InterScan™ Messaging Security Appliance (IMSA) creates log entries of the IP addresses or domains that have sent email messages violating scanning conditions, but are still not blocked because the total number of messages did not exceed the threshold you set for the given time period.
To display suspicious IP addresses and domains:
Choose IP Filtering > Suspicious IP/Domain from the menu.
Choose from any of the following conditions:
Next to Type, select the check boxes next to the type of threat that the IP filter detected.
Next to Dates, select the date time range within which IMSA blocked the sender.
If you know a specific IP address to query, type it next to IP.
To display the corresponding domain names of the IP addresses, select the Show Domain names check box.
Next to Logs per page, select the number of log entries to display on the screen at one time.
Click Display Log.
Perform any of the additional actions:
To block an IP address temporarily, select the corresponding check box in the list, then click Block Temporarily.
To block an IP address permanently, select the corresponding check box in the list, then click Block Permanently.
To change the number of items that appears in the list at one time, select a new display value from the drop down box on the top of the table.
To sort the table, click the column title.
See also: