Applies to Kaspersky PURE R2
Kaspersky PURE R2 includes a special component that protects incoming and outgoing mail from dangerous objects, Mail Anti-Virus.
It loads when the operating system is started and is always running and scans all e-mail on protocols POP3, SMTP, IMAP, MAPI and NNTP, as well as secure connections (SSL) for POP3 and IMAP.
How to enable/disable Mail Anti-Virus in Kaspersky PURE R2?
By default, Mail Anti-Virus is enabled. If you wish, you can disable it. In order to enable/disable Mail Anti-Virus in Kaspersky PURE R2, perform the following actions:
- open the main application window
- on the upper right hand corner of the window, click on the Settings link
- on the upper part of the Settings window, select Protection
- on the left hand part of the Settings window, select Mail Anti-Virus
- on the right hand part of the Settings window, check/clear the Enable Mail Anti-Virus box
- on the bottom part of the window, click on the OK button
- close the main application window.
Mail by the MAPI protocol is scanned with the help of a special extension module from Microsoft Office Outlook 2003/2007/2010 and The Bat!
Mail Anti-Virus working algorithm
By default, e-mail protection is carried out as follows:
- Each e-mail received or sent by the user is intercepted by Mail Anti-Virus.
- The e-mail is broken down into its parts: the e-mail heading, its body, and attachments.
- The body and attachments of the e-mail (including OLE attachments) are scanned for dangerous objects. Malicious objects are detected using the databases included in the program and with the heuristic algorithm. The databases contain descriptions of all the malicious programs known to date and methods for neutralizing them. The heuristic algorithm can detect new viruses that have not yet been entered in the databases.
- If a threat is detected by Kaspersky PURE R2, the application assigns one of the following statuses to the object:
The application blocks the e-mail and displays the corresponding notification on the screen.
- Status of one of the malware (for example, a virus or Trojan)
- Status of suspicious object (possibly infected), if it is not possible to detect whether the object is infected or not.