Products
- Network Security
  - Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
  - Security ServicesComprehensive security for your network security solution
  - Capture Security applianceAdvanced Threat Protection for modern threat landscape
  - Network Security ManagerModern Security Management for today’s security landscape
- Access Security
  - Secure Mobile AccessRemote, best-in-class, secure access
  - Wireless Access PointsEasy to manage, fast and secure Wi-FI
  - SwitchesHigh-speed network switching for business connectivity
- Cloud Security
  - Cloud App SecurityVisibility and security for Cloud Apps
  - Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
- Endpoint Security
  - Capture ClientStop advanced threats and rollback the damage caused by malware
  - Content Filtering ClientControl access to unwanted and unsecure web content
- Product Widgets
  - Product Menu Right Image
  - Capture Cloud Platform
    Capture Cloud Platform
    A security ecosystem to harness the power of the cloud
- Button Widgets
  - Products A-Z
    all products A–Z FREE TRIALS
Solutions
- Industries
- Use Cases
- Solutions Widgets
  - Solutions Content Widgets
    Federal
    Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
  - Solutions Image Widgets
Partners
- SonicWall Partners
- Partner Resources
- Partner Widgets
  - Custom HTML : Partners Content WIdgets
    Partner Portal
    Access to deal registration, MDF, sales and marketing tools, training and more
  - Partners Image Widgets
Support
- Support
- Resources
- Support Widget
  - Custom HTML : Support Content WIdgets
    Support Portal
    Find answers to your questions by searching across our knowledgebase, community, technical documentation and video tutorials
  - Support Image Widgets
COMPANY
PROMOTIONS
MANAGED SERVICES
Contact Sales

English English en

Support on SonicWall Products, Services and Solutions

Browse Knowledgebase by Category

Capture Security Center

Management and Reporting

How to enable Zombie and spyware protection on the Email security for outbound email traffic.

03/26/2020 1029 10972

DESCRIPTION:
How to enable Zombie and spyware protection on the Email security for outbound email traffic.

RESOLUTION:

To Enable Zombie/Spyware protection we need to have "Email Anti-Virus Comprehensive" licensed on the Email security. For this configuration, all the outbound email traffic must be routed through the SonicWall Email security.

1. Login to the Email security as an admin.

2. Go to Manage | Security Services | Anti-virus | Outbound | Zombie Protection Settings

Unauthorized software running on a user's computer sending out junk email messages (spam, phishing attacks, virus or other unauthorized content) is called a Zombie or Spyware. SonicWall's Zombie and Spyware Protection technology brings the same high standard of threat protection available on the inbound email path to email messages leaving your organization by the outbound path.

Zombie Protection Settings

Enable Zombie and Spyware Protection to prevent potentially affected machines within your organization from sending spam, viruses, phishing attacks, spyware and other malicious content outside your organization (through your outbound email path).

Monitoring for Zombie and Spyware Activity

You can alert the administrator of potential zombie messages. Alerts are sent if these settings are defined:

Check the box to enable notification if Email is sent from an address not in LDAP.
Check the box to enable notification if More than <X> messages are identified as possible threats, where X is the number of possible threats identified in the last hour.
Check the box to enable notification if More than <X> messages are sent by one user, where X is the number of messages sent in the last hour.

Action Settings

If messages are being sent outside of your organization that are identified as spam, phishing attacks, virus, or another threat, select the action you want to take:

Allow delivery: Attempts to deliver the message without interference.
Permanently delete: Deletes the message. Use this option with caution: deleted email cannot be retrieved.
Store in Junk Box: Stores messages with potential threats in the outbound Junk Box.

If messages are being sent outside of your organization but the sender is not listed in your LDAP server, select the action you want to take:

Allow any "From" address: Allows messages from all email addresses. If you haven't configured LDAP this is the only option you can use.
Permanently delete: Deletes messages from unknown senders. Use this option with caution: deleted email cannot be retrieved.
Store in Junk Box: Stores messages from unknown senders in the outbound Junk Box.

Enable the Outbound Safe Mode if you want to block all emails with potentially dangerous attachments from leaving your organization by checking the box for Safe Mode is on.

When Outbound Safe Mode is on, administrators are alerted every 60 minutes that it is on.

To set the action to take for dangerous attachments while in Safe Mode, select one of the following:

Permanently delete
Store in Junk Box

If you want to automatically turn on Outbound Safe Mode, set the parameters for turning it on:

Check the box to enable notification if Email is sent from an address not in LDAP.
Check the box to enable notification if More than <X> messages are identified as possible threats, where X is the number of possible threats identified in the last hour.
Check the box to enable notification if More than <X> messages are sent by one user, where X is the number of messages sent in the last hour.

Miscellaneous

You can manually add senders to a list so that the system will not flag messages sent from those email addresses. You can add any email addresses that are not in LDAP and any valid email addresses that are expected to send a high volume of legitimate email. Enter the addresses that should not trigger alerts or actions in the text box provided. Separate multiple addresses with a comma.

NOTE: If the navigation or the screenshot looks different from the one mentioned above , you may be in an older firmware version and would require a firmware upgrade. Please refer the link below to upgrade the firmware to latest version.

https://www.sonicwall.com/en-us/support/knowledge-base/170504270079039

Was This Article Helpful?

Yes No

Not Finding Your Answer?

ASK THE COMMUNITY

Stay In Touch

Email Address*
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. You can unsubscribe at any time at Manage Subscriptions.
Country
Company
States
Dnb- ZIP
Dnb- Phone
elqCampaignId
elqTrackId
utm_campaign
utm_medium
utm_source
utm_term
utm_content
gclid
sfdc_campaign_id
DnB - Address
DnB - First Name
DnB - Last Name
DnB - Duns
DnB - Global Ult (HQ) DUNS
DnB - Global Ult (HQ) Company
DnB - Employee Count
DnB - Trade Name
DnB - Currency
DnB - Vanity Title
DnB - Country
DnB - State
DnB - Zip
DnB - City
DnB - Global Employee Count
DnB - SIC Code
DnB - SIC Description
DnB - NAICS Code
DnB - NAICS Description
DnB - Revenue
DnB - Domain
DnB - Business Phone
DnB - Company
DnB - DataSource
DnB - DMACode
DnB - EmployeeRange
DnB - Fortune1000
DnB - Fortune200
DnB - Industry
DnB - Postal Code
DnB - PrimarySIC
DnB - SubIndustry
DnB - PrimaryNAICS
DnB - StockTicker
DnB - Revenue Range
DnB - State or Province
DnB - Website
Email
This field is for validation purposes and should be left unchanged.

Capture More

Fear Less

Capture Cloud Platform

Federal

Partner Portal

Support Portal

Capture Cloud Platform

Federal

Partner Portal

Support Portal

How to enable Zombie and spyware protection on the Email security for outbound email traffic.

Was This Article Helpful?

Article Helpful Form

Article Not Helpful Form

Not Finding Your Answer?

Stay In Touch

How to enable Zombie and spyware protection on the Email security for outbound email traffic.

Categories

Was This Article Helpful?

Article Helpful Form

Article Not Helpful Form

Not Finding Your Answer?

Stay In Touch