Changing the action to take on infected email messages
By default, the Mail Threat Protection component automatically attempts to disinfect all infected email messages that are detected. If disinfection fails, the Mail Threat Protection component deletes the infected email messages.
To change the action to take on infected email messages:
In the application settings window, select Essential Threat Protection → Mail Threat Protection.
In the Action on threat detection block, select the action for Kaspersky Endpoint Security to perform when an infected message is detected:
Disinfect, delete if disinfection fails. When an infected object is detected in an inbound or outbound message, the application attempts to disinfect the detected object. The user will be able to access the message with a safe attachment. If the object cannot be disinfected, the application deletes the infected object. The application adds information about the performed action to the message subject, for example, [Message has been processed] <message subject>.
Disinfect, block if disinfection fails. When an infected object is detected in an inbound message, the application attempts to disinfect the detected object. The user will be able to access the message with a safe attachment. If the object cannot be disinfected, the application adds a warning to the message subject. The user will be able to access the message with the original attachment. When an infected object is detected in an outbound message, the application attempts to disinfect the detected object. If the object cannot be disinfected, the application blocks transmission of the message, and the mail client shows an error.
Block. If an infected object is detected in an inbound message, the application adds a warning to the message subject. The user will be able to access the message with the original attachment. If an infected object is detected in an outbound message, the application blocks transmission of the message, and the mail client shows an error.