End User Questions
How does one log in to the Postini Message Center?
What is the interface like?
How do users get Postini passwords?
Can the password be changed?
What if an end user can't log in to their Postini Message Center?
What if users don't want Postini services?
Will Postini still work if users change email service providers?
Do Postini Assistants work when I send mail or only when I receive it?
What browsers does Postini support?
Why do I need to enable cookies when logging in to my Message Center?

Postini Junk Email Assistant
Does Postini require extensive integration into existing email provider systems?
What makes the Postini Junk Email Assistant filters different from the spam filters found in my email application?
How do I know junk email is being filtered and not my regular (legitimate) email?
Does someone read personal emails at Postini?
How does Postini notify users when email is quarantined as suspicious junk email?
What if users prefer to receive junk email?
What happens in the event that Postini email processing servers fail?
How often is email deleted from the Message Center?
What if users never check their Message Center?
What if users receive spam, what should they do with it?
What if Postini directs legitimate email to the Message Center?
Does the Junk Mail Assistant watch for obscene language and other questionable content?
Will Postini automatically block services which might resemble spam, such as mailing lists?

Postini Virus Scan Assistant
Is Virus Assistant up-to-date on its virus definitions?
Who is McAfee?
Does it cost to repair my infected email?
Is McAfee desktop software available for my PC as well?
How am I notified that virus-infected email has been detected?

Privacy & Security
How does Postini handle security?
Do Postini services compromise privacy?

End User Questions

How does one log in to the Postini Message Center?
After an email provider activates Postini services, users will receive an "Activation Message" containing login instructions with password details. The password may be the same as a user's existing email account or a specific Postini-enabled password may alternatively have been provided. Users will also receive email notifications with login instructions when suspicious messages have been directed to their Postini Message Center.

What is the interface like?
To check messages or alter settings, users will first log in. After successfully logging in, their personal Postini Message Center appears, where they can review the messages that Postini identified as suspicious. The Postini Message Center is the web-based application where users find all Postini service settings and messages. Postini settings can be easily adjusted to accommodate end user's unique needs and habits.

How do users get Postini passwords?
Postini integrates with an email provider's existing authentication, so that the password remains the same as the user's existing email account; alternatively, an email provider may supply a new, temporary, password that can be changed after a user's first log in to the Message Center.

In some cases, Postini provides a new temporary password when the user account is activated. The user is requested to change this temporary password after first log in.

Can the password be changed?
If the email provider utilizes its authentication mechanism for Message Center login, then the password must be changed through their user support system. However, if Postini account passwords are used, password changes can be initiated online from within the Message Center settings; you may also request your password after a failed login attempt by clicking the "Forgot your Password?" link.

The Postini website will automatically detect which authentication system is used during your log in and provide the correct instructions for changing your password in the event of login failure.

What if an end user can't log in to their Postini Message Center?
End users should first try their email account password. If the password fails, the login page will display instructions for how to retrieve a password based on the authentication method used for the email provider.

What if users don't want Postini services?
Postini is user-configurable, allowing users to simply turn off one or all Postini email services. Typically, email providers will determine default settings for their customers. If those setting are too intrusive or not effective enough, users are welcome to adjust them at any time.

Will Postini still work if users change email service providers?
Postini accounts are unique to an email address. If users move to another service that includes Postini services, then they can continue to use Postini. If the new provider does not have Postini, users should contact their provider's support desk to request Postini services.

Do Postini Assistants work when I send mail or only when I receive it?
The current Postini Assistants only work on incoming email. This may change with new applications being developed on the Postini Message Platform.

What browsers does Postini support?
Postini supports version 4 (v4) and above of Netscape and Internet Explorer.

Why do I need to enable cookies when logging into my Message Center?
The main purpose of cookies is to identify you as a unique Postini services user and prepare Web pages that reflect your personalized Postini applications. When you enter the Message Center using cookies, Postini is generating a customized experience—your application settings, your quarantined email. Some information, such as your login email address, is packaged into a cookie and sent to your Web browser which stores it for later use; for example, the next time you log in, your browser will send the cookie to Postini so that only your password is required—saving you time. Postini does not track any personal information in its cookies or request any personal information through the Message Center—cookies are simply used to ensure you are in control of your email.

Postini Junk Email Assistant

Does Postini require extensive integration into existing email provider systems?
No-Postini offers its services via an ASP model, so it does not require extensive integration. Postini communicates with the provider's existing mail servers using standard SMTP. For more information on this integration mechanism, contact sales@postini.com

What makes the Postini Junk Email Assistant filters different from the spam filters found in my email application?
The mail filters found in email products have a number of limitations and often assume a "one size fits all" solution. Users are often expected to develop their own filter rules from the limited tools provided. Further, users must still download email before the mail client can filter it-possibly wasting time and bandwidth while waiting to read mail, such as spam, that you would not want anyway.

With Postini Junk Email Assistant filters, all email processing is done behind the scenes before it arrives in the inbox. This saves time and bandwidth by not forcing end users to download superfluous email, such as unsolicited offers. Moreover, Postini improvements are done without modifications to an end user's email services or email client. The Postini Junk Email Assistant performance is superior, identifying up to 95% of users' junk email.

How do I know junk email is being filtered and not my regular (legitimate) email?
Postini uses an advanced filtering technique built on heuristic rules, lists of approved and blocked senders, and databases of known junk email to maintain the effectiveness of the rules system. Despite these advanced measures, some good email may get caught since the concept of junk email is subjective (one man's trash is another man's treasure). To remedy this, Postini enables end users the ability to set a lenient-to-aggressive tolerance for filtering suspicious email: lenient filtering potentially lets more junk email through, but also minimizes the risk of legitimate email from getting mistakenly directed to the Message Center; conversely, aggressive filtering catches more suspicious email at the risk of mistakenly diverting normal email to the Message Center. Postini notifies users with regular summary reports of their Postini activities. With the right configuration, Postini can be set so that less than 1% of valid email is falsely identified as suspicious.

Does someone read personal emails at Postini?
No. All email processing is done through automated filters. Further, since Postini is capable of processing millions of messages each day, it is unlikely that a particular email stay around long enough since Postini processes a single message within milliseconds and does not write valid messages to disk. In the event a "suspicious" email is discovered, it will be directed to your private Postini Message Center pending your review. If you would like to pass on a suspicious email to Postini for further reference, you may do so by forwarding the message to spam@postini.com.

How does Postini notify users when email is quarantined as suspicious junk email?
Postini will send a regular report via email of the activity in the user's Postini Message Center. However, users can log in to the Postini Message Center at any time to monitor and review detained messages.

What if users prefer to receive junk email?
End users can turn Postini Junk Email Assistant off at anytime by simply logging in to their Postini Message Center, clicking "settings" and clicking "off" on the Junk Email toggle switch. (Other applications, such as virus scanning, can also be turned on or off in this manner.)

However, if Postini is detaining too much legitimate email, first try setting "Filter Sensitivity" to moderate or lenient and/or uncheck any "Filter Categories" that are unwanted. It also helps to explicitly list certain email addresses to allow their messages through the filters, regardless of content. Do this by entering valid addresses in the Approved Senders field.

What happens in the event that Postini email processing servers fail?
Postini deploys a large number of enterprise-scale servers dedicated to processing email. However, in the event of a catastrophe, email will be passed through the system by defaulting to your email provider's regular mail servers. There will be no noticeable performance hit. Any suspect messages that were diverted to the Message Center are contained on redundant disk storage devices that are backed up by Postini.

How often is email deleted from the Message Center?
Postini keeps email messages that have been directed to the Message Center for 14 days following the receipt of the message--this includes any messages that have been moved to a user's "Trash Folder" in the Message Center. After 14 days from first receipt, any message will be deleted. Email service providers will send an email activity report on a regular basis to remind users to check their Message Center. Users can also access their Message Center at any time.

What if users never check their Message Center?
Email that has been directed to the Message Center is deleted 14 days after receipt. Postini recommends that users check the Message Center frequently to ensure personal settings are appropriate and check messages. Users may find that some minor adjustments are required to ensure legitimate email is not falsely identified as junk. It is a good habit to bookmark the Log In page and check your message center at least every week.

What if users receive spam, what should they do with it?
If junk email reaches a user's desktop and appears in their email inbox, they can simply delete the message or forward it to spam@postini.com, if they wish. This allows Postini to reference it in our junk email database for the future. Users can also visit their Message Center and add the sender's address to their "Blocked Senders" list if it appears to be a repeat offender, preventing that sender from reaching the inbox again. It might also be useful to try increasing the sensitivity level in the configuration or turn on specific filter categories.

What if Postini directs legitimate email to the Message Center?
Unfortunately, some legitimate email may be erroneously directed to the user's Message Center. This is due to the subjective nature of email messages and what could possibly be considered junk email. If a significant amount of valid email is being misdirected to the Message Center, Postini can be used to build a list of approved senders, thereby minimizing the possibility of detaining a valid email in the future.

From the Message Center, click "deliver" for any legitimate email and Postini will ask if all messages from this sender should be delivered--that sender is then added to the "Approved Sender" list. Next time, messages from that sender will not be detained unless the Postini Virus Assistant is active and detects a virus from that sender. You may also manually build your approved senders list by visiting your junk email settings.

Does the Junk Mail Assistant watch for obscene language and other questionable content?
The Junk Email Assistant is tuned for identifying unsolicited commercial email (UCE), otherwise known as spam or junk email. This is somewhat different than filtering specifically for content, like most email filtering. For example, a friend sends a joke containing obscenities. This originates from a known source, whereas a message of unknown origin containing obscenities that refers to a pornography site WOULD likely be directed to the Postini Message Center. Of course, Postini does have the capability to explicitly block any address--in case you want to restrict email from a known source.

Will Postini automatically block services which might resemble spam, such as mailing lists?
Most likely not. If it does trigger Postini filters, we recommend that you add the sender to the "Approve Senders" list.

Postini Virus Protection Assistant

Is Virus Assistant up-to-date on its virus definitions?
Yes. Virus Assistant updates virus definitions continuously. Not only will virus scanning of malicious email viruses prove extremely valuable to you, but it also saves valuable time by scanning messages behind the scenes. You are only notified when a virus is found in a message. Virus Assistant utilizes McAfee's AVERT (Anti-Virus Emergency Response Team) to stay current with virus definitions. AVERT is a worldwide virus-monitoring network that continuously looks for new viruses and subtle changes in old ones so that virus definitions stay current.

Who is McAfee?
McAfee provides industry-leading protection against today's most dangerous viruses and tomorrow's threats. McAfee and your service provider made this possible by inserting virus-scanning technology into your mail flow. This relieves email providers and you from maintaining individually installed virus detection and the hassle of maintaining current virus definitions.

Does it cost to repair my infected email?
Based on the email service provider's arrangement, disinfection of infected messages may or may not be freely available.

Is McAfee desktop software available for my PC as well?
Yes, you can purchase desktop virus protection software from McAfee. Visit McAfee at www.mcafee.com for more info.

How am I notified that virus-infected email has been detected?
You are notified immediately via email when an infected virus is detected in an email message. From the Message Center, you can safely review the infected email text.

Privacy & Security

How does Postini handle security?
Postini takes the security and privacy of user data seriously.

• Legitimate email is not written to disk.
• Passwords are not stored and never transmitted in plain text.
• Suspicious email directed to the Message Center is broken up before being written to disk, so only end users can access it.
• Postini resources, apart from the web and email processing machines, are not accessible through the public Internet.

To ensure data integrity, Postini has stringent back-up schedules as well as redundant systems for load balancing. To ensure availability, Postini administrators work with administrators at Exodus Communications, where Postini's physical equipment is located, to ensure 24x7 up time and the integrity of the system.