Modules - Mail Explorer
Introduction
The Avanan Mail Explorer allows to view and search the emails that Avanan viewed and processed on protected email platforms. The Mail Explorer is a valuable tool for incident response, as it provides a quick and easy way to search for emails that match certain criteria, examine them and perform actions such as quarantine and create block-list and allow-list rules.
Benefits
- View all the emails that were sent or received on a single screen.
- Apply powerful filters to find relevant emails.
- Bulk-quarantine emails that match the search criteria.
- Easy access to block-list, easy population of fields based on currently examined email attributes.
- Easy access to allow-list rules creation.
Use Cases
- Incident response - find if an email is part of a campaign. Find similar emails - emails that include similar attributes such as same sender, subject, contain similar URLs in the body or similar attachments.
- Bulk actions to quarantine emails that got into the mailboxes.
- Quickly block future emails from the campaign based on campaign attributes.
- Find emails that match search criteria, across all mailboxes.
Mail Explorer screen sections
Emails Grid
The email grids presents the following email attributes:
- Received - the time the email was received
- Quarantined - display quarantine state
- Subject
- Sender name - display name
- Sender email
- Recipients
- Sender SMTP - IP Address of SMTP server
- Client Sender IP - IP Address of the sender
- Attachments hash - list of MD5 signature of the email attachments
- Links - list of URLs that are included in email body
Filters
The filters section are divided into 2 sections: general filters and filters that are applicable to Block-list and Allow-list rules.
To use the applicable filters, first allow the filter by clicking the checkbox, and specify the search value.
When clicking on Block-list or Allow-list, buttons, the rule creation dialog will show, and the rule will be created based on the checked filters.
Actions
The following actions are available:
- Quarantine selected emails: move the selected emails to quarantine.
- Create Block-list: create a Block-list rule that would block future emails that match the defined criteria.
- Create Allow-list: create an Allow-list rule that would release future emails that match the defined criteria to the inbox.