State of Alaska, Department of Administration, Enterprise Technology Services

Administration >  Enterprise Technology Services >  Security >  McAfee Security >  Email SaaS FAQ

McAfee SaaS Q & A Session summary: 11am, 6/28/12

Is there a future plan to integrate the sign-on with SOA AD?

The product is capable of directory-based user authentication today, but in a way that is not compatible with state security policy. Support for federated identity & authentication is on the road map as a possible future enhancement but is probably at least a year away.

Is it true that the only way users can interact with their quarantine and settings is by responding to links in email messages?

It's not the only way but is probably the most convenient way. It is possible to login directly using your email address and a new password that will have to be set. The easiest way to set that password is to use the "forgot your password" self-service password link on the sign-on page. The password can also be set using account preferences within the user interface after having gained access using a link in a quarantine summary report message.

With Postini we have some control over filter sensitivity, is it true that McAfee has no such control?

Correct. End user settings are limited to allowed senders, blocked senders, and a few display preferences.

Can we block top-level domains such as .ru?

Yes, *.ru can be added to a blocked-sender list.

Sometimes we don't get email from an address on the Postini list of allowed senders, will the same issue occur in McAfee?

Yes the same issue could occur. Specifying an allowed sender will assure messages from that address are not blocked as spam, but they could still be blocked for other reasons such as virus, content, or attachments that violate policy settings.

Note: Occasional differences between the "from header" and the "env from" can also impact the efficacy of allowed-sender functions in any similar product. "env from" is part of the internet transport mechanism but is invisible to recipients.

Will user passwords expire?

No. The McAfee control console passwords do not expire.

Can an end user see the administrative policies?

No. End users can see only their own personal spam quarantine and personal settings. Users cannot see what if any content or attachment policy might be in effect, and users cannot see any messages which were blocked for reasons other than spam.

If a user redirects their quarantine reports to another user, what rights does the target person get?

The alternate recipient gets full control of the user quarantine and control console.*

*Note: The ability to designate an alternate recipient for spam quarantine reports is not currently enabled for SOA. Because it cannot be automatically audited or configured it would become a support issue due to transfers and personnel changes if used for an entire agency as we do in Postini. For isolated secretary/executive type delegations we typically use shared/delegated Exchange mailbox permissions instead.

Can quarantine report redirection be set globally, or for a department, or via batch processes?

No. It can only be set individually in the control console interface.*

*Note: The ability to designate an alternate recipient for spam quarantine reports is not currently enabled for SOA. Because it cannot be automatically audited or configured it would become a support issue due to transfers and personnel changes if used for an entire agency as we do in Postini. For isolated secretary/executive type delegations we typically use shared/delegated Exchange mailbox permissions instead.

Administrators can disable links in spam quarantine reports. Is that globally or departmentally?

Globally. It could be departmentally if we had a way to identify and automate management of which McAfee SaaS accounts are in which departments.

How long will messages stay in the quarantine before automatic deletion?

14 days, to match our Postini environment.

If Spam is released, will any malicious links be cleaned from them?

No, the entire message would be released to the inbox. However, if it had been identified as a phishing message it would not have been visible in the quarantine.

Is there a way to switch individuals or groups from Postini to McAfeeSaaS without converting whole email domains?

No. The switch is implemented using DNS MX records for each email domain name. Alternate techniques such as daisy-chain routing through multiple anti-spam systems are ineffective due to the inability to identify source-IP information at the second system in such a chain.

Is there going to be a statewide or enterprise-wide information campaign?

Yes, but only a limited one. ETS will send a brief statewide email notice to all affected addresses on July 13. Draft text for such a message is below. Agencies are encouraged use supplemental notices as they deem appropriate.

The anti-spam system used for the executive branch of government will be changed from Google/Postini to McAfee SaaS on Wednesday, July 18.? You will then begin to receive spam quarantine reports from <MBMcAfeeSaaSReport@mcafeesaas.com>.

The quarantine summary report messages can be used to review and manage your personal anti-spam settings including lists of allowed-senders and blocked-senders.? If you have such lists in the current Google/Postini system they will not be automatically converted for you.

You may choose to populate the new allowed-sender and blocked-sender lists gradually as-needed and if-needed, or manually before August 1 while you still have access to the Postini environment. If you are not aware of your current Postini anti-spam account or settings, then administrators may have been managing them on your behalf or as part of department-wide or system-wide settings, but will not be able to do so with the new system.

A User Guide and Quick Reference Card are available at:

User Guide

Quick Reference

Questions related to this change should be directed to your departmental IT support personnel.

A contact list by department is located here