Support on SonicWall Products, Services and Solutions
Browse Knowledgebase by Category
Email Security: Junk Mail Summary
01/07/2020 
1049 
10114
DESCRIPTION:
Email Security: Junk Mail Summary
RESOLUTION:
Junk Mail Summary
The Junk Mail Summary is an e-mail, that can be sent as often as every 1 hour, containing a short synopsis of those e-mail messages that the Sonicwall Email Security server has quarantined.
Configuration
You may configure Junk Mail Summaries at a corporate, per group, or per user level.
To begin the configuration of Junk Mail Summaries, you will decide how often you would like to receive them. Should you chose once a day or once a week, you may also configure the time of day(within an hour of the configured time), or day of the week.
You may chose to only include "Likely Junk", meaning that those messages that were considered "definite junk" would not be included.
You may choose the language that the message will be sent in.
You may choose to receive the Junk Mail Summary in "non graphical format". The message will be sent in HTML format, it will just not have graphics included.
You may chose to send Junk Mail Summaries to delegates.
You may chose to only send Junk Mail Summaries to users that were found in your LDAP.
You will then need to configure the e-mail address, display name, and subject of the e-mail.
Lastly, you will need to configure the URL that is used in the Junk Mail Summary.
LDAP Users
LDAP users will be able to access the URL specified and use their network credentials to log into Email Security to be able to manage their junk email.
Non LDAP Users
Non LDAP Users can only access their junk box by using the junk mail Summary links to View/Unjunk messages or to log into the junk box by clicking the link to visit the junk box. This setting to allow this is located on the Manage | System Setup | Junk Box | Summary notificaton settings page.
Description of Process
The Junk Mail Summary process (mlfjunkn.exe) gets run once an hour, being kicked off by the hourly.bat or hourly.sh file.
During this process, mlfjunkn will parse through the quarantine directories and folders, verifying all e-mails that need to be included in each users summaries.
- envelope.dat is the listing of all e-mails in that days quarantine.
- resent_<servername>.dat is a listing of all e-mails that have been either unjunked or deleted.
- notified.dat is a listing of all e-mails that have already been included in a previous summary.
- notifiedall.xml keeps a track of the size of envelope.dat.
As mlfjunkn parses through the quarantine directories, if it finds notifiedall.xml it will verify that the envelope.dat file is the same size as is listed inside notifiedall.xml.
If envelope.dat is the same size, mlfjunkn will move on to the next quarantine directory, as this would mean that all e-mails have already been included in a previous junk mail summary.
If envelope.dat is larger than the size reported in notifiedall.xml then mlfjunkn will parse through envelope.dat, comparing envelope.dat with notified.dat and resent_<servername>.dat to come up with the list of those e-mails that have not been deleted, unjunked, or previously included in a junk mail summary.
Those e-mails that need to be included in the junk mail summary will then be added to a list that is stored in memory, until the process finishes parsing all quarantine directories.
When the process completes compiling all e-mails that need to be included in the junk mail summary, it will begin sending them to the downstream server.
In small environments this process can take as little as a few seconds, in larger environments the process can take over 30 minutes.
Logs
A log of the Junk Mail Summary process is kept in \datacommonlogsjunknotifications
Previous issues
Below is a short list of some issues that have been experienced.
Junk Mail Summaries are being sent out 3 hours after I had configured them.
- Verify that the time zone of the server was set correctly. Also check the @corporate@_settings.xml to make sure that the time zone was set correctly.
No Junk Mail Summaries are being sent.
- Verify that Junk Mail Summaries are configured correctly.
- Check the commonlogs files, most of the time your answer is in there, and VERY easy to read.
Testing
Below are the steps to force a Junk Mail Summary
- Sent yourself a junk e-mail that will be quarantined, You may put MLFJUNK as the subject of an e-mail, and the MailFrontier server will consider the e-mail to be junk.
- Delete the line that contains your e-mail address from datalastnotified.xml
- Delete datalastnotified_race.xml
- From a command prompt, run mlfjunkn.exe
