McAfee Security for Microsoft Exchange 8.6.0

Detection types

Detected items are email messages identified by MSME as a potential threat, that could be a virus, spam, phish, non-compliant content, a URL, or banned file types.

The detection types in MSME are:

Detection types Description
Spam An unwanted electronic message, most commonly unsolicited bulk email. Typically, spam is sent to multiple recipients who did not ask to receive it. Types include email spam, instant messaging spam, Usenet newsgroup spam, web search-engine spam, spam in blogs, and mobile phone-messaging spam. Spam includes legitimate advertisements, misleading advertisements, and phishing messages designed to trick recipients into giving up personal and financial information. Email messages are not considered spam if a user has signed up to receive them.
IP Reputation

A method of detecting messages based on the sending server's IP address. McAfee collects data from billions of IP addresses and network ports, providing hundreds of trillions of unique views, and calculates a reputation score based on network traffic, including port, destination, protocol, and inbound and outbound connection requests. This score is known as IP Reputation Score and reflects the likelihood that a network connection poses a threat. MSME uses this score to determine action based on a local policy.

Phish A method of fraudulently obtaining personal information, such as passwords, Social Security numbers, and credit card details by sending spoofed emails that look like they are sent from trusted sources, such as banks or legitimate companies. Typically, phishing emails request that recipients click on the link in the email to verify or update contact details or credit card information. Like spam, phishing emails are sent to a large number of email addresses, with the expectation that someone will act on the information in the email and disclose their personal information.
Viruses A computer program file capable of attaching to disks or other files and replicating itself repeatedly, typically without user knowledge or permission. Some viruses attach to files, so when the infected file executes, the virus also executes. Other viruses sit in a computer’s memory and infect files as the computer opens, modifies, or creates files. Some viruses display symptoms, others damage files and computer systems, but neither is essential in the definition of a virus; a non-damaging virus is still a virus.
You cannot Download, Release, Forward, or View quarantined items from the Viruses detection category.
TIE and ATD Detections In addition to DAT and McAfee GTI, you can now use the enhanced detection capabilities of McAfee Global Threat Intelligence and McAfee Advanced Threat Defense.
Spoofed Mails Email spoofing is a common ploy used to attract users by sending an email with a different sender email address. Users might open and respond to emails without knowing that the email is not actually from the legitimate source.
Potentially Unwanted Programs Often legitimate software (non-malware) that may alter the security state or the privacy posture of the system on which they are installed. This software can, but not necessarily, include spyware, adware, keyloggers, password crackers, hacker tools, and dialer applications and could be downloaded in conjunction with a program that the user wants. Security-minded users may want to know about such programs and, in some cases, have them removed.
Unwanted Content This is any content that triggers a content scanning rule. It might include offensive, abusive, unpleasing words or even a company's confidential information. Unwanted Content can be categorized into:
Packers Denial of service
Encrypted Content Protected Content
Signed Content Password protected files
Corrupted Content Incomplete MIME messages
Banned File types and Messages Certain types of file attachments are prone to viruses. The ability to block attachments by file extension is another layer of security for your mail system. Both internal and external email messages are checked for banned file types or messages.
DLP and Compliance

Stop the loss of sensitive information via email. MSME provides industry-leading email content analysis to provide the tightest control of sensitive content in any form to aid compliance with many state, national, and international regulations.

Prevent data leakage with the most extensive email Data Loss Prevention (DLP) in the industry that does pattern matching to detecting data; policy-based message handling that prevents outbound data loss.

Mail URL Reputation

Prevents delivery of emails with unwanted URLs that might contain unwanted links, phishing links, or malware.

The Spam, Phish, SPF Filter, and IP Reputation options are available only if you have installed the McAfee Anti-Spam add-on.