User Actions wizard

This guide explains how to interact with MetaDefender™ Cloud Email Security when handling emails with special actions required — such as encrypted attachments, blocked content, or release requests.

When you receive an email flagged by MetaDefender™ Cloud Email Security, you will be prompted to take one or more actions before accessing the message or its attachments.

End users can access the Ozzy chatbot while the User Actions Wizard is visible on screen. See Chatbot (Ozzy) for more information.

The User Actions process involves:

Security Verification

When accessing a flagged email, you will see a Security Verification Required screen.

The end user must:

  • Enter his/hers email address.
  • Click Verify to proceed.

This ensures only the intended recipient can take further action.

The user can click "What’s this?" to view more information about why the email was flagged (e.g. encrypted content, blocked content, or policy violations).

Authentication

For security, MetaDefender™ Cloud Email Security will send a One-Time Password (OTP) to the email address previously specified.

The end user must:

  • Enter the OTP code on the verification page.
  • Click Verify Code to continue.

Providing the incorrect OTP code three times will require a new code to be sent.

Viewing Email Details

Once verified, the recipient will be presented with the Email Details page.

Here you can review:

  • Sender
  • Recipient(s)
  • Subject line
  • List of attachments
  • Email body (If policy allows, for permissions, see Configuration Settings)

Depending on the email content and your organization's policies, you may be prompted for additional actions at this stage.

Providing Passwords for Encrypted Content

If your organization's policy allows (see Configuration Settings), the attachments in an email are password-protected. The end user will be prompted to provide the password(s) so they can be scanned safely.

Enter Password(s)

  • Enter the password(s) required to unlock the encrypted attachments.
  • If all attachments share the same password, the "Use one password for all attachments" option can be selected.

Confirmation

If the attachments pass security checks, the email will be delivered successfully.

The following confirmation message will be displayed: "Email successfully delivered" — no further action is needed.

If a user fails to provide the correct password for encrypted content after five attempts, the message will receive the “Failure to analyze” verdict. The message will then be blocked or allowed (delivered) according to the policy settings defined for this verdict.

Release Original Email

If your organization's policy allows (see Configuration Settings), the user might also be allowed to release the blocked email without administrator approval.

Viewing Scan Result Details

If your organization's policy allows (see Configuration Settings), the user is also allowed to view the scan result details for the blocked email. AV engine & sanitization results are displayed to provide details as to why the email was blocked. For more information on scan result details, see Scan Results)

Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard
Next to read:
Audit Log
On This Page
User Actions wizardSecurity VerificationAuthenticationViewing Email DetailsProviding Passwords for Encrypted ContentEnter Password(s)ConfirmationRelease Original EmailViewing Scan Result Details