Proofpoint Email Digest

Introduction

The Institute for Advanced Study is currently utilizing Proofpoint Protection Server® to identify SPAM email. Email is scored by Proofpoint on a 0 to 100 scale. "0" means the message is least likely SPAM, while "100" means the message is very likely SPAM.

When an email is overwhelmingly likely to be Spam (scoring 80 to 100), Proofpoint Protection Server is configured to quarantine the message and keeps it on the server for two weeks. After two weeks the message is deleted from the server.

If an email is probably spam (scoring between 50 and 80), Proofpoint Protection Server is configured to prepend the subject with the wording "[POSSIBLE SPAM]" but to keep a copy of the email in the quarantine folder for two weeks.

In addition, Proofpoint tries to determine if a message is a Phish (scam) email.  If it detects between 50 and 100 for phishing, it will place "[Probable Scam]" in the subject of the email and place it into the quarantine folder for two weeks.

Message Size Limits

Messages will be blocked if they meet any of these criteria. Note that numbers 3-6 are in place for protection of our email gateway to ensure it does not overload processing messages. We have had this issue 6 times between 2009 and 2011.

  1. If the message size is greater than 25M.
  2. If the attachment size is greater than 25M
  3. If a file within an archive that is attached is greater than 60M.
  4. If there are more than 256 attachments to an email
  5. If there are more than 8192 files within an attached archive
  6. If there are more than 100 levels within an attached archive

If you notice your messages are being blocked, please email net@ias.edu to have it resolved.

Email Digest

Everyday at 5 am, Proofpoint Protection Server sends out an email digest to each IAS user. To limit the disruption caused by Spam, the digest will be automatically placed into each user's SPAM Folder. If an email was incorrectly identified as SPAM and was quarantined, the user can look up the digest and determine the next step. To manually log in to check your quarantine folder, or to update your allowlist or blocklist, please navigate here: https://pps3.ias.edu

Options

  • View - To view a quarantined message, a login is required. This means the user must have a valid IAS credential.
  • Release - Click on "Release" to have the message delivered normally into your Inbox.
  • Safelist - Clicking on "Safelist" will put the sender into a white list. From now on, all email from this specific sender will not be quarantined.
  • Not Spam - Clicking on "Not Spam" will initiate an automated 'Spam False Positive' report back to Proofpoint Anti-SPAM Support Team for analysis.

SPAM False Positive

In rare cases, a legitimate email may be incorrectly identified as SPAM by Proofpoint Protection Server. This email is described as a "SPAM False Positive." Users have the ability to report the incident directly from the email digest back to Proofpoint Anti-SPAM Support Team by clicking on "Not Spam." Once Proofpoint support team receives the information, they will adjust anti-spam rules to prevent the problem from recurring.

Viewing a message

After clicking on the "View" option, a browser login window will pop up. Make sure the Username: is "userid@ias.edu" (not userid@smtp.ias.edu or any other format). Enter your LDAP password to login.

Request New End User Digest

Click on the link "Request New End User Digest" to generate a new email digest for this email account.

Request Safe/Blocked Senders List

Click on the link "Request Safe/Blocked Senders List" to receive an email report listing all Safe/Blocked senders for this email account.

Manage My Account

A user can manage the following features for the email account:

  • Lists - this is where we can view Safe/Blocked senders list.
  • Profile - to opt in/out End User Digest, select preferred language and spam detection policy.
  • Quarantine - to view all your messages in the quarantine folder.

Disabling Quarantine for a user

Go into the users section for the Proofpoint configuration on pps3.ias.edu (page takes 30-60seconds to load).  Find the user and click on their email address to bring up their "User Attributes".  Click on the "Services" tab and change the "Send Digest" dropdown to "No".  You can leave the "Enable Digest" as "Yes" incase the user/helpdesk ever needs to look at it.

Computing