About Mail Threat Protection

The Mail Threat Protection component scans incoming and outgoing email messages for viruses and other threats. It starts together with Kaspersky Endpoint Security, continuously remains active in computer memory, and scans all messages that are sent or received via the POP3, SMTP, IMAP, MAPI, and NNTP protocols. If no threats are detected in the email message, it becomes available and/or is processed.

When a threat is detected in an email message, the Mail Threat Protection component performs the following actions:

  1. Assigns the Infected status to the email message.

    This status is assigned to the email message in the following cases:

    • A scan of the email message finds a section of code of a known virus that is included in the anti-virus databases of Kaspersky Endpoint Security.
    • The email message contains a section of code that is typical of viruses or other malware, or the modified code of a known virus.
  2. Identifies the type of object detected in the email message (such as a Trojan).
  3. Blocks the email message.
  4. Displays a notification about the detected object (if configured to do so in the notification settings).
  5. Performs the action defined in the Mail Threat Protection component settings.

This component interacts with mail clients installed on the computer. An embeddable extension is available for the Microsoft Office Outlook® mail client that lets you fine-tune the message scan settings. The Mail Threat Protection extension is embedded in the Microsoft Office Outlook mail client during installation of Kaspersky Endpoint Security.

Page top