Hi Team,
I’m not familiar with the MTA blade and I’m looking some information related to the MTA quarantine.
For my understanding, the view “MTA monitoring” in SmartView have many functions as quarantine: MTA place some email machine under quarantine where each user or admin you can check them and then decide whether to block or allow them.
Additionnaly, in « Threat Prevention R80.30 Administration Guide », there is a section that indicate how « To configure external quarantine for malicious emails: », see below the process : it’s not clear for me, can someone can help me to figure out it ?
For instance, with a tiers solution with their own quarantine (Proofpoint or Cisco ESA) , this process is relevant (I will contact Proofpoint and Cisco in order to know if their quarantine is available for tiers solution)
In advance, thank for your help
The process « To configure external quarantine for malicious emails: »
------------------
In SmartConsole:
Enable MTA on your gateway.
Clone the Profile you wish to configure and rename it.
In the new profile, go to Mail > General > Malicious Email Policy on MTA Gatewaysand select Allow the email.
Clear Remove attachments and links.
Select Add an X-Header to the email.
Note - When you add an X-Header to the email, the rest of the email is kept in the email's original form. The other options: Remove attachments and links, Add a prefix to the email subject and Add customized text to the email body, change the email, and therefore must be cleared.
Click OK.
Install Policy.
------------------