Lucy Awareness
Visit our WebsiteContact Support
  • Wiki Overview
  • Guides
    • Quick Guides
      • Create Your First Campaign
        • Adding a New Client
        • Register an Attack Domain
        • Campaign Setup
          • Selecting an Attack
          • Attack Settings
          • Awareness Settings
          • Recipients
          • Review
        • Whitelisting
    • Installing Lucy
      • On-Premise vs Cloud Installation
      • Architecture
      • Hardware Requirements
      • Network Communication
      • Installing Lucy
      • Post Installation
    • Manage Blacklisted Domains
      • Managing Google SafeBrowsing Alerts
    • Whitelisting a Lucy Server
      • Google Workspace Whitelisting
      • Microsoft O365 Whitelisting
      • File Attack Whitelisting
    • Attack Simulations
      • Attack Types
        • Data Entry Attack
        • Hyperlink Attack
        • File Attack
        • Portable Media
        • Smishing
        • Lures
        • QR Codes
        • Ransomware Emulation
        • Technical Malware Test
          • Malware Toolkit Test Suite
        • Mail & Web Filter Test
        • Email Spoofing Test
      • Attack Template Customization
      • Firewall Protection Interval
      • Email Tracking Technologies
      • Advanced Information Gathering
      • Regular Expressions in Login Fields
      • Copy a Website
      • Redirecting Users
    • Awareness Training
      • Awareness Template Customization
      • Awareness Only Campaigns
        • Using Multiple Awareness Trainings
      • Use extended method of tracking the end of the quiz
    • Reporting Plugin
      • Deploying Office 365
      • Deploying Outlook Native
      • Deploying Gmail
  • Application Screens Reference
    • Statistics Dashboard
    • Campaigns Dashboards
    • Campaigns
      • New Campaign
        • Wizard Mode
          • Selecting an Attack
          • Attack Settings
          • Awareness Settings
          • Recipients
          • Review
        • Expert Mode
      • Campaign Settings
        • Configuration
          • Base Settings
          • Awareness Settings
          • Attack Settings
          • Schedule
            • Schedule Plan
          • Recipients
        • Advanced Settings
          • User Settings
          • Filters
          • Custom Fields
          • Reminders
        • Campaign Checks
        • Logs
        • Results
          • Summary
          • Statistics
          • Reports
          • Exports
    • Templates
      • Attack Templates
      • Awareness Templates
      • File Templates
      • Report Templates
      • Campaign Templates
      • Training Diploma
      • Download templates
      • Variables in Lucy
    • Users
      • Recipient Groups
      • End Users
      • End User Portal Settings
      • Administrative Users
      • Reputation Levels
    • Settings
      • Common System Settings
        • Domains
          • Supported TLDs
        • Firewall
        • Web Proxy
        • Mail Settings
        • SMTP Servers
        • SSL Settings
          • SSL for Campaigns
        • SMS Settings
        • Filter Settings
        • API Whitelist
          • API Routes
        • LDAP Servers
          • LDAP Sync Tool
        • LDAP Settings
        • Azure Applications
        • Azure AD Settings
        • SSO Configuration
      • Advanced System Settings
        • Advanced Settings
        • SSH Password
      • Submitted Email Settings
        • Custom Rules & Score Factors
        • Abuse Reports
        • Incident Autoresponder
        • Plugin Settings
      • Clients
        • Client Invoices
        • Client Invoice Settings
      • Backup and Restore
        • Backup Settings
      • Benchmark Sectors
      • Whitelabeling
      • File Browser
    • Incidents
    • Support
      • Status
        • Status
        • System Monitoring
        • System Health Check
        • Notifications
      • System Tests
        • Test Email
        • Performance Test
        • Spam Test
        • Mail Spoofing Test
        • Mail and Web Filter Test
      • System Logs
      • Manual
      • Update
      • Reboot
      • Mail Manager
      • Terms & Conditions
    • Account Settings
      • Two Factor Authentication
      • License
      • Invoices
    • Notifications
  • Release Notes
    • 5.4
    • 5.3.5
    • 5.3.4
    • 5.3.3
    • 5.3.2
    • 5.3.1
    • 5.3
    • 5.2.1
    • 5.2
    • 5.1
    • 5.0
    • Version 4
      • 4.14
      • 4.13
      • 4.12.1
      • 4.11
      • 4.10.1
      • 4.9.5
      • 4.9.2
      • 4.9.1
  • Legal
    • EULA
    • Privacy Policy
    • DPA, Customer and Partner Info
    • Service Level Agreement
    • Confidentiality of Campaign Data
  • When to Contact Us
    • Contact Technical Support
Powered by GitBook
On this page
  • Introduction
  • Required templates
  • How to run the test
  • Customizing the test template

Was this helpful?

  1. Application Screens Reference
  2. Support
  3. System Tests

Mail and Web Filter Test

PreviousMail Spoofing TestNextSystem Logs

Last updated 10 months ago

Was this helpful?

Introduction

The Mail and Web Filter Test provides valuable insights into how effectively your mail server and web proxy handle various types of test files. This test helps you evaluate whether your filters can detect and block potential malicious content, such as Java files, backdoors, scripts, and embedded Office objects. By understanding your current protection level, you can refine your security measures and conduct more targeted phishing simulations to enhance your overall defense strategy.

Navigate to Support -> System Tests -> Mail & Web Filter Test


Required templates

The mail and web filter test is a special type of campaign that requires a specific attack template. Be sure to download the template before creating the test:


How to run the test

Campaign settings

First give the test campaign a name and client. Leave the Setup Mode set to Mail & Web Test, and optionally pin the campaign or enable delete-protection. When you're ready, click Save.

Mail settings

After saving the campaign settings the page refreshes automatically, and you are now within the mail and web filter campaign settings. Configure the mail delivery settings for the test and click Save again.

Your sender email domain must point to your Lucy server in order for the test to work.

Scenario settings

Once again the page will refresh after saving the mail settings. Click Edit Scenario Settings for the test scenario to edit your test configuration:

Select a domain to host the test files, optionally using a single subdomain. Just like with other attack scenarios, be sure to select a domain other than your Lucy admin domain. Click Save again.

To ensure email delivery it's best to select the same domain here that you entered for the sender email above.

For this test your system settings should be sufficient. However, if you want to test some other mail delivery system that is not your default system setting you can change it here.

Since we are (hopefully) not running this test off the admin domain we need to ensure the hosting domain has proper SSL applied. This will be especially relevant when you need to download the files off the hosting domain.

Select or generate your SSL certificate and click Save to apply.

Here you can select from an extensive list of file types that simulate various malicious behaviors. Each category can be enabled/disabled globally, or you can enable/disable each file individually within a category. By default every category and file is enabled.

Click a category to expand it and view the files, plus an overview of the category.

When you've selected the files you wish to enable click Save to apply your choices.

Customizing the test template

The Mail & Web Test template can be edited like a file template - navigate to Templates > Attack Templates and search for "Mail & Web Test", then select Edit Template. Switch to the File List page to see the classes and files included in the template.

Here you can create and organize the different classifications for your files. You can also edit each file individually - click any file to download it. You can then upload the file with your changes, or even upload a totally custom file. To remove a file, simply click the green X symbol on the file's row.

Be sure to Save all changes when you're done!

If your domain doesn't have SSL be sure to generate or upload a certificate on the SSL page.