Configuring Anti-Virus protection

Before configuring Anti-Virus protection in the message processing rule, make sure that the Anti-Virus module is enabled in general protection settings.

To configure Anti-Virus protection in the message processing rule:

In the application web interface window, select the Rules section.
In the rule table, select the rule for which you want to configure Anti-Virus protection.
This opens the View rule window.
Click Edit.
Rule settings become editable.
In the left pane, select the Anti-Virus section.
Use the toggle switch to the right of the section title to enable or disable Anti-Virus scanning of messages that match rule criteria.
Anti-Virus protection of messages is enabled by default.
If you have disabled Anti-Virus scanning at the previous step, configure Anti-Virus module settings applied to the following objects based on the results of the scan:
- Infected and probably infected objects, as well as legitimate programs that can be exploited by hackers.
  1. In the If an infected file is detected settings group, in the Action drop-down list, select the action that will be applied to messages:
    - Skip.
    - Disinfect.
    - Delete attachment.
    - Delete message.
    - Reject.
    The Disinfect action is selected by default.
  2. If on the previous step you have selected the Disinfect action, in the If disinfection fails drop-down list, select one of the following actions to take on infected messages that cannot be disinfected:
    - Delete attachment.
    - Delete message.
    - Reject.
    The Delete attachment action is selected by default.
  3. If you want to automatically place messages with detected objects in Backup based on the results of the anti-virus scan, select the Move copy to Backup check box.
    This check box is selected by default.
  4. If you want tags to be added after the scan to the beginning of the subject of infected or disinfected messages, type the text of the tags in text boxes under the Move copy to Backup check box.
    By default, [Infected] and [Cured] tags are added.
- Objects with errors encountered during scanning.
  1. In the If Anti-Virus scan errors are detected drop-down list, select the action to take on messages that cause errors during scanning:
    - Skip.
    - Delete attachment.
    - Delete message.
    - Reject.
    The Skip action is selected by default.
  2. If you want to automatically place in Backup those messages that triggered errors when scanned, select the Move copy to Backup check box.
    This check box is cleared by default.
  3. If you want a tag to be added after the scan to the beginning of the subject of messages that cause errors during scanning, type the text of the tag in the text box under the Move copy to Backup check box.
- Encrypted objects.
  1. In the If an encrypted object is detected drop-down list, select the action to apply to messages that contain encrypted objects:
    - Skip.
    - Delete attachment.
    - Delete message.
    - Reject.
    The Skip action is selected by default.
  2. If you want to automatically place messages with encrypted objects in Backup based on the results of the scan, select the Move copy to Backup check box.
    This check box is cleared by default.
  3. If you want a tag to be automatically added after the scan to the beginning of the subject of messages that contain encrypted objects, type the text of the tag in the text box under the Move copy to Backup check box.
- Attachments with macros.
  1. In the If a macro is detected group of settings, select the Process attachments with macros check box if you want the application to process attachments with macros.
  2. In the Action drop-down list, select the action that will be applied to messages:
    - Skip.
    - Delete attachment.
    - Delete message.
    - Reject.
    The Delete attachment action is selected by default.
  3. If you want to automatically place messages containing attachments with macros in Backup based on the scan results, select the Move copy to Backup check box.
    This check box is cleared by default.
  4. If you want a tag to be automatically added after the scan to the beginning of the subject of messages that contain attachments with macros, type the text of the tag in the text box under the Move copy to Backup check box.
    By default, the [Attachments with Macros] tag is added.
If necessary, configure the list of exclusions from scanning. To do so, in the Exclusions from scanning settings group:
1. If you want to exclude archives from Anti-Virus scans, select the Do not scan archives check box.
2. If you want to exclude attached objects with certain names from Anti-Virus scans, in the Do not scan attachments by name masks field, type a name mask and press Enter.
  Enter masks one by one. Repeat the steps for each mask you want to add.
  
  Masks are case-insensitive and may contain any characters.
Click Save.

Anti-Virus protection is configured. The specified settings are applied to messages that match the rule criteria.

To ensure that the configured settings are applied during the operation of Kaspersky Secure Mail Gateway, make sure that email virus scans are enabled for the rule and that the rule that you have configured is enabled.

Page top