Action taken
|
Search for an item based on the action that was taken on it. The actions taken by
MSME are:
• |
Clean
| • |
Denied Access
|
• |
Cleaned
| • |
Logged
|
• |
Deleted
| • |
Replaced
|
• |
Deleted Message
| • |
Rejected
|
|
Anti-Spam Engine
|
Search for an item based on the anti-spam engine that scans email messages for spam and phishing attacks.
To view the current
Anti-Spam Engine used, go to
. For example, the
Anti-Spam Engine version appears in this format: 9286
|
Anti-Spam Rule
|
Search for an item based on the anti-spam rules that are updated every few minutes to catch the latest spam campaigns sent by spammers.
To view the current
Anti-Spam Rule used, go to
. For example, the rule version appears in this format: core:4373:streams:840082:uri:1245250
|
Anti-Virus DAT
|
Search for an item based on the anti-virus DAT version with a distinctive signature.
To view the current
Anti-Virus DAT used, go to
. For example, the DAT version appears in this format: 6860.0000
|
Anti-Virus Engine
|
Search for an item based on the anti-virus engine that had a sequence of characters unique to a virus/unwanted content.
To view the current
Anti-Virus Engine used, go to
. For example, the
Anti-Virus Engine version appears in this format: 5400.1158
|
Banned Phrases
|
Search by the content of banned phrases that are defined in the
DLP and Compliance Rules under
.
|
Detection Name
|
Search for a detected item based on its name.
|
File Name
|
Search by the name of the detected file in the quarantined item.
To view the
File Name used, go to
.
|
Folder
|
Search by the folder where quarantined items are stored such as a user's mailbox.
| The folder will not be available if the email is quarantined at the On-Access (Transport) level.
|
|
IP Reputation Score
|
Search for an item based on the sender's
IP Reputation Score. The items quarantined are based on the
IP reputation threshold specified under
.
| This filter is available only if you have installed the
McAfee Anti-Spam add-on.
|
|
Policy Name
|
Search for an item by a policy name such as a
Master policy or sub-policy that detected the item.
|
Reason
|
Search for an item based on the reason why it was detected. This could be based on the scanners and filters such as
Anti-Virus,
Anti-Spam,
Anti-Phish,
DLP and Compliance, and so on.
|
Reasons
|
Search by a rule or rules that were triggered by a particular email. Use this if an item has triggered multiple scanners or filters. For example, if a spam email contains a virus, the
Reasons are
Anti-Spam and
Anti-Virus.
|
Recipients
|
Search for an item through the recipient's email address.
|
Reputation Score
|
Search by the authenticity level of the source of the email based on up to date information available. The items quarantined are based on the
Message reputation threshold specified under
.
| This filter is available only if you have installed the
McAfee Anti-Spam add-on.
|
|
Rule Name
|
Search for an item based on the rule that triggered one or more scanners/filters. The rule that triggered the scanner or filter is based on the
Actions set for each policy.
|
Scanned by
|
Search for an item by the scanner name that detected the item.
|
Sender
|
Search for an item by the sender's email address.
|
Sender IP
|
Search for an item by the IP address of the sender's system. The items quarantined are based on the
IP reputation threshold specified under
.
| This filter is available only if you have installed the
McAfee Anti-Spam add-on.
|
|
Server
|
Search for an item based on the computer name.
|
Spam Score
|
Search for an item based on the spam score, which is a number that indicates the amount of potential spam contained within an email message. The engine applies anti-spam rules to each email message it scans. Each rule is associated with a score.
To assess the risk that an email message contains spam, these scores are added together to give an overall spam score for that email message. The higher the overall spam score, the higher the risk that the email messages contains spam.
| This filter is available only if you have installed the
McAfee Anti-Spam add-on.
|
|
State
|
Search for an item based on its current status. The available items states are:
• | Untrained — Items that are not acted upon such as purged, released, forwarded or deleted. The initial state of all items will be
Untrained.
|
• | Released — Items that are released from the quarantine database.
|
• | In Quarantine Manager Queue — Items that are currently in the queued in the
McAfee Quarantine Manager database.
|
• | Forwarded — Items that are forwarded to the intended recipients.
|
|
Subject
|
Search for an item based on the subject line of the email message.
|
Task
|
Search for an item based on the scan task name which can be an On-Access (VSAPI), On-Access (Transport) scan task or On-Demand scan task. The on-access scan task that appears in the
View Results section is based on the settings you have enabled under
. To know whether the item was detected due to an on-demand scan task, go to
.
|
Ticket Number
|
Search for an item based on the ticket number, which is a unique alphanumeric identifier assigned to a specific detection and delivered as a notification through email. It helps identify the associated detection.
|
TIE Score
|
Search for items based on the
TIE score reputation.
|