Configuring Anti-Virus protection

Before configuring Anti-Virus protection in the message processing rule, make sure that the Anti-Virus module is enabled in general protection settings.

To configure Anti-Virus protection in the message processing rule:

In the application web interface window, select the Rules section.
In the rule table, select the rule for which you want to configure Anti-Virus protection.
This opens the View rule window.
Click Edit.
Rule settings become editable.
In the left pane, select the Anti-Virus section.
Use the toggle switch to the right of the section title to enable or disable Anti-Virus scanning of messages that match rule criteria.
Anti-Virus protection of messages is enabled by default.
If you have disabled Anti-Virus scanning at the previous step, configure Anti-Virus module settings applied to the following objects based on the results of the scan:
- Infected and probably infected objects, as well as legitimate programs that can be exploited by hackers.
  1. Under If an infected file is detected, in the Action drop-down list, select the action that you want to apply to messages:
    - Skip.
    - Disinfect.
    - Delete attachment.
    - Delete message.
    - Reject.
    The Disinfect action is selected by default.
  2. If at the previous step you selected the Disinfect action, under If disinfection fails, select one of the following actions to take on infected messages that cannot be disinfected:
    - Delete attachment.
    - Delete message.
    - Reject.
    The Delete attachment action is selected by default.
  3. If you want to automatically place in Backup messages with detected objects based on the results of the anti-virus scan, turn on the Put original message to Backup toggle switch.
    This toggle switch is on by default.
  4. If you want tags to be added automatically to the beginning of the subject of infected messages, in the Text to add to subject of infected message field, enter the text of the tags.
    By default, the [Infected] tag is added.
  5. If you want tags to be added automatically to the beginning of the subject of infected and disinfected messages, in the Text to add to subject of disinfected message field, enter the text of the tags.
    By default, the [Cured] tag is added.
- Objects with errors encountered during scanning.
  1. Under If Anti-Virus scan errors are detected → Action, select the action that you want to apply to messages that caused errors while scanning:
    - Delete attachment.
    - Delete message.
    - Reject.
    - Skip.
    The Skip action is selected by default.
  2. If you want to automatically place in Backup those messages that triggered errors when scanned, select the Put original message to Backup check box.
    This toggle switch is off by default.
  3. If you want tags to be added automatically to the beginning of the subject of messages that caused errors when scanned, in the Text to add to message subject field, enter the text of the tag.
- Encrypted objects.
  1. Under If an encrypted object is detected → Action, select the action that you want to apply to messages that contain encrypted objects:
    - Delete attachment.
    - Delete message.
    - Reject.
    - Skip.
    The Skip action is selected by default.
  2. If you want to automatically place in Backup the messages that contain encrypted objects, turn on the Put original message to Backup toggle switch.
    This toggle switch is off by default.
  3. If you want tags to be added automatically to the beginning of the subject of messages that contain encrypted objects, in the Text to add to message subject field, enter the text of the tag.
- Attachments with macros.
  1. Under If a macro is detected, turn on the Process attachments with macros toggle switch if you want the application to process attachments with macros.
  2. Under Action, select the action that you want to apply to messages:
    - Delete attachment.
    - Delete message.
    - Reject.
    - Skip.
    The Delete attachment action is selected by default.
  3. If you want to automatically place in Backup the messages that contain attachments with macros, turn on the Put original message to Backup toggle switch.
    This toggle switch is off by default.
  4. If you want tags to be added automatically to the beginning of the subject of messages that contain attachments with macros, in the Text to add to message subject field, enter the text of the tag.
    By default, the [Attachments with Macros] tag is added.
If necessary, configure the list of exclusions from scanning. To do so, under Exclusions from scanning:
1. If you want to exclude archives from Anti-Virus scans, turn on the Do not scan archives toggle switch.
2. If you want to exclude attached objects with certain names from Anti-Virus scans, in the Do not scan attachments by name masks field, enter a name mask and press ENTER.
  Enter masks one by one. Repeat the steps for each mask you want to add.
  
  Masks are case-insensitive and may contain any characters.
Click Save.

Anti-Virus protection is configured. The specified settings are applied to messages that match the rule criteria.

To ensure that the configured settings are applied by KSMG, make sure that Anti-Virus scanning is enabled for the rule and the configured rule is enabled.

Page top