Sender filter settings | Trend Micro Service Central

Views:

Just like physical letters, an email message has two sets of addresses: the envelope address and the message header address. The envelope address, like the address on the outside of an envelope, is used by the MTA to route and deliver the email message; the message header address, which is part of the message header, is similar to the address attached to a salutation at the start of a physical letter.

The Settings tab on the Sender Filter screen enables you to choose the type of sender addresses Cloud Email Gateway Protection uses to match the approved or blocked sender list.

The following options are available:

Envelope addresses
Message header addresses

By default, both options are selected. Cloud Email Gateway Protection uses both addresses for matching. The Message header addresses option can be modified while the Envelope addresses option cannot.

Note

If Message header addresses is selected on the Quarantine → End User Quarantine Settings screen, Trend Micro recommends you also select it on the Sender Filter Settings screen. Otherwise, the approved or blocked senders added by end users will not work as expected.

Cloud Email Gateway Protection provides the capability of inserting an X-Header in the message header for email messages matching approved senders. If you select the Insert an X-Header in the message header if an approved sender matches check box, you can do extra actions based on the message header on your own MTA or mail server.

The following X-Header is inserted in the message header once an approved sender's envelope address matches:

X-TM-Approved-Sender: envelope-sender
The following X-Header is inserted in the message header if an approved sender's envelope address does not match but the message header address matches:

X-TM-Approved-Sender: header-sender

Cloud Email Gateway Protection also allows you to specify which of the following scanning criteria should not be applied to emails from approved senders:

IP reputation-based filtering
Unknown sender domain check
Spam
BEC
Phishing and other suspicious content
Graymail
Web Reputation
Social engineering attack
Unusual signal

Note

Unless specified otherwise, Cloud Email Gateway Protection considers the envelope address as the common sender address.

Regardless of your sender address settings, IP reputation-based filtering and unknown sender domain check will always use Envelope addresses rather than Message header addresses to match the approved or blocked sender list. Unknown sender domain check refers to the check that verifies if the sender's envelop address has a valid DNS A or MX record.