- Products
- Network Security
Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
Security ServicesComprehensive security for your network security solution
Network Security ManagerModern Security Management for today’s security landscape
- Advanced Threat Protection
Capture ATPMulti-engine advanced threat detection
Capture Security applianceAdvanced Threat Protection for modern threat landscape
- Access Security
Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
Secure Mobile AccessRemote, best-in-class, secure access
Wireless Access PointsEasy to manage, fast and secure Wi-FI
SwitchesHigh-speed network switching for business connectivity
- Email Security
Email SecurityProtect against today’s advanced email threats
- Cloud Security
Cloud App SecurityVisibility and security for Cloud Apps
Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
- Endpoint Security
Capture ClientStop advanced threats and rollback the damage caused by malware
Content Filtering ClientControl access to unwanted and unsecure web content
- Product Widgets
- Product Menu Right Image
-
- Network Security
- Solutions
- Solutions Widgets
- Solutions Image Widgets
-
- Solutions Widgets
- Partners
- Partner Widgets
- Partners Image Widgets
-
- Partner Widgets
- Support
- Support Widget
- Support Image Widgets
-
- Support Widget
- Products
- Network Security
- Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
- Security ServicesComprehensive security for your network security solution
- Network Security ManagerModern Security Management for today’s security landscape
- Advanced Threat Protection
- Capture ATPMulti-engine advanced threat detection
- Capture Security applianceAdvanced Threat Protection for modern threat landscape
- Access Security
- Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
- Secure Mobile AccessRemote, best-in-class, secure access
- Wireless Access PointsEasy to manage, fast and secure Wi-FI
- SwitchesHigh-speed network switching for business connectivity
- Email Security
- Email SecurityProtect against today’s advanced email threats
- Cloud Security
- Cloud App SecurityVisibility and security for Cloud Apps
- Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
- Endpoint Security
- Capture ClientStop advanced threats and rollback the damage caused by malware
- Content Filtering ClientControl access to unwanted and unsecure web content
- Product Widgets
- Product Menu Right Image
-
- Network Security
- Solutions
- Solutions Widgets
- Solutions Image Widgets
-
- Solutions Widgets
- Partners
- Partner Widgets
- Partners Image Widgets
-
- Partner Widgets
- Support
- Support Widget
- Support Image Widgets
-
- Support Widget
Email Security: Junk Mail Summary
01/07/2020 
1,052 People found this article helpful
99,359 Views
Description
Email Security: Junk Mail Summary
Resolution
Junk Mail Summary
The Junk Mail Summary is an e-mail, that can be sent as often as every 1 hour, containing a short synopsis of those e-mail messages that the Sonicwall Email Security server has quarantined.
Configuration
You may configure Junk Mail Summaries at a corporate, per group, or per user level.
To begin the configuration of Junk Mail Summaries, you will decide how often you would like to receive them. Should you chose once a day or once a week, you may also configure the time of day(within an hour of the configured time), or day of the week.
You may chose to only include "Likely Junk", meaning that those messages that were considered "definite junk" would not be included.
You may choose the language that the message will be sent in.
You may choose to receive the Junk Mail Summary in "non graphical format". The message will be sent in HTML format, it will just not have graphics included.
You may chose to send Junk Mail Summaries to delegates.
You may chose to only send Junk Mail Summaries to users that were found in your LDAP.
You will then need to configure the e-mail address, display name, and subject of the e-mail.
Lastly, you will need to configure the URL that is used in the Junk Mail Summary.
LDAP Users
LDAP users will be able to access the URL specified and use their network credentials to log into Email Security to be able to manage their junk email.
Non LDAP Users
Non LDAP Users can only access their junk box by using the junk mail Summary links to View/Unjunk messages or to log into the junk box by clicking the link to visit the junk box. This setting to allow this is located on the Manage | System Setup | Junk Box | Summary notificaton settings page.
Description of Process
The Junk Mail Summary process (mlfjunkn.exe) gets run once an hour, being kicked off by the hourly.bat or hourly.sh file.
During this process, mlfjunkn will parse through the quarantine directories and folders, verifying all e-mails that need to be included in each users summaries.
- envelope.dat is the listing of all e-mails in that days quarantine.
- resent_<servername>.dat is a listing of all e-mails that have been either unjunked or deleted.
- notified.dat is a listing of all e-mails that have already been included in a previous summary.
- notifiedall.xml keeps a track of the size of envelope.dat.
As mlfjunkn parses through the quarantine directories, if it finds notifiedall.xml it will verify that the envelope.dat file is the same size as is listed inside notifiedall.xml.
If envelope.dat is the same size, mlfjunkn will move on to the next quarantine directory, as this would mean that all e-mails have already been included in a previous junk mail summary.
If envelope.dat is larger than the size reported in notifiedall.xml then mlfjunkn will parse through envelope.dat, comparing envelope.dat with notified.dat and resent_<servername>.dat to come up with the list of those e-mails that have not been deleted, unjunked, or previously included in a junk mail summary.
Those e-mails that need to be included in the junk mail summary will then be added to a list that is stored in memory, until the process finishes parsing all quarantine directories.
When the process completes compiling all e-mails that need to be included in the junk mail summary, it will begin sending them to the downstream server.
In small environments this process can take as little as a few seconds, in larger environments the process can take over 30 minutes.
Logs
A log of the Junk Mail Summary process is kept in \datacommonlogsjunknotifications
Previous issues
Below is a short list of some issues that have been experienced.
-
Junk Mail Summaries are being sent out 3 hours after I had configured them.
- Verify that the time zone of the server was set correctly. Also check the @corporate@_settings.xml to make sure that the time zone was set correctly.
-
No Junk Mail Summaries are being sent.
- Verify that Junk Mail Summaries are configured correctly.
- Check the commonlogs files, most of the time your answer is in there, and VERY easy to read.
Testing
Below are the steps to force a Junk Mail Summary
- Sent yourself a junk e-mail that will be quarantined, You may put MLFJUNK as the subject of an e-mail, and the MailFrontier server will consider the e-mail to be junk.
- Delete the line that contains your e-mail address from datalastnotified.xml
- Delete datalastnotified_race.xml
- From a command prompt, run mlfjunkn.exe
Related Articles
- SonicWall HES IP address blocklisted by UCEProtect or Backscatter
- How to add O365 connector for domain specific routing
- SonicWall Email Security on Hyper-V Platform
Categories
- Email Security > Email Security Appliance
- Email Security > Email Security Software
- Email Security > Hosted Email Security
YES
NO