eScan BlogeScan Blog    eScan WebsiteeScan Website    eScan ForumeScan Forum    eScan FeedseScan Feeds     
    
Languages:     

From eScan Wiki

(Difference between revisions)
Jump to: navigation, search
Revision as of 11:06, 30 August 2008
WikiSysop (Talk | contribs)

← Previous diff		 Current revision
WikiSysop (Talk | contribs)

Line 1: Line 1:
-'''Mail Anti-Virus (eMail Scanning)''' - Shows the current status of the eMail Scanning Protection level. The green color right tick mark denotes that the module is “Active” while the red color cross mark displays that the module is “InActive”.+{| class="wikitable" border="0"
 +|-
 +{| id="mp-topbanner" style="width:100%; background:#fcfcfc; margin-top:1.2em; border:1px solid #ccc;"
 +| style="width:10%; color:#000;" |
 +{| style="width:100px; border:none; background:none;"
 +| [[Image:escan-g.jpg]]
 +|}
 +|style="text-align:left;"|'''·''' [[Escan/english/FAQ-eScan|<font size=1.5 color="blue"
-On the Mail Anti-Virus (eMail Scanning) option page in the “Configuration” section, when clicked on the “Settings” option, one can change the Mail Anti-Virus (eMail Scanning) Protection level, whereas clicking on the “Start” and /or “Stop” option (next to Settings) makes the module “Active” and /or “InActive”.+align="left">eScan</font>]]&nbsp;&nbsp;'''·''' [[Escan/english/MailScan-AFT|<font size=1.5
 +color="blue">MailScan</font>]]&nbsp;&nbsp;'''·''' [[Escan/english/Technologies|<font size=1.5
 +color="blue">Technologies</font>]]
 +|style="text-align:right;"|&nbsp;&nbsp;'''·''' [[Technical Info|<font size=1.5 color="blue">Technical
-'''Configuration section'''+Info</font>]]&nbsp;&nbsp;'''·''' [[Escan/english/Security_Awareness|<font size=1.5 color="blue">Security
-When clicked on “Settings” the below options are available, through which the eScan software’s real-time eMail Scanning protection can be customized -+Awareness</font>]]&nbsp;&nbsp;'''·''' [[User_Guides|<font size=1.5 color="blue">User Guides</font>]]
 +|}
-'''a. Scan Options:-'''+{| class="wikitable" border="0"
 +|}
 +<h2 id="mp-tfp-h2" style="margin:0; background:#C7E587; font-size:120%; font-weight:bold; border:10 solid #afa3bf; text-align:left; color:#000; padding:0.2em 0.4em">eScan Version 10 Online Help</h2>
 +{| class="wikitable" border="0"
 +|-
 +|width="1000pt"|
 +|}
-i) Block Attachment types -+<U>'''Mail Anti-Virus (eMail Scanning)'''</U>
-This option holds a list of different file types, for example - *.exe, *.pif,* .scr, etc... which when encountered during an email download (pop) would be deleted by default (automatically). This option is set to ensure that emails having these types of known attachments (used by worms, spywares, spammers, etc...to propage themselves) would not be downloaded (as they cannot be disinfected /cleaned) but deleted at MWL (MicroWorld Winsock Layer – Gateway Level). +This section provides the description and settings of eScan's Mail Anti-Virus for scanning of emails.
-This option can be customized based on requirements, for example - if you wish to receive the file type (*.pif), there are two options available within to set it. Firstly, delete it from the list and Secondly you can add the file type to the Exclude Attachments list (Whitelist), point no.8 explained below.  
-The other available options are:- +__TOC__
 +
-1. Delete all attachments in email if disinfection is not possible - this option is enabled by default. It would delete all attachments listed in the Block Attachments types section as they are the files that cannot be disinfected/ cleaned. +=='''Description'''==
-2. Delete entire email if disinfection is not possible - this option is also enabled by default. It would delete the entire email if the files within the email cannot be disinfected/cleaned. +Mail Anti-Virus scans all incoming and outgoing mails for viruses, spywares, adware and other malicious objects. By default when you start Mail Anti-virus it will only scan for Incoming emails
-3. Delete entire email if any virus is found - this option when enabled would delete the entire email if any virus is found in it.  
-4. Quarantine blocked sttachments - this option when enabled would quarant the attachments blocked. +=='''Status in main Protection Center Window'''==
-5. Delete entire email if any blocked attachment is found - this option when enabled would delete the entire email if any blocked attachment is found in it. +The <B><font color="Green"> '''green''' </font></B> colored Tick <U><B><font color="Green">(√)</font></B></U> mark indicates the Mail Anti-Virus is active and running.
-6. Quarantine email if attachments are not scanned - this option when enabled would quarant emails if the attachments within are not scanned. +The <B><font color="Red"> '''red''' </font></B> colored Cross <U><B><font color="Red">(X)</font></B></U> mark indicates the Mail Anti-Virus is inactive and stopped.
-7. Quarantine attachments if they are not scanned - this option when enabled would quarant attachments when not scanned.  
-8. Exclude attachments (White list) - this option is useful in case a file type listed in the block attachment types section needs to be delivered into the user's mailbox/ inbox and should not be deleted. This option holds precedence over the Block Attachment types. +=='''Configuration section''' ==
-ii) Action – +:<U>''Status''</U>
-This option is set on the right hand side of the Block Attachments types, this section is useful in setting up the action to be taken when an infection is found, the default value set is to "Disinfect" while the other is "Delete". +:*Mail Anti-Virus Status – This will display the status of the Mail Anti-virus in Disabled or Running mode.
-The options that can be set up here are of quaranting infected files and emails. If eScan is installed in the below path by default then the path would be C:\PROGRA~1\eScan\INFECTED for infected files and C:\PROGRA~1\eScan\Quarant for emails and can be easily changed as per requirements. +:*Action – This will display the action to be taken on infected emails in Delete or Disinfect mode.
-iii) Mail Server settings +:''Stop / Start buttons'' Clicking stop / start button will disable or enable the Mail Anti-Virus.
-This option is useful for setting up an outbreak alert /notification /warning messages that are sent by eScan when it detects any violation or breach of security.+:''Settings button'' – To configure the Mail Anti-Virus for incoming / outgoing email scanning click on the Settings button.
-There are two sections to this port configuration settings -  
-1. SMTP Mail Server settings - +'''I. Scan Options:-'''
-The mail server ip address and port details needs to be defined along with credentials of a valid username and password (though optional) in case the mail server requires Authentication, using which eScan automatically sends the notification alerts.  
-2. Port settings for eMail/Web Scan – +:'''a) Block Attachment types '''-
 +::This setting contains a list of file extensions, which will be blocked / deleted at the MicroWorld Winsock layer (MWL - gateway level), if found in any email attachment (pop3 account) during scanning by Mail Anti-Virus. MicroWorld has a predefined list of known file extensions mostly propagated by Viruses.
 +::Additional file extensions to be blocked can be added in this section as per the user’s requirement
-The ports that are used for sending (smtp,25) and receiving (pop3,110) emails are defined along with options of, if outgoing or incoming emails need to be scanned or not. The same can be customized as per requirements. +::<B><U>Note</U>:</B> We do not recommend deleting the file extensions predefined by MicroWorld.
-'''b. Compression / Decompression options:-'''+::'''More options / Advanced (- - -)'''
 +:::i) Delete all attachments in email if disinfection is not possible ''(default)'' - It would delete those infected attachments in an email, only when the attachment is non-disinfectable.
 +
 +:::ii) Delete entire email if disinfection is not possible ''(default) ''– It would delete the entire email if the attachments in it are non-disinfectable.
-This option helps in Internet Bandwidth Management. +:::iii) Delete entire email if any virus is found – It would delete any email infected with virus.
 +
 +:::iv) Quarantine blocked attachments – It would quarantine the attachments that are listed in the Block Attachment types.
-There are two options available within:- +:::v) Delete entire email if any blocked attachment is found ''(default)'' – It would delete the email which has an attachment listed in the Block Attachment types.
 +
 +:::vi) Quarantine email if attachments are not scanned – It would quarantine the email in case if the attachment(s) in it is not scanned.
-1. Compress outbound attachments +:::vii) Quarantine attachments if they are not scanned - It would quarantine the attachment in case if it is not scanned.
-This option when enabled will decrease the size of all attachments that are sent in emails. +:::viii) Exclude attachments (White list) – Here the users can add the filename or the extensions of those files that should not be blocked and should be delivered to the user’s inbox. For e.g. If *.pif is listed in Block Attachments types and a file by the name e.g. abcd.pif is required to be allowed, then add abcd.pif can be added in the Exclude Attachments (White list) section. Adding *.pif files in this section will allow all *.pif to be delivered. We recommend adding the entire file name like abcd.pif.
-2. Create self extracing zip files – +:::<B><U>'''Note</U>:'''</B> The Exclude attachment list (White List) holds precedence over the Block Attachments types.
 +
-This option when enabled overrides the above point no.1 and creates a self extractable zip file which when clicked on automatically uncompresses itself thereby eliminating the need at the receiver's end from using any unzipping tool. +:'''b) Action – '''
 +::Here the action can be configured to be taken on an infected email.
 +::* Disinfect – The infected email will be disinfected.
 +::* Delete – The infected email will be deleted.
 +::*Quarantine Infected Files - The infected email will be quarantined and the quarantined folder path can be set. The default path is C:\PROGRA~1\eScan\Quarant and this can be set to a different folder as per users requirement by clicking on the select path button <B>(---)</B>.
-3. Uncompress inbound attachments –  
-This option when enabled will automatically open/unpack the compressed file and be scanned. +:'''c) Mail Server settings – '''
 +::This setting is required to be configured for eScan to send an email notification to the user informing about the action taken on an email. This is useful for setting up an outbreak alert /notification /warning messages to the recipient, that are sent by eScan when it detects any violation or breach of security.
-4. Uncompress inbound attachments (Local Domain) – +::* SMTP Mail Server settings – Enter the SMTP IP address of the mailserver of your company or you ISP.
 +::* SMTP Port – Enter the SMTP Port of the mailserver of your company or your ISP. By default port is 25. (You can confirm the same with your mailserver administrator or ISP).
 +::* User Authentication (optional) – Enter the user name if your mailserver requires Authentication for sending email.
 +::* Authentication Password (optional) - Enter the password if your mailserver requires Authentication for sending email.
-This option when enabled will automatically open/unpack the compressed file and be scanned when sent within the local domain.  
-5. Do not compress files with extensions (Exclude following attachments) – +:'''d) Port settings for eMail/Web Scan – '''
 +::Here the ports used for incoming and outgoing of email are defined, in-order for the Mail Anti-Virus to scan the emails received / sent on the respective ports.
 +:::* Outgoing Mail (SMTP) – By default the SMTP port is 25 (check with your mailserver administrator or your ISP).
 +:::* Incoming Mail (POP3) – By default the POP3 port is 110 (check with your mailserver administrator or your ISP).
 +:::* Scan Outgoing Mails – When this option is selected, Mail Anti-Virus will also scan outgoing emails.
-This option is helpful in excluding the file types {attachments} that need not be compressed when being sent out.  
-6. Compression options - +'''II. Compression / Decompression options:-'''
-a) Compress only if compression % greater than –The default value set is 25, this option will compress all attachments in emails to 25 % or more. +::Options in this section help in Internet Bandwidth Management:
-b) Compress if attachment size is above (KB) –The default value set is 50, this option will compress all attachments that are and above 50 KB in size and not below. +:::# Compress outbound attachments – This option when enabled will reduce the size of all outgoing attachments in an email by compressing them in zipped/compressed format. To enable this option, ensure that the Scan Outgoing Mails in the Port Settings for email/Web Scan of the Scan options is checked.
 +:::# Create self extracing zip files – This option when enabled creates a self extractable zip file of the attachment, which when clicked on automatically uncompresses itself thereby eliminating the need at the receiver’s end from using any unzipping tool. This option needs incase the receiving user does not have any tool to uncompress/unzip the attachment.
 +:::# Uncompress inbound attachments – This option when enabled will automatically open/unpack the compressed file and be scanned and delivered to the user.
 +:::# Uncompress inbound attachments (Local Domain) – This option when enabled will automatically open/unpack the compressed file and be scanned when sent within the local domain.
 +:::# Do not compress files with extensions (Exclude following attachments) – This option is helpful in excluding the file types {attachments} that need not be compressed when being sent out.
 +:::# Compression options –
 +::::* Compress only if compression % greater than –The default value set is 25%. This will compress all attachments in emails to 25 % or more.
 +::::* Compress if attachment size is above (KB) –The default value set is 50. This will compress all attachments that are and above 50 KB in size and not below.
 +::::* Select the compression ratio – The default value set is to "Max. Speed". This option will utilize the system resources to the best and compress the attachments in emails and send it at much quicker rate. "Max. Compression" mode will try to compress the attachments to the maximum.
-c) Select the compression ratio – The default value set is to “Max. Speed”, this option will utilize the system resources to the best and compress the attachments in emails and send it out too much quicker.  
 +'''III. Vulnerabilities I –'''
 +::Internet Explorer (IE) has vulnerabilities and using them as the base, malwares easily transmit themselves on to systems and email clients like Outlook and Outlook Express thus making it easier for malware authors to get their malicious code propagating.
 +::To overcome this, MicroWorld with it’s proactive security range of solutions is committed to securing your data and system from such vulnerabilities.
-'''c. IE – Vulnerabilities I –'''+:::# Delete attachments with CLSID extensions - this option is enabled by default. It deletes Class ID file extensions [CLSID - files that are hidden and do not show the actual file extension] to prevent dangerous files from exploiting the vulnerabilities of IE.
 +:::# Delete HTML attachments with Scripts - In general, eMails are sent and received in different formats and one of them being HTML, this HTML can have Scripts (similar to a batch file - .bat) with Tags to perform a particular or a set of task/s (embedded). Such emails when encountered are deleted to prevent exploiting the vulnerabilities.
 +:::# Script and Content check disabled for mails From - this option is useful when you know and want to add a user who is genuine and sends legitimate html email with scripts. Once added, (for example - abc@xyz.net or *@xyz.net) all emails coming from this user or domain would automatically be delivered to the receiver’s inbox/mailbox.
 +:::# Script and Content check disabled for mails To - this option is useful when you know and want to add a user who is genuine and sends legitimate html email with scripts. Once added, (for example - suzanne@xyz.net or *@xyz.net) all emails being sent from this user or domain would automatically be delivered to the receiver’s inbox/mailbox.
-Internet Explorer (IE) has vulnerabilities and using them as the base, malwares easily transmit themselves on to systems and email clients like Outlook and Outlook Express thus making it easier for malware authors to get their malicious code propagating.  
-To overcome them, MicroWorld with it's proactive security range of solutions is committed to securing your data and system from such vulnerabilities. +'''IV. Vulnerabilities II –'''
 +::1. Select action on mails with Multiple Extension Attachment – Action on attachments with multiple actions will be taken as below:
 +::::* No Action
 +::::* Delete Mail
 +::::* Forward to Admin
 +::2. Allow Multiple Extension attachment for ZIP file – Compressed files / attachmend for eg.Zipped files with multiple files in it will be allowed to be delivered.
 +::3. Allow Multiple Extension Attachment for file types- In this section,file extensions can be added for allowing such attachments to be delivered to the users inbox.
-i) Delete attachments with CLSID extensions - this option is enabled by default. It deletes Class ID file extensions [CLSID - files that are hidden and do not show the actual file extension] to prevent dangerous files from exploiting the vulnerabilities of IE.  
-ii) Delete HTML attachments with Scripts - this option is not enabled by default. In general, eMails are sent and received in different formats and one of them being HTML, this HTML can have Scripts {similar to a batch file - .bat) with Tags to perform a particular or a set of task/s (embedded), such emails when encountered are deleted to prevent exploiting the vulnerabilities. +'''V. Archiving –'''
 +::# Archive emails - This option is useful to archive or backup all emails that are sent and received via eScan. The folder or the path to this destination is customizable as per one’s requirements.The default path for mail archiving is <U>'''%UserProfile%\Application Data\MicroWorld\eScan\Archive'''</U>
 +::# Archive attachments - This option is useful to archive or backup all email attachments that are sent and received via eScan. The folder or the path to this destination is customizable as per one’s requirements. The default path for the attachments archiving is <U>'''%UserProfile%\Application Data\MicroWorld\eScan\Archive\Attachments'''</U>
 +::# Do not archive attachments of type - With this option certain file types can be excluded from being archived, for example - *.vcf, *.htm, *.html, etc...
-iii) Script & Content check disabled for mails From - this option is useful when you know and want to add a user who is genuine and sends legitimate html email with scripts. Once added, (for example - abc@xyz.net or *@xyz.net) all emails coming from this user or domain would automatically be delivered to the receiver's inbox/mailbox.  
-iv) Script & Content check disabled for mails To - this option is useful when you know and want to add a user who is genuine and sends legitimate html email with scripts. Once added, (for example - suzanne@xyz.net or *@xyz.net) all emails being sent from this user or domain would automatically be delivered to the receiver's inbox/mailbox.  
 +=='''Reports section'''==
 +:''Statistics''
 +::* Total Mails Scanned – This will display the total mails scanned by Mail Anti-Virus on real time basis.
 +::* Total Infected Objects – This will display the total virus / malwares detected by Mail Anti-Virus on real time basis.
-'''d. IE – Vulnerabilities II –''' 
-i) Select action on mails with Multiple Extension Attachment - the default option set is to "No Action", the other is "Delete mail", this option is very useful to prevent malware like worms from propagating itself using multiple (double or triple) extensions via email attachments, for example -nimda, sircam, etc... +::'''a. View Archived Mails – '''Clicking on View Archived Mails, will display the backed up / archived emails.
 +::'''b. View Report – '''Clicking on View Report, will display a summary report of all the infected emails and action taken on the email.
-ii) Allow Multiple Extension attachment for ZIP file - the default option set is to "Yes" or "Allowed", this option is very useful and helps in transmitting multiple extensions attachments in email, for example - compressed files like .zip, .pdf that have multiple extensions can be allowed.  
-'''e. Archival –''' 
-i) Archive emails - this option is not enabled by default. This option is useful to archive or backup all emails that are sent and received via eScan. The folder or the path to this destination is customizable as per one's requirements. +==<I>'''[http://download1.mwti.net/wiki/index.php/Glossary Glossary]'''</I>==
 +==<I>'''[http://download1.mwti.net/wiki/index.php/EScan_ver.10 Main Feature Index]'''</I>==
-ii) Archive attachments - this option is not enabled by default. This option is useful to archive or backup all email attachments that are sent and received via eScan. The folder or the path to this destination is customizable as per one's requirements.  
-iii) Do not archive attachments of type - With this option certain file types can be excluded from being archived, for example - *.vcf, *.htm, *.html, etc...  
-At the bottom end of this Mail Anti-Virus (eMail Scanning) option page in the “Reports” section, there are different options available like “View eMail Log” and “View Archived Mails”. 
-'''2. Reports section''' - +<br/>
-The below options are available within - 
-a. View eMail log - 
-This displays the email scan activity done on the system in details like the infection found name of the infection, status of the action taken, etc.. 
-b. View Archived Mails –+<!--{| id="mp-bottombanner" style="width:100%; background:#fcfcfc; margin-top:1em; border:0px solid #ccc;"
- +| style="width:56%; color:#000;" |
-This displays the emails that are archived, using the “Archival” option explained above (point no. e).+{|align="center" width="150px" |
- +|[[Image:product_logo.JPG|centre]]
-Along with the above statistical reports, it also displays the total mails scanned and total infected objects.+|}
 +-->

Current revision

Image:escan-g.jpg
· eScan  · MailScan  · Technologies   · Technical Info  · Security Awareness  · User Guides

eScan Version 10 Online Help

Mail Anti-Virus (eMail Scanning)

This section provides the description and settings of eScan's Mail Anti-Virus for scanning of emails.


Contents


Description

Mail Anti-Virus scans all incoming and outgoing mails for viruses, spywares, adware and other malicious objects. By default when you start Mail Anti-virus it will only scan for Incoming emails


Status in main Protection Center Window

The green colored Tick (√) mark indicates the Mail Anti-Virus is active and running.

The red colored Cross (X) mark indicates the Mail Anti-Virus is inactive and stopped.


Configuration section

Status
  • Mail Anti-Virus Status – This will display the status of the Mail Anti-virus in Disabled or Running mode.
  • Action – This will display the action to be taken on infected emails in Delete or Disinfect mode.


Stop / Start buttons – Clicking stop / start button will disable or enable the Mail Anti-Virus.
Settings button – To configure the Mail Anti-Virus for incoming / outgoing email scanning click on the Settings button.


I. Scan Options:-


a) Block Attachment types -
This setting contains a list of file extensions, which will be blocked / deleted at the MicroWorld Winsock layer (MWL - gateway level), if found in any email attachment (pop3 account) during scanning by Mail Anti-Virus. MicroWorld has a predefined list of known file extensions mostly propagated by Viruses.
Additional file extensions to be blocked can be added in this section as per the user’s requirement
Note: We do not recommend deleting the file extensions predefined by MicroWorld.


More options / Advanced (- - -)
i) Delete all attachments in email if disinfection is not possible (default) - It would delete those infected attachments in an email, only when the attachment is non-disinfectable.
ii) Delete entire email if disinfection is not possible (default) – It would delete the entire email if the attachments in it are non-disinfectable.
iii) Delete entire email if any virus is found – It would delete any email infected with virus.
iv) Quarantine blocked attachments – It would quarantine the attachments that are listed in the Block Attachment types.
v) Delete entire email if any blocked attachment is found (default) – It would delete the email which has an attachment listed in the Block Attachment types.
vi) Quarantine email if attachments are not scanned – It would quarantine the email in case if the attachment(s) in it is not scanned.
vii) Quarantine attachments if they are not scanned - It would quarantine the attachment in case if it is not scanned.
viii) Exclude attachments (White list) – Here the users can add the filename or the extensions of those files that should not be blocked and should be delivered to the user’s inbox. For e.g. If *.pif is listed in Block Attachments types and a file by the name e.g. abcd.pif is required to be allowed, then add abcd.pif can be added in the Exclude Attachments (White list) section. Adding *.pif files in this section will allow all *.pif to be delivered. We recommend adding the entire file name like abcd.pif.
Note: The Exclude attachment list (White List) holds precedence over the Block Attachments types.


b) Action –
Here the action can be configured to be taken on an infected email.
  • Disinfect – The infected email will be disinfected.
  • Delete – The infected email will be deleted.
  • Quarantine Infected Files - The infected email will be quarantined and the quarantined folder path can be set. The default path is C:\PROGRA~1\eScan\Quarant and this can be set to a different folder as per users requirement by clicking on the select path button (---).


c) Mail Server settings –
This setting is required to be configured for eScan to send an email notification to the user informing about the action taken on an email. This is useful for setting up an outbreak alert /notification /warning messages to the recipient, that are sent by eScan when it detects any violation or breach of security.
  • SMTP Mail Server settings – Enter the SMTP IP address of the mailserver of your company or you ISP.
  • SMTP Port – Enter the SMTP Port of the mailserver of your company or your ISP. By default port is 25. (You can confirm the same with your mailserver administrator or ISP).
  • User Authentication (optional) – Enter the user name if your mailserver requires Authentication for sending email.
  • Authentication Password (optional) - Enter the password if your mailserver requires Authentication for sending email.


d) Port settings for eMail/Web Scan –
Here the ports used for incoming and outgoing of email are defined, in-order for the Mail Anti-Virus to scan the emails received / sent on the respective ports.
  • Outgoing Mail (SMTP) – By default the SMTP port is 25 (check with your mailserver administrator or your ISP).
  • Incoming Mail (POP3) – By default the POP3 port is 110 (check with your mailserver administrator or your ISP).
  • Scan Outgoing Mails – When this option is selected, Mail Anti-Virus will also scan outgoing emails.


II. Compression / Decompression options:-

Options in this section help in Internet Bandwidth Management:
  1. Compress outbound attachments – This option when enabled will reduce the size of all outgoing attachments in an email by compressing them in zipped/compressed format. To enable this option, ensure that the Scan Outgoing Mails in the Port Settings for email/Web Scan of the Scan options is checked.
  2. Create self extracing zip files – This option when enabled creates a self extractable zip file of the attachment, which when clicked on automatically uncompresses itself thereby eliminating the need at the receiver’s end from using any unzipping tool. This option needs incase the receiving user does not have any tool to uncompress/unzip the attachment.
  3. Uncompress inbound attachments – This option when enabled will automatically open/unpack the compressed file and be scanned and delivered to the user.
  4. Uncompress inbound attachments (Local Domain) – This option when enabled will automatically open/unpack the compressed file and be scanned when sent within the local domain.
  5. Do not compress files with extensions (Exclude following attachments) – This option is helpful in excluding the file types {attachments} that need not be compressed when being sent out.
  6. Compression options –
  • Compress only if compression % greater than –The default value set is 25%. This will compress all attachments in emails to 25 % or more.
  • Compress if attachment size is above (KB) –The default value set is 50. This will compress all attachments that are and above 50 KB in size and not below.
  • Select the compression ratio – The default value set is to "Max. Speed". This option will utilize the system resources to the best and compress the attachments in emails and send it at much quicker rate. "Max. Compression" mode will try to compress the attachments to the maximum.


III. Vulnerabilities I –

Internet Explorer (IE) has vulnerabilities and using them as the base, malwares easily transmit themselves on to systems and email clients like Outlook and Outlook Express thus making it easier for malware authors to get their malicious code propagating.
To overcome this, MicroWorld with it’s proactive security range of solutions is committed to securing your data and system from such vulnerabilities.
  1. Delete attachments with CLSID extensions - this option is enabled by default. It deletes Class ID file extensions [CLSID - files that are hidden and do not show the actual file extension] to prevent dangerous files from exploiting the vulnerabilities of IE.
  2. Delete HTML attachments with Scripts - In general, eMails are sent and received in different formats and one of them being HTML, this HTML can have Scripts (similar to a batch file - .bat) with Tags to perform a particular or a set of task/s (embedded). Such emails when encountered are deleted to prevent exploiting the vulnerabilities.
  3. Script and Content check disabled for mails From - this option is useful when you know and want to add a user who is genuine and sends legitimate html email with scripts. Once added, (for example - abc@xyz.net or *@xyz.net) all emails coming from this user or domain would automatically be delivered to the receiver’s inbox/mailbox.
  4. Script and Content check disabled for mails To - this option is useful when you know and want to add a user who is genuine and sends legitimate html email with scripts. Once added, (for example - suzanne@xyz.net or *@xyz.net) all emails being sent from this user or domain would automatically be delivered to the receiver’s inbox/mailbox.


IV. Vulnerabilities II –

1. Select action on mails with Multiple Extension Attachment – Action on attachments with multiple actions will be taken as below:
  • No Action
  • Delete Mail
  • Forward to Admin
2. Allow Multiple Extension attachment for ZIP file – Compressed files / attachmend for eg.Zipped files with multiple files in it will be allowed to be delivered.
3. Allow Multiple Extension Attachment for file types- In this section,file extensions can be added for allowing such attachments to be delivered to the users inbox.


V. Archiving –

  1. Archive emails - This option is useful to archive or backup all emails that are sent and received via eScan. The folder or the path to this destination is customizable as per one’s requirements.The default path for mail archiving is %UserProfile%\Application Data\MicroWorld\eScan\Archive
  2. Archive attachments - This option is useful to archive or backup all email attachments that are sent and received via eScan. The folder or the path to this destination is customizable as per one’s requirements. The default path for the attachments archiving is %UserProfile%\Application Data\MicroWorld\eScan\Archive\Attachments
  3. Do not archive attachments of type - With this option certain file types can be excluded from being archived, for example - *.vcf, *.htm, *.html, etc...


Reports section

Statistics
  • Total Mails Scanned – This will display the total mails scanned by Mail Anti-Virus on real time basis.
  • Total Infected Objects – This will display the total virus / malwares detected by Mail Anti-Virus on real time basis.


a. View Archived Mails – Clicking on View Archived Mails, will display the backed up / archived emails.
b. View Report – Clicking on View Report, will display a summary report of all the infected emails and action taken on the email.



Glossary

Main Feature Index




Retrieved from "https://wiki.escanav.com/wiki/index.php/Escan/english/mailantivirus"

eScan Copyright © 2015 MicroWorld Technologies Inc.- AntiVirus & Content Security.       Send your feedback to solutions@escanav.com eScan Wiki

    Privacy policy  About eScan Wiki  Disclaimers   This page has been accessed 41,804 times.