McAfee Spam Services (MXLogic) – What Admins Should Know
The MXLogic console is located at: https://console.mxlogic.com, you can use the “forgot your password” feature to gain access. You have been elevated as customer admin so you can make changes as needed. You should be able to familiarize yourself with the console pretty quickly but if you need additional information, there’s a demo video at: http://www.excelmicro.com/videos/McAfee Message Center.swf
The “My Account” tab is the one that your users will see. We have created a welcome page for your users at: http://hosting.interworks.com/2012/10/01/mcafee-spam-services-mxlogic-what-users-should-know/ that will assist in the transition to the new service.
Once logged in, you can find the inbound/outbound settings by clicking on Email protection > setup. This is where your you can find the settings for inbound and outbound delivery servers, and where point your MX records to allow the spam filtering process.
The main filtering policy is defined under Email Protection > Policies > Inbound Policies, here are the defaults that we start with:
The biggest change from other services is the “graymail” setting. It’s a pretty aggressive filter that catches most mailing lists and newsletters that users have signed up for. With the “Do nothing” setting, you’ll likely have users complaining about spam when they are really receiving newsletters from legitimate sources. It’s pretty well a catch 22, so you can change how you want that setting configured according to your needs.
We enable the block of the backscatter (at the bottom). It helps with those undeliverable messages coming back to spammers that make people think their accounts were compromised. Additionally, we set the “almost certainly spam” to Quarantine so nothing will outright get denied based on spam scoring.
Another worthwhile difference deals with file attachment setting:
These are the defaults, we usually don’t touch them unless there’s some specific need. If your environment requires users to receive email with scripts or executables, the recommended solution is to set the action to “quarantine the message”. This setting will notify the user (via the spam report) that they have a quarantined message, but will require an admin to release the message. This allows an admin to verify that the attachment is safe before releasing the mail to the user.
1. Log on to the Console as the administrator
2. Select Email Protection
3. Select Quarantine tab
4. Perform a Search
5. Release the message in question
Another thing that should be considered is MXLogic has a maximum of 10 aliases per user. We can create a distribution group and add email addresses that don’t require spam reports or console access. If there are users that require more than 10 aliases and need those services, we will need to break them up as separate users. If migrating from a previous spam service, any account with more than 10 aliases will have the aliases truncated, therefore requiring the additional aliases to be manually re-entered into the system. Note: Adding accounts and aliases requires propagation and can take up to 15 minutes to take effect.
The spam reports will come in daily at 9pm. There will be a link in the summary with an outlook plugin that will delete spam and report it to McAfee. It’s not required, but some people like the ability to easily report spam. We gave users the privilege of adjusting filtering options, since one global doesn’t seem to fit everyone.
When migrating to MXLogic from another service, we will leave the previous account active for 7 days after the migration as a “grace period” in case we need to reference aliases, allow for propagation, etc.
If you have any Questions, please feel free to contact us.