Page History

• You will be provided with a personal quarantine for each of your filtered addresses.
• Messages containing executable attachments such as java scripts and macro-enabled documents will be rejected. To receive this kind of message, the sender must use some file transfer service such as polybox or similar.
• Messages that violate the sender's SPF or DMARC policy will be quarantined or marked as spam.
• Messages that come from hosts found on certain blocklists, will be rejected.

• You will receive a daily quarantine report via email. The report may be used to release quarantined messages and provide access to your “Management Center" user interface.
• Quarantined messages will be kept for 30 days..
• Each message listed in the quarantine report will have 4 "action" icons:
  
  • The "release" icon will deliver a copy of the quarantined message to your mailbox.
  • The "preview" icon will display the content of the quarantined message.
  • The "filter adjustment" icon will send a request to the MailCleaner analytical team to inform them that the message should not have been quarantined.
  • The “newsletter” icon will delivery a copy of the newsletter to your mailbox and add the sender to your newsletter allowlist.

In the Management Center (https://mailcleaner.ethz.ch/) you can activate the retaining of all mails detected as spam:

• The Management Center uses the same username and password as your email account.
• If your mailbox is located on the Exchange server, you may ignore the email domain during the login procedure.

• The Management Center,  https://mailcleaner.ethz.ch/  may be used to:
  
  • change the language and frequency of quarantine reports (daily, weekly, monthly, none).
  • group quarantines for multiple addresses into a single quarantine.
  • purge quarantined messages
  • choose the SPAM filtering action for your address (quarantine, tag, delete)
  • add sender addresses to your personal blocklist, allowlist, or warnlist.

• Mail from addresses in your blocklist will be quarantined, tagged, or deleted, depending on your spam filtering preference.
• Mail from addresses in your allowlist will not be filtered for SPAM. The allowlist must be used with caution. See the user manual for more information.
• If a message from an address in your "warnlist" lands in the quarantine, you will receive a warning message.
• Allowlists and warnlists use the envelope-sender address (from the “Received:” headers).
• Blocklists may use the "From:" address or the envelope-sender address.
• The block/allow/warn lists may contain addresses or domains.
• Wildcards (*) may be used in blocklist/allowlist/warnlist addresses or domains:

philip@*.ac.uk$
werbung@*.com$
*.books.ch$
postgres@id-hdb*.ethz.ch$

• If you blocklist a domain, but allowelist an address from that domain, mail from the allowlisted address will be delivered. 

• SPAM messages will be quarantined, tagged or deleted, depending on your preferences.

• Confirmed malware messages will be deleted or "disarmed" by removing an attachment or link. User preferences will have no effect on these actions.
• Dangerous content such as executable attachments or links to suspicious web sites may be removed from received messages. These messages will be tagged as “{Content?}”. Please contact the Service Desk to get the full text of the message.
• If you have received an AttentionVirus.txt attachment, it will contain the date and MessageID of the original message. Please include this information when you contact the Service Desk.

• Messages containing executable attachments such as java scripts or macro-enabled documents will be rejected. User allowlists will have no effect on these rejections. To receive this kind of message, please ask the sender to use a file transfer service such as polybox or similar.

• Messages that violate the sender's SPF or DMARC policy will be tagged as spam or quarantined. Messages from hosts in the SpamHaus blocklist will be rejected.
  https://en.wikipedia.org/wiki/Sender_Policy_Framework
  https://en.wikipedia.org/wiki/DMARC

• Many spam messages are now disguised as a newsletter. The “newsletter quarantine” function will quarantine any message that is classified as a newsletter. If you wish to use the “newsletter quarantine” function, you must activate it in the Management Center (Configuration> Address settings> For each message detected as newsletter: retain in quarantine).
• To add the sender to your “newsletter” allowlist and have the newsletter delivered to your mailbox, simply click the newsletter icon in your quarantine report, or click the "Accept this newsletter" button in your on-line quarantine.
• Note that a message can be classified as a “newsletter” AND “spam”, which means that a message may still land in your quarantine, even if the sender has been added to your “newsletter” allowlist.

• Phishing and malware messages should be reported to phishing@ethz.ch or virus@ethz.ch Please forward the message as an attachment to include the message "headers". Mail sent to these two addresses will open an OTRS ticket. Mail sent to phishing@ethz.ch will also send a copy of the message to the MailCleaner analytical team. Mail sent to the virus@ethz.ch address will be forwarded to the MailCleaner analytical team when appropriate.

• False negatives are "bad" messages that were delivered to your mailbox. False positives are "good" messages that were held in the quarantine or tagged as spam.
• Misclassified messages (false positives and negatives) should be reported as soon as possible to one of the reporting addresses.
• A false-negative message may be reported by forwarding the message as an attachment to spam@ethz.ch
• Forwarding the message as an attachment will include the message "headers", which are needed by the analytical team. After you have forwarded a false-negative message to the appropriate reporting address, you may delete the message.
• A false-positive message should be reported by clicking the message’s "filter adjustment" icon, or by forwarding the message as an attachment to nospam@ethz.ch

• Messages from a particular sender may still land in the quarantine after you requested a filter adjustment. The filter adjustment icon feeds messages to a Bayesian classifier, so you may need to repeat this process over several days.

• You may still receive spam with a particular subject or sender address even after you have reported it. An effective filtering system requires feedback from its users, so please forward every spam that you receive to the analytical team. To stop spam-waves, reporting is best done on a daily basis. You may include several spam messages in a single message to spam@ethz.ch

• Mail may come from other servers within our network, but are seen as "external" to the mail filter and are therefore subjected to filtering checks
• ETH servers that only generate automated mail would be candidates for the central allowlist.
• ETH servers that relay mail from external sources would not be considered for the central allowlist.
• Contact the Service Desk if the sender address is a candidate for a central allowlist.

• Your address is included in a mail distribution list that is configured to tag spam messages.

• Mail distribution lists that receive external mail should be configured as “tag-only”, or should have one address designated to receive quarantine reports, set filter preferences and to release any wrongly-quarantined messages to members of the list.
• The reports-to address may be set in the Management Center (Address settings> Send reports to this address).
• Please contact the Service Desk if you are unable to set the address.

• for questions about the use of quarantine reports or your Management Center
• to request the full text of a “disarmed” message
• for questions about missing messages
• to designate an address to receive quarantine reports for a distribution list

For more information, please see the MailCleaner User Guide:

http://www.mailcleaner.net/downloads/documentations/mailcleaner_user_manual.pdf
http://www.mailcleaner.net/downloads/documentations/de/mailcleaner_benutzerhandbuch.pdf
http://www.mailcleaner.net/downloads/documentations/fr/mailcleaner_manuel_utilisateur.pdf