We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Email Security Gateway

How do I set up Global or Per-User Quarantine on my Barracuda Spam Firewall?

  • Type: Knowledgebase
  • Date changed: 3 years ago

Solution #00004307

 

Scope:

This solution applies to all Barracuda Spam Firewalls.

 

Answer:
Depending on the model, there are two different types of Quarantine available on the Barracuda Spam Firewall. The first is Global Quarantine, which sends quarantined mail to one address for an administrator to review and distribute. The other is Per-User Quarantine, which creates individual accounts and allows users to manage their own quarantined mail.

 

Setting Quarantine Type – Global or Per-User


You need to choose the Quarantine type under Basic > Quarantine and complete the settings based on the type chosen.


Note: Models 400 and above have per-domain Quarantine settings. You will need to configure quarantine type for each domain under:

On firmware 3.5.x and below: Domains > Edit Domain
On firmware 4.0.x and above: Domains > Manage Domain

Quarantine Type

On models 300 and above, you will have a choice of either Global or Per-User Quarantine. The differences are detailed below.


Global quarantine allows only one central delivery location for each domain. Global quarantine uses fewer system resources on the Barracuda Spam Firewall because email is not stored on the appliance and it does not create multiple user accounts. Note: Barracuda Spam Firewall models 100 and 200 only have Global Quarantine functionality.


Per-User quarantine allows users to maintain a personal quarantine inbox on the Barracuda Spam Firewall. Permissions can be assigned to the users in Users > User Features. This function is available on models 300 and above.

 

Quarantine Scoring


All email that passes the initial layers of protection on a Barracuda Spam Firewall will be assigned a score based on a Barracuda rule set. The higher the score, the more likely the email is spam. Quarantine is designed for messages that score in the middle – where you may not be sure if messages in this range will be spam or legitimate email. This score will vary for different organizations. The score settings can be modified and will be in different sections based on the model of your Spam Firewall:


Model 300 and below: Basic > Spam Scoring
Model 400 and above: Domain > Edit Domain

Quarantine scoring is disabled if the score is set to 10, otherwise quarantine score should always be between Tag and Block score. Note: other settings on your Barracuda Spam Firewall can be configured to quarantine certain messages. For example, messages triggering Barracuda Reputation, IP Blocks, Sender Domain Blocks, and Email Sender Blocks, can all be configured to quarantine messages.

Global Quarantine Configuration


Quarantine Delivery Address is the default mailbox to which all quarantined messages are delivered when the Quarantine Type is set to "Global". This mailbox can either be located on the mail server that the Barracuda Spam Firewall protects (e.g., user@yourdomain.com) or a remote mail server (e.g., user@yahoo.com). Please refer to Basic > Spam Scoring to determine which messages are quarantined. On some models, this setting can be changed on a per-domain basis.

Quarantine Subject Text is the message or phrase prepended to the subject line of a quarantined message. This text identifies quarantined messages when they are delivered to a mailbox that receives both quarantined and non-quarantined messages.

Per-User Quarantine Configuration

Quarantine Reply-To Address is the "From" address of all correspondence sent to users regarding the user's Per-User quarantine area. Any replies to that correspondence are sent to the "Reply-To" address specified here.

Quarantine Host is the IP address or hostname that appears to users in all quarantine and welcome emails from the system. It is recommended that this be set to a hostname so that users are able to reach the Barracuda Spam Firewall from their old notifications even after any possible changes in IP addresses. Note: It is important to set this value if users need to reach the Barracuda Spam Firewall via a forwarded or an external IP address, especially if the Barracuda Spam Firewall is not already configured with one.


If you are clustering two or more Barracuda Spam Firewalls, you can choose to dedicate a single Barracuda Spam Firewall as the Quarantine Host to serve up the end-user interface through which users will access their quarantine inboxes, even though their actual quarantine inbox (primary or secondary) may be hosted by another Barracuda Spam Firewall in the cluster. By not directing email to the Quarantine Host, you can:

  • Enhance network security by limiting end-user access (port 8000 by default) and administration to only one Barracuda Spam Firewall on the Internet.
  • Insulate the user interface performance from any peaks in email volume
    See the Advanced > Clustering page for details about using the clustering feature.

 

New User Quarantine State controls whether or not the Barracuda Spam Firewall automatically creates a new user account the first time a message directed to a valid recipient (as identified in either the local database or your LDAP, RADIUS or POP server) needs to be quarantined. If set to Off, only the accounts that are created manually on the Users > User Add/Update page will have access to per-user capabilities. See the Barracuda Spam Firewall Administrator's Guide at http://barracuda.com/documentation for more information about new account creation and configuration.

Note that accounts can be manually created at the global level by the administrator or at the domain level by the Domain Admin role. If Quarantine Type is Per-User at the global level but this setting is No, and if the Domain Admin has NOT manually created an account for a user for whom messages are quarantined, those quarantined messages will be sent to that user's regular mailbox.

 

Link Domains allows the option for all domains protected by your Barracuda Spam Firewall to be treated as if they were alternate names for the default domain name. For example, user@domain1.com will be treated as user@defaultdomain.com when determining user validity and preferences, and will have a quarantine inbox under the name user@defaultdomain.com.

Notification Interval is the default frequency at which users are notified when messages are in their quarantine. This setting can be changed by the user unless that functionality is disabled from the Users > User Features page.

Notification Start Time is the time when the quarantine notification process starts. Notifications of any newly quarantined items are sent to those users who have notifications enabled.

 

Link to this page:

https://campus.barracuda.com/solution/50160000000Hpw1AAC