Email Live Search

myEAS (https://myeas.retarus.com) - Search

The Email Live Search feature enables your help desk and IT department to provide more rapid support to your users and in analyzing how you can better secure your systems. Using Email Live Search, you can perform email research, virus research, and spam research. After clicking on the Search button in the Email Live Search navigation menu, click on the respective Select button to perform the desired research.

With Email Research, you can locate inbound or outbound emails, including detailed status information for each email.

You can locate emails using several search criteria: Sender, recipient, MIME Message ID, RMX ID, MTA ID, Source IP, Sender Country Code and email subject. The search for subject is only available if you have activated the storage of this information (see Email Live Search: Option to store the subject of emails). It is possible to utilize prefix fragments, e.g., "info" or "inf" to locate "info@retarus.de" and, in case of the subject, use single words or fragments. Emails that match the search criteria are displayed directly below in the results section.

You may also search for emails that contained a virus or did not contain a virus. (The default option “Virus Status” = “All” means that no filtering is applied and all emails, no matter if they contained a virus or not, are displayed.) The virus filter enables you to identify current senders or recipients of viruses as well as to determine the magnitude of current threats. You have the option to research a specific virus signature using the search option “Virus Status: Infected”. For example, if you found the virus signature “W97M/Agent.7510415” in the listing, you can limit the virus search to the number of findings for this particular virus signature. Please note, that the entire signature string is required for the search.

Once you click on the Details button for an email, you will see a detailed processing history for each email which contains both meta information as well as tracking information. If applicable, the profile name is displayed to facilitate rapid verification of user settings (e.g., profile-based block- or allowlists).

The following screenshots present some of the results you will encounter when using email search.

The screenshot above shows tracking information. All details are displayed in the order in which they were processed. The Inbound Filter is the first tracking event at the Email Security Gateway.

Subject details will only be visible if storing the subject has been activated, see Email Live Search: Option to store the subject of emails.

You will only see Decryption displayed if you have booked that feature and you received an encrypted email. The AntiVirus MultiScan either indicates the virus name or states "no virus found". If the email was deleted, you will be informed of this in a box labeled Quarantine, with Virus as the reason as well as receiving confirmation that the primary email address was notified in cases where the recipient is an alias address.

In the screenshot below, an email was quarantined because a newsletter was detected. Help desk staff can release this email from the quarantine by clicking on the Release from Quarantine button, which is located in the quarantine section. If an email is released, it is sent to the primary address and not to the alias address.

Spam Research facilitates a more rapid research process by limiting results to a specific range of spam possibilities. Click on the Details button to retrieve meta information and tracking information for a specific result.

Phishing Detection Research facilitates a more rapid research process by limiting results to findings of the Phishing Detection module only. Click on the Details button to retrieve meta information and tracking information for a specific result.

CxO Fraud Detection Research facilitates a more rapid research process by limiting results to findings of the CxO Fraud Detection module only. Click on the Details button to retrieve meta information and tracking information for a specific result. This research option is only available if you have booked the CxO Fraud Detection service as part of the Retarus Advanced Threat Protection.

Sandbox Research facilitates a more rapid research process by limiting results to findings of the Sandboxing module only. Click on the Details button to retrieve meta-information and tracking information for a specific result. This research option is only available if you have booked the Sandboxing service as part of the Retarus Advanced Threat Protection.