Home » Support » Knowledge Base » CIPA Compliance - Email Security

CIPA Compliance - Email Security

Overview

This document will outline best practices and configuration options to help meet Children's Internet Protection Act, or CIPA, criteria as it relates to Email Security. These settings may need to be adjusted to meet your organizational goals or expectations.

It is intended to assist educators and administrators in education on CIPA information. eSoft, and this document, does not offer legal advice and you should consult with an attorney whenever you think it necessary concerning questions about CIPA compliance and meeting any requirements outlined within.

Configuration

The majority of the suggestions here are configuration changes to applications which are part of the Email ThreatPak.

Gateway Anti-Virus

Gateway Anti-Virus will detect phishing attempts, malware and data-stealing trojans in incoming email, preventing these types of malware from infecting your local machines keeping childrens personal information safe.

1. From the menu on the left select Gateway Anti-virus -> Settings
   
   
   
    
2. Enable "Gateway Anti-Virus" and "Incoming mail". You may also enable Outgoing mail.
3. Click the Advanced button.
   
   

   
    

4. Enable "HTTP", "Local (Relay/Server) SMTP Scanning", and "Other SMTP Scanning".
5. Click Apply.
    

Spam Filter

Spam Filter, using built-in flags and historical data, prevents unwanted email, or spam, from being delivered to childrens' inboxes while enabling them to communicate safely with your staff, or their family and friends.

1. From the menu on the left select SpamFilter -> Settings.
   
   

   
    

2. Enable SpamFilter.
3. Suggested configurations:
   • High - Reject
   • Medium - Quarantine
   • Low - Quarantine or Deliver Normally
   • Image scanning - Enabled
4. Click the Advanced button.
   
   

   
    

5. DIA Reputation Filter and Reject From DIA Real-Time Blacklist should both be enabled.
6. Click Apply.
7. From the menu on the left select SpamFilter -> Bayesian Filter.
   
   

   
    

8. Enable the Bayesian Filter.
9. Click Apply.
10. Periodic checks of the Spamfilter Whitelist should be made to make sure no local addresses have been added.
     

Content Filter

Content Filter prevents private information, like a child's date of birth or Social Security number, from leaving your network as part of an email. It also prevents delivery of inbound email containing inappropriate material that may not otherwise be captured.

1. From the menu on the left select Email Content Filtering -> Content Settings.
   
   

   
    

2. Enable Content Filtering.
3. Select the following Preset Keywords:
   • Personal category and all sub-categories
   • FDA NDC Code sub-category
   • Profanity sub-category
4. Click Apply.
5. From the menu on the left select Email Content Filtering -> File Attachment Settings.
   
   

   
    

6. Change "Action" to Reject.
7. Specify which attachment types to be rejected.
8. Click Apply.
9. From the menu on the left select Email Content Filtering -> Quarantine -> Settings.
   
   

   
    

10. Configure quarantine notices to be sent to an administrator for review before releasing to the recipient.
11. Click Apply.
     

*** InstaGate ONLY *** As an additional measure of protection, create a firewall policy blocking outbound SMTP from all except your mail server. This will prevent viruses, spambots, and other malicious applications from being able to "call home" or relay spam through your Internet connection.

Troubleshooting

More Information on each of the softpaks discussed above can be found in our KnowledgeBase:

• Gateway Anti-Virus - http://www.esoft.com/support/knowledge-base/category/gateway-anti-virus/
   
• Spam Filter - http://www.esoft.com/support/knowledge-base/category/spamfilter/
   
• Content Filter - http://www.esoft.com/support/knowledge-base/category/email-content-filter/

Download eSoft's CIPA Compliance Whitepaper