Description

This article will go through how to write a compliance filter rule. Compliance filter rules are used to allow various emails through that are getting quarantined due to Infomail/Spam/Virus/Content.

Requirements

  • A Partner/Customer Admin level account for https://mpmail.com.au/
  • The details of the Email you want to allow in the future. Here you will need a combination of Sender Email address, Recipient Email Address, Extension of the file type you want to allow, IP of the mail server.

The Process

Activating Compliance Filtering

  1. Log into the Control Panel with your administrative credentials.
  2. From the scope selection, select the domain for which you would like to activate the Compliance Filter.
  3. Navigate to Security Settings > Compliance Filter.
  4. Activate the switch Activate Compliance Filter.
    1. Figure: Activate the Compliance Filter

    The Compliance Filter is activated.

Adding a Rule

Click on Add rule under Rules for incoming emails.



Under Action, select what shall happen to the emails that match the filter rule. You can choose from the following actions:

Reject

Forward

Redirect

Add BCC

Tag as 'Clean'

Tag as 'Spam'

Tag as 'Threat'


Note: For an overview of the actions, see Actions.




If the selected action requires additional information, an additional field appears under the drop-down menu. For more information about the additional fields of the actions, see Actions.


Under Criterion, select the criterion that determines to which emails shall the filter rule apply. You can choose from the following criteria:


Header : The filter rule matches all emails with a header that contains a specified search term.


Body : The filter rule matches all emails with a body that contains a specified search term.


Advanced : You can specify the sender, the recipient, the IP address and the hostname for the emails. You can also define search terms for the subject and attachment of the emails and a maximum email size. The filter rule matches all emails with the defined properties.



Under the drop-down menu, fields for the configuration of the filter rule are displayed. The selected criterion determines which fields are displayed.


Note: Under Criteria, you can find an overview and explanations of the fields that are available for each criterion.


If you have selected the criterion Advanced, activate the checkboxes of the desired fields.


Enter a search term or a value in the fields.

Note: The search term is found even if it is surrounded by text.



Note: To define more accurate and flexible rules, you can use regular expressions. For a description of the structure and functionality of regular expressions, see Regular Expressions and Explanation of Regular Expressions. Under Exceptions to Regular Expressions, you will find an overview of unsupported characters.



Note: In the field Larger than, enter the maximum email size in megabytes.



Optional: Enter a description of the filter rule under Description (optional).


Click on Add.


The filter rule is added to the table under Rules for incoming emails. The filter rule is assigned the lowest priority of all existing filter rules and is placed at the end of the table. The filter rule is activated.


You have created a filter rule for incoming emails.


Sample Regex

Expression

Rule Type

Plain Text Explanation

\@.*(\.au)

Varient
 \@.*(\.in.net)

Advanced

You can use this expression in the From: field of the compliance filter to match any TLD email envelope From: addresses with the .au end suffix all inbound from testdomain.au subdomain.testdomain.com.au

\@.*(\.au|\.nz)\$ 

Advanced

You can use this expression in the From: field of the compliance filter to match any TLD envelope From: email addresses with the .au or .nz end suffix end expression with \$ to ensure processing ends after the full string

(gb2312)

Header

You can use this expression to block the Chinese ISO character set as a header compliance filter rule

54.124.100.1*

Advanced

Block specific IP addresses with a wild card

s(ean)?stitt.* 

Advanced

Can be used to capture inbound emails to users (To:)  

An example would be: 

sean@manageprotect.com or sstitt@manageprotect.com 

The domain is not evaluated, although you can extend the expression domain specific

s(ean)?stitt.*\@manageprotect\.com

\@.*(manageprotect.*)

Advanced

Can be used to capture inbound emails to users (From) an envelope senders email address containing the exact words manageprotect within the domain name

\@.*\..*\..*

Advanced

Can be used to capture inbound emails to users (From) an email address from any Sub-domain

Example:
 test.manageprotect.com

(.docm\b|.xls\b)

Variant:

(.xls\b|.xlsm\b|.doc\b)

Advanced

Used to capture multiple file extensions within the compliance filter attachment section.

Note: If using .xls the system will continue to process to .xlsm if you do not add \b after the extension 

(.*subject1|.*subject2)

Advanced

Can be used to insert multiple subjects

(\.*ECHOSIGN\b .* please sign\b.*)

Advanced

Can be used to ensure that several keywords are contained within a subject before a match is applied. A single keyword will not activate the rule, this is an inline and statement

(From:.*<.*\anyuser@hotmail.com>.*)

Header

Can only be used as a header rule.

 This will capture MIME from senders.