[KB7840] Configure SMTP client threat notifications using ESET PROTECT On-Prem

Issue

Details

You can use ESET PROTECT On-Prem to configure SMTP settings on client workstations so that threat or event notification emails are sent to a designated email address. You can also configure ESET endpoint settings to send SMTP messages from client workstations.

Solution

Prerequisites

Make sure SMTP Server is configured.

 Endpoint users: Perform these steps on individual client workstations


Configure SMTP threat notifications using server notifications

  1. Open ESET PROTECT On-Prem in your web browser and log in.

  2. Click Notifications, select the check box next to the notification you want to configure, and then click Actions  Edit.

    Figure 1-1
  3. Click the toggle under Enabled to enable it.

    Figure 1-2
  1. Click Distribution and type the email address you want this notification sent to into the Email Address field.

    Optional settings

    Click Basic and modify the name and description of the email notification.
    Click Configuration and modify the rules that trigger the notification.
    Click Distribution and modify the text of the email notification in the Message field.
    Click Advanced Settings - Throttling and further refine the volume and frequency of your notifications based on statistical and time-based triggers.

  2. Click Finish. Repeat the steps above to configure the other Notifications listed in step 2.

    Figure 1-3

     


Configure SMTP threat notifications using a policy

Potential for a high volume of notifications

When you use this method, there is the potential for the recipient's email address to receive a high volume of notifications should a significant notification trigger occur, such as an outbreak of malware on one's network.

  1. Open ESET PROTECT On-Prem in your web browser and log in.

  2. Click Policies, select the policy, and then select the box next to the policy you want to set up SMTP threat notifications for. Click Actions → Edit.
    Figure 2-1
  3. Click Settings → Tools Notifications.

  1. Click the toggle next to Send event notifications by email.

  2. Type your server address into the SMTP server field. If necessary, enter the username and password needed for authentication.

  3. Type the email address you want notifications to be sent to in the Recipient address field; type the email address you want to be displayed as the sender in the Sender address field.

  4. Select your desired verbosity level from the Minimum verbosity for notifications drop-down menu. Click here for more information about verbosity levels.

Figure 2-2
  1. Click Message Format, and click the toggle next to Use default message format to disable it. You can modify the format of the SMTP threat notification emails generated in the Format of event messages and Format of threat warning messages fields.

  2. Click Finish to save the policy.
Figure 2-3

All clients assigned to this policy will now send SMTP threat notifications to the email address (Recipient address) you specified in step 3.