Setting Incoming Email Policy Sets

To set income Email policy sets

Select Email Protection >Incoming > Policy Sets tab.
Select one of the available default Policy Sets; Security, Spam Protection and Productivity.
Select the following:

Option	Explanation
General Security Settings Pane
Anti-Malware	Cyren scans incoming email for known malware. The user can select how to handle identified problems. The following options are available: Reject: The email is returned to the sender The email is sent to trash/spam folder Quarantine: If the email is not safe or a dangerous email, then it is sent to quarantine for evaluation. Tag and deliver: Opens a field for entry of a unique tag to be added to the Subject line of the email before forwarding. Forward to: Opens the Select User dialog. All available users are displayed in the left pane. Select the user and drag-and-drop to the right pane.
Suspect File Attachment	E-Mail Security monitor email attachments for common sources of virus intrusion. These include file extensions such as EXE, ZIP etc. The following options are available: Reject: The email is returned to the sender. The email is sent to trash/spam folder Quarantine: If the email is not safe or a dangerous email, then it is sent to quarantine for evaluation. Tag and deliver: Opens a field for entry of a unique tag to be added to the Subject line of the email before forwarding. Forward to: Opens the Select User dialog. All available users are displayed in the left pane. Select the user and drag-and-drop to the right pane. The selected action will applied for the following file types: ade, adp, app, asp, bas, bat, bhx, cab, ceo, chm, cmd, com, cpl, crt, csr, der, exe, fxp, hlp, hta, inf, ins, isp, its, js, jse, lnk, mad, maf, mag, mam, mar, mas, mat, mde, mim, msc, msi, msp, mst, ole, pcd, pif, reg, scr, sct, shb, shs, vb, vbe, vbmacros, vbs, vsw, wmd, wmz, ws, wsc, wsf, wsh, xxe, docm, xlsm, arj, cab, jar, lha, rar, tar, zip, gz Action Taken The original attachment will be replaced with a text file inside the text file, and there will be details of the action taken, for example: The attachment 'dangerous.der' has been removed because it contained the following unwanted file extension: 'der' This will be seen for each file attached that was blocked.
Advanced Threat Protection Pane
Malware Outbreak	Cyren monitors large numbers of email messages to detect malware outbreaks. These are blocked before they have been formally analyzed and assigned a signature. The following options are available: Reject: The email is returned to the sender. The email is sent to trash/spam folder Quarantine: If the email is not safe or a dangerous email,then it is sent to quarantine for evaluation. Tag and deliver: Opens a field for entry of a unique tag to be added to the Subject line of the email before forwarding. Forward to: Opens the Select User dialog. All available users are displayed in the left pane. Select the user and drag-and-drop to the right pane.
DKIM	Domain Keys Identified Mail (DKIM) is an email authentication method designed to detect email spoofing. The sending party signs each outgoing message with a DKIM signature with applies to specific message headers. Cyren Email fraud protection validates the DKIM signature with a public key provided in the Sender’s DNS records, and if the DKIM signature fails validation an action can be taken. The following options are available: Reject: Email protection service provides a message to the sender that the message is not accepted. Quarantine: If the email is not safe or a dangerous email, then it is sent to quarantine for evaluation. Tag and deliver: Opens a field for entry of a unique tag to be added to the Subject line of the email before forwarding.
Sandbox Array	Suspect email and attachments are transferred to a safe environment on the Cyren servers. Once there the email or attachment is investigated to determine if it safe or not.
Time of Click Protection	Some malware gets through the system, and when the user clicks on the malware, the system will have already identified it, and it will be disabled on the first click. Blocked categories include: Anonymizers Compromised Network Errors Phishing & Fraud Zero Day Phishing Command and Control Botnets Malware Parked Domains Spam Sites Zero Day Malware Crypto Currency Mining
Spam & News Pane: provides filtering of emails that are not harmful to the computer or network, but that tend to cause workers to spend excessive amounts of time on non-productive activities.
Spam Filtering	Blocks spam from unidentified sources The following options are available: Reject: The email is returned to the sender. The email is sent to trash/spam folder. Quarantine: If the email is not safe or a dangerous email, then it is sent to quarantine for evaluation. Tag and deliver: Opens a field for entry of a unique tag to be added to the Subject line of the email before forwarding.
Advertising Spam Filtering	Blocks email spam from advertisers The following options are available: Reject: The email is returned to the sender. The email is sent to trash/spam folder Quarantine:If the email is not safe or a dangerous email, then it is sent to quarantine for evaluation. Tag and deliver: Opens a field for entry of a unique tag to be added to the Subject line of the email before forwarding.
Newsletters	Blocks all newsletters The following options are available: Reject: The email is returned to the sender. The email is sent to trash/spam folder Quarantine: If the email is not safe or a dangerous email, then it is sent to quarantine for evaluation. Tag and deliver: Opens a field for entry of a unique tag to be added to the Subject line of the email before forwarding.
Lists Pane
Block List	Filters websites that need to be blocked. You can insert Domains, IPs, email addresses. Please use only one entry per line. This entry may be followed by an optional comment, which is separated by at least one white space. Please use the following format: user@domain.com, or domain.com and 10.20.30.40 or 10.20.30.0/24 for the entries. Comments cam also start with '#', '//' or '–'. A blacklist entry can be useful if you repeatedly receive unsolicited emails from a particular sender, and the recognition is still inadequate even after reporting the issue multiple times.
Allow List	Filters websites that are allowed. You can insert Domains, IPs, email addresses. Please use only one entry per line. This entry may be followed by an optional comment, which is separated by at least one white space. Please use the following format: user@domain.com, or domain.com and 10.20.30.40 or 10.20.30.0/24 for the entries. Comments cam also start with '#', '//' or '–'. A whitelist entry can be useful in cases when legitimate emails from a particular sender are systematically categorized as spam.
Message Handling
Bounce	These are messages indicating that previous emails were not delivered. Deliver Handle as Spam: Spam rule will apply
Empty	An email message that has no subject or test in the body of the message. Deliver Handle as Spam: Spam rule will apply
Almost Empty	An email that has a subject line but no text. Some users may send an email with a brief comment in the subject line without adding text in the body of the message. Deliver Handle as Spam: Spam rule will apply

4. The sliders and fields in the window are set to their default positions.

Note: New Policy Sets are also displayed in this section. Maximum display is 5 Policy Sets. Additional sets, if available, can be viewed from a drop-down menu at the far right of the section.

5. Set the switches to settings based on local requirements.

General Security Settings
Spam & News
Lists
Message Handling

Note: Some switches, such as Anti Malware and Spam Filtering, when set to ON allow the user to select how to handle the detected item.

6. Select one of the following options:

Add Policy Set: assign a name in the dialog box.
Save As: assign a name in the dialog box.
Delete: deletes a policy set.
Save: used only for non-default Policy Sets.

7. The new Policy Set appears in the Policy drop-down menu of Rules tab.