Welcome to eScan Wikipedia

From eScan Wiki

Revision as of 09:11, 8 April 2011 WikiSysop (Talk | contribs) ← Previous diff		Revision as of 09:21, 8 April 2011 WikiSysop (Talk | contribs) Next diff →
Line 76:		Line 76:
	::: Authors of malicious software often exploit''' '''vulnerabilities in Web browsers, such as Internet Explorer® (IE) and propagate malicious software to computers via e mail clients such as Microsoft® Office Outlook® and Microsoft® Outlook® Express. eScan also includes proactive scanning features that protect your data from such vulnerabilities.		::: Authors of malicious software often exploit''' '''vulnerabilities in Web browsers, such as Internet Explorer® (IE) and propagate malicious software to computers via e mail clients such as Microsoft® Office Outlook® and Microsoft® Outlook® Express. eScan also includes proactive scanning features that protect your data from such vulnerabilities.
		+
	The following configuration options are available on this screen:		The following configuration options are available on this screen:
-	* '''Delete''' '''attachments with CLSID Extensions:''' '''''[Default]''''' CLSID are hidden files that do not show the actual file extension. If you select this check box, Mail Anti Virus deletes the attachments with CLSID file extensions to prevent dangerous files from exploiting the vulnerabilities in Internet Explorer®.	+
-	* '''Delete HTML attachments with Scripts:''' E mail clients help you send and receive in different formats. For example, the HTML format. HTML files can include scripts, which are similar to batch files or BAT files. These scripts are embedded within specialized tags and can be used to run malicious code. Hackers often use scripts to execute malicious code on the computers of their victims. You can configure Mail Anti-Virus to delete HTML attachments with scripts by selecting the '''Delete HTML attachments with Scripts '''check''' '''box. You can also specify the tags that eScan should check for in the attachments so that the attachments containing those tags are deleted. By default, the '''Script Tags''', '''Script and Content Check Disabled for Mails From''', and '''Script and Content Check Disabled for Mails To''' fields are unavailable, they are available only when you select the '''Delete HTML attachments with Scripts''' check box.	+	::::::::::* '''Delete''' '''attachments with CLSID Extensions:''' '''''[Default]''''' CLSID are hidden files that do not show the actual file extension. If you select this check box, Mail Anti Virus deletes the attachments with CLSID file extensions to prevent dangerous files from exploiting the vulnerabilities in Internet Explorer®.
-	* '''Script Tags:''' This field is available only when you select the '''Delete HTML attachments with Scripts''' check box. This section contains a list that contains script tags. eScan will delete all e-mail attachments in the HTML format containing the tags included in this list. You can configure this list to block HTML attachments that contain these tags.	+	::::::::::* '''Delete HTML attachments with Scripts:''' E mail clients help you send and receive in different formats. For example, the HTML format. HTML files can include scripts, which are similar to batch files or BAT files. These scripts are embedded within specialized tags and can be used to run malicious code. Hackers often use scripts to execute malicious code on the computers of their victims. You can configure Mail Anti-Virus to delete HTML attachments with scripts by selecting the '''Delete HTML attachments with Scripts '''check''' '''box. You can also specify the tags that eScan should check for in the attachments so that the attachments containing those tags are deleted. By default, the '''Script Tags''', '''Script and Content Check Disabled for Mails From''', and '''Script and Content Check Disabled for Mails To''' fields are unavailable, they are available only when you select the '''Delete HTML attachments with Scripts''' check box.
-	* '''Script and Content check disabled for mails From: '''This field is available only when you select the '''Delete HTML attachments with Scripts''' check box. This section contains a list of e-mail addresses or domain names that you consider as legitimate senders. This feature of eScan is useful when you need to add a genuine user and receive legitimate e mails in the HTML format with scripts. You can add e mail addresses or domain names of such users to the list. All e-mails in the HTML format with scripts coming from those users or domains are automatically delivered to your inbox.	+	::::::::::* '''Script Tags:''' This field is available only when you select the '''Delete HTML attachments with Scripts''' check box. This section contains a list that contains script tags. eScan will delete all e-mail attachments in the HTML format containing the tags included in this list. You can configure this list to block HTML attachments that contain these tags.
-	* '''Script and Content check disabled for mails To:''' This field is available only when you select the '''Delete HTML attachments with Scripts''' check box. This section contains a list of e-mail addresses or domain names, which you consider as legitimate recipients. This feature of eScan is useful when you need to send e mails in the HTML format with scripts to a legitimate user. You can add e mail addresses or domain names of such users to this list.	+	::::::::::* '''Script and Content check disabled for mails From: '''This field is available only when you select the '''Delete HTML attachments with Scripts''' check box. This section contains a list of e-mail addresses or domain names that you consider as legitimate senders. This feature of eScan is useful when you need to add a genuine user and receive legitimate e mails in the HTML format with scripts. You can add e mail addresses or domain names of such users to the list. All e-mails in the HTML format with scripts coming from those users or domains are automatically delivered to your inbox.
		+	::::::::::* '''Script and Content check disabled for mails To:''' This field is available only when you select the '''Delete HTML attachments with Scripts''' check box. This section contains a list of e-mail addresses or domain names, which you consider as legitimate recipients. This feature of eScan is useful when you need to send e mails in the HTML format with scripts to a legitimate user. You can add e mail addresses or domain names of such users to this list.
	'''IV. ''Vulnerabilities II '''''		'''IV. ''Vulnerabilities II '''''
-	eScan helps you choose the action that you can take on mails containing attachments with multiple extensions.	+	::eScan helps you choose the action that you can take on mails containing attachments with multiple extensions.
		+
	This tab helps you configure the following settings:		This tab helps you configure the following settings:
-	* '''Select Action on Mails with Multiple Extension Attachment: '''You can configure Mail Anti Virus to perform specific actions if attachments contain files with multiple extensions. You can configure Mail Anti-Virus to refrain from taking any action on the e-mail, delete it, or forward it to the administrator. By default, the settings under '''Allow Multiple Extension attachment for ZIP file '''appears dimmed. They are available only when you select the '''Delete Mail''' option or''' '''the '''Forward to Admin '''option.	+
-	* '''Allow Multiple Extension attachment for ZIP file: '''You should select this check box if you need Mail Anti-Virus to allow compressed files with multiple extensions as e-mail attachments.	+	::::::::::* '''Select Action on Mails with Multiple Extension Attachment: '''You can configure Mail Anti Virus to perform specific actions if attachments contain files with multiple extensions. You can configure Mail Anti-Virus to refrain from taking any action on the e-mail, delete it, or forward it to the administrator. By default, the settings under '''Allow Multiple Extension attachment for ZIP file '''appears dimmed. They are available only when you select the '''Delete Mail''' option or''' '''the '''Forward to Admin '''option.
-	* '''Allow Multiple Extension Attachment for file types:''' This field is available only when you select the '''Allow Multiple Extension attachment for ZIP file''' check box, after selecting '''Delete Mail''' option or''' '''the '''Forward to Admin '''option. You can add file extensions to allow such attachments containing multiple extensions to be delivered to the user’s inbox.	+	::::::::::* '''Allow Multiple Extension attachment for ZIP file: '''You should select this check box if you need Mail Anti-Virus to allow compressed files with multiple extensions as e-mail attachments.
		+	::::::::::* '''Allow Multiple Extension Attachment for file types:''' This field is available only when you select the '''Allow Multiple Extension attachment for ZIP file''' check box, after selecting '''Delete Mail''' option or''' '''the '''Forward to Admin '''option. You can add file extensions to allow such attachments containing multiple extensions to be delivered to the user’s inbox.

---

Revision as of 09:21, 8 April 2011

· eScan  · MailScan  · Technologies

· Technical Info  · Security Awareness  · User Guides

Contents 1 Mail Anti-Virus

Mail Anti-Virus

Mail Anti-Virus is a part of the Protection feature of eScan. This module scans all incoming and outgoing e-mails for viruses, spyware, adware, and other malicious objects. It helps you send virus warnings to client computers on the Mail Anti Virus activities. By default, Mail Anti Virus scans only the incoming e mails and attachments, but you can configure it to scan outgoing e-mails and attachments as well. Moreover, it helps you notify the sender or system administrator whenever you receive an infected e-mail or attachment. This page provides you with options for configuring the module. You can configure the following setting:

• Start/Stop: It enables you to enable or disable Mail Anti-Virus module. Click the appropriate option.

There are four tabs – Scan Options, Compression / Decompression Options, Vulnerabilities I, and Vulnerabilities II, which are as follows:

I. Scan Options

This tab allows you to select the e-mails to be scanned and action that should be performed when a security threat is encountered during a scan operation. This tab helps you configure the following settings:

• Block Attachments Types: This section provides you with a predefined list of file types that are often used by virus writers to embed viruses. Any e mail attachment having an extension included in this list will be blocked or deleted by eScan at the gateway level. You can add file extensions to this list as per your requirements. As a best practice, you should avoid deleting the file extensions that are present in the Block Attachments Types list by default. You can also configure advanced settings required to scan e mails for malicious code.

• Advanced: You can click this button to open the Advanced Scan Options dialog box. This dialog box helps you configure the following advanced scanning options:

• Delete all Attachment in eMail if disinfection is not possible: You should select this check box if you need to delete all the e mail attachments that cannot be cleaned.
• Delete entire eMail if disinfection is not possible: [Default] You should select this check box if you need to delete the entire e mail if any attachment cannot be cleaned.
• Delete entire eMail if any virus is found: You should select this check box if you need to delete the entire e mail if any virus is found in the email or the attachment is infected.
• Quarantine blocked Attachments: [Default] You should select this check box if you need to quarantine the attachment if it has an extension that is blocked by eScan.
• Delete entire eMail if any blocked attachment is found: [Default] You should select this check box if you need to delete an e mail if it contains an attachment with an extension type that is blocked by eScan.
• Quarantine eMail if attachments are not scanned: You should select this check box if you need to quarantine an entire e mail if it contains an attachment that is not scanned by Mail Anti Virus.
• Quarantine Attachments if they are scanned: You should select this check box if you need to quarantine attachments that are scanned by Mail Anti Virus.
• Exclude Attachments (White List): This list is empty by default. You can add file names and file extensions that should not be blocked by eScan. You can also configure eScan to allow specific files even though if the file type is blocked. For example, if you have listed *.PIF in the list of blocked attachments and you need to allow an attachment with the name ABC, you can add abcd.pif to the Exclude Attachments list. Add D.PIFing *.PIF files in this section will allow all *.PIF to be delivered. MicroWorld recommends you to add the entire file name like ABCD.PIF.

• Action: This section helps you configure the actions to be performed on infected e mails. These operations are as follows:

1. Disinfect: [Default] You should select this option if you need Mail Anti-Virus to disinfect infected e mails or attachments.
2. Delete: You should select this option if you need Mail Anti-Virus to delete infected e mails or attachments.
3. Quarantine Infected Files: [Default] You should select this check box if you need Mail Anti-Virus to quarantine infected e mails or attachments. The default path for storing quarantined e mails or attachments is C:\Program Files\eScan\QUARANT. However, you can specify a different path for storing quarantined files, if required.

• Port Settings: You need to specify which ports on the SMTP Mail Server should be used for incoming and outgoing e mails so that eScan can scan the e mails sent or received via those ports. This setting also helps you create outbreak alerts, and create warning messages and notifications that eScan should send when it detects any security breach. If you configure Mail Server settings, eScan will send e mail notifications about the actions that it should perform when it detects infected e mails. The mail server settings that you need to configure are as follows:

1. SMTP Mail Server: [Default: 127.0.0.1] You need to specify the IP address of the SMTP Mail Server of your organization or Internet Service Provider (ISP).
2. SMTP Port: [Default: 25] You need to specify a port number for the SMTP Mail Server of your organization or ISP.
3. User Authentication (Opt.): You need to provide the user name if the mail server of your organization or ISP requires authentication to send e mails.
4. Authentication Password (Opt.): You need to provide the password if the mail server of your organization or ISP requires authentication to send e mails.

• Port Settings for eMail: You can also specify the ports for incoming and outgoing e mails so that eScan can scan the e mails sent or received through those ports.

1. Outgoing Mail (SMTP): [Default: 25] You need to specify a port number for SMTP.
2. Incoming Mail (POP3): [Default: 110] You need to specify a port number for POP3.
3. Scan Outgoing Mails: You should select this check box if you need to Mail Anti-Virus to scan outgoing e-mails as well.

II. Compression / Decompression Options

All the fields on this tab are available only when you select the Scan Outgoing Mails checkbox, under Scan option tab. You can configure the following settings to ensure that the available bandwidth is effectively utilized.

This tab helps you configure the following settings:

1. Compress outbound attachments: This check box is disabled by default. eScan reduces the size of all outgoing e mail attachments by compressing them when this check box is selected.
2. Create self extracting zip files: By default, this check box appears dimmed, it is available only when you select Compress outbound attachments check box. eScan automatically creates a self extracting .ZIP file containing the attachment when this check box is selected. The receiver can click this file to uncompress it. The advantage of this feature is that it eliminates the need for an unzipping tool to be installed on the user’s computer. As a best practice, you should select this check box to ensure that the receiver can uncompress the attachment even when a decompression tool is not available.
3. Uncompress inbound attachments: You should select this check box when you need eScan to automatically unpack compressed files in inbound attachments, scan them, and then deliver them to you.
4. Uncompress inbound attachments (Local Domain): By default, this check box appears dimmed, it is available only when you select Uncompress inbound attachments check box. Select this check box if you want eScan to automatically unpack compressed files in inbound attachments, scan them, and then deliver them to the recipients in the local domain.
5. Do not compress files with extensions: You can exclude specific file types within outgoing e mail attachments from being compressed by adding them to an excluded attachments list. For example, Excluding files that are already compressed, such as .ZIP files.
6. Compression Options: This section contains options that help you configure the various parameters for compressing files. These parameters include the percentage up to which the file should be compressed, the minimum size of the files to be compressed, and the compression ratio. This section contains the following options.

• Compress only if compression % greater than: [Default: 25] You use this setting to compress all e mail attachments up to 25 percent or more.
• Compress if Attachment size is above (Kb): [Default: 50] You use this setting to compress all e mail attachments that are larger than the specified size.
• Select the compression ratio: [Default: Max. Speed] You can use this setting to specify the compression ratio and make optimum use of system resources. You can configure Mail Anti-Virus to compress files faster or up to the maximum possible compression level.

III. Vulnerabilities I

Authors of malicious software often exploit vulnerabilities in Web browsers, such as Internet Explorer® (IE) and propagate malicious software to computers via e mail clients such as Microsoft® Office Outlook® and Microsoft® Outlook® Express. eScan also includes proactive scanning features that protect your data from such vulnerabilities.

The following configuration options are available on this screen:

• Delete attachments with CLSID Extensions: [Default] CLSID are hidden files that do not show the actual file extension. If you select this check box, Mail Anti Virus deletes the attachments with CLSID file extensions to prevent dangerous files from exploiting the vulnerabilities in Internet Explorer®.
• Delete HTML attachments with Scripts: E mail clients help you send and receive in different formats. For example, the HTML format. HTML files can include scripts, which are similar to batch files or BAT files. These scripts are embedded within specialized tags and can be used to run malicious code. Hackers often use scripts to execute malicious code on the computers of their victims. You can configure Mail Anti-Virus to delete HTML attachments with scripts by selecting the Delete HTML attachments with Scripts check box. You can also specify the tags that eScan should check for in the attachments so that the attachments containing those tags are deleted. By default, the Script Tags, Script and Content Check Disabled for Mails From, and Script and Content Check Disabled for Mails To fields are unavailable, they are available only when you select the Delete HTML attachments with Scripts check box.
• Script Tags: This field is available only when you select the Delete HTML attachments with Scripts check box. This section contains a list that contains script tags. eScan will delete all e-mail attachments in the HTML format containing the tags included in this list. You can configure this list to block HTML attachments that contain these tags.
• Script and Content check disabled for mails From: This field is available only when you select the Delete HTML attachments with Scripts check box. This section contains a list of e-mail addresses or domain names that you consider as legitimate senders. This feature of eScan is useful when you need to add a genuine user and receive legitimate e mails in the HTML format with scripts. You can add e mail addresses or domain names of such users to the list. All e-mails in the HTML format with scripts coming from those users or domains are automatically delivered to your inbox.
• Script and Content check disabled for mails To: This field is available only when you select the Delete HTML attachments with Scripts check box. This section contains a list of e-mail addresses or domain names, which you consider as legitimate recipients. This feature of eScan is useful when you need to send e mails in the HTML format with scripts to a legitimate user. You can add e mail addresses or domain names of such users to this list.

IV. Vulnerabilities II

eScan helps you choose the action that you can take on mails containing attachments with multiple extensions.

This tab helps you configure the following settings:

• Select Action on Mails with Multiple Extension Attachment: You can configure Mail Anti Virus to perform specific actions if attachments contain files with multiple extensions. You can configure Mail Anti-Virus to refrain from taking any action on the e-mail, delete it, or forward it to the administrator. By default, the settings under Allow Multiple Extension attachment for ZIP file appears dimmed. They are available only when you select the Delete Mail option or the Forward to Admin option.
• Allow Multiple Extension attachment for ZIP file: You should select this check box if you need Mail Anti-Virus to allow compressed files with multiple extensions as e-mail attachments.
• Allow Multiple Extension Attachment for file types: This field is available only when you select the Allow Multiple Extension attachment for ZIP file check box, after selecting Delete Mail option or the Forward to Admin option. You can add file extensions to allow such attachments containing multiple extensions to be delivered to the user’s inbox.

• Main Page

  • HOME

• Latest Developments

  • Virus - Alerts
  • News
  • Press Releases
  • Event Feeds
  • Marketing
  • Advertisement

• Product Information

  • eScan for Windows
  • MailScan for Windows
  • Nemasis

• Knowledge Base

  • eScan
  • MailScan
  • Technologies
  • Technical Information
  • Security Awareness
  • User Guides
  • eScan Tutorials (Videos)
  • Online Guide for eScan for Windows
  • Online Guide for eScan for Linux
  • Online Guide for eScan for Mac

• For Windows Downloads

  • eScan for Windows ver.22
  • eScan for Windows ver.14
  • eScan for Windows ver.11
  • eScan for Windows ver.10
  • eScan for Windows ver.9
  • MailScan for Windows 7.x
  • MailScan for Windows 6.x
  • MailScan for Windows 5.x
  • Anti-Virus Toolkit
  • Hotfixes
  • Weekly Updates
  • User Guide

• For Linux Downloads

  • Linux Products List
  • Hotfixes
  • User Guide

• For MAC Downloads

  • eScan for Mac
  • Product Documents

• General

  • Beta Testing
  • Release Candidate
  • Glossary
  • Customer Testimonials

• Support

  • eMail
  • Online Chat
  • Telephonic Support
  • Remote Support

Views

• Article
• Discussion
• Edit
• History