After installing and configuring your MIMEsweeper Appliance, you should test the system to check the effectiveness of your content security policy.
You may find it useful to modify your content security policy for testing purposes to hold all processed messages, even clean ones. This will allow you to determine how MIMEsweeper Appliance has processed each message.
If you are using the supplied starter policy, you can modify it to hold clean messages as follows:
Create a new disposal action to hold messages in a message area named, say, test-clean.
Edit the "Anyone to My Company" and "My Company to Anyone" policy routes to change their default disposal actions to your new "Hold in test-clean" disposal action.
When you have finished testing, remember to reverse these policy edits and re-apply the configuration.
Try sending test messages into and out of the system to confirm the mail routes are producing the results you were expecting. From the Message Center you can view the policy summary for each held message. This tells you the mail route the message matched, as well as which content rules the message triggered and which nodes in the message caused those rules to trigger.
Clearswift provides two mechanisms for testing your MIMEsweeper Appliance content security policy, to ensure it successfully handles messages containing potential threats and unwanted information.
Using the Clearswift Echo Accounts
Clearswift provides a number of "echo" email accounts you can use for testing your MIMEsweeper Appliance content security policy. To use these accounts, you simply send an email message from your organization to one of the echo accounts. The Clearswift server then automatically sends back a reply message that mimics a particular email threat. The following table lists each echo email account and what it returns. You can send a message to each of the accounts and confirm that your content security policy responds according to your expectations.
|
Send an email to this account |
To receive a message containing |
|
echo@clearswift.com |
A plain-text description of the other echo accounts available. |
|
doc.echo@clearswift.com |
A Microsoft Word document attachment. |
|
exe.echo@clearswift.com |
A small .exe file attachment. |
|
image.echo@clearswift.com |
An image file attachment. |
|
virus.echo@clearswift.com |
An EICAR virus false positive attachment. |
|
encrypt.echo@clearswift.com |
A password-protected zip file attachment. |
|
vbs.echo@clearswift.com |
Trigger text for VBS script checking. |
|
threat.echo@clearswift.com |
The trigger text only of the Sircam virus. |
|
spam.echo@clearswift.com |
Test spam text. |
All attachments are UUE encoded.
Using the Clearswift Email Threat Assessment Suite
The Clearswift Threat Assessment Suite is a free service provided by Clearswift to any organization wishing to test the effectiveness of its current email and web security measures. You can use the Email Threat component of this suite to test your MIMEsweeper Appliance content security policy. The process takes no more than ten minutes to complete.
To use the suite:
Browse to the Threat Assessment page on the Clearswift website: http://www.clearswift.com/support/tools/threattests/default.aspx.
Select the option to Test your Email Security.