You are here: / / / FAQs IKARUS mail.security

FAQs IKARUS mail.security

  • I DO NOT RECEIVE EXPECTED EMAILS

    The status of the received emails can be checked in the log files.

    Using the log file access interface, you can search for any email accepted by the IKARUS mail.security system. If an email has been received, you can find the status of the email. The following status values are available:

    • Delivered: Email was sent to the next server.
    • Delivery error: delivery to the destination server failed.
    • Queued: the transmission to the next server is still pending.
    • Rejected: the email was rejected due to spam / virus / attachment.

    Emails can be resent directly from the log file.

    In addition, there are emails that are rejected by the system. This happens when the sender’s domain is not authorised by SPF (sender policy framework).

  • WHAT IS APT OR ATP?

    The abbreviations stand for Advanced Persistent Threat (APT) and Advanced Threat Protection (ATP) respectively. This is a sandbox environment that is used for additional tests of the files that are not detected as a virus by IKARUS. The file is executed, and the behaviour is analysed by the ATP, depending on this behaviour it is detected as a virus. This provides additional protection against new, unknown viruses or malware.

  • WHAT DO I HAVE TO CHANGE IN MY ENVIRONMENT IF I WANT TO USE IKARUS MAIL.SECURITY?

    To use IKARUS mail.security, you need to change the MX record of your email domain to mx.mymailwall.at and submit the server IP (or DNS name) of your email domain to IKARUS to complete the forwarding.

  • WHAT DO THE SPAM FILTERS CONTROL?

    The spam filters determine the parameters within which an email is recognised as possible spam or spam.
    The default settings are those we recommend. First test them and only change them when you are sure about the required settings.

  • WHY WILL I RECEIVE E-MAILS WITH THE SUBJECT ******SPAM*****?

    Our default setting flags emails as spam and/or possible spam. This ensures that new customers can check their settings and adjust them if necessary without worrying about missing an email.

  • A VIRUS WAS FOUND IN ONE OF MY EMAILS. WHY DID I RECEIVE THE E-MAIL ANYWAY?

    The virus filter can be set to determine what should happen to an email that contains a virus.
    With the default setting, the virus is removed from the email, while other attachments and the email itself continue to be delivered.
    It should be noted that in this case the email is no longer checked for spam, as an email with a virus is always classified as spam.

  • WHAT DOES "AN EXECUTABLE FILE IS A VIRUS" MEAN?

    This identifies all executable files in email attachments as viruses.
    If they are directly attached, not only is the file extension checked, but the file is analysed so that renamed files are also detected.
    If files are contained in a password-protected archive, they are only detected by their file extension.

  • WHICH FILES ARE RECOGNISED AS EXECUTABLE?

    This includes all PE files, e.g. .acm, .ax, .cpl, .dll, .drv, .efi, .exe, .mui, .ocx, .scr, .sys, .tsp

  • WHAT DOES "AN ENCRYPTED ARCHIVE IS A VIRUS" MEAN?

    This includes all types of encrypted archives.

  • WHAT IS A QUARANTINE MAILBOX?

    Any virus detected by IKARUS mail.security is sent to this mailbox if the programme is configured accordingly.
    The virus file is sent to a password-protected archive, with the password specified in the email. The virus file is also modified so that it cannot be executed unintentionally.

  • WHAT DOES "CHECK SPF ENTRY" MEAN?

    Domains sending via IKARUS mail.security are checked to see if they have an SPF entry and if so, whether it contains: mymailwall.com.

  • WHAT DOES A SPF ENTRY PROVIDE?

    An SPF record specifies which servers are allowed to send using the domain names. This prevents abuse of the domain by not accepting emails from senders not in the DNS record.

  • AN E-MAIL WAS REJECTED BECAUSE OF SPF?

    If an email is rejected due to SPF, it is initially not accepted.
    In this case, an SPF whitelist entry must be made for the domain. Afterwards, the email must be resent by the sender.

  • HOW LONG DOES IT TAKE FOR THE CHANGES TO TAKE EFFECT?

    Changes usually take effect within five minutes.

  • HOW CAN I DEFINE MY OWN SPAM RULES?

    Rules can be defined to categorise emails. This action is usually of interest if the sender is on several blacklists and the user wants to continue receiving these emails until the clean-up is complete.

    Email section: This defines what the filter will focus on.

    Sender: This is the sender of the envelope or the actual sender of the email, which is not necessarily the same as the sender identified in the email program.

    Recipient: To whom the email is sent. A single address can be selected to be excluded from the spam filter.

    Subject: A specific section of text can be specified here to be part of the subject

    Text: A specific text sequence can be specified here, which can be found in the body of the e-mail.

    Content: Specifies the string used to perform a search for sender, recipient, subject or text. It should be noted that the search is only performed for the character string, without considering what comes before or after it. For example, if the text “count” is searched for, the word “accounting” is included.

    Type: This determines what happens to an email when it is selected by the filter.

    Possible selections are normal, possible or spam.

    Counter: Counts how often the rule has been applied since it was implemented. This can be reset for all rules with the “Reset all counters” function.

    Action: Rules can be deleted, processed, and moved up or down. It should be noted that the rules are processed from top to bottom, using the first applicable rule. This means that the order of the rules is relevant.

    Filter for attachments: Settings relating to email attachments can be made via the attachment filter. Attachments with certain names, file extensions or file types can be blocked with this filter.

    “*” can be used as a wildcard.

    Please note that the MS Office/Word/etc. file extensions only apply to Office 2007.

  • WHAT IS GREYLISTING?

    When IKARUS mail.security greylists a message, it responds to the sending mail server with a temporary rejection message that causes the sender to try again.
    If another attempt is made to send an email with the same combination of data, this email will be accepted. Whether and when another attempt is made depends solely on the sender.

  • CAN I SPECIFY A BACKUP SERVER?

    Yes, you can specify a second destination server to be used as a backup.

SIEM

What is a SIEM?

Nozomi Guardian Air

Guardian Air: Detecting Attacks via Wireless Frequencies

HarfangLab Guard

The IKARUS OT Security Program 2024

MITRE ATT&CK Framework

MITRE ATT&CK Framework and Evaluations

v.l.n.r.: Joe Pichlmayr (CEO IKARUS) – Anouck Teiller (CSO HarfangLab) –Alexander van der Bellen (Bundespräsident Österreich) - Frédéric Joureau (Erster Botschaftsrat der französischen Botschaft in Wien) – Christian Fritz (COO IKARUS)

IKT 2024: Austrian President visits IKARUS Stand

EDR

EDR: Why anti-virus is no longer enough

Cyber Kill Chain

Cyber Kill Chain: Defend better and faster against targeted attacks

Business Email Compromise

Business Email Compromise: Risks, trends and defences

WE ARE LOOKING FORWARD TO HEARING FROM YOU!

IKARUS Security Software GmbH Blechturmgasse 11
1050 Vienna

Phone: +43 1 58995-0
Sales Hotline:
+43 1 58995-500
sales@ikarus.at

SUPPORT HOTLINE

Support hotline:
+43 1 58995-400
support@ikarus.at

Support hours:
Mon – Thu: 8am – 5pm
Fri: 8am – 3pm
24/7 support by arrangement

Remote maintenance software:
AnyDesk Download

MORE INFORMATION

Webshop
Legal notice
GTC
EULA
Privacy Policy