IMAP Block Overview

Access this page from the Monitor > ATP > Blocked Email menu.

The IMAP Block monitor page lists blocked emails with their threat score and other details including sender and recipient. You can also act on blocked emails here, including releasing them and adding them to the blocklist.

Note:

IMAP is supported only for Security Director Cloud use cases.

The following information is available from the Summary View:

Table 1: Blocked Email Summary View
Field	Description
Time Range	Use the slider to narrow or increase the timeframe within the selected the time parameter in the top right: 12 hrs, 24 hrs, 7 days or custom.
Malicious Email Count	This lists the total number of malicious emails scanned during the chosen timeframe and then categorizes them into blocked, blocked and not allowed, quarantined and allowed.
Emails Scanned	This is a graphical representation of all scanned emails, organized by date.

The following information is available from the Detail View:

Table 2: Blocked Email Detail View
Field	Description
Recipient	The email address of the recipient.
Sender	The email address of the sender.
Subject	Click the Read This link and preview the email.
Date	The date the email was received.
Malicious Attachment	Click on the attachment name to go to the Juniper ATP Cloud file scanning page where you can view details about the attachment.
Size	The size of the attachment in kilobytes.
Threat Score	The threat score of the attachment, 0-10, with 10 being the most malicious.
Threat Name	The type of threat found in the attachment, for example, worm or trojan.
Action	The action taken, including the date and the person (recipient or administrator) who took the action.

Using the available buttons on the Details page, you can take the following actions on blocked emails:

Unblock Attachment for Selected User(s)
Unblock Attachment for All Users