Other Business Security Products

Sort by:
Issue: Malware detection email was not received by sender and/or recipient during malware detection, even though it is configured to do so on Threatshield's Web User Interface. Resolution: As per the screenshot below, these are the choices to notify the sender and recipients when there is a malware detection. These notifications will only be sent to sender and/or recipient when the sender and/or recipient is within the Protected Domains or Subnetworks. Sender's server address MUST be set using IP or Hostname. Recipient's server address MUST be set using Domain name. Below are the specific behavior of Threatshield's notification email.     Notification sent to sender Notification sent to recipient Protected -> Protected Yes No Protected -> Non-protected Yes No Non-protected -> Protected No Yes Non-protected -> Non-protected No No Where: Protected : Domain specified in Protected Domains or Subnetworks. Non-protected : Domain that are not specified in Protected Domains or Subnetworks. Example 1 : Protected domains and subnetworks: <server A IP address> Server A will be considered as Sender's protected domain, hence the behavior will follow "Protected -> Protected" Example 2 : Protected domains and subnetworks: <server A domain> Server A will be considered as Recipient's protected domain, hence the behavior will follow "Non-protected -> Protected" Article no: 000018404
View full article
Issue: We would like to renew our F-Secure Internet Gatekeeper for Linux license, is this possible?  Resolution: F-Secure Internet Gatekeeper has reached end of sales on the 31st of March 2019. We have decided to focus our strategic initiatives in the field of Detection and Response. To improve our performance in this field, F-Secure has decided to minimize investments in certain development areas.    Article no: 000018405
View full article
Issue: I noticed that the following error message is output when a queueable job that adds date field values to related cases on "Case Status Update" is triggered. This job always starts a new job in the queueable context. Somehow, F-Secure Cloud Protection for Salesforce starts another job in the same context, which leads to the error message. Error message: FATAL_ERROR|System.LimitException: AFSC:Too many queueable jobs added to the queue: 2 (AFSC) Resolution: If you are using an older version of F-Secure Cloud Protection for Salesforce, proceed to upgrade the application to the latest version and check if there is any improvement. If the issue persists, proceed to report the issue by contacting F-Secure Support. In order for us to collect the debug logs and investigate the issue further at our end, you need to: Allow us the remote login access to your Salesforce organization Provide us with detail instructions on how to reproduce the issue Article no: 000010629
View full article
Issue: The MSG appliance has stopped sending emails out to external domain addresses Sending emails to internal domain addresses works without issue Receiving emails from any sender works normally Outgoing connector is showing errors about invalid certificates Resolution: The problem might be caused by an invalid or expired certificate on the MSG-appliance To verify the active certificate: Log in to the MSG web UI Select the System-tab on the top of the page Navigate to System->Certificates->Services using the menu on the left-hand side Note which certificate is in use for the different services Navigate to System->Certificates->Certificates Verify the validity of the certificate(s) that is in use If the wrong certificate is in use, it can be changed on the Services-page from step 3. Use the dropdown menus to change the certificate for all services and click Save changes. If the certificate in use has expired, use the Generate Certificate Request-button on the Certificates-page from step 5 to start the process of adding a new certificate to the MSG-appliance. Use the created certificate request with an acquired certificate from a certificate vendor to make a new certificate for the MSG, then import the new certificate into the appliance using the Import-button, also on the Certificates-page from step 5. After this, use the instructions mentioned above to change the active certificate for all services, and save the changes. Article no: 000018374
View full article
Issue: Trying to send emails through MSG results in the following Non-Delivery Report (NDR) message: SMTP Protocol Returned a Permanent Error 550 5.7.0 Blocked - see https://ipcheck.proofpoint.com/?ip=<ip.address.goes.here> Resolution: The sending IP-address has been blocked by Proofpoint Dynamic Reputation (PDR). This can be double-checked by visiting the page https://ipcheck.proofpoint.com The section About Proofpoint® Dynamic Reputation (PDR) contains more information about the function as well as a link to an FAQ-page with common questions and answers, for example what to do to prevent this from happening. To get the situation investigated quicker, open a support ticket with F-Secure. Include the IP that is blocked and information about how long the situation has been ongoing. Article no: 000005857
View full article
Issue: A mail targeted to multiple recipients returns with the message saying that "the following addresses had permanent fatal errors", followed by a list of all recipients. However when sending the same message to individual users it seems to work. It seems that if one recipient is invalid, all recipients get the same label, why is this happening? When checking the message in Smart Search in the MSG Web UI, the MTA logs contains the following error: relay=[], dsn=5.0.0, reply=550 5.1.1 User unknown, stat=Service unavailable Resolution: The entry from the MTA logs list a reply from a server relaying the mail to the final recipient, so the problem is not within MSG but coming from the relay server of the recipient. This is something that the recipient needs to verify on their end. If the recipient causing these errors is a legit user, they might be missing from a user verification database on the receiving end and their relay server might be set up to reject messages where any of the recipients are unknown. Article no: 000009919
View full article
Issue: How to configure DKIM and DMARC in Messaging Security Gateway? Resolution: To configure DKIM: Navigate to Email Protection > Email Authentication > DKIM > General For Enable, select On. A Policy Routes section appears Enable Restrict processing to selected policy routes... Confirm that the policy route default_inbound is present in the Require Any Of-list Add any other required inbound policy routes to the Require Any Of-list Click Save Changes To enable DKIM signing: DKIM signing is not required for authenticating incoming email, but needs to be set up if you want others to be able to authenticate emails coming from your organization. Navigate to Email Protection > Email Authentication > DKIM Signing> General For Enable, select On Set the DKIM Signing Error to Reject the message temporarily Click Edit Rule... Make sure Delivery Method is set to Retry Click Save Changes Navigate to Email Protection > Email Authentication > DKIM Signing> Keys Click Generate Key Set Domain to the domain that the key should be signing Set Selector to any alphanumeric string, at your discretion. The important thing is to NOT leave the field empty Set Scope to either Any, Domain Including Sub-Domains or Exact Domain Tick the Disable processing for selected policy routes...-checkbox Add all inbound policy routes to the Disable For Any Of-list Once the key is generated, a DNS text record is also generated which will need to be published to your DNS servers. Click View in the DNS Text Record column to see the record for a specific key. To enable DMARC: If SPF is not enabled: Navigate to Email Protection > Email Authentication > SPF > General For Enable, select On. A Policy Routes section appears Enable Restrict processing to selected policy routes... Confirm that the policy route default_inbound is present in the Require Any Of-list Add any other required inbound policy routes to the Require Any Of-list Click Save Changes If DKIM is not enabled: Refer back to the instructions above, "To configure DKIM", regarding how to set up DKIM Enable DMARC: Before you enable DMARC, ensure that you have also enabled the SPF and DKIM modules Navigate to Email Protection > Email Authentication > DMARC > General For Enable, select On. A Policy Routes section appears Enable Restrict processing to selected policy routes... Confirm that the policy route default_inbound is present in the Require Any Of-list Add any other required inbound policy routes to the Require Any Of-list Important: Ensure that the same inbound policy routes that you selected for the SPF and DKIM modules are also on the Require Any Of-list Click Save Changes Article no: 000003216
View full article
Issue: Email messages are delivered but the sender gets an empty permerror email notification from MSG. Resolution: The PermError condition means the sender published SPF record could not be verified. Permerror are usually caused by an incorrect SPF syntax or format error in the SPF record. You may advise the sender to ensure their SPF record is set up correctly and does not have any extra spaces or unrecognizable characters in the DNS TXT record. To prevent the sender from getting the same message, please follow these instructions: 1. Logon to your MSG admin web user interface. 2. Click Email Protection tab. 3. Expand Email Authentication > SPF > Rules. 4. Click on the Edit Rule option of SPF Permanent Error. 5. Under Dispositions, untick the "Reply to sender based on detected language" check box. By disabling the option, senders should not receive the e-mail notification. If you want to use that option, leave the check box ticked and write some message in the Subject and Message field. Article no: 000016530
View full article
Issue: A software in our environment sends out regular emails to internal and external recipients. A tag is added to the subject line to have these messages encrypted by MSG. Only the messages intended for internal recipients are being encrypted, all messages from the software to external recipients arrive unencrypted. Resolution: Start by verifying that these messages are being routed through the MSG-appliance. It is possible that the software has different routing rules based on domains and that the external traffic isn't routed to the MSG-appliance at all. In MSG, you can check the details of a message using Smart Search: Log in to the MSG Web UI Make sure the System-tab is selected at the top On the left-hand menu, navigate down to Smart Search-> Search Use the sender and/or recipient information to search for the message. Do note that the Time-field usually is set to Last 24 Hours, which might be too restrictive, so expanding it to for example Last 7 Days is recommended. If you find messages, you can verify their encryption status by checking the envelope symbol at the left of the message row. If it has a small lock on it, the message is encrypted.  Expand the message info by clicking the small + next to the envelope symbol to see more details. Here the Encryption-field should also be set to Proofpoint Encryption/Secure Reader Encrypted if the message is encrypted. If you find messages that should be encrypted but aren't, open a support ticket so that it can be investigated. Provide the appliance-ID and information about the messages so that we can identify them (sender/recipient info, time when it was sent, subject field text). A sample message saved as .eml or .msg is also useful. To ensure that we can help you efficiently, please make sure that the following IP-addresses can access the MSG-appliance on ports 22 and 10000: 203.112.232.170                 F-Secure Support / Kuala Lumpur 193.110.108.33                   F-Secure Support / HTC Helsinki 208.86.202.10                     Proofpoint 208.84.66.21                       Proofpoint 208.84.67.21                       Proofpoint Article no: 000018154
View full article
Issue: Does MSG message encryption work normally when sending emails from a distribution list? Resolution: Yes, sending from a distribution list has no effect on the MSG message encryption functionality. Article no: 000018149
View full article
Issue: After creating or modifying a Branding template, when adding the Title -information and clicking Save, the saving request keeps hanging (Saving... Please wait) and the Title -information is not being saved. Resolution: This happens if you are using empty spaces in the Title and also possibly when using different special characters, which are not supported. To resolve the issue, you will need to remove the spaces and the special characters.    Article no: 000006820
View full article
This article explains how you can send false spam positives and false spam negatives to Proofpoint for further analysis.
View full article
This article describes how to stop and start the F-Secure Secure Messaging Security Gateway (FSMSG) PPS service if necessary.
View full article
This article describes how you can send test messages from the command line to test an F-Secure Messaging Secure Gateway (FSMSG) appliance...
View full article
This article explains what you need to do to get the F-Secure Messaging Security Gateway (MSG) product upgraded to the latest version.
View full article
This article describes how you can force TLS encryption with Microsoft Exchange.
View full article
This article describes how you can create a rule to block e-mails with a specific character set.
View full article
If the F-Secure Messaging Security Gateway has been in evaluation with an evaluation activation key, it must be activated with a real activation key...
View full article
This article explains how you can add a footer, such as a disclaimer, to all outbound mail of an F-Secure Messaging Security Gateway (MSG) Server.
View full article
This article explains how to accept all incoming e-mails regardless of the domain they have been sent to.
View full article
You can manually assign F-Secure Cloud Protection licenses to selected users in the following way:
View full article
The F-Secure Cloud Protection application comes with a number of privacy-related settings that can be configured on the Administration page. These...
View full article
The Scheduled Scanning feature in F-Secure Cloud Protection allows you to (re)scan Salesforce files and attachments for harmful and disallowed content...
View full article
Once the scheduled job is created, you can modify its settings in the AFSC__FS_ManualScanSetting__c custom object, which stores settings for the...
View full article
Although it may be easier to validate the automatic assign rule conditions in the Assign Licenses window, you can also use the Automatic License...
View full article
This article describes how you can import users and groups with LDAP import.
View full article
There might be cases where legitimate email is considered as spam. This may happen, for example, with automated systems generating non-standard SMTP...
View full article
This article describes how you can specify the spam policy to block bulk and phishing emails.
View full article
This article describes how you can create a domain-specific spam policy. At first, you need to add a domain group, then add a spam policy.
View full article
This article describes how you can enable end-user digests.
View full article
This article describes how you can add new domain/customer policy routes.
View full article
This article describes how you can add a new domain/customer for outbound email.
View full article
This article describes how you can add a new domain/customer for inbound email.
View full article
This article describes how you can create domain-specific reports.
View full article
This article describes how you can add users to F-Secure PSE user repository automatically.
View full article
You can modify the bulk score for a sender in order to safelist the sender. There are two options to change the bulk score of a sender:
View full article
This article describes what Messaging Security Gateway (MSG) backs up and how the process work.
View full article
This article explains in detail what kind of information is sent upstream when new databases are polled or the product is activated.
View full article
This article describes how you can check whether a mail server is responding or not. It explains how to do this in principle and provides links to...
View full article
This article describes which ports to open in the firewall to enable virus and spam database updates for F-Secure Messaging Security Gateway (FSMSG).
View full article
There are 28 web site categories that the F-Secure Cloud Protection application can be configured to check and block access to.
View full article
This article lists the Salesforce editions onto which the F-Secure Cloud Protection application can be installed.
View full article
F-Secure Cloud Protection supports the same archive formats as other F-Secure products, including but not limited to ZIP, 7Z, ARJ, RAR, JAR, LZH, CAB,...
View full article
This article lists the Salesforce objects where F-Secure Cloud Protection scans the URLs.
View full article
The F-Secure Cloud Protection for Salesforce application can be found in the Salesforce AppExchange marketplace (Japanese AppExchange) .
View full article
To be protected against harmful and disallowed content, an F-Secure Cloud Protection license must be assigned to each user in your Salesforce...
View full article
Yes. You can get a free trial from Salesforce AppExchange. The app comes with a trial license which allows you to install it and use all its features...
View full article
Yes, it is possible to whitelist web sites. In the URL Protection settings you can define hosts, domains or exact URLs that will be excluded from web...
View full article
This article describes how you can buy an F-Secure Cloud Protection for Salesforce license for your organization.
View full article
No. The F-Secure Cloud Protection for Salesforce app has a built-in license key that is managed through the Salesforce License Management app by...
View full article