Quarantine Email On Another Mail Server

Metadefender Email does NOT provide access to quarantined files for each email users other than access to administrator for all the quarantined emails. If your email server (either hosted or onsite mail server) has quarantine management capability for each user, it is recommended to quarantine email on your email server. By default, Metadefender Email will quarantine emails on Metadefender Quarantine but you can change this behavior.

Change Quarantine Mode For Blocked Email

Changing this setting will allow you to quarantine emails that are detected as blocked by Metadefender on a different email server by changing EmailBlockedQuarantineMode to SMTP. By doing this a header will be appended to the email for which you can configure a rule on your email server to quarantine emails that contain this header.

  1. (Prerequisite): Quarantine should be enabled. Refer to Quarantine Email for the instructions.

  2. Edit configuration file "C:\Program Files (x86)\OPSWAT\Metadefender Core 4\Metadefender Mail Agent\Metadefender.Email.Engine.Processor.dll.config"

  3. Change the EmailBlockedQuarantineMode setting value to SMTP. If you want to restore the behavior, use REST instead.

    Excerpt from the config file
    <setting name="EmailBlockedQuarantineMode" serializeAs="String">
    <value>SMTP</value>
    </setting>

  4. [Optionally] You can change the name of the header by modifying X-Metadefender-To-Quarantine to something else.

    Excerpt from the config file
    <setting name="EmailQuarantineHeaderName" serializeAs="String">
    <value>X-Metadefender-To-Quarantine</value>
    </setting>

  5. Restart the Generic Mail Agent service

    net stop mdfExgEmailAgent
    net start mdfExgEmailAgent

Change Quarantine Mode For Sanitized Email

Changing this setting will allow you to quarantine original copies of emails that have been sanitized by Metadefender on a different email server by changing EmailSanitizedQuarantineMode to SMTP. By doing this a header will be appended to the email for which you can configure a rule on your email server to quarantine emails that contain this header.

  1. (Prerequisite): Quarantine should be enabled. Refer to Quarantine Email for the instructions.

  2. Edit configuration file "C:\Program Files (x86)\OPSWAT\Metadefender Core 4\Metadefender Mail Agent\Metadefender.Email.Engine.Processor.dll.config"

  3. Change the EmailSanitizedQuarantineMode setting value to SMTP. If you want to restore the behavior, use REST instead.

    Excerpt from the config file
    <setting name="EmailSanitizedQuarantineMode" serializeAs="String">
    <value>SMTP</value>
    </setting>

  4. [Optionally] You can change the name of the header by modifying X-Metadefender-To-Quarantine to something else.

    Excerpt from the config file
    <setting name="EmailQuarantineHeaderName" serializeAs="String">
    <value>X-Metadefender-To-Quarantine</value>
    </setting>

  5. Restart the Generic Mail Agent service

    net stop mdfExgEmailAgent
    net start mdfExgEmailAgent

How To Verify

If you open the message headers for an email that should be quarantined you will see something similar to this:

Received: from ALING-PC ([192.168.16.16]) by alig-win8-dev.local with ESMTP ; Fri, 2 Sep 2016 16:45:18 +0300
MIME-Version: 1.0
From: administrator@mailagent-testing.email
To: administrator@mailagent-testing.email
Date: 2 Sep 2016 16:45:18 +0300
Subject: Checking new Quarantien mode
Content-Type: multipart/mixed;
boundary=--boundary_2_95887891-94da-4b66-8dc9-f2bceb4394d9
X-Metadefender-EmailSecurity-Id: d9db058d-b568-4501-bbe7-d63378bbd56d
X-Metadefender-Core-Urls: http://alig-win8-dev:8008/metascan_rest
X-Metadefender-Core-Result: Blocked/Infected
X-Metadefender-To-Quarantine: True

Notice the header X-Metadefender-To-Quarantine is set to True and this won't exist if email is NOT quarantined.