Triggering a Quarantine Report by email

Users can optionally receive reports containing a summary of messages quarantined from their Inbox. Xeams generates these emails automatically based on a schedule predetermined by the administrator.

Consider a scenario when a user needs to see this report on demand, without getting the administrator involved. Triggering a Quarantine Report by email does exactly that.

How it works

  • A quarantine report is triggered whenever an email is sent to manual-report-request@YourDomain.com
  • Xeams will only look at the User part of the email address, not the Domain. Therefore, email will be triggered for manual-report-request@subdomain.YourDomain.com as well as manual-report-request@InvalidDomain.com
  • The Quarantine Report will be sent to the email address in the From field
  • Xeams will accept the request for this address if the user is authenticated or it comes from an IP address that is allows to relay

Example

  • Bob wants to get a Quarantine Report because he does not see an expected email in his Inbox
  • Using his Outlook, Bob sends an email to manual-report-request@report.YourDomain.com
  • Bob's email is first sent to his MS Exchange Server, which is configured to send out-bound messages to Xeams.
  • Xeams will send a Quarantine Report to Bob containing a list of emails that are quarantined from his Inbox.

Why is domain name not important?

Xeams will only search for manual-report-request in the user part of the email and domain name does not matter. This is done by design. Imagine Bob's Outlook is configured to send out-bound emails to Exchange. If Bob sends his emails to manual-report-request@YourDomain.com instead of manual-report-request@report.YourDomain.com, Exchange will never forward that email to Xeams since YourDomain.com is considered a local domain. However, a slightly modified domain name will cause Exchange to forward that message to Xeams, which will then generate the report.

Troubleshooting Common Problems

Unknown User An NDR gets generated when you send an email
Most common reason for this error is a routing issue. Consider the following network diagram as an example:
TrReportOnDemand.png
In this above example, every email composed by the user goes to Exchange before reaching Xeams. Assume your domain name is acmecorp.com and the user composes the request for report to manual-report-request@acmecorp.com. Since Exchange gets this email before Xeams, it will return an error since there is no user matching this email address.

There are two ways to solve this problem:

  • Configure Xeams as the SMTP server in user's email client. This however, may not be practical for every environment.
  • A better approach is to create a dummy sub-domain. For example, reports.acmecorp.com. Add an MX record in your DNS server referring to Xeams' IP address. Then, ask the user to send the request to manual-report-request@reports.acmecorp.com instead. When Exchange gets the message, it will be forced to perform an MX lookup on the domain, which will lead it to deliver the message to Xeams.
Nothing happens No report is generated and no NDR is generated either
You could be running into a similar routing issue mentioned in the previous tip. Therefore, check SMTPConversation.log file in Xeams to confirm it's not the same problem.

Assuming you see the conversation entries in SMTPConversation.log, check QuarantineReports.log to see if a report is generated. Note that no report will be generated if the user did not get any spam messages.