This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Who has deleted an entry in quarantine?

At one of my customers SMG environments we detected that some entries have been deleted from quarantine. No, there is no way to detect this activity in your web interface I assume. You have to grab through your log files. There you find a statement that an item has been deleted. Nevertheless you do not know who started this activity. And you do not know which message. A message id will be reported which does not exist any more in quarantine.

We have to know who has deleted from quarantine? Who has released or forwarded items?

Does anyone know how to get this information?

I have tried to analyze the database in the background but I was not successful Thinking


Use "Verified Answers" if your problem/issue has been solved!

  • 0  

    Hi Diethmar - As I am sure you know, when a user deletes a message from quarantine, if they are the only person with that message it is removed from the system.  If the message was sent to more than one user, it only goes away from the system after the last user deletes their copy.  However when you have more than one user defined as admin user with the ability to delete messages from quarantine, just like when deleting as Admin, it goes away completely and does not get recorded anywhere.  Please put this in the Ideas community as an enhancement and get folks to vote on it.  Engineering as wanted to put this in for some time but so far it's not risen to the level where the Product Manager will approve it's addition - Pam

  • 0   in reply to   

    Yes, Pam. The important piece is that we want to know who deleted this item. In my case admin told me that some entries disappeared in quarantine. We could see that this mail has been scanned and moved to quarantine but afterwards we have lost any traces. We could not prove that a client has deleted this entry by himself ...

    Support tried to help this customer to find out what happened but did not have success. I hope he will report this deficit to devs. SMG is a security product so we should know ...Innocent


    Use "Verified Answers" if your problem/issue has been solved!