Professional Documents
Culture Documents
Table of Contents
3 List of Terms 3
4 Report Overview 3
5 Detailed Report 4
5.1 Dashboard 4
5.4 Policy 4
5.4.4.7 Stamps 13
5.4.5 Scan Engine 14
5.4.6 Internal Address 14
5.5.2 Rules 15
5.5.3 Email Reputation 15
5.5.4 Approved List 15
5.5.7 DMARC 16
5.6 Reports 16
5.7 Logs 16
5.8 Mail Areas & Queues 16
5.9 Administration 16
5.9.1 Administration (all except DKIM Signature) 16
2/16
1 About This Report
This report describes detailed results of the migration from IMSS/IMSVA to Trend Micro Email Security performed by Trend Micro Email
Security administrators on the administrator console. For more information, refer to the online help at the following link:
https://docs.trendmicro.com/en-us/enterprise/tmems/olh/migrating_data_from_imsx
2 Basic Information
3 List of Terms
Successful : All settings in this state are migrated to Trend Micro Email Security without any issue.
Warning : There are some minor issues about settings in this state, and the settings can be automatically handled by Trend
Micro Email Security. You only need to confirm these warning settings after migration.
Error : There are some critical issues about settings in this state, but the settings are still migrated to Trend Micro Email Security.
During migration, some improper settings may be removed or modified. The settings in Trend Micro Email Security may be
unexpected after migration, and the corresponding policies are disabled temporarily. You need to fix these error settings and
Not supported : Settings in this state are not supported in Trend Micro Email Security and are not migrated. If you need these
settings, you have to add them in Trend Micro Email Security manually.
4 Report Overview
Policy List 19 0 5 0
3/16
5 Detailed Report
This chapter describes details about the migration of the settings on the IMSS/IMSVA administrator management console, including
the migration scope and migration result. All settings on the EUQ management console are not migrated.
5.1 Dashboard
Not migrate.
The dashboard is a statistical summary of past mail traffic and scanning results. Trend Micro Email Security provides a more powerful
dashboard feature.
Not migrate.
Trend Micro Email Security is a cloud-based product. It is unnecessary to display system status information.
Not migrate.
Trend Micro Email Security is a cloud-based product. It is unnecessary to display cloud pre-filter information.
5.4 Policy
Partially migrate.
Migration scope:
Not migrate policies for POP3 messages, which are configured when you specify a policy route.
Not migrate "Other" policies whose scanning condition relationship is set to "AND", unless all conditions selected are content
related.
Not migrate C&C email settings in the scanning conditions for "Other" policies.
Migration remarks:
If a policy in IMSS/IMSVA is applied for both incoming and outgoing protection, it is split into two rows in the following table. One
is for inbound protection and the other is for outbound protection.
Policies under Policy > Policy List in IMSS/IMSVA are migrated to different destination locations in Trend Micro Email Security.
The following table lists the detailed destination locations of these policies.
Destination
Name Direction Result Description
Location
ering
Prevention (DLP)
4/16
Compliance - Financial Outgoing Successful Outbound Protec
and Banking
tion > Data Loss
Prevention (DLP)
ering
Inbound Protecti
on > Content Filt
ering
Default Spam Policy Ou Outgoing Error Keyword or expression referenced by the policy is i Outbound Protec
tgoing
nvalid. (3) tion > Spam Filte
Profanity ring
tering
5/16
Default spam rule Incoming Error Keyword or expression referenced by the policy is i Inbound Protecti
ering
ering
tering
Virus Policy
Global antivirus rule Outgoing Error Domain of email addresses in policy route (sender, Outbound Protec
tering
Mail from invalid Email I Incoming Error Policy route (sender, recipient or exception) addre Inbound Protecti
D/Domain
ss is invalid. (1) on > Content Filt
ering
6/16
Spam Fax Mail Incoming Successful Inbound Protecti
Inbound Protecti
ering
Spam Mail from Invalid Incoming Error Policy route (sender, recipient or exception) addre Inbound Protecti
domain
ss is invalid. (132) on > Spam Filteri
*@*.3736newsletters.com (Sender)
*@*.5thquarter.net (Sender)
*@*.COMPUTER888.net (Sender)
*@*.CiteMailer.com (Sender)
*@*.aba.com (Sender)
*@*.affinityinet.com (Sender)
*@*.aim.com (Sender)
*@*.alibaba.com (Sender)
*@*.all-hotels.com (Sender)
*@*.allrayinc.com (Sender)
*@*.associates-external.com (Sender)
*@*.att.net (Sender)
*@*.aweber.com (Sender)
*@*.benchmarkemail.com (Sender)
*@*.big927fm.com (Sender)
*@*.biztech2mailers.com (Sender)
*@*.bluemountain.com (Sender)
*@*.bolixe.com (Sender)
*@*.brick.com (Sender)
*@*.bsmail.in (Sender)
*@*.btinternet.com (Sender)
*@*.buygroup.pe (Sender)
*@*.bytepark.com (Sender)
*@*.centennialpr.net (Sender)
*@*.ceomelb.catholic.edu.au (Sender)
*@*.chollian.net (Sender)
*@*.cleanmail.in (Sender)
*@*.cnfcu.cn (Sender)
*@*.cocacola.com (Sender)
*@*.constantcontact.com (Sender)
*@*.dishtv.in (Sender)
*@*.dm.jetairways.com (Sender)
*@*.edu.com (Sender)
7/16
*@*.eorgasm.com (Sender)
*@*.etiroltec.com (Sender)
*@*.eventsaroundasia.com (Sender)
*@*.exacttarget.com (Sender)
*@*.faniq.com (Sender)
*@*.fonbet.info (Sender)
*@*.free.fr (Sender)
*@*.futurepath.com.cn (Sender)
*@*.gbiresearch.com (Sender)
*@*.globaldata.com (Sender)
*@*.googlegroups.com (Sender)
*@*.greensafeglobal.com (Sender)
*@*.greensexchange.com (Sender)
Keyword or expression referenced by the policy is i
nvalid. (3)
Profanity
Racial Discrimination
Sexual Discrimination
ering
ering
Migrate the "Global DKIM Enforcement" rule to Inbound Protection > Domain-based Authentication > DomainKeys Identified Mail
(DKIM) Verification in Trend Micro Email Security.
Result Successful
Description
Not migrate.
Trend Micro Email Security provides more powerful scan exception configuration, which is different from the configuration in
IMSS/IMSVA. You need to manually configure scan exception settings under the Virus Scan menu in both inbound and outbound
8/16
5.4.3.1 DKIM Approved List
Migrate to Inbound Protection > Domain-based Authentication > DomainKeys Identified Mail (DKIM) Verification in Trend Micro
Email Security.
Result Successful
Description
Migrate to Administration > Policy Objects > Web Reputation Approved List in Trend Micro Email Security.
Result Successful
Description
Migrate to Administration > Policy Objects > URL Keyword Exception List in Trend Micro Email Security.
Result Successful
Description
Migrate to Administration > Policy Objects > Address Group in Trend Micro Email Security.
Migration remarks:
If the address group name already exists in Trend Micro Email Security, we will rename it by suffixing the name with a
timestamp.
If an address group is used as senders (or sender exceptions) in outgoing policies or recipients (or recipient exceptions) in
incoming policies and the group contains email addresses from unmanaged domains, we will create a copy of the address group,
delete those email addresses from the copy, and suffix the copy name with " - internal".
Migrate to Administration > Policy Objects > Keywords And Expressions in Trend Micro Email Security.
9/16
Additional Subject based spam keywords Error Keyword or expression starts with "s". (2)
Chainmail Successful
\sBONSAI CATS\s+(\S+\s+)*www\.bonsaikitten\.co
m\s
\sBill Palmer\s+(\S+\s+)*gift certificate\s
\sLife is beautiful\.pps\s+(\S+\s+)*virus\s
\sLipstick Test\s+(\S+\s+)*Lead\s+(\S+\s+)*Cancer\
s
\sMadeline Murray O'Hare\s+(\S+\s+)*atheist\s
h eggs\s
\sNeiman-Marcus cookie\s+(\S+\s+)*Cookie Recipe
-\$250\.00\s
10/16
\sOsama Vs Bush\s+(\S+\s+)*virus\s
\sProgesterex\s+(\s+\S+){0,5}rape\s
\sSNIFF PERFUME\s+(\S+\s+)*pass out\s
\sSULFNBK\.EXE\s+(\S+\s+)*Virus\s
\sSlavemaster\s+(\s+\S+){0,5}suspect for murder\s
\sTampax Pearl\s+(\S+\s+)*Fibers\s+(\S+\s+)*bleed
\s
dates\s
\santi-perspirant\s+(\S+\s+)*breast cancer\s
\sautograph\.t\.pif\s+(\S+\s+)*Virus\s
\shttp:\x2f\x2fwww\.license\.shorturl\.com\x2f\s+(
\S+\s+)*Driver's License\s
\slarva\s+(\S+\s+)*breast\s
\slocked briefcase\s+(\S+\s+)*flat tire\s
dow\s
\snew gang initiation\s+(\S+\s+)*kill and dismemb
er them\s
\snew virus\s+(\S+\s+)*"WORK"\s
\swedding game\s+(\s+\S+){0,5}hacker\s+(\S+\s+)*
password\s
11/16
SPAM Mails for Internal Domain Successful
.*
hi there Successful
validategreytip Successful
verifygreytip Successful
Migrate to Administration > Policy Objects > DLP Compliance Templates in Trend Micro Email Security.
Migration scope:
Not migrate predefined DLP compliance templates because Trend Micro Email Security already provides predefined DLP
compliance templates.
No data to migrate.
Migrate to Administration > Policy Objects > DLP Data Identifiers > Expressions in Trend Micro Email Security.
Migration scope:
Not migrate predefined expressions because Trend Micro Email Security already provides predefined expressions.
No data to migrate.
Migrate to Administration > Policy Objects > DLP Data Identifiers > File Attributes in Trend Micro Email Security.
Migration scope:
Not migrate predefined file attributes because Trend Micro Email Security already provides predefined file attributes.
No data to migrate.
12/16
Migrate to Administration > Policy Objects > DLP Data Identifiers > Keyword Lists in Trend Micro Email Security.
Migration scope:
Not migrate predefined keyword lists because Trend Micro Email Security already provides predefined keyword lists.
No data to migrate.
Migrate to Administration > Policy Objects > Notifications in Trend Micro Email Security.
Migration scope:
Not support the following IMSS/IMSVA tokens. Replace them with the actual values in Trend Micro Email Security manually if
necessary.
%HEADERS%: Complete headers from the original message.
%RULETYPE%: Type of a rule. The options are Content Filter, Message Size Filter, and others. Trend Micro Email Security
also has this variable, which however has a different meaning.
%ENTITY%: Part of the message that triggers a content filtering rule (message or attachment header, content).
%QUARANTINE_PATH%: Quarantine path (if a quarantine action is performed).
%QUARANTINE_AREA%: Quarantine name (if a quarantine action is performed).
%PROTOCOL%: Protocol used by the mail server. The options are POP3 and SMTP.
%HOSTNAME%: Scanner where a rule is triggered and where messages archived or quarantined by this rule are stored.
%MAILCHARSET%: Mail charset.
Compliance violation notification Warning Domain of the sender address in policy notification do
es not exist.
Original: postmaster@imsva.trendmicro.com
Revised: no-reply@tmes.trendmicro.com
Email encryption exceptions notification Warning Domain of the sender address in policy notification do
es not exist.
Original: postmaster@imsva.trendmicro.com
Revised: no-reply@tmes.trendmicro.com
Notification of encrypted message Warning Domain of the sender address in policy notification do
es not exist.
Original: postmaster@imss.com
Revised: no-reply@tmes.trendmicro.com
5.4.4.7 Stamps
13/16
Migrate to Administration > Policy Objects > Stamps in Trend Micro Email Security.
Migration scope:
Not support the following IMSS/IMSVA tokens. Replace them with the actual values in Trend Micro Email Security manually if
necessary.
%ENTITY%: Part of the message that triggers a content filtering rule (message or attachment header, content).
%PROTOCOL%: Protocol used by the mail server. The options are POP3 and SMTP.
%HOSTNAME%: Scanner where a rule is triggered and where messages archived or quarantined by this rule are stored.
%MAILCHARSET%: Mail charset.
Not migrate.
Advanced Threat Scan Engine is enabled automatically in Trend Micro Email Security.
Not migrate.
IMSS/IMSVA uses the Internal Address menu to determine mail traffic direction in policy configuration. This is unnecessary in Trend
Not migrate.
Virtual Analyzer settings come from Policy > Virtual Analyzer in IMSS/IMSVA, but in Trend Micro Email Security, Virtual Analyzer
Migrate file sandbox to Inbound Protection > Virus Scan > Virus Policy > Scanning Criteria > Submit files to Virtual Analyzer;
Migrate URL sandbox to Inbound Protection > Spam Filtering > Spam Policy > Scanning Criteria > Web Reputation > Submit
Result Successful
Description
Not migrate.
14/16
These settings are designed for on-premise products. Trend Micro Email Security completes all encryption settings on the cloud server
automatically.
Result Successful
Description
5.5.1 Overview
Not migrate.
Trend Micro Email Security provides block traffic details under Logs > Mail Tracking.
5.5.2 Rules
Not migrate.
Migrate to Inbound Protection > Connection Filtering > IP Reputation > Settings in Trend Micro Email Security.
Migration scope:
Result Successful
Description
Migrate to Inbound Protection > Connection Filtering > IP Reputation > Approved IP Addresses in Trend Micro Email Security.
Migration scope:
Not migrate IP addresses and groups of computers if theEmail Reputation and IP Profiler check box to the right of Apply to is
deselected.
Migrate to Inbound Protection > Connection Filtering > IP Reputation > Blocked IP Addresses in Trend Micro Email Security.
Migration scope:
15/16
5.5.6 Suspicious IP
Not migrate.
5.5.7 DMARC
Migrate to Inbound Protection > Domain-based Authentication > Domain-based Message Authentication, Reporting and
Conformance (DMARC) in Trend Micro Email Security.
Result Successful
Description
5.6 Reports
Not migrate.
Trend Micro Email Security provides a more powerful report feature. The report data and settings in IMSS/IMSVA are not migrated.
5.7 Logs
Not migrate.
Trend Micro Email Security provides a more powerful log query feature. The logs in IMSS/IMSVA are not migrated.
Not migrate.
Trend Micro Email Security provides a more powerful quarantine query feature. Other mail queue management is not supported by
Trend Micro Email Security.
5.9 Administration
Not migrate.
These features provided by IMSS/IMSVA are mainly for on-premise products while Trend Micro Email Security is a cloud-based product.
Migrate to Outbound Protection > DomainKeys Identified Mail (DKIM) Signing in Trend Micro Email Security.
Migration scope:
No data to migrate.
16/16