Web interface

The Mail Quarantine Web interface is an alternative to Mail quarantine manager, however, it is only available for the Local quarantine.

note_icon_note NOTE

Mail Quarantine Web interface is not available on a server with Edge Transport Server role because the Active Directory is not accessible for authentication.

The Mail Quarantine Web interface allows you to view the state of the mail quarantine. It also lets you to manage quarantined email objects. This web interface is accessible via links from quarantine reports or directly by entering a URL into a your web browser. To access the Mail Quarantine web interface, you must authenticate using domain credentials. Internet Explorer will automatically authenticate a domain user. However, the web page certificate must be valid, Automatic logon must be enabled in IE, and you must add the Mail Quarantine website to Local intranet sites.

Any user that exists in the Active Directory can access the Mail Quarantine Web interface, but will only see quarantined items that were sent to his email address (this includes the user's aliases as well). The Administrator is able to see all quarantined items for all recipients.

The Enable web interface switch allows you to disable or enable the web interface.

web_interface

note_icon_important IMPORTANT

ESET Mail Security is not using IIS to run Mail Quarantine Web interface. Instead, it is using HTTP server API which includes SSL support to allow data exchange over secure HTTP connections. Windows Server 2003 is an exception, you need to have a web site certificate installed in IIS to enable SSL communication.

Web url - This is the URL on which the Web interface of Mail Quarantine will be available. By default, it is FQDN of the server with /quarantine (e.g. mailserver.company.com/quarantine). You can specify your own virtual directory instead of the default /quarantine. You can change the Web url anytime by editing the value. The Web url value needs to be specified without a scheme (HTTP, HTTPS) and without a port number, use only fqdn/virtualdirectory form. Also, you can use wildcards instead of FQDN.

note_icon_note NOTE

ESET Mail Security supports Web urls in four different forms:

Strong wildcard (+/quarantine)
Explicit (mydomain.com/quarantine)
IP-bound weak wildcard (192.168.0.0/quarantine)
Weak wildcard (*/quarantine)

See the Host-Specifier Categories section of UrlPrefix Strings article for more information.

note_icon_note NOTE

Once you modify the Web url, it is not possible to revert it back to default by clicking the revert DEFAULT icon. Remove the entry and leave the text box blank. Restart your server. When ESET Mail Security starts and finds the Web url is empty, it will automatically fill this field with the default fqdn/quarantine value.

HTTPS port - used for the Web interface. Default port number is 443.

HTTP port - used for releasing emails from quarantine via email reports.

note_icon_important IMPORTANT

If you change the port number for HTTPS or HTTP, make sure to add corresponding port binding in IIS.

Enable default administrators - By default, members of Administrators group are granted admin access to the Mail Quarantine Web interface. Admin access has no restrictions and let the Admin to see all quarantined items for all recipients. If you disable this option, only Administrator user accounts have access to the Mail Quarantine Web interface.

Additional access rights - Grant users additional access to the Mail Quarantine Web interface and choose Access type. Click Edit to open the Additional access rights window, click Add to grant access to a user. In the New access right pop-up window, click Select and choose a user from the Active Directory (you can choose only one user), and select the Access type from the drop-down list:

Administrator - user has admin access to the Mail Quarantine Web interface.

Delegated access - use this access type if you want to let a user (delegate) to see and manage quarantined messages of another recipient. Specify the Recipient address by typing an email address for a user, whose quarantined messages will be managed by the delegate. If a user has aliases in the Active Directory, you can add additional access rights to each alias, if desired.

web_interface_new_access

An example of users that were granted additional access rights to the Mail Quarantine Web interface:

web_interface_additional_access

To access the Web interface of Mail Quarantine, open your web browser and use the URL specified in Advanced setup > Server > Mail quarantine > Web interface > Web url.

quarantine_web_interface

Release - releases email(s) to its original recipient(s) using the Replay directory and deletes it from quarantine. Click Submit to confirm the action.

note_icon_note NOTE

When releasing an email from quarantine, ESET Mail Security ignores the To: MIME header because it can be easily spoofed. Instead, it uses the original recipient information from RCPT TO: command acquired during the SMTP connection. This ensures that the correct email recipient receives the message being released from quarantine.

Delete - deletes item from quarantine. Click Submit to confirm the action.

When you click Subject, a pop-up window will open with details about the quarantined email, such as Type, Reason, Sender, Date, Attachments, etc.

quarantine_web_interface_email_detail

Click Show headers to review the header of the quarantined email.

quarantine_web_interface_email_header

If desired, click Release or Delete to take action with a quarantined email message.

note_icon_note NOTE

You must close your browser window to completely log out of the Mail Quarantine Web interface. Otherwise, click Go to quarantine view to return to the previous screen.

quarantine_web_interface_logout

note_icon_important IMPORTANT

If you are having problems accessing the Mail Quarantine Web interface from your browser or are getting the error HTTP Error 403.4 - Forbidden or similar, check to see which Quarantine type is selected and make sure it is Local quarantine and that Enable web interface is enabled.