User Tools

Site Tools


antivirus_spam_protection_interval_setting

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
antivirus_spam_protection_interval_setting [2019/04/04 16:11]
lucy
antivirus_spam_protection_interval_setting [2019/10/13 11:05] (current)
lucy
Line 1: Line 1:
 Sometimes a remote Firewall, Spam filter or Virus Filter might automatically scan all the URL's within a link. As a result you end up with false positives and LUCY will show all link clicked (success). To avoid such automatic link requests by some 3rd party application you can enable the antivirus/​firewall protection and LUCY will ignore all* GET requests for the first 30 or 60 seconds: Sometimes a remote Firewall, Spam filter or Virus Filter might automatically scan all the URL's within a link. As a result you end up with false positives and LUCY will show all link clicked (success). To avoid such automatic link requests by some 3rd party application you can enable the antivirus/​firewall protection and LUCY will ignore all* GET requests for the first 30 or 60 seconds:
  
-{{:antivirus_1.png?600|}}+{{ :block_clicks.png?600 |}}
  
-***Note:** it starts to work starting from the 2nd recipient that clicks the link too fast. For example, you have 4 recipients, run a campaign, you get the first click within the 1st minute: it gets counted, but the system moves to the alerted state, the 2nd click within 1-minute interval turns on the protection and drops the click. All further clicks under 1 minute will be dropped as well. We are counting the 1st click, because it is useful for testing purposes.+***Note:** it starts to work starting from the 2nd recipient that clicks the link too fast. For example, you have 4 recipients, run a campaign, you get the first click within the 1st minute: it gets counted, but the system moves to the alerted state, the 2nd click within 1-minute interval turns on the protection and drops the click. All further clicks under 1 minute will be dropped as well. We are counting the 1st click, because it is useful ​**for testing purposes**.  
 +If you want to ignore **all** clicks within chosen interval, you can tick the "Block all clicks within protection interval"​ checkbox.
  
 +:!: You should enable both options when starting a campaign in production.
 +
 +===== Important notice for Office 365 email customers =====
 +
 +If your recipients use **Office 365** with Exchange Online Protection (EOP) and you cannot add Lucy's IP address or sender'​s email address to the trusted list, then please configure the __Antivirus Protection Interval__ to "__1 minute__"​ and activate the option "​__Block all clicks within protection interval__"​. \\
 +
 +Besides, you will have to set up a [[scheduler|Scheduler]] for your campaign in order to distribute the sending of phishing\awareness emails during a longer period of time and not all at once. This is because Office 365 usually comes with [[https://​docs.microsoft.com/​en-us/​microsoft-365/​security/​office-365-security/​office-365-atp|Advanced Threat Protection (ATP)]] enabled which scans each incoming email for malicious and phishing. Such actions made by ATP might trigger Lucy to count clicks and visits.
  
antivirus_spam_protection_interval_setting.1554387083.txt.gz · Last modified: 2019/07/25 12:51 (external edit)