Getting Started

Welcome to Cumulus!

Please browse this short documentation to make sure your configuration is optimal, to implement best practices and to use our systems in the safest, most efficient manner.

IN THIS ARTICLE
Before Activation
Configure Contact Persons
Add Your Other Domains
The Configuration Process
After Activation
Decide On Your Preferred Quarantine Management Style
Monitoring the Quarantine
How to Search for Reportedly Unreceived Messages
How to Report Undetected Spam
Common Filtering Questions
Using the Right Whitelist
How to Block Newsletters
How to Block Spearphishing & CEO Scams

Before Activation

Configure Contact Persons

The very first thing you should do is create the appropriate Contact Persons for your organization. 

Only Contact Persons will receive automated communications sent by Cumulus. These communications are about key aspects of service configuration and administration.

Find out more about contact persons.

Add Your Other Domains

Make sure to add all the domains you want to be filtered in Cumulus before activating the service.

If your service was purchased through a distributor portal, you will be unable to add domains directly in Cumulus. Additional domains must be added through your distributor marketplace.

  • To add a domain to your account, go to My Organization → Parameters → Inbound Filtering → Domains and follow these instructions.
  • To add a domain to your client's account, go to Clients → (Select client account) → Parameters → Inbound Filtering → Domains and follow these instructions.

The Configuration Process

What to expect during the configuration process, advice getting ready to set up the service, when the service is considered active, and much more.

Find out more about the configuration process.


After Activation

Decide On Your Preferred Quarantine Management Style

The quarantine can be managed in different ways to accommodate different needs.

Deciding who gets access to the quarantine can drastically influence how you use Cumulus.

Check out this article to learn about user types and how they affect quarantine management.

Monitoring the Quarantine

After activating, you'll probably want to monitor the service more closely. This can be done in just a few minutes.

Check out this article to learn about monitoring your quarantine.

For some clues on why a message was quarantined look at the Score and any icons. For more technical details, you can check a message's headers: click the message subject and then the Toggle Headers button.

How to Search for Reportedly Unreceived Messages

Our filters do many things to detect and block bad emails. To get a sense of what all is being done, check out this overview of our filtering architecture.

The best place to start your search is in the Logs, since they contain the most information. 

If the message was Blocked:

  • Click the View link for more information.
  • The message could be rejected by our filters. There are many reasons why. For some indication, look at the Tags field for a summary or at the raw logs for details.
  • The message could be quarantined. There are many reasons why. Click the View the quarantined message link to see the message in the quarantine. 

If the message was Delivered:

  • Our filters were able to send the message to the mail server. Your investigation should continue on that server.

How to Report Undetected Spam

Sometimes an undesirable message will slip through. When that happens, the best thing to do is to report it to us. We don't keep any copies of filtered emails, so these samples you report are important. 

To make it easier to report samples, we have developed a plug-in for Outlook and an Add-in for M365.

The sooner the samples are reported, the sooner our filters can adapt. Messages older than 2 days will most-likely already be known to us and shouldn't be reported.

This is a community effort: all our clients contribute samples AND benefit from the rapidly-evolving protection.


Common Filtering Questions

Using the Right Whitelist

When you find a blocked email, you'll probably want to do something about it. For example, clicking the Release and Whitelist button in the quarantine will add a whitelist entry, but might not fix the underlying issue. For more in-depth information about whitelists and how they work, check out the Filtering Parameters article.

Below, you can find some common blocked email cases and how to fix them. If you're ever in doubt, reach out to us and we'll be happy to guide you to the best solution.

Banned files
Our filters automatically quarantined emails that have banned files. From the quarantine, the Release and Whitelist button will add the sender's address to the Banned file sender Whitelist. You can also manually add an exception in one of the many whitelists.
SPF error
These messages don't show up in the quarantine: you can find traces of the blocked messages in the Logs. Ideally, the sender should correct their problem. If you need to receive these messages, you can add an entry in one of the available whitelists.
DKIM error

These messages can be released from the quarantine. Ideally, the sender should correct their problem. If you need to avoid future blocked messages, you can add an entry in one of the available whitelists.

DMARC error

These messages can be released from the quarantine. Ideally, the sender should correct their problem. If you need to avoid future blocked messages, you can add an entry in one of the available whitelists.

Whitelisting messages that fail SPF, DKIM, or DMARC checks can be potentially dangerous. It can also be unclear what to add to the whitelist. If in doubt, contact us.

How to Block Newsletters

Newsletters, event invitations, webinars, and promotional announcements are a few examples of what's called Greymail.

Several options are available to deal with Greymail. Learn more about them in the Greymail article.

How to Block Spearphishing & CEO Scams

Spearphishing attacks are highly personalized. Thankfully, we've equipped you with a solution to this problem: the Spearphishing Module. 

All that's required to block spearphishing emails is the name of the person being impersonated.

Find out more about the Spearphishing module.