Proofpoint Email Filtering System

JLAB's email filtering will be provided by ProofPoint starting May 1, 2017.  ProofPoint replaces WatchGuard.

Quickstart Migration Information:

  • To see your email quarantine, login to https://mailfilter.jlab.org  Use your JLAB CUE username/password. (i.e. username, NOT username@jlab.org).  This replaces logging into wg.jlab.org
  • User's individual Trusted Email list will be migrated from WatchGuard to ProofPoint. (200 entries max for migration)
  • User's individual Blocked Emails lists will NOT be migrated from WatchGuard to ProofPoint.

Quarantine Management Web Page.

  • To see your email quarantine, login to https://mailfilter.jlab.org  Use your JLAB CUE username/password. (i.e. username, NOT username@jlab.org).  This replaces logging into wg.jlab.org
  • From here you can:
    • Manage messages in your quarantine.
      • Release messages that have been mistakenly quarantined
      • Delete messages from your quarantine
    • Manage your Safe Senders list
    • Manage your Blocked Senders list
    • Search messages in your quarantine based on the sender and subject
    • Opt out of SPAM filtering
    • Opt out of Bulk Mail filtering

Safe / Blocked senders list

  • Safe senders list -- Bypass Anit-Spam filtering for a specific address OR entire domain
    • joe@company.com  -- affects specific address only. (only joe@company.com)
    • company.com -- affects all addresses from entire domain (all addresses from company.com)
  • Blocked senders list -- Block messages from a specific address OR entire domain
    • joe@company.com  -- affects specific address only. (only joe@company.com)
    • company.com -- affects all addresses from entire domain (all addresses from company.com)
  • Note - the ability to affect entire domains has been a long standing request from JLAB users.

Bulk Mail Filtering (NEW)

Bulk Mail (all known as Low Priority Mail) is quarantined very aggressively by ProofPoint.  Bulk mail comes from entities that you normally deal with,  but are not necessarily directed towards you personally.  Examples are marketing advertising emails, survey emails, emails from vendors that got your address from another vendor, etc.   These are messages that you might want to see, but don't need to see them in your INBOX as soon as they arrive.  These messages are put into your quarantined under the folder called "Low Priority Mail".  They are visible both from the web page (mailfilter.jlab.org) as well as your End User Digest daily email.  After experiencing this Bulk email filtering, if you wish to opt out and have Bulk email delivered directly to your INBOX, simply logon to your ProofPoint account, click "Profile" in the lower left and then check the "Opt out of bulk Spam filtering" button.

End User Digest Email

You will receive a daily message called the End User Digest.  It will display the messages placed in your quarantine since the last End User Digest was delivered to you.  It will give you the chance to act on them.  Everything that you can do from the web page (https://mailfilter.jlab.org), you can do from this email message via the links (release & delete messages, add senders to safe/blocked lists, etc.).  You can also click the "Manage my Account" link to go directly to your account on the web page.  You can delete all messages from your quarantine by going to "Manage My Account" link.  The End User Digest is a snapshot of your quarantine as it was at the time the digest was sent (7am, everyday).  If you want to get a fresh, updated version of the digest, click on the "Request New End User Digest".  A new digest will arrive in your INBOX in a few moments. If you've had no new messages quarantined since your last End User Digest was sent, you will not receive a new Digest.

URL Rewritting and Filtering  (NEW)

All URLs contained in emails coming from outside of JLAB will now be rewritten.  The modified URLs will now go through ProofPoint's malicious URL filtering engine.  When a URL is clicked on, if ProofPoint determines the URL does not go to malicious address, the connection will be redirected to the original address.  This will be transparent to the user in most cases.   If however, the URL is a known malicious site, the click will result in a "Blocked URL" page.  This will greatly enhance JLABs protection from users that mistakenly click on malicious URL links. This means that all URL's will start with urldefense.proofpoint.com when examined by hovering your pointer over them.
 

Blocked URL page looks like: