Endpoint Protection

 View Only

  • 1.  Possible to send plain text email alerts?

    Posted Dec 16, 2015 11:00 AM

    My organization is now blocking .css files.  I noticed we were virus free for a few months now.  Then I realized I wasn't getting client change notifications.  Those have .css files attached.   The weekly report is .mht  which is also blocked.

     

    For virus and client emails, is there a setting in SEPM to get just a plain text email instead?  My organization didn't budge on the .mht file blocking so I doubt they'll bother with .css attachments either.  

     

    We're getting zero alerts now essentially from SEPM.  No idication that anything's wrong or changed.  I tested with eicar and confirmed it and discovered it was a .css attachment.

     

    The only workaround I'm thinking of is to use something like blat.  I see in the notifications section that an event can trigger a batch file.  I could have it trigger a batch file that uses blat to send an email.  I'm not thinking of a way to include any details in the email though, but it would get someone's attention that something happened.  That sounds pretty hacky as a workaround though.



  • 2.  RE: Possible to send plain text email alerts?

    Posted Dec 16, 2015 11:07 AM

    Found this.

     

    https://support.symantec.com/en_US/article.TECH105865.html

    NOTE: Symantec Endpoint Protection Manager (SEPM) 12.1.1101.401 (RU1 MP1) supports sending email notifications in plain text format. 
    The default format remains HTML. 
    To send notifications in plain text format, the SEPM administrator must edit the conf.properties file on the server and add the following new line:
    scm.email.content.type=text/plain

     

     

     

    Testing.....



  • 3.  RE: Possible to send plain text email alerts?

    Posted Dec 16, 2015 11:10 AM

    Found two conf.properties file in here....

    C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\tomcat\webapps_ws\sepm\WEB-INF\classes
    C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\tomcat\etc

     

     

    Is it both?  Or just one?



  • 4.  RE: Possible to send plain text email alerts?

    Posted Dec 16, 2015 11:17 AM

    Trying both.

     

    Used notepad++ to add scm.email.content.type=text/plain  at the end of both.  Saved the originals.  Swapped in the two "plain text" conf.properties files.

     

    Restarting the server...



  • 5.  RE: Possible to send plain text email alerts?

    Posted Dec 16, 2015 11:25 AM

    Yeh!  I got plain text alerts in, made it past the email attachment filters.

     

    I'll check back later in case anyone says one of those config files wasn't supposed to get that line.



  • 6.  RE: Possible to send plain text email alerts?
    Best Answer

    Posted Dec 16, 2015 12:31 PM

    Steps are in this article:

    Plain text format is not available for Symantec Endpoint Protection Manager (SEPM) email notifications

    Only need to edit \tomcat\etc\