From this section, you can search and view scan results of all messages passed through your quarantine. You can also save common search filters in order to speed up the search process later.
General Filters
From the first part of the page, you can set general email searching information such as:
- Subject (the email subject)
- Email (the recipient or sender email address or domain)
- Date Range (the approximate period when the email landed on the appliance)
- Type (the scanning result category of the message such as Threat, Clean, or SMTP Reject)
Additional Filters
From this section, you can set advanced and more accurate filters in order to find all the emails matching the characteristics you are looking for. You can concatenate more filters using the [plus] button placed on the right of each filter set. These filters are concatenated with a logic AND operator.
You can define more search conditions by creating two filters with the [OR] blue button. If a message matches at least one filter set, it will be displayed as a result.
Search Results
When the [Search] button is clicked, the appliance will search and display all messages matching the filters previously set.
For each message you can perform the following operations:
- Export (export selected results in common formats such as PDF, CSV etc…)
- Recall (recall the delivered message from the user’s inbox if a threat remediation connector is set)
- Rescan (put the message in the scanning queue of the system aiming to get a different scanning result, in case of changed settings)
- Release (deliver the message to the next hop without any modification by EDS)
- Delete (completely remove the message from the system)
- Mark as (this message will be learned by the bayesian engine as good or bad)
- Submit as (submit the message, as good in case of false positive or bad in case of false negative, to us to further analysis)
For each message, the following information is displayed:
- Date (the date when the message arrived on the system)
- Sender (the email address of the sender)
- Recipients (the list of recipient addresses)
- Subject (the email subject)
- Result (the scanning result see SEARCH RESULTS EXPLAINED)
- Delivery (if the message has been delivered to the next hop, stopped or deleted)
Note: by clicking on the green eye icon placed at the end of each result you can go to the message detail page, as explained below.
Understanding Messages Direction
For each message, we also know if the message is incoming email flow or outgoing email flow. The direction is displayed with a special arrow icon at the end of the message record.
Incoming: light blue arrow pointing to the bottom of the page
Outgoing: green arrow pointing to the top of the page
In the image below, the first is an Outgoing message, the latter is an Incoming message:
Message Detail
By clicking on the green eye button placed at the end of each result, is shown the message detail page.
The message detail page has a general email data section and 5 additional sections containing advanced information.
This page is documented in the MESSAGE DETAILS article.
Saved Searches
The saved searches tab is documented under the REPORTS article.