Changing the action to take on infected email messages
By default, the Mail Threat Protection component automatically attempts to disinfect all infected email messages that are detected. If disinfection fails, the Mail Threat Protection component deletes the infected email messages.
To change the action to take on infected email messages:
- In the main application window, click the button
. - In the application settings window, select Essential Threat Protection → Mail Threat Protection.
- In the Action on threat detection section, select the action for Kaspersky Endpoint Security to perform when an infected message is detected:
- Disinfect; delete if disinfection fails. When an infected object is detected in an inbound or outbound message, Kaspersky Endpoint Security attempts to disinfect the detected object. The user will be able to access the message with a safe attachment. If the object cannot be disinfected, Kaspersky Endpoint Security deletes the infected object. Kaspersky Endpoint Security adds information about the performed action to the message subject:
[Infected object was deleted] <message subject>. - Disinfect; block if disinfection fails. When an infected object is detected in an inbound message, Kaspersky Endpoint Security attempts to disinfect the detected object. The user will be able to access the message with a safe attachment. If the object cannot be disinfected, Kaspersky Endpoint Security adds a warning to the message subject:
[Message infected] <message subject>. The user will be able to access the message with the original attachment. When an infected object is detected in an outbound message, Kaspersky Endpoint Security attempts to disinfect the detected object. If the object cannot be disinfected, Kaspersky Endpoint Security blocks transmission of the message, and the mail client shows an error. - Block. If an infected object is detected in an inbound message, Kaspersky Endpoint Security adds a warning to the message subject:
[Message infected] <message subject>. The user will be able to access the message with the original attachment. If an infected object is detected in an outbound message, Kaspersky Endpoint Security blocks transmission of the message, and the mail client shows an error.
- Disinfect; delete if disinfection fails. When an infected object is detected in an inbound or outbound message, Kaspersky Endpoint Security attempts to disinfect the detected object. The user will be able to access the message with a safe attachment. If the object cannot be disinfected, Kaspersky Endpoint Security deletes the infected object. Kaspersky Endpoint Security adds information about the performed action to the message subject:
- Save your changes.