The options on this screen will only be available when using the optional MDaemon AntiVirus feature. Enabling MDaemon AntiVirus for the first time will start a 30-day trial. If you wish to purchase this feature, contact your authorized MDaemon reseller or visit: www.mdaemon.com. |
Enable AntiVirus scanning
Click this checkbox to enable AntiVirus scanning of messages. When MDaemon receives a message with attachments, it will scan them for viruses before delivering the message to its final destination.
Exclude gateways from AntiVirus scanning
Click this checkbox if you want messages bound for one of MDaemon's domain gateways to be excluded from virus scanning. This may be desirable for those who wish to leave the scanning of those messages to the domain's own mail server. For more information on domain gateways, see Gateway Manager.
Configure Exclusions
Click the Configure Exclusions button to specify recipient addresses to exclude from virus scanning. Messages bound for these addresses will not be scanned for viruses. Wildcards are allowed in these addresses. You could therefore use this feature to exclude entire domains or specific mailboxes across all domains. For example, "*@example.com or "VirusArchive@*".
Exclude Trusted IPs from AntiVirus scanning
Click this checkbox if you wish to exempt messages from AntiVirus scanning when coming from one of your Trusted IP addresses.
Refuse to accept messages that are infected with viruses
Click this option is you wish to scan incoming messages for viruses during the SMTP session rather than after the session is concluded, and then reject those messages found to contain viruses. Because each incoming message is scanned before MDaemon officially accepts the message and concludes the session, the sending server is still responsible for it—the message hasn't technically been delivered yet. Thus the message can be rejected outright when a virus is found. Further, because the message was rejected, no further AntiVirus related actions listed on this dialog will be taken. No quarantine or cleaning procedures will be taken, and no notification messages will be sent. This can greatly reduce the number of infected messages and virus notification messages that you and your users receive.
The SMTP-(in) log will show the result of AV processing. The possible results you might see are:
•the message was scanned and found infected with a virus
•the message was scanned and no virus was found
•the message could not be scanned (usually because a ZIP or other type or attachment could not be opened/accessed)
•the message could not be scanned (it exceeds the max size limit)
•an error occurred during the scan
When viruses are detected...
Click one of the options in this section to designate the action that MDaemon will take when AntiVirus detects a virus.
...do nothing (use content filter to handle)
Choose this option if you wish to take none of the above actions, and have set up content filter rules to take some alternative actions instead.
...delete the entire message
This option will delete the entire message rather than just the attachment when a virus is found. Because this deletes the whole message, the "Add a warning..." option doesn't apply. However, you can still send a notification message to the recipient by using the controls on the Notifications tab.
...quarantine the entire message to...
This option is like the "Delete the entire message" option above, but the message will be quarantined in the specified location rather than deleted.
...delete the infected attachment
This option will delete the infected attachment. The message will still be delivered to the recipient but without the infected attachment. You can use the "Add a warning..." control on the bottom of this dialog to add text to the message informing the user that an infected attachment was deleted.
...quarantine the infected attachment to...
Choose this option and specify a location in the space provided if you want infected attachments to be quarantined to that location rather than deleted or cleaned. Like the "Delete the infected attachment" option, the message will still be delivered to the recipient but without the infected attachment.
...clean the infected attachment
When this option is chosen, AntiVirus will attempt to clean (i.e. disable) the infected attachment. If the attachment cannot be cleaned, it will be deleted.
Quarantine messages that cannot be scanned
When this option is enabled, MDaemon will quarantine any messages it is unable to scan, such as some containing password-protected files.
Allow password-protected files in exclusion list...
Use this option if you wish to allow a message with a password-protected, non-scannable file to pass through the AntiVirus scanner if the file name or type is in the exclusion list.
Configure Exclusions
Click this button to open and manage the file exclusion list. File name and types included on this list will not be scanned.
Add warning to top of message body if infected
When one of the "...attachment" options is chosen above, click this option if you want to add some warning text to the top of the previously infected message before it is delivered to the recipient. Thus you can inform the recipient that the attachment was stripped and why.
Warning message...
Click this button to display the warning text that will be added to messages when the "Add a warning message..." feature is used. After making any desired changes to the text, click OK to close the dialog and save the changes.
Add warning to top of message body if not scanned
When this option is enabled, MDaemon will add some warning text to the top of any message it is unable to scan.
Warning message...
Click this button to display the warning text that will be added to messages that cannot be scanned. After making any desired changes to the text, click OK to close the dialog and save the changes.
Scan all mailboxes every n day(s)
Check this box if you wish to scan all stored messages periodically, to detect any infected message that may have passed through the system before a virus definition update was available to catch it. Infected messages will be moved to the quarantine folder and have the X-MDBadQueue-Reason header added, so that you can see an explanation when viewed in MDaemon. Messages that cannot be scanned will not be quarantined.
Configure mailbox scan.
Click this button to specify how often you wish to scan the mailboxes and whether you wish to scan all message or only those that are less than a certain number of days old. You can also manually run a mailbox scan immediately.
Virus Scanning Engines
MDaemon AntiVirus is equipped with two virus scanning engines: ClamAV and IKARUS Anti-Virus. When both are enabled, messages will be scanned by both engines; first by IKARUS Anti-Virus and then by ClamAV. This provides an extra layer of protection, since a virus could potentially be identified by one engine before the virus definitions of the other engine have been updated.
Use the ClamAV engine to scan messages
Click this checkbox if you wish to use the ClamAV engine to scan messages for viruses.
Configure
Click this button to access an option to activate debug logging for ClamAV. The log file will be located in MDaemon's log folder.
Use the IKARUS Anti-Virus engine to scan messages
Click this checkbox if you wish to use the IKARUS Anti-virus engine to scan messages for viruses.
Configure
Use this option if you wish to flag as a virus, attachments with documents that contain macros. You can set a heuristics level from -1 to 5. "-1" is auto, "0" is disabled, and 1-5 is lowest to highest heuristics level.
See: