Message History & Archive

Hermes SEG keeps a log and a copy of each email message it sends and receives for archiving purposes. The number of log entries and actual messages the system keeps depends on the amount of storage space available on the system. The system automatically starts purging the oldest email logs and email messages once the internal storage reaches 95% capacity.

You can easily see the data/time of the oldest message that the system has retained by looking on the upper right-hand corner of the page in the Earliest Message Date/Time field (Figure 1).

Figure 1

image-1606139654835.png

For a low to medium traffic system, an email archive of up to 5 years is possible assuming that no Email Archive job has been setup in order to free up space. If an email Archive job has been setup, the email archive can become virtually unlimited since the email messages will be stored off the local storage.

In this page you will be able to perform the following functions:

  • Set the Number of Mesages to Display
  • Sort Email Messages
  • Search Email Messages
  • Release Email Messages to Internal Recipient Mailboxes
  • Create Block & Allow Sender Rules
  • Train the Bayes Database
  • View & Download Email Messages

For security reasons, the following keywords are not allowed in any search field:

  • Select
  • Update
  • join
  • delete
  • insert
  • all
  • drop

Set the Number of Messages to Display

By default the Message History & Archive page displays 25 messages at a time. You can select to display 5075 or 100 messages at a time.

  1. Click on the the drop-down fnext to the No of Msgs to display field, select the number of messages you wish to display and click on the Go button (Figure 2).

Figure 2

image-1606139672498.png

Sort Email Messages

  1. Click on drop-down field containing the messages types, select a message type you wish to sort for and click on the Clear & Sort button (Figure 3).

Figure 3

image-1606139682873.png

 

You can sort by the following types of messages:

  • ALL - These selection will display all messages regardless of message type.
  • Clean (Passed) - These are email messages that no problems were found and were succesfully delivered to their intended recipient.
  • Spam (Passed) - These are email messages that were tagged as Spam but they did not score high enough to be quarantined, thus they were succesfully delivered to their intended recipient albeit tagged as Spam.
  • Spam (Quarantined) - These are email messages that were tagged as Spam and scored high enough to be quarantined.
  • Bad-Header (Quarantined) - These are email messages that were detected as having bad headers thus they were quarantined.
  • Banned (Quarantined) - These are email messages that contained banned file attachments thus they were quarantined.
  • Virus (Quarantined) - These are email messages that contained malware thus they were quarantined.

If you sort by any type of message, in other words if the message type selection drop-down is set to anything but the ALL entry, message searches will be performed for the message type selected. For example, if you have sorted by the message type Spam (Quarantined) and you perform a search by date range, the results are only going to show entries matching the date range AND the message type Spam (Quarantined). If you wish to perform a search for all messages, ensure you have sorted by ALL message types.

Clicking on the Clear & Sort button, will clear any previous searches.

Search Email Messages

You can search email messages by Date/Time Range, the From field, the Return-Path field, the To field, the Subject field and you can also search in the body or a header of a message.

Searching by DATE/TIME

Searching by DATE/TIME allows you to search for messages that were received/sent between the dates and times you specify.

  1. Ensure the Search Field(s) drop-down is set to DATE ONLY.
  2. Ensure Search Phrase field is empty.
  3. Enter a Start Date (you can click on the Calendar button to bring up the calendar to select a date or you can simply enter a date in the format dd/mm/yyyy)
  4. Select a Start Time by selecting a an entry from the Start Time drop-down (entries are in 15-minute increments)
  5. Enter an End Date (you can click on the Calendar button to bring up the calendar to select a date or you can simply enter a date in the format dd/mm/yyyy)
  6. Select an End Time by selecting a an entry from the End Time drop-down (entries are in 15-minute increments)
  7. Click the Advanced Search button (Figure 4)

Figure 4

image-1606139697845.png

  1. If any results are found they will be displayed underneath the Search section (Figure 5).

Figure 5

image-1606139709990.png

 

Searching by FROM, RETURN-PATH, TO, SUBJECT

Searching by FROM, RETURN-PATH, TO or SUBJECT allows you to search for messages that match the search criteria you specify in the From field, Return-Path field, the To field or the Subject field of a mesage.

  1. Ensure the Search Field(s) drop-down is set to FROM, RETURN-PATH, TO or SUBJECT.
  2. Enter the criteria to search for in the Search Phrase field. Please note that in case of a Return-Path field search, the search criteria must be the exact email address or the system will not return any results.
  3. Click the Advanced Search button (Figure 6).

Figure 6

image-1606139721352.png

  1. If any results are found they will be displayed underneath the Search section (Figure 7).

Figure 7

image-1606139729962.png

 

Searching by BODY/HEADERS

Searching by the BODY/HEADERS allows you to search for messages that match the search criteria you specify in the body or the headers of messages. The search Criteria can be any keyword or phrase.

Search results for BODY/HEADERS searches are limited to a maximum of 500 entries.

While a BODY/HEADERS search is in progress, no other BODY/HEADER searches can be performed, however, other types of search by Date/Time Range, From, To and Subject field can still be performed.

Please note that BODY/HEADERS searches are limited to messages stored locally on the appliance. Any messages that have been archived outside the appliance will not be searched.

  1. Ensure the Search Field(s) drop-down is set to BODY/HEADERS.
  2. Enter the criteria to search for in the Search Phrase field.
  3. Click the Advanced Search button (Figure 8).

Figure 8

image-1606139743502.png

  1. Searching by BODY/HEADERS is a very system intensive operation. Search results are not displayed like all other searches. Instead the system creates a search job that runs in the background. While a BODY/HEADER search is in progress the system displays a red dot on the upper right-hand corner of the page above the Earliest Message Date/Time field (Figure 9).

Figure 9

image-1606139755350.png

  1. Clicking on the red dot will redirect to the Body/Headers Search History page, where you can view the status and/or cancel of a pending BODY/HEADERS search. If a search is pending and you wish to cancel it, you can click on the Cancel button under the Cancel column of a pending search (Figure 10).

Figure 10