Advanced and OCR

The Advanced settings enable you to adjust the processing limits and preferences Secure Email Gateway uses.

The OCR settings determine how Secure Email Gateway extracts and scans text from images, optionally including QR codes and barcodes, for analysis.

The OCR feature requires a license. If you have not purchased the license for this feature, these settings will not be displayed in the user interface. The QR and barcode scanning is an extended functionality of the OCR feature to enhance the lexical analysis Secure Email Gateway performs. If you have the OCR license, you will be able to use the QR and barcode scanning functionality.

Configure Advanced and OCR settings

1. Navigate to System > Gateway Settings > Policy Engine Settings. The Policy Engine Settings page is displayed.
2. In a panel showing the Advanced and OCR settings, click Click here to change these settings.
3. Adjust the settings as required:

Advanced

• Maximum recursion depth

  In an attempt to search for hidden threats, Secure Email Gateway decomposes complex data formats into their component parts. Decomposed components may need even further disassembly, if they are archives, or encoded or compressed files. This process is complete when each component is recognized as a raw data type, such as a bitmap, text file, binary file, or application executable file.

  Maximum recursion depth specifies the number (level) of this decomposition. The default is 50.

  When this limit is exceeded, Secure Email Gateway abandons processing the message, and the message will be placed in the Message Processing Failure area.

  We recommend that you do not change this setting from the default value.

• Child node limit

  Child node limit specifies the maximum number of immediate child nodes in a container to be processed. The range is between 100,000 and 2,147,483,647, and the default is 1,000,000.

• Process a message for up to

  Process a message for up to specifies the maximum amount of time, in seconds, for Secure Email Gateway to spend processing a single message. The range is between 30 and 3,600 seconds, and the default is 1,800 seconds (30 minutes).

  When this limit is exceeded, Secure Email Gateway abandons processing the message, and the message will be placed in the Message Processing Failure area.

  We recommend that you do not change this setting from the default value. In case a large number of messages are being classified as potentially problematic due to this limit being reached, and you want to increase the limit, contact the Technical Support for advice.

• Automatic message repair

  Automatic message repair allows you to choose whether the Policy Engine repairs character set and other message header properties that do not conform to the RFC.

  Select Enabled or Disabled from the drop-down menu. The default is Disabled.

  This setting is ignored if the message is modified, for example, when an annotation is added.

• Preserve DKIM signature on outbound messages

  Messages with DKIM DomainKeys Identified Mail signatures cannot be modified, so Secure Email Gateway removes these signatures from all messages. This way, Gateway can apply modifications, such as sanitization, redaction and adding a disclaimer, to the messages.

  Preserve DKIM signature on outbound messages allows you to select whether to keep DKIM signatures on outbound messages, or to remove DKIM signatures from outbound messages.

  Select Enabled or Disabled from the drop-down menu. The default is Disabled.

  Enable this setting if you do not need to modify outbound messages, and you need to preserve existing DKIM signatures, added by M365 for example, for outbound messages.

• On a subject encode failure

  On a subject encode failure controls the action Secure Email Gateway is going to take when a subject of the message has an encoding problem, for example, containing characters outside the declared character set.

  Select Fail message processing from the drop-down menu to treat this as a message processing failure, or select Remove the subject to delete the subject. The default is Fail message processing.

• Logging level

  Logging level controls the amount of details in logs recorded by the Policy Enforcement service.

  Five levels from the highest to the lowest; Trace, Debug, Info, Warning, and Error are available from the drop-down menu. The default is Info.

  Increasing the level may result in significantly enlarged log files, which can adversely affect disk space and performance.

• PDF image extraction

  PDF image extraction allows you to choose whether images are extracted from PDF documents.

  Select Enabled or Disabled from the drop-down menu. The default is Enabled.

OCR

• Minimum image size

  Minimum image size specifies the smallest image size, in pixels, that can be scanned when Secure Email Gateway is extracting text to be processed.

  The default is 200, representing a 200 x 200 pixel square. You are not able to enter a value lower than 16.

  If either the height or width of an image is smaller than the Minimum image size, scanning will not be carried out.

  We recommend that you set both Minimum image size and Maximum image size to be meaningful values. For the minimum value, consider the image size that might contain sensitive information. Depending on a number of images Secure Email Gateway needs to process, the image size settings can affect message throughput.

• Maximum image size

  Maximum image size specifies the largest image size, in pixels, that can be scanned when Secure Email Gateway is extracting text to be processed.

  The default is 8,400, representing a 8,400 x 8,400 pixel square. You are not able to enter a value greater than this.

  If either the height or width of an image is larger than the Maximum image size, scanning will not be carried out.

  We recommend that you set both Minimum image size and Maximum image size to be meaningful values. Depending on a number of images Secure Email Gateway needs to process, the image size settings can affect message throughput.

• QR and barcode scanning

  QR and barcode scanning allows you to choose whether Secure Email Gateway extracts text from QR codes and barcodes.

  Select Enabled or Disabled from the drop-down menu. The default is Disabled.

• Languages enabled

  Languages enabled specifies languages used in the OCR feature. Secure Email Gateway supports the detection of a large number of available languages.

  Select a language from the drop-down menu. Alternatively, type a language and matching suggestions will be displayed.

  Secure Email Gateway can apply the OCR feature to a selection of languages. English, French, German, and Spanish are enabled when you first upgrade or install. We, however, recommend that you use as few languages as possible, as this can help Secure Email Gateway reduce processing time and increase accuracy of processing results.

4. Click Save.
5. Apply the configuration.

If you change any configuration or policy settings, you must Apply Configuration for the new settings to take effect. You can do this either from the Changes Made panel, or System > Configuration > Apply Configuration. See Apply new configuration for more information. If you use Peer Gateways (i.e. when multiple Gateways are peered), any configuration changes from a local Gateway can then be applied to all the peers at the same time. See Peer Gateways for more information.