Main Menu
  • COMPANY
    • Boundless Cybersecurity
    • Press Releases
    • News
    • Awards
    • Leadership
    • Press Kit
    • Careers
  • PROMOTIONS
    • Customer Loyalty Program
  • MANAGED SERVICES
    • Managed Security Services
    • Security as a Service
    • Professional Services
SonicWall
  • Products
    • Network Security
      • Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
      • Security ServicesComprehensive security for your network security solution
      • Network Security ManagerModern Security Management for today’s security landscape
    • Advanced Threat Protection
      • Capture ATPMulti-engine advanced threat detection
      • Capture Security applianceAdvanced Threat Protection for modern threat landscape
    • Access Security
      • Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
      • Secure Mobile AccessRemote, best-in-class, secure access
      • Wireless Access PointsEasy to manage, fast and secure Wi-FI
      • SwitchesHigh-speed network switching for business connectivity
    • Email Security
      • Email SecurityProtect against today’s advanced email threats
    • Cloud Security
      • Cloud App SecurityVisibility and security for Cloud Apps
      • Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
    • Endpoint Security
      • Capture ClientStop advanced threats and rollback the damage caused by malware
      • Content Filtering ClientControl access to unwanted and unsecure web content
    • Product Widgets
      • Product Menu Right Image
      • Capture Cloud Platform
        Capture Cloud Platform

        A security ecosystem to harness the power of the cloud

    • Button Widgets
      • Products A-Z
        all products A–Z FREE TRIALS
  • Solutions
    • Industries
      • Distributed Enterprises
      • Retail & Hospitality
      • K-12 Education
      • Higher Education
      • State & Local
      • Federal
      • Healthcare
      • Financial Services
      • Carriers
    • Use Cases
      • Secure SD-Branch
      • Zero Trust Security
      • Secure SD-WAN
      • Office 365 Security
      • SaaS Security
      • Secure WiFi
    • Solutions Widgets
      • Solutions Content Widgets
        Federal

        Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions

      • Solutions Image Widgets
  • Partners
    • SonicWall Partners
      • Partners Overview
      • Find a Partner
      • Authorized Distributors
      • Technology Partners
    • Partner Resources
      • Become a Partner
      • SonicWall University
      • Training & Certification
    • Partner Widgets
      • Custom HTML : Partners Content WIdgets
        Partner Portal

        Access to deal registration, MDF, sales and marketing tools, training and more

      • Partners Image Widgets
  • Support
    • Support
      • Support Portal
      • Knowledge Base
      • Technical Documentation
      • Community
      • Video Tutorials
      • Product Life Cycle Tables
      • Partner Enabled Services
      • Contact Support
    • Resources
      • Resource Center
      • Free Trials
      • Blog
      • SonicWall University
      • MySonicWall
    • Capture Labs
      • Capture Labs
      • Security Center
      • Security News
      • PSIRT
      • Application Catalog
    • Support Widget
      • Custom HTML : Support Content WIdgets
        Support Portal

        Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials

      • Support Image Widgets
  • COMPANY
    • Boundless Cybersecurity
    • Press Releases
    • News
    • Awards
    • Leadership
    • Press Kit
    • Careers
  • PROMOTIONS
    • Customer Loyalty Program
  • MANAGED SERVICES
    • Managed Security Services
    • Security as a Service
    • Professional Services
  • Contact Sales
  • English English English en
  • BLOG
  • CONTACT SALES
  • FREE TRIALS
  • English English English en
SonicWall
  • Products
    • Network Security
      • Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
      • Security ServicesComprehensive security for your network security solution
      • Network Security ManagerModern Security Management for today’s security landscape
    • Advanced Threat Protection
      • Capture ATPMulti-engine advanced threat detection
      • Capture Security applianceAdvanced Threat Protection for modern threat landscape
    • Access Security
      • Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
      • Secure Mobile AccessRemote, best-in-class, secure access
      • Wireless Access PointsEasy to manage, fast and secure Wi-FI
      • SwitchesHigh-speed network switching for business connectivity
    • Email Security
      • Email SecurityProtect against today’s advanced email threats
    • Cloud Security
      • Cloud App SecurityVisibility and security for Cloud Apps
      • Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
    • Endpoint Security
      • Capture ClientStop advanced threats and rollback the damage caused by malware
      • Content Filtering ClientControl access to unwanted and unsecure web content
    • Product Widgets
      • Product Menu Right Image
      • Capture Cloud Platform
        Capture Cloud Platform

        A security ecosystem to harness the power of the cloud

    • Button Widgets
      • Products A-Z
        all products A–Z FREE TRIALS
  • Solutions
    • Industries
      • Distributed Enterprises
      • Retail & Hospitality
      • K-12 Education
      • Higher Education
      • State & Local
      • Federal
      • Healthcare
      • Financial Services
      • Carriers
    • Use Cases
      • Secure SD-Branch
      • Zero Trust Security
      • Secure SD-WAN
      • Office 365 Security
      • SaaS Security
      • Secure WiFi
    • Solutions Widgets
      • Solutions Content Widgets
        Federal

        Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions

      • Solutions Image Widgets
  • Partners
    • SonicWall Partners
      • Partners Overview
      • Find a Partner
      • Authorized Distributors
      • Technology Partners
    • Partner Resources
      • Become a Partner
      • SonicWall University
      • Training & Certification
    • Partner Widgets
      • Custom HTML : Partners Content WIdgets
        Partner Portal

        Access to deal registration, MDF, sales and marketing tools, training and more

      • Partners Image Widgets
  • Support
    • Support
      • Support Portal
      • Knowledge Base
      • Technical Documentation
      • Community
      • Video Tutorials
      • Product Life Cycle Tables
      • Partner Enabled Services
      • Contact Support
    • Resources
      • Resource Center
      • Free Trials
      • Blog
      • SonicWall University
      • MySonicWall
    • Capture Labs
      • Capture Labs
      • Security Center
      • Security News
      • PSIRT
      • Application Catalog
    • Support Widget
      • Custom HTML : Support Content WIdgets
        Support Portal

        Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials

      • Support Image Widgets
  • COMPANY
    • Boundless Cybersecurity
    • Press Releases
    • News
    • Awards
    • Leadership
    • Press Kit
    • Careers
  • PROMOTIONS
    • Customer Loyalty Program
  • MANAGED SERVICES
    • Managed Security Services
    • Security as a Service
    • Professional Services
  • Contact Sales
  • Menu

How to enable Zombie and spyware protection on the Email security for outbound email traffic.

03/26/2020 1,029 People found this article helpful 98,575 Views

    Download
    Print
    Share
    • LinkedIn
    • Twitter
    • Facebook
    • Email
    • Copy URL The link has been copied to clipboard

    Description

    How to enable Zombie and spyware protection on the Email security for outbound email traffic.

    Resolution

    To Enable Zombie/Spyware protection we need to have "Email Anti-Virus Comprehensive" licensed on the Email security. For this configuration, all the outbound email traffic must be routed through the SonicWall Email security.

    1. Login to the Email security as an admin.

    2. Go to Manage | Security Services | Anti-virus | Outbound | Zombie Protection Settings

    Unauthorized software running on a user's computer sending out junk email messages (spam, phishing attacks, virus or other unauthorized content) is called a Zombie or Spyware. SonicWall's Zombie and Spyware Protection technology brings the same high standard of threat protection available on the inbound email path to email messages leaving your organization by the outbound path.

     

    Image

    Zombie Protection Settings 

    Enable Zombie and Spyware Protection to prevent potentially affected machines within your organization from sending spam, viruses, phishing attacks, spyware and other malicious content outside your organization (through your outbound email path).

     

    Monitoring for Zombie and Spyware Activity 

    You can alert the administrator of potential zombie messages. Alerts are sent if these settings are defined:

    • Check the box to enable notification if Email is sent from an address not in LDAP.
    • Check the box to enable notification if More than <X> messages are identified as possible threats, where X is the number of possible threats identified in the last hour.
    • Check the box to enable notification if More than <X> messages are sent by one user, where X is the number of messages sent in the last hour.

     

    Action Settings 

    If messages are being sent outside of your organization that are identified as spam, phishing attacks, virus, or another threat, select the action you want to take: 

    • Allow delivery: Attempts to deliver the message without interference.
    • Permanently delete: Deletes the message. Use this option with caution: deleted email cannot be retrieved.
    • Store in Junk Box: Stores messages with potential threats in the outbound Junk Box.

     

    If messages are being sent outside of your organization but the sender is not listed in your LDAP server, select the action you want to take: 

    • Allow any "From" address: Allows messages from all email addresses. If you haven't configured LDAP this is the only option you can use.
    • Permanently delete: Deletes messages from unknown senders. Use this option with caution: deleted email cannot be retrieved.
    • Store in Junk Box: Stores messages from unknown senders in the outbound Junk Box.

     

    Enable the Outbound Safe Mode if you want to block all emails with potentially dangerous attachments from leaving your organization by checking the box for Safe Mode is on.

    When Outbound Safe Mode is on, administrators are alerted every 60 minutes that it is on.

    To set the action to take for dangerous attachments while in Safe Mode, select one of the following:

    • Permanently delete
    • Store in Junk Box

     

    If you want to automatically turn on Outbound Safe Mode, set the parameters for turning it on:

    • Check the box to enable notification if Email is sent from an address not in LDAP.
    • Check the box to enable notification if More than <X> messages are identified as possible threats, where X is the number of possible threats identified in the last hour.
    • Check the box to enable notification if More than <X> messages are sent by one user, where X is the number of messages sent in the last hour.

     

    Miscellaneous

    You can manually add senders to a list so that the system will not flag messages sent from those email addresses. You can add any email addresses that are not in LDAP and any valid email addresses that are expected to send a high volume of legitimate email. Enter the addresses that should not trigger alerts or actions in the text box provided. Separate multiple addresses with a comma. 

     

    NOTE: If the navigation or the screenshot looks different from the one mentioned above , you may be in an older firmware version and would require a firmware upgrade. Please refer the link below to upgrade the firmware to latest version.

    https://www.sonicwall.com/en-us/support/knowledge-base/170504270079039

    Related Articles

    • SonicWall HES IP address blocklisted by UCEProtect or Backscatter
    • How to add O365 connector for domain specific routing
    • SonicWall Email Security on Hyper-V Platform

    Categories

    • Email Security > Email Security Appliance
    • Email Security > Email Security Software
    • Email Security > Hosted Email Security

    Not Finding Your Answers?

    ASK THE COMMUNITY

    Was This Article Helpful?

    YESNO

    Article Helpful Form

    Article Not Helpful Form

    Company
    • Careers
    • News
    • Leadership
    • Awards
    • Press Kit
    • Contact Us
    Popular resources
    • Communities
    • Blog
    • SonicWall Capture Labs

    Stay In Touch

    • By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. You can unsubscribe at any time from the Preference Center.
    • This field is for validation purposes and should be left unchanged.
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
    • Instagram

    © 2022 SonicWall. All Rights Reserved.

    • Legal
    • Privacy
    • English
    Scroll to top
    Trace:4ee82ce2006b54d95245027ae7978e4a-89