Monday, September 30, 2013, 11:12
Solution ID: 00000248
Is there any way to limit users of PerfectMail to just be able to look at the spam scores for an e-mail, but not be able to see the actual content? This is a security issue for us. We don't want all of our IT staff to be able to read the content of an e-mail message.
PerfectMail provides a number of ways to secure your mail content from prying eyes. The first step in securing your server is to ensure administrator access is granted on a "needs" basis. Not ever administrator needs full access to your PerfectMail server. End-users should not have access to the administrator interface at all. We provide User Empowerment Tools to allow your users to manage their own e-mail without requiring access to the administrator interface.
If required, you can restrict the global "message view" setting for all PerfectMail administrators. Connect to the administrator web interface and navigate to "Server Admin > Server Settings" and select the "Security" tab. Here you can adjust the setting for "Allow message viewing" to prevent message content viewing in the admin interface.
Restrict User Settings:
Under "Server Admin > Users" you can click on the "Permissions" tab of a user and change their type from "Administrator" to "User". An "Administrator" has full access to the PerfectMail web interface. Not every administrative user needs full access. You'll need at least one full "Administrator", but most other users can be set as the "User" type. Then you can select the administrative permissions each user has, including "View message content" setting.
Allow End Users to Manage Their E-mail:
With PerfectMail your users can manage their own e-mail without needing administrator access. PerfectMail offers an E-mail Activity Report and Self-Service Console, which allows each user to view and manage their e-mail activity without seeing another persons e-mail.
You can enable these features using "Server Admin > Server Settings > Activity Report (tab)". You need to make sure the "Local Server Web URL" is set correctly for your server - it needs to be the URL that *can* be hit from wherever your users are. (Sometimes organizations have problems with internal private networks vs. public networks with respect to DNS resolution; or having the ability to access the PM server because of firewall rules.)
After these features are enabled you go to "Domain Admin > Domains", select a domain, click on "Edit Addresses" (in the bottom right corner of the screen), and edit the settings for each user using the "Self Service Console" or "Activity Report" tabs.
The Activity Report sends an e-mail activity report which may include "one click" links so users can manage their e-mail directly from the report. It can also include a link to go to the Self Service Console.
The Self Service Console is a limited user based interface so an end user can manage their own e-mail. They can get into the interface via a link on the Activity Report or can log in directly to the PerfectMail interface using their e-mail address and password. This password can be set by and administrator or by the users themselves on the "Settings" tab.
Administrator Audit Log:
PerfectMail also includes an Audit Log so you can see what your PerfectMail administrators are doing. You can find the Audit Log at "Server Admin > Audit Log". Auditing helps to track administrator activities so you can have peace of mind in knowing what is happening with your PerfectMail server. Auditing can also act as a preventative measure if your administrators know their activities are being audited.
Tags: PerfectMail, antispam, administrator, e-mail, activity, content, view, security, audit, reports, console
Link to this article: kb/encrypting_message_content
Updated: Monday, September 30, 2013, 11:12
-- David Rutherford