Welcome to eScan Wikipedia

From eScan Wiki

Revision as of 06:01, 7 April 2009 WikiSysop (Talk | contribs) ← Previous diff		Revision as of 06:07, 7 April 2009 WikiSysop (Talk | contribs) Next diff →
Line 1:		Line 1:
-	<U>'''Mail Anti-Virus (eMail Scanning)'''</U>	+	<U>'''Anti-Spam'''</U>
-	This section provides the description and settings of eScan's Mail Anti-Virus for scanning of emails.	+	This section provides the decription and settings of eScan's Anti-Spam for scanning of spam / junk emails.
-
	=='''Description'''==		=='''Description'''==
-	Mail Anti-Virus scans all incoming and outgoing mails for viruses, spywares, adware and other malicious objects. By default when you start Mail Anti-virus it will only scan for Incoming emails	+	Anti-Spam based on the NILP (Non Intrusive Learning Pattern) technology, intelligently filters all your junk and spam emails.
	=='''Status in main Protection Center Window'''==		=='''Status in main Protection Center Window'''==
-	The <B><font color="Green"> '''green''' </font></B> colored Tick <U><B><font color="Green">(√)</font></B></U> mark indicates the Mail Anti-Virus is active and running.	+	The <B><font color="Green"> '''green''' </font></B> colored Tick <U><B><font color="Green">(√)</font></B></U> mark indicates the Anti-Spam is active and running.
-	The <B><font color="Red"> '''red''' </font></B> colored Cross <U><B><font color="Red">(X)</font></B></U> mark indicates the Mail Anti-Virus is inactive and stopped.	+	The <B><font color="Red"> '''red''' </font></B> colored Cross <U><B><font color="Red">(X)</font></B></U> mark indicates the Anti-Spam is inactive and stopped.
-	=='''Configuration section''' ==	+	=='''Configuration section'''==
		+	<U>''Status''</U>
-	:<U>''Status''</U>	+	:*Anti-Spam Status – This will display the status of the Anti-Spam in Running or Disabled mode.
-	:*Mail Anti-Virus Status – This will display the status of the Mail Anti-virus in Disabled or Running mode.	+	:*Anti-Phishing Status – This will display the status of Anti-Phishing module is in Enabled or Disabled mode. (For more detail please check in the section '''B. Spam Filter Configuration Section''' below).
-	:*Action – This will display the action to be taken on infected emails in Delete or Disinfect mode.	+	:*Action – This will display the Action that will be taken on the email considered as Spam i.e. Quarantine/Delete.
-	:''Stop / Start buttons'' – Clicking stop / start button will disable or enable the Mail Anti-Virus.	+	:''Stop / Start buttons'' – Clicking stop / start button will disable or enable the Anti Spam.
-	:''Settings button'' – To configure the Mail Anti-Virus for incoming / outgoing email scanning click on the Settings button.	+	:''Settings button'' – To configure the Anti-Spam for email scanning click on the Settings button.
-	'''I. Scan Options:-'''	+	'''I. Advanced'''
-	:'''a) Block Attachment types '''-	+	:'''A. General Options section'''
-	::This setting contains a list of file extensions, which will be blocked / deleted at the MicroWorld Winsock layer (MWL - gateway level), if found in any email attachment (pop3 account) during scanning by Mail Anti-Virus. MicroWorld has a predefined list of known file extensions mostly propagated by Viruses.	+
-	::Additional file extensions to be blocked can be added in this section as per the user’s requirement	+
-	::<B><U>Note</U>:</B> We do not recommend deleting the file extensions predefined by MicroWorld.	+	::# Send Original Mail to User (default) - This option when enabled will send the email (though tagged as spam) to the original recipient of the email also. <U><B>'''Note:'''</B></U> If the email has been tagged as '''SPAM''', the email will be in the SPAM folder of the email client (i.e. Outlook Express). SPAM folder in the mail client is created by eScan.
		+	::# Do not check content of Replied or Forwarded Mails – This option when enabled will not check contents of email that are either replied or forwarded.
		+	::# Check Content of Outgoing Mails – This option when enabled will also check outgoing emails for restricted contents.
-	::'''More options / Advanced (- - -)'''	+	::<U>'''Buttons'''</U>
-	:::i) Delete all attachments in email if disinfection is not possible ''(default)'' - It would delete those infected attachments in an email, only when the attachment is non-disinfectable.	+
-		+
-	:::ii) Delete entire email if disinfection is not possible ''(default) ''– It would delete the entire email if the attachments in it are non-disinfectable.	+
-	:::iii) Delete entire email if any virus is found – It would delete any email infected with virus.	+	:::'''a) Phrases – '''Clicking on this button, will enable the users to define a list of phrases to be checked in the body of an email and take the necessary actions i.e. either Quarantine / Delete the email.
-		+
-	:::iv) Quarantine blocked attachments – It would quarantine the attachments that are listed in the Block Attachment types.	+
-	:::v) Delete entire email if any blocked attachment is found ''(default)'' – It would delete the email which has an attachment listed in the Block Attachment types.	+	:::* '''Enable E-Mail Content Scanning''' – When this option is enabled, body of the email will be checked for any listed words/phrases is found and the defined action will be taken.
-		+
-	:::vi) Quarantine email if attachments are not scanned – It would quarantine the email in case if the attachment(s) in it is not scanned.	+
-	:::vii) Quarantine attachments if they are not scanned - It would quarantine the attachment in case if it is not scanned.	+	:::* '''User specified whitelist of words/phrases '''- This will list the words/phrases defined and whitelisted by the users (Color Code - <font color="Green"><B>GREEN</B></font>).
-	:::viii) Exclude attachments (White list) – Here the users can add the filename or the extensions of those files that should not be blocked and should be delivered to the user’s inbox. For e.g. If *.pif is listed in Block Attachments types and a file by the name e.g. abcd.pif is required to be allowed, then add abcd.pif can be added in the Exclude Attachments (White list) section. Adding *.pif files in this section will allow all *.pif to be delivered. We recommend adding the entire file name like abcd.pif.	+	:::* '''User specified List of Blocked words/phrases''' - This will list the words/phrases defined and block listed by the users(Color Code - <font color="Red"><B>RED</B></font>).
-	:::<B><U>'''Note</U>:'''</B> The Exclude attachment list (White List) holds precedence over the Block Attachments types.	+	:::* '''User specified words/phrases disabled''' - This will list the words/phrases defined but disabled (excluded for scanning) by the users (Color Code - <font color="Gray"><B>GRAY</B></font>).
-		+
-	:'''b) Action – '''
-	::Here the action can be configured to be taken on an infected email.
-	::* Disinfect – The infected email will be disinfected.
-	::* Delete – The infected email will be deleted.
-	::*Quarantine Infected Files - The infected email will be quarantined and the quarantined folder path can be set. The default path is C:\PROGRA~1\eScan\Quarant and this can be set to a different folder as per users requirement by clicking on the select path button <B>(---)</B>.
		+	:::<U>'''Options on Right Click:'''</U>
-	:'''c) Mail Server settings – '''	+	::::* '''Add Phrase:''' To add a word/phrase, right click and select Add Phrase. Add the word/phrase in the section and select the Action (Quarantine the Mail/Delete the Mail) to be taken on the email if the word/phrase is found in the content of the email.
-	::This setting is required to be configured for eScan to send an email notification to the user informing about the action taken on an email. This is useful for setting up an outbreak alert /notification /warning messages to the recipient, that are sent by eScan when it detects any violation or breach of security.	+
-	::* SMTP Mail Server settings – Enter the SMTP IP address of the mailserver of your company or you ISP.	+	::::* '''Edit Phrase – '''select this option to edit/modify the word/phrase or the action to be taken.
-	::* SMTP Port – Enter the SMTP Port of the mailserver of your company or your ISP. By default port is 25. (You can confirm the same with your mailserver administrator or ISP).	+
-	::* User Authentication (optional) – Enter the user name if your mailserver requires Authentication for sending email.	+
-	::* Authentication Password (optional) - Enter the password if your mailserver requires Authentication for sending email.	+
		+	::::* '''Enable Phrase – '''shall enable the listed word/phrase for Content check in the email and the defined action will be taken.
-	:'''d) Port settings for eMail/Web Scan – '''	+	::::* '''Disable Phrase – '''shall disable the listed word/phrase for Content check in the email and no action will be taken.
-	::Here the ports used for incoming and outgoing of email are defined, in-order for the Mail Anti-Virus to scan the emails received / sent on the respective ports.	+
-	:::* Outgoing Mail (SMTP) – By default the SMTP port is 25 (check with your mailserver administrator or your ISP).	+
-	:::* Incoming Mail (POP3) – By default the POP3 port is 110 (check with your mailserver administrator or your ISP).	+
-	:::* Scan Outgoing Mails – When this option is selected, Mail Anti-Virus will also scan outgoing emails.	+
		+	::::* '''White List – '''shall add the listed word/phrase in the White list for Content check. White listed word/phrase will not be checked for Email Content Scanning.
-	'''II. Compression / Decompression options:-'''	+	::::* '''Block List – '''shall add the listed word/phrase in the Block List for content check. Block listed word/phrase will be checked for Email Content Scanning.
-	::Options in this section help in Internet Bandwidth Management:	+
-	:::# Compress outbound attachments – This option when enabled will reduce the size of all outgoing attachments in an email by compressing them in zipped/compressed format. To enable this option, ensure that the Scan Outgoing Mails in the Port Settings for email/Web Scan of the Scan options is checked.	+	::::* '''Find – '''this will help to search and locate a word / phrase.
-	:::# Create self extracing zip files – This option when enabled creates a self extractable zip file of the attachment, which when clicked on automatically uncompresses itself thereby eliminating the need at the receiver’s end from using any unzipping tool. This option needs incase the receiving user does not have any tool to uncompress/unzip the attachment.	+
-	:::# Uncompress inbound attachments – This option when enabled will automatically open/unpack the compressed file and be scanned and delivered to the user.	+
-	:::# Uncompress inbound attachments (Local Domain) – This option when enabled will automatically open/unpack the compressed file and be scanned when sent within the local domain.	+
-	:::# Do not compress files with extensions (Exclude following attachments) – This option is helpful in excluding the file types {attachments} that need not be compressed when being sent out.	+
-	:::# Compression options –	+
-	::::* Compress only if compression % greater than –The default value set is 25%. This will compress all attachments in emails to 25 % or more.	+
-	::::* Compress if attachment size is above (KB) –The default value set is 50. This will compress all attachments that are and above 50 KB in size and not below.	+
-	::::* Select the compression ratio – The default value set is to "Max. Speed". This option will utilize the system resources to the best and compress the attachments in emails and send it at much quicker rate. "Max. Compression" mode will try to compress the attachments to the maximum.	+
-	'''III. Vulnerabilities I –'''	+	:'''B. Spam Filter Configuration Section '''
-	::Internet Explorer (IE) has vulnerabilities and using them as the base, malwares easily transmit themselves on to systems and email clients like Outlook and Outlook Express thus making it easier for malware authors to get their malicious code propagating.	+
-	::To overcome this, MicroWorld with it’s proactive security range of solutions is committed to securing your data and system from such vulnerabilities.	+
-	:::# Delete attachments with CLSID extensions - this option is enabled by default. It deletes Class ID file extensions [CLSID - files that are hidden and do not show the actual file extension] to prevent dangerous files from exploiting the vulnerabilities of IE.	+	::# Check for Mail Phishing – This option when enabled will check for fraudulent emails and will be quarantined.
-	:::# Delete HTML attachments with Scripts - In general, eMails are sent and received in different formats and one of them being HTML, this HTML can have Scripts (similar to a batch file - .bat) with Tags to perform a particular or a set of task/s (embedded). Such emails when encountered are deleted to prevent exploiting the vulnerabilities.	+	::# Treat Mails with Chinese / Korean character set as SPAM - This option when enabled will scan emails with Chinese / Korean characters. This check is based on our research done on various spam email samples collected world wide, wherein it is observed that spammers do use Chinese / Korean characters in their emails.
-	:::# Script and Content check disabled for mails From - this option is useful when you know and want to add a user who is genuine and sends legitimate html email with scripts. Once added, (for example - abc@xyz.net or *@xyz.net) all emails coming from this user or domain would automatically be delivered to the receiver’s inbox/mailbox.	+	::# Treat Subject with more than 5 whitespaces as SPAM – This option when enabled will check if "spacing" between characters / words in the subject of emails. This is also as per our research and studies on various types of spam emails.
-	:::# Script and Content check disabled for mails To - this option is useful when you know and want to add a user who is genuine and sends legitimate html email with scripts. Once added, (for example - suzanne@xyz.net or *@xyz.net) all emails being sent from this user or domain would automatically be delivered to the receiver’s inbox/mailbox.	+	::# Check content of HTML mails – This option when enabled will scan emails in HTML format along with Text.
		+	::# Quaranting Advertisement mails – This option when enabled, will check for advertisement types of emails and will be quarantined.
-	'''IV. Vulnerabilities II –'''	+	:::<U>'''Button'''</U>
-	::1. Select action on mails with Multiple Extension Attachment – Action on attachments with multiple actions will be taken as below:	+
-	::::* No Action	+
-	::::* Delete Mail	+
-	::::* Forward to Admin	+
-	::2. Allow Multiple Extension attachment for ZIP file – Compressed files / attachmend for eg.Zipped files with multiple files in it will be allowed to be delivered.	+
-	::3. Allow Multiple Extension Attachment for file types- In this section,file extensions can be added for allowing such attachments to be delivered to the users inbox.	+
		+	:::'''Advanced (Advanced Spam Filtering options) – '''For advance setting in Spam Filter Configuration click on the Advanced button.
-	'''V. Archiving –'''	+	::::# Enable Non Intrusive Learning Pattern (NILP) check – Non Intrusive Learning Pattern (NILP) is an advanced Bayesian Filtering method with the intelligence to analyze each mail according to the Behavioral Patterns of the user and comes with a self learning capability. It is one of the component of the Anti-Spam Module that helps prevent spam emails from reaching the user’s mailbox/inbox.
-	::# Archive emails - This option is useful to archive or backup all emails that are sent and received via eScan. The folder or the path to this destination is customizable as per one’s requirements.The default path for mail archiving is <U>'''%UserProfile%\Application Data\MicroWorld\eScan\Archive'''</U>	+	::::# Enable eMail Header check – This option when enabled, will check the validity of certain generic fields like From id, To id, CC id.
-	::# Archive attachments - This option is useful to archive or backup all email attachments that are sent and received via eScan. The folder or the path to this destination is customizable as per one’s requirements. The default path for the attachments archiving is <U>'''%UserProfile%\Application Data\MicroWorld\eScan\Archive\Attachments'''</U>	+	::::# Enable X-Spam Rules check – This option when enabled, will check the contents in the body of the email as per defined in the database of eScan. The database contains a list of words / phrases each assigned a score / threshold. This database will referred and accordingly action on the email will be taken.
-	::# Do not archive attachments of type - With this option certain file types can be excluded from being archived, for example - *.vcf, *.htm, *.html, etc...	+	::::# Enable Sender Policy Framework (SPF) check – This option when enabled will check the SPF record of the sender domain. (This option, when enabled, requires direct internet connection).
		+	::::# Enable Spam URI Realtime Blacklist (SURBL) check – This option when enabled, will check the URL’s in the message body of an email. If the URL is listed in the SURBL site, the email will be blocked from being downloaded..(''This option, when enabled it is recommended to have a direct internet connection)''.
		+	::::# Enable Realtime Blackhole List (RBL) check – This option when enabled, will check the senders IP address in the RBL sites. If the sender ip address is blacklisted in the RBL site, the email will be blocked from being downloaded''.(This option when enabled it is recommended to have a direct internet connection)''.
		+	::::# RBL Servers - This contains a list of servers / sites which maintains a list of Spammers details and can be changed as per one’s requirement (add / delete).
		+	::::# Auto Spam Whitelist – This contains a list of valid email addresses which can bypass the above Spam filtering options. Thus allowing emails from the whitelisted are allowed to download to the recipient’s inbox.
		+	:'''C. Mail Tagging Options –'''
		+	::# Do not change email at all – This option when enabled will not add Spam Tag to the email, identified as Spam
		+	::# Both subject and body is changed. [Spam] tag is added in Subject. Actual spam content is embedded in Body – This option when enabled will add a Spam Tag in the Subject and the Body of email identified as Spam. This helps to identify the Spam emails.
		+	::# "X-Mailscan Spam: 1" header line is added. Actual spam content is embedded in Body – This option when enabled will add a Spam Tag in the Body of the email identified as Spam and a header line is added to the email
		+	::# Only [Spam] tag is added in Subject. Body is left unchanged – This option when enabled will add the Spam Tag only in the Subject of the email identified as Spam.
		+	::# "X-Mailscan-Spam: 1" header line is added. Body and subject both remain unchanged - This option when enabled will add a header line to the email but no tag is added to the Subject or body of the email.
		+
		+
		+	'''II. Disclaimer'''
		+	:The disclaimer is a footer or signature that gets added /appended to all emails. The disclaimer can be added in the space provided.
		+
		+	::(a) Add Disclaimer to Outgoing emails - This option when enabled adds the disclaimer to all outgoing emails and as a result the recipient is made aware that the email received is scanned and virus free.
		+
		+	::(b) Add Disclaimer to Incoming emails - This option when enabled adds the disclaimer to all incoming emails and as a result the recipient is made aware that the email received is scanned and virus free.
		+
		+	::(c) Outgoing mails excluded from adding disclaimer – This option is activated /enabled when the option (a) is enabled. Using this option, the disclaimer is restricted from being added /appended to certain or specific email addresses or domains.
		+
		+
		+
		+
		+	:''Notification Setting button'' – To configure the eScan Warning Notification Settings on actions taken on the emails click on the Notification button.
		+
		+
		+	::* '''Virus Alerts section – '''Selecting the Alert Dialog-box will pop-up an alert window displaying the action taken on a particular email.
		+
		+
		+	::* '''Warning Mails section – '''This contains a predefined Notifications which will be sent either to the recipient.
		+
		+	:::# Attachment Removed Warning to Sender – When selected a notification email will be sent to the sender of the email informing about the Attachment removed by eScan attached in the email.
		+	:::# Attachment Removed Warning to Recepient – When selected a notification email will be sent to the recepient of the email informing about the Attachment removed by eScan attached in the email.
		+	:::# Virus Warning to Sender – When selected a notification email will be sent to the sender of the email informing about the virus in the email and the action taken by eScan.
		+	:::# Virus Warning to Recepient – When selected a notification email will be sent to the recepient of the email informing about the virus in the email and the action taken by eScan.
		+	:::# Content Warning to Sender – When selected a notification email will be sent to the Sender of the email informing about the email sent has been considered as SPAM and has been quarantined at the recipient end.
		+	:::# Content Warning to Recepient – When selected a notification email will be sent to the recepeint of the email informing about the email sent has been considered as SPAM and has been quarantined.
		+
		+
		+	::* '''Delete Mails From User section – '''If any email from a particular sender or a domain has to be banned or not allowed to be downloaded, can be listed in this section. For eg. [mailto:xyz@domain.com xyz@domain.com] (for a single sender) or [mailto:*@domain.com *@domain.com] (for an entire domain).
		+
		+
		+	=='''Reports section '''==
-	=='''Reports section'''==
	:''Statistics''		:''Statistics''
-	::* Total Mails Scanned – This will display the total mails scanned by Mail Anti-Virus on real time basis.
-	::* Total Infected Objects – This will display the total virus / malwares detected by Mail Anti-Virus on real time basis.
		+	::''Total Quarantined Mails'' – Shows the total number of emails Quarantined.
		+
		+	::''Total Clear Mails'' – Shows the total number of clean emails received and delivered.
		+
		+
		+	:'''a. View Quarantined Mails –''' This displays all the emails that have been quarantined (i.e. marked as spam) by eScan for any of the defined rules /policies in eScan.
		+
		+
		+	::'''Buttons '''
		+
		+
		+	:::* Refresh – Clicking on this button refreshes the View Quarantined Mails Window.
		+	:::* Stop – Clicking on this button stops the current process if started - for example – searching for a quarantined email.
		+	:::* View – Clicking on this button will open the email and can be viewed.
		+	:::* Find – Clicking on this button will search for a specific quarantined email.
		+	:::* Delete – Clicking on this button will permanently delete the selected quarantined email.
		+	:::* Message Source – Clicking on this button will provide more detail of the quarantined email like the Sender id, Sender IP address, etc…
		+	:::* Hide emails – Clicking on this option will hide the quarantined emails.
		+
		+
		+	::'''Other Options –'''
		+	:::* Subfolder Also – Selecting this option will show all the quarantined emails received on the current day including those received on the previous days.
		+	:::* Show Attachment (s) – Selecting this option will show the attachment in the list.
		+	:::* Open email(s) with MailClient – Selecting this option, the quarantined email can be opened / viewed using the default mail-client, for eg. Outlook Express, Microsoft Outlook. If this option is unchecked, then the email can be viewed using the eScan mail viewer.
		+	:::* Show Only Hidden eMails – Selecting this option will only display the hidden emails.
		+	:::* Show Only Unhidden eMails - Selecting this option will only display the unhidden emails.
		+	:::* Show all eMails – Selecting this option will display all the email including hidden emails.
		+	:::* Add Sender’s eMail-ID to White List - This option is accessible when right clicking on a particular email. Clicking on this option will add the email-id of the sender in the eScan white list. When next time the email is received from the whitelisted sender id, will not be quarantined and delivered to the recepient.
		+
		+
		+	:'''b. View Ham Mails -''' This displays all the emails that have not been quarantined (not marked as spam) by eScan.
		+
		+
		+	::'''Buttons '''
		+
		+	:::* Refresh – Clicking on this button refreshes the View Ham Mails Window.
		+	:::* Stop – Clicking on this button stops the current process if started - for example – searching for a Ham email.
		+	:::* View – Clicking on this button will open the email and can be viewed.
		+	:::* Find – Clicking on this button will search for a specific quarantined email.
		+	:::* Delete – Clicking on this button will permanently delete the selected quarantined email.
		+	:::* Message Source – Clicking on this button will provide more detail of the quarantined email like the Sender id, Sender IP address, etc…
		+
		+
		+	::'''Other Options –'''
		+
		+	::* Subfolder Also – Selecting this option will show all the Ham emails received on the current day including those received on the previous days.
		+	::* Show Attachment (s) – Selecting this option will show the attachment in the list.
		+	::* Open email(s) with MailClient – Selecting this option, the Ham email can be opened / viewed using the default mail-client, for eg. Outlook Express, Microsoft Outlook. If this option is unchecked, then the email can be viewed using the eScan mail viewer.
		+	::* Train as Spam - This option is accessible when right clicking on a particular email. Clicking on this option will add the email-id of the sender in the eScan Black list. When next time the email is received from the blacklisted sender id, will be quarantined.
-	::'''a. View Archived Mails – '''Clicking on View Archived Mails, will display the backed up / archived emails.
-	::'''b. View Report – '''Clicking on View Report, will display a summary report of all the infected emails and action taken on the email.
		+	:'''c. View Report – '''This will display a summary / report of all the emails that has been received (including quarantined and allowed emails).

---

Revision as of 06:07, 7 April 2009

Anti-Spam

This section provides the decription and settings of eScan's Anti-Spam for scanning of spam / junk emails.

Contents 1 Description 2 Status in main Protection Center Window 3 Configuration section 4 Reports section 5 Glossary 6 Main Feature Index

Description

Anti-Spam based on the NILP (Non Intrusive Learning Pattern) technology, intelligently filters all your junk and spam emails.

Status in main Protection Center Window

The green colored Tick (√) mark indicates the Anti-Spam is active and running.

The red colored Cross (X) mark indicates the Anti-Spam is inactive and stopped.

Configuration section

Status

• Anti-Spam Status – This will display the status of the Anti-Spam in Running or Disabled mode.

• Anti-Phishing Status – This will display the status of Anti-Phishing module is in Enabled or Disabled mode. (For more detail please check in the section B. Spam Filter Configuration Section below).

• Action – This will display the Action that will be taken on the email considered as Spam i.e. Quarantine/Delete.

Stop / Start buttons – Clicking stop / start button will disable or enable the Anti Spam.

Settings button – To configure the Anti-Spam for email scanning click on the Settings button.

I. Advanced

A. General Options section

1. Send Original Mail to User (default) - This option when enabled will send the email (though tagged as spam) to the original recipient of the email also. Note: If the email has been tagged as SPAM, the email will be in the SPAM folder of the email client (i.e. Outlook Express). SPAM folder in the mail client is created by eScan.
2. Do not check content of Replied or Forwarded Mails – This option when enabled will not check contents of email that are either replied or forwarded.
3. Check Content of Outgoing Mails – This option when enabled will also check outgoing emails for restricted contents.

Buttons

a) Phrases – Clicking on this button, will enable the users to define a list of phrases to be checked in the body of an email and take the necessary actions i.e. either Quarantine / Delete the email.

• Enable E-Mail Content Scanning – When this option is enabled, body of the email will be checked for any listed words/phrases is found and the defined action will be taken.

• User specified whitelist of words/phrases - This will list the words/phrases defined and whitelisted by the users (Color Code - GREEN).

• User specified List of Blocked words/phrases - This will list the words/phrases defined and block listed by the users(Color Code - RED).

• User specified words/phrases disabled - This will list the words/phrases defined but disabled (excluded for scanning) by the users (Color Code - GRAY).

Options on Right Click:

• Add Phrase: To add a word/phrase, right click and select Add Phrase. Add the word/phrase in the section and select the Action (Quarantine the Mail/Delete the Mail) to be taken on the email if the word/phrase is found in the content of the email.

• Edit Phrase – select this option to edit/modify the word/phrase or the action to be taken.

• Enable Phrase – shall enable the listed word/phrase for Content check in the email and the defined action will be taken.

• Disable Phrase – shall disable the listed word/phrase for Content check in the email and no action will be taken.

• White List – shall add the listed word/phrase in the White list for Content check. White listed word/phrase will not be checked for Email Content Scanning.

• Block List – shall add the listed word/phrase in the Block List for content check. Block listed word/phrase will be checked for Email Content Scanning.

• Find – this will help to search and locate a word / phrase.

B. Spam Filter Configuration Section

1. Check for Mail Phishing – This option when enabled will check for fraudulent emails and will be quarantined.
2. Treat Mails with Chinese / Korean character set as SPAM - This option when enabled will scan emails with Chinese / Korean characters. This check is based on our research done on various spam email samples collected world wide, wherein it is observed that spammers do use Chinese / Korean characters in their emails.
3. Treat Subject with more than 5 whitespaces as SPAM – This option when enabled will check if "spacing" between characters / words in the subject of emails. This is also as per our research and studies on various types of spam emails.
4. Check content of HTML mails – This option when enabled will scan emails in HTML format along with Text.
5. Quaranting Advertisement mails – This option when enabled, will check for advertisement types of emails and will be quarantined.

Button

Advanced (Advanced Spam Filtering options) – For advance setting in Spam Filter Configuration click on the Advanced button.

1. Enable Non Intrusive Learning Pattern (NILP) check – Non Intrusive Learning Pattern (NILP) is an advanced Bayesian Filtering method with the intelligence to analyze each mail according to the Behavioral Patterns of the user and comes with a self learning capability. It is one of the component of the Anti-Spam Module that helps prevent spam emails from reaching the user’s mailbox/inbox.
2. Enable eMail Header check – This option when enabled, will check the validity of certain generic fields like From id, To id, CC id.
3. Enable X-Spam Rules check – This option when enabled, will check the contents in the body of the email as per defined in the database of eScan. The database contains a list of words / phrases each assigned a score / threshold. This database will referred and accordingly action on the email will be taken.
4. Enable Sender Policy Framework (SPF) check – This option when enabled will check the SPF record of the sender domain. (This option, when enabled, requires direct internet connection).
5. Enable Spam URI Realtime Blacklist (SURBL) check – This option when enabled, will check the URL’s in the message body of an email. If the URL is listed in the SURBL site, the email will be blocked from being downloaded..(This option, when enabled it is recommended to have a direct internet connection).
6. Enable Realtime Blackhole List (RBL) check – This option when enabled, will check the senders IP address in the RBL sites. If the sender ip address is blacklisted in the RBL site, the email will be blocked from being downloaded.(This option when enabled it is recommended to have a direct internet connection).
7. RBL Servers - This contains a list of servers / sites which maintains a list of Spammers details and can be changed as per one’s requirement (add / delete).
8. Auto Spam Whitelist – This contains a list of valid email addresses which can bypass the above Spam filtering options. Thus allowing emails from the whitelisted are allowed to download to the recipient’s inbox.

C. Mail Tagging Options –

1. Do not change email at all – This option when enabled will not add Spam Tag to the email, identified as Spam
2. Both subject and body is changed. [Spam] tag is added in Subject. Actual spam content is embedded in Body – This option when enabled will add a Spam Tag in the Subject and the Body of email identified as Spam. This helps to identify the Spam emails.
3. "X-Mailscan Spam: 1" header line is added. Actual spam content is embedded in Body – This option when enabled will add a Spam Tag in the Body of the email identified as Spam and a header line is added to the email
4. Only [Spam] tag is added in Subject. Body is left unchanged – This option when enabled will add the Spam Tag only in the Subject of the email identified as Spam.
5. "X-Mailscan-Spam: 1" header line is added. Body and subject both remain unchanged - This option when enabled will add a header line to the email but no tag is added to the Subject or body of the email.

II. Disclaimer

The disclaimer is a footer or signature that gets added /appended to all emails. The disclaimer can be added in the space provided.

(a) Add Disclaimer to Outgoing emails - This option when enabled adds the disclaimer to all outgoing emails and as a result the recipient is made aware that the email received is scanned and virus free.

(b) Add Disclaimer to Incoming emails - This option when enabled adds the disclaimer to all incoming emails and as a result the recipient is made aware that the email received is scanned and virus free.

(c) Outgoing mails excluded from adding disclaimer – This option is activated /enabled when the option (a) is enabled. Using this option, the disclaimer is restricted from being added /appended to certain or specific email addresses or domains.

Notification Setting button – To configure the eScan Warning Notification Settings on actions taken on the emails click on the Notification button.

• Virus Alerts section – Selecting the Alert Dialog-box will pop-up an alert window displaying the action taken on a particular email.

• Warning Mails section – This contains a predefined Notifications which will be sent either to the recipient.

1. Attachment Removed Warning to Sender – When selected a notification email will be sent to the sender of the email informing about the Attachment removed by eScan attached in the email.
2. Attachment Removed Warning to Recepient – When selected a notification email will be sent to the recepient of the email informing about the Attachment removed by eScan attached in the email.
3. Virus Warning to Sender – When selected a notification email will be sent to the sender of the email informing about the virus in the email and the action taken by eScan.
4. Virus Warning to Recepient – When selected a notification email will be sent to the recepient of the email informing about the virus in the email and the action taken by eScan.
5. Content Warning to Sender – When selected a notification email will be sent to the Sender of the email informing about the email sent has been considered as SPAM and has been quarantined at the recipient end.
6. Content Warning to Recepient – When selected a notification email will be sent to the recepeint of the email informing about the email sent has been considered as SPAM and has been quarantined.

• Delete Mails From User section – If any email from a particular sender or a domain has to be banned or not allowed to be downloaded, can be listed in this section. For eg. xyz@domain.com (for a single sender) or *@domain.com (for an entire domain).

Reports section

Statistics

Total Quarantined Mails – Shows the total number of emails Quarantined.

Total Clear Mails – Shows the total number of clean emails received and delivered.

a. View Quarantined Mails – This displays all the emails that have been quarantined (i.e. marked as spam) by eScan for any of the defined rules /policies in eScan.

Buttons

• Refresh – Clicking on this button refreshes the View Quarantined Mails Window.
• Stop – Clicking on this button stops the current process if started - for example – searching for a quarantined email.
• View – Clicking on this button will open the email and can be viewed.
• Find – Clicking on this button will search for a specific quarantined email.
• Delete – Clicking on this button will permanently delete the selected quarantined email.
• Message Source – Clicking on this button will provide more detail of the quarantined email like the Sender id, Sender IP address, etc…
• Hide emails – Clicking on this option will hide the quarantined emails.

Other Options –

• Subfolder Also – Selecting this option will show all the quarantined emails received on the current day including those received on the previous days.
• Show Attachment (s) – Selecting this option will show the attachment in the list.
• Open email(s) with MailClient – Selecting this option, the quarantined email can be opened / viewed using the default mail-client, for eg. Outlook Express, Microsoft Outlook. If this option is unchecked, then the email can be viewed using the eScan mail viewer.
• Show Only Hidden eMails – Selecting this option will only display the hidden emails.
• Show Only Unhidden eMails - Selecting this option will only display the unhidden emails.
• Show all eMails – Selecting this option will display all the email including hidden emails.
• Add Sender’s eMail-ID to White List - This option is accessible when right clicking on a particular email. Clicking on this option will add the email-id of the sender in the eScan white list. When next time the email is received from the whitelisted sender id, will not be quarantined and delivered to the recepient.

b. View Ham Mails - This displays all the emails that have not been quarantined (not marked as spam) by eScan.

Buttons

• Refresh – Clicking on this button refreshes the View Ham Mails Window.
• Stop – Clicking on this button stops the current process if started - for example – searching for a Ham email.
• View – Clicking on this button will open the email and can be viewed.
• Find – Clicking on this button will search for a specific quarantined email.
• Delete – Clicking on this button will permanently delete the selected quarantined email.
• Message Source – Clicking on this button will provide more detail of the quarantined email like the Sender id, Sender IP address, etc…

Other Options –

• Subfolder Also – Selecting this option will show all the Ham emails received on the current day including those received on the previous days.
• Show Attachment (s) – Selecting this option will show the attachment in the list.
• Open email(s) with MailClient – Selecting this option, the Ham email can be opened / viewed using the default mail-client, for eg. Outlook Express, Microsoft Outlook. If this option is unchecked, then the email can be viewed using the eScan mail viewer.
• Train as Spam - This option is accessible when right clicking on a particular email. Clicking on this option will add the email-id of the sender in the eScan Black list. When next time the email is received from the blacklisted sender id, will be quarantined.

c. View Report – This will display a summary / report of all the emails that has been received (including quarantined and allowed emails).

Glossary

Main Feature Index

• Main Page

  • HOME

• Latest Developments

  • Virus - Alerts
  • News
  • Press Releases
  • Event Feeds
  • Marketing
  • Advertisement

• Product Information

  • eScan for Windows
  • MailScan for Windows
  • Nemasis

• Knowledge Base

  • eScan
  • MailScan
  • Technologies
  • Technical Information
  • Security Awareness
  • User Guides
  • eScan Tutorials (Videos)
  • Online Guide for eScan for Windows
  • Online Guide for eScan for Linux
  • Online Guide for eScan for Mac

• For Windows Downloads

  • eScan for Windows ver.22
  • eScan for Windows ver.14
  • eScan for Windows ver.11
  • eScan for Windows ver.10
  • eScan for Windows ver.9
  • MailScan for Windows 7.x
  • MailScan for Windows 6.x
  • MailScan for Windows 5.x
  • Anti-Virus Toolkit
  • Hotfixes
  • Weekly Updates
  • User Guide

• For Linux Downloads

  • Linux Products List
  • Hotfixes
  • User Guide

• For MAC Downloads

  • eScan for Mac
  • Product Documents

• General

  • Beta Testing
  • Release Candidate
  • Glossary
  • Customer Testimonials

• Support

  • eMail
  • Online Chat
  • Telephonic Support
  • Remote Support

Views

• Article
• Discussion
• Edit
• History