Topics Topics


How to configure a Mail Policy Monitor

The Mail Policy Monitor function of SecurTracTM can audit/quarantine/copy/delete any e-mails that route through a Domino server. Using this powerful feature, companies can enforce e-mail security policies. To configure the Mail Policy Monitor, you need to open the SecurTrac Configuration Database (SCTCFG.NSF)

How to create a SecurTrac Mail Policy Monitor:

  1. Open the SecurTrac Configuration Database (SCTCFG.NSF).
  2. In the left pane, select .
  3. Click the button on the action bar.
  4. Specify the preferred configuration settings and click the button.
  5. Below is a table describing each of the available configuration options within the Mail Policy Monitor.


Basics Tab:

SectionFieldDescription
Server to MonitorServer(s)Either select "All in the Domain" or "Only the following" servers.

If you select "All in the Domain", specified users with mail databases on any server in the current Domino domain will be monitored by SecurTracTM.

If you select "Only the following", a list box will be shown for you to select the specific server(s) in the current domain to be monitored. Click on the button to choose the server(s) you want to monitor.

DescriptionDescriptionThis is an optional field which allows user to input description or remark for this monitor.
Log DatabaseFile nameSelect

Log to the default databaseThe corresponding log will be stored in a Central Log Database (SCTPolicyLog.nsf).
Log to the specified databaseThe corresponding log will be stored in the database you specified.
Log DatabaseServer nameSelect

Log to the server where the event occurred:

The corresponding log will be created on the same server where the event occurred.

Log to the specified server:

The corresponding log will be created on the server you specified. If you select this option, please make sure the originating server has sufficient access to the remote log database on the specified server.
Quarantine DatabaseFile name:Select

Quarantine to default quarantine database:

The corresponding log will be created on the same server where the event occurred in the default quarantine database. (SCTQuar.nsf).

Quarantine to the specified quarantine database:

The corresponding log will be stored in the database you specified.
Quarantine DatabaseServer name:Select

Quarantine action on the server where the event occurred.The corresponding log will be created on the same server where the event occurred.

Quarantine to the specified quarantine database:
The corresponding log will be created on the server you specified. If you select this option, please make sure the originating server has sufficient access to the remote log database on the specified server.
EnablementDisable this PolicyIf this field is checked, SecurTracTM will temporarily disable that specific Mail Policy Monitor and no configured actions within that Mail Policy Monitor document will be executed.



Policy Tab:

Mail Policy

This policy will generate a detailed log and Audit/Quarantine/Delete/Copy an e-mail when it matches the specified criteria

SectionFieldDescription
E-Mail TypeIncoming E-Mail from the InternetE-Mail sent from external internet domain (e.g. hotmail.com, gmail.com, etc...)
Outgoing E-Mail to the InternetE-Mail is sent to an external internet domain (e.g. hotmail.com, gmail.com etc..)
Internal E-MailE-Mail that originates from and is destined to internal domains only. (Internal Internet domains are determined from the Global Domain document and host name of the Domino server.)
Criteria to match: Formula EditorLog if formula is trueSpecify criteria for mail monitor. You should enter Notes @formula whose return value must be either TRUE or FALSE. For example, you can add '@Begins(Subject; "Confidential")' to monitor any mail whose subject begins with the word "Confidential".

Note: Refer to Building Sophisticated Criteria sectionDatabase 'SecurTrac Admin Guide', View 'd. Printed Book', Document 'Building more sophisticated Criteria' for advanced Formula settings.
Criteria to match: Formula WizardLog if these conditions are metUsing the new Formula Wizard, now you can easily create criteria to match, with no need to have programming experience. With its intuitive interface, you can easily select criteria conditions based on Sender, Body, Subject, Regular expression patterns, dictionary words, file attachment lists and more.
Criteria to match: Formula WizardShow formula generated by the Formula WizardNot selected by default and only visible when the Formula Wizard is used. When conditions are selected and applied using the Formula Wizard, a formula is automatically generated. Select this option to display the generated formula.
ActionAudit OnlySelect this option to log the action. The e-mail will still be delivered.
Audit and Delete the E-MailSelect this option to log the action and delete the e-mail, thus preventing it from being delivered.
Audit and Quarantine the E-MailSelect this option to log the action and quarantine the e-mail in the SecurTrac quarantine database, thus preventing it from being delivered. Once the e-mail is redirected to the quarantine database it can be reviewed by a Security Administrator, who can optionally choose to release the quarantined e-mail, thus allowing it to be delivered to the intended recipient(s)
Audit and copy E-Mail to Quarantine Database.Select this option to log the action and copy the e-mail to the SecurTrac quarantine database. In this case the e-mail is still delivered to the intended recipient(s), but a copy of the original e-mail is also stored in the quarantine database for review.
Audit and Delete the attachment(s) which meet the criteria.Select this option to delete the e-mail attachment(s) which meet the criteria. The recipient(s) will still receive the e-mail, but without the attachment(s).
Audit and Delete all attachment(s). Select this option to delete all attachment(s) in an e-mail. The recipient(s) will still receive the e-mail, but without the attachment(s).
Audit and Replace all Attachment(s) with download links.SecurTrac will provide a url link in the e-mail message body. Users can then download the attachment through HTTP. This function is used for large attachment or in cases where the smtp server does not accept exe or zip files and the administrator prefers to post them for download.
Stop processing other policies when this policy is triggered.When this policy is invoked, any remaining policies will not be processed. SecurTrac Mail Policies are processed in the order that they are listed in the Mail Policy view.
Don't generate log if it is a SecurTrac generated notificationSelect this option to prevent logging if the e-mail was generated by the SecurTrac task itself.
NotificationMailing addressSelect the person(s) who will receive an e-mail notification immediately when this action occurs.
ImportanceYou can set the importance of the e-mail notification.
Delivery Priority You can set the delivery priority of the e-mail notification.
Customize E-Mail Notification MessageSelect this option if you want to customize the subject and content of the e-mail notification message.
Notification to SenderIf the e-mail is quarantined or deleted, send a notification to senderWhen the policy is triggered and the e-mail is quarantined or deleted, an e-mail notification can be delivered to the sender notifying them of the action that was taken on their e-mail message.
ImportanceYou can set the importance of the e-mail notification.
Delivery PriorityYou can set the delivery priority of the e-mail notification.
Customize E-Mail Notification MessageSelect this option if you want to customize the subject and content of the e-mail notification message.

Administration Tab:

SectionFieldDescription
AdministrationOwnerSpecify the owner of the monitor document.
AdministratorsSpecify person(s) who can modify the current monitor document.
Settings Modification HistoryDateShows the date of modification for the current monitor document.
Updated byShows the persons who modified the current monitor document.



-------------------------------------------------------------------------------------------------------------------------------------------