam (legitimate correspondence). To see the complete spam policy for BSC, please view the FAQ at the end of this document. Proofpoint will not scan mail sent between our Exchange Servers (internal mail that we send to each other). It will only scan mail coming from the outside world.

What is the Quarantine?

The Quarantine is a location on a server where email messages that are suspected to be spam are stored temporarily so that they can be reviewed and retrieved if necessary. System administrators have the ability to search for messages on a user's behalf. You may also review and take action on your own quarantined email through the use of the End User Digest. Messages that are not released from the Quarantine are automatically deleted after 7 days.

What is an End User Digest?

If email messages addressed to you were sent to the Quarantine, you will receive an email notification, called an End User Digest (or Digest), in your mailbox. The Digest provides you with a list of the messages addressed to you that are stored in the Quarantine. You can look at the message subject headers to determine their content and as a result what actions you want to apply to the messages.

Note: if you have no quarantined messages on a given day, you will not receive a digest email.

How do I use the Digest?

The Digest will provide you with a list of all of the spam that has been quarantined for your account since you received the last Digest update. You will see a list of these messages and columns that indicate the subject, sender, and time received for each email. You will have three separate links available to you to complete an action on each email message:

Release - releases the message from the Quarantine to your normal email inbox.
Safelist - releases the message from the Quarantine to your inbox and adds the sender to your personal Safe Senders list. All future email from this sender will not be checked for spam.
Report - reports that the message was a false positive (that is, it should not have been classified as spam). In this case, further training is done to ensure that similar messages are not caught as spam in the future.

Other links in the Digest provide additional functionality. These links are not related to individual quarantined messages. The following links provide additional Digest management:

Request New End User Digest - immediately generates a new Digest with up-to-the-minute information about quarantined messages. Note: this Digest will contain a list of all messages currently in the Quarantine, not just those received since the last scheduled Digest update.
Request Safe/Blocked Senders list - sends you a list of all entries currently on your personal Safe and Blocked Senders List.
Manage My Account - allows you to change account preferences, as well as actively manage your Safe Senders and Blocked Senders lists.

What other features are available to manage my account?

The Manage My Account link gives access to a separate web interface that will allow you to manage your Safe Senders and Blocked Senders lists, change the preferred language interface for your Digest, and adjust Digest preferences.

To access these features, click the Manage My Account link in the Digest. A separate browser window pops up on your screen. You must authenticate using your Bridgewater State College username and password.

You have the following options to choose from in your account management page. Click the name of the option in the left navigation pane:

Quarantine -This shows all your messages that are less then 7 days old
Profile - controls Digest settings and language preferences.
Lists - provides tools to manage personal Safe Senders and Blocked Senders lists.

Profile option to manage my account

The Profile option displays a My Settings view and the Save, Request Digest, and Refresh links

Links:

Save - saves your settings each time you make any changes.
Request Digest - sends you an updated Digest.
Refresh - refreshes the view.

My Settings:

Send digest with new messages - this is the default setting. You will only receive a Digest when you have new messages in the Quarantine.
Send digest even when I have no new messages - this choice will send you a Digest whether or not you have new messages in the Quarantine. If there are no new messages, you will receive an empty Digest.
Preferred Language - you can select a language from the drop-down list. This is the language that displays in your Digest and in your Manage My Account browser window.
What type of spam detection do you want? - you can select a spam policy from the listed choices. The policies determine how you want your email filtered for spam. Right now, you may choose between the Active policy or the Active policy PLUS the adult filter. Adult scoring is based on the message having text that Proofpoint determines indicates content of an adult nature, regardless of whether or not the message itself exhibits spam characteristics. If there is mail of an adult nature that you do not want Proofpoint to quarantine, add its sender(s) to your "Safe Senders" list

Lists option to manage my account

The Lists option displays the Safe Senders List and Blocked Senders List views where you can manage your personal lists of safe senders and blocked senders. The spam detection technology provided by Proofpoint's adaptive machine-learning engine is highly accurate, and you are not required to add entries to your Safe Senders or Blocked Senders lists. This feature is available to you if want to create your own personal lists.

Click Safe Senders List or Blocked Senders List in the left navigation pane to choose the list you want to manage.

Links:

New - provides a text field so you can add an email address or domain to your list.
Edit - lets you make changes to an address already on your list. You need to first select (click the check box) for the address you want to change.
Delete - deletes the selected address from the list.
Select All - selects all of the addresses on the list.
Unselect All - un-selects all of the selected addresses on the list.
Request Digest - sends you an updated Digest.
Refresh - refreshes the view.

Safe Senders List:

To add a new address, click on the "New" link. A text box will appear. Just type in the email address and click "Save." Your new entry will appear in the window.

Email sent from addresses or domains on the Safe Senders List will not be filtered for spam, but will be filtered for viruses.

Blocked Senders List:

Email sent from addresses or domains on the Blocked Senders List will automatically be discarded so that you will not receive future emails from them. Note: if a spam message does make it through to your inbox, you should not add that email address to your Blocked Senders List since spammers rarely use the same email address twice.

FAQ:

What are BSC's spam rules?

Active Policy Scoring

96-100 - messages scoring this high are automatically discarded
50-95 - messages in this category are quarantined for 7 days
20-49 - messages in this category are tagged as possible spam and delivered.
0-19 - messages in this category are considered valid email and are delivered to your inbox.

You can also choose to participate in our Active Policy + Adult filter. This would include all the rules above AND include the adult filtering policy. Adult scoring is based on the message having text that Proofpoint determines indicates content of an adult nature, regardless of whether or not the message itself exhibits spam characteristics. If there is mail of an adult nature that you do not want Proofpoint to quarantine, add its sender(s) to your "Safe Senders" list.

Since Proofpoint integrates with our Microsoft Exchange directory, Proofpoint will verify if the recipient exists in our organization. If the recipient does not, Proofpoint will purge the message.

How do I delete my messages in the Quarantine?

There is no need to delete your messages in the Quarantine.
If you do not release a message from the Quarantine, it will automatically be deleted after 7 days. If you look at the messages in your Digest and determine that all of them are spam, you do not need to do anything. The messages will automatically be deleted from the Quarantine.

What is a Safe Senders and Blocked Senders list?

There are two types of Safe Senders lists: the Global Safe Senders List and your personal Safe Senders List. Both are simply lists of legitimate senders of email. The email administrator controls the Global Safe Senders List, which applies to everyone in the organization. You control your personal Safe Senders List to which you can add the addresses of people, organizations, and mailing lists from which you do want to receive mail.

If a sender's address is included in the Safe Senders List, the Proofpoint Protection Server does not filter the message for spam. (However, it still filters the message for a virus or inappropriate content.)

There is also a Global Blocked Senders List and a personal Blocked Senders List. These lists contain addresses of people, organizations, and mailing lists from which you do not want to receive junk email.

What is a false positive?

A false positive is an email incorrectly identified as spam. If an email message is scored as spam and sent to the Quarantine, but it really is a legitimate message from a legitimate sender, you can report it as a false positive.

In the future, messages that have the same characteristics as the message you reported will not be placed in the Quarantine for containing spam.

What is a false negative?

A false negative is an email incorrectly identified as not spam. An email message that is incorrectly delivered to your mail box because it was not identified as spam can be reported as a false negative.

Spammers are very clever and are always finding ways to trick products like the Proofpoint Protection Server into delivering spam to your mailbox. Proofpoint sends frequent updates to our organization in an attempt to stay one step ahead of the spammers.

What is a spam policy?

Spam policies determine how the spam sent to you will be processed. For example, your spam could be deleted or quarantined. You can only select your own spam policy if you are allowed to Manage My Account.

How do I report Spam?

It is easy to report spam to Proofpoint. Reporting spam will allow our filters to be updated in a timely manner.

To report spam, find the message in our Outlook inbox. Once the message is highlighted, choose File>Save As from the menu.

A new window will pop up asking you for a location to save and a file name.

You may leave the default name. In the Save As Type box, drop down the box and choose Outlook Message Format (*msg). Then click Save. NOTE: You MUST save it in this format, or it will not be saved properly.

Once you have the message saved, open up a new email. Address it to FN@proofpoint.com, attach the message you just saved, and click Send.