Skip to main content

RGuard

RGuard is the administrator portal for the RGUARD (ReceiveGuard) product in the EG Platform suite. It is the second inspection layer on the inbound path and focuses on advanced threats that signature-based filters typically miss.

What RGUARD Does in the Pipeline

Internet  →  SGUARD/SpamGuard  →  RGUARD/ReceiveGuard  →  Mail Server
  • Defense in depth — every message that reaches RGUARD has already been cleared by SpamGuard. RGUARD applies deeper, content-aware inspection on what is left.
  • Inbound only — RGUARD does not process outbound traffic. Outbound mail is handled by SendGuard inside SGUARD.
  • Independent portal — RGUARD has its own URL, its own login, and its own administrator accounts. It is operated separately from SGUARD.

What RGUARD Inspects

RGUARD groups its detections into three categories that match the sidebar layout of the portal:

Compromised Inbox

Messages that look like routine business mail but show signs of a compromised or impersonated account:

  • BEC (Business Email Compromise) — invoice fraud, payroll redirection, executive impersonation
  • Marketing Mail — bulk or promotional messages that should be separated from business correspondence
  • Virus — messages carrying malware that escaped signature-based scanners
  • Ransomware — messages designed to deliver ransomware payloads

Spoofing

Messages where the sender identity does not match the actual origin of the mail:

  • Spoofed Header — the visible header (address, ID, domain) has been forged
  • Sender Risk Analysis — the original sender, the final sender, or the path between them carries elevated risk
  • Look-alike Domain — the sending domain looks similar to a trusted domain (homoglyph, typo-squatting) but is not the same

Filtering and Bypass

  • Filtering — rules that override the default classification (allow lists, custom blocks, advanced policies)
  • ByPass Mail — a dedicated module for messages that should skip part of the inspection chain, available from the top navigation bar

Portal Modules

The RGuard portal is organized into five top-level modules, accessible from the top navigation bar:

ModulePurpose
MailMonitor and act on inbound mail classified by RGUARD's detection engines
FilterManage allow / block / advanced filtering rules applied by RGUARD
SettingsGroup administrator account management
StatisticsAggregated reports and analytics for RGUARD detections
ByPass MailManage messages that bypass part of the inspection chain

Topics

  • Login — Sign in to the RGuard portal, including language selection
  • Portal Overview — Layout of the administrator portal: top navigation, sidebar menu, and main content area
info

SGUARD runs before RGUARD on the inbound path. Threats blocked by SpamGuard never reach RGUARD. For inbound spam, DKIM, URL blacklist, and signature-based malware mailboxes, see the SGuard documentation.