I am having a conference call with the project team & a couple of others next week sometime - would have done it today but a bit busy and it gives me a chance to document things in a rather more orderly fashion. Will happily forward you in with any information.
guys - I've setup an open Q&A with the lead TDA for mailmarshall. it will take place sometime on Tuesday via a freephone conf call bridge. If you've been piloting the admin console and want to join the call please pm me and ill send you the details as we're really interested in your feedback.
looking forward to talking to you then synaesthesia.
Ok guys, not sure I should relay this information rather than gonzodad but for everyone's benefit:
The Q&A was largely positive - there are known issues they are still working on however things have certainly improved.
The things that affect us as schools/things we need to look out for are as follows:
Scanning of binary files for badwords has largely improved - this is something I've seen over the last week especially. They say the last remaining big problem with this is PDFs created with varying programs which they are trying to narrow down. That's something we can live with I feel - I'm no longer having to manually release handfuls of emails per day.
Searching for things within square brackets is an ongoing one however searching for the text within the square brackets is no longer an issue, that would be down to the improvements in binary scanning. For instance searching for "sln" beforehand picked that up from just about all emails however the results now I have confirmed are pretty much spot on.
Documentation for the product has been sent out to the schools involved; however if you don't appear to have it then I'm sure gonzodad wouldn't begrudge a PM asking for it. The lack of documentation/my understanding led to about 3 hours of our emails being deleted straight away - quite happy to admit to making a mistake there.
Things are certainly looking up and looking good - as I said before the system is very flexible and powerful. MailMarshal are apparently very open to improvements and suggestions and welcome any feedback via the LA's/service providers involved; hence why EMBC have been happy with them so far.
It was good to listen to them explain the improvements - we know they've already been open about having problems due to the slightly rushed nature of it all but they will continue to improve based on school's findings. Feel free to post anything in here if it will aid other schools but make sure feedback goes through the right channels.
Thanks, Gonzodad - your input has been much appreciated. Hopefully you understand the frustration shown in the first few days back of term!
As I mentioned to one of the guys working on this project, what drives me round the bend is not being able to delete the 'rubbish' from MM. Okay, I've seen that this is spam. I know it's there. Now I want rid! I don't want it showing in my search results each time and I don't want to have to remember what time I last checked so I can adjust the time filter.
It's one area of Webroot that was superior to this.
synaesthesia - thanks for posting the details, no problem at all. good talking to you.
More work is being done to enable local access for Northants schools ... there will be an update on this tomorrow. Thanks to synaesthesia and others for their perseverance and for working with embc / Synetrix.
Apologies for the delay in getting this out to folk.
Northants schools can now access the Mail Marshall admin console if they want to and there are 3 ways to do it.
1 - Go directly to the web page and login with the user details you can get from the desk.
2 - Login to the Admin area of the EMBC portal and click on the SSO link. The first time it will ask for your login details (gained from the desk) and then take you in.
3 - Login to the EMBC portal, go to SUMS and click on the link from there to go straight in.
I would recommend you ring the desk anyway to get you login details (which can be given to the technical or admin contact for the school, or to the Head ... it might also be an idea to check you details are up to date at the same time) as they will also give you the user manual ... without getting into the granny / egg-sucking situation, I would recommend you read the manual.
Other LAs are sharing similar information via their standard communication routes so keep an eye out.
If I get any other feedback today about how things are going with other MM changes I'll stick them up when I can.
Another quick query. Is it possible to have the ability to release emails that EMBC globally class as Spam? We've had 2 blocked in the last couple of days - thankfully as the text is still visible I can copy & paste it in an email to intended recipients but a release option would be nifty.
Global Rules apply across EMBC and so are controlled by the desk only. We did have a long discussion about this at a recent tech meeting and the idea is that by calling the desk to get things released there is a better chance of continuing the get the rules tweaked so it doesn't get caught by them in the future. The same applies to viruses as well.
In Northants we are also looking at whether certain domains might need to be globally allowed on the scanning of encrypted attachments. At the moment there is a view (held for a number of years) that if you can't scan a file how do we know it can be trusted? Some of the other LAs are more trusting as they know that there is better chance of up to date AV software and allow things like LA.gov.uk emails through ... but we don't, at the moment.
This does cause some problems right now so we are looking at what might happen should we take a similar approach, remembering that the most commonly caught things are actually items which should not just be emailed about (even encrypted) but be uploaded via secure file transfer systems ... and this also applies to schools who are using external HR / Pay solutions too ...
We don't like to dictate to schools (no ... stop laughing ...) but we are trying to be reasonable about what the impact might be on all schools should we make a change.
Cheers GD. Myself and Terry were pondering about encrypted attachments and obviously there is always a risk of "if you don't know what's inside, how do we know it's safe" - much like "suspect packages" when the bomb disposal squads are dispatched. And of course if you add an exclusion for certain domains, who's to say that a little tweakery of the headers can't bypass that (so it looks like mail is being sent from a trusted domain when it's not, commonly used in phishing scams)
Will email through future globally blocked stuff to service desk, that shouldn't be an issue. Perhaps it's worth the consideration that even by giving schools the ability to control that/pass those messages through, the provider will still be able to monitor/audit those actions and use that in the same way to tweak the rules if necessary.
You raise a good point about the documents that shouldn't be emailed anyway - that's certainly a user education thing rather than a need to "fix what isn't broken" our/ISP's end.
I can't agree more about everyone being reasonable about it - it's good to have someone that listens to what's being said and it's only fair that schools do the same in return - it will benefit everyone in the long run.
Today we are entirely without email as another rule has gone tits up, deleting *every* email coming in or going out. Still can't understand why the same rule to quarantine works but as soon as "quarantine" is replaced with "delete" (certain obvious types of spam to help manage it better) it sees fit to apply it to every single rule.
So my tip for today - DO NOT UNDER ANY CIRCUMSTANCES SET UP ANY RULES TO STRAIGHT DELETE EMAILS!
Currently going through the docs with a fine toothcome however I checked and double checked the rule before setting it last night, as did my NM. Still though, it fails.
Gonzodad: can you PM me the contact details of the dev chappy from MailMarshal - I think a rule sanity check should almost certainly be in place for this sort of eventuality.
*** Edit : Ohh someone at EMBC loves us and has managed to give it a poke by the looks of it! We're now back in business. When I break things, I do it properly! :D
Hi - the dev chap is one of ours, he is already aware of your issue.
I'm thinking that a bit more of a hands-on webinar might be needed on some of this rather than waiting for the next NetworkNorthants meeting.
I agree - it could possibly be too in-depth for the NN meeting - but hopefully with a better turnout than the conference call.