Support

Support for business applications

Kaspersky Anti-Virus 8.0 for Lotus Domino

Application architecture

Attachment filtering algorithm

Kaspersky Anti-Virus 8.0 for Lotus Domino
Online Help
FAQ System requirements Forum Contact support Recovery tools Product videos

Attachment filtering algorithm

March 25, 2022

ID 18284

Kaspersky Anti-Virus filters objects attached to email messages and documents. Filtering makes it possible to exclude objects that meet the filter criteria from anti-virus scanning.

The application can apply the following filters to attachments:

  • Filter by size. Kaspersky Anti-Virus checks the size of attached objects. If the size of an object exceeds the maximum value allowed, the object is assigned the status specified by the filter settings and is skipped by the scan. Objects that do not exceed the maximum size are sent for scanning.
  • Filter by name. Kaspersky Anti-Virus checks the names of objects attached to a message. If the name of the object satisfies the filter mask, the object is assigned the status specified by the filter settings and is skipped by the scan. If the name of the object does not match any of the filter mask values, the object is sent for anti-virus scanning.

If the protection settings are configured for both types of attachment filtering, Kaspersky Anti-Virus first scans the size of the object. If the size of the object is less than the value set in the filter settings, Kaspersky Anti-Virus scans the name of the object. If the size of the object is more than the value set in the filter settings, Kaspersky Anti-Virus does not scan the name of the object.

Based on the scan results, the object may be assigned one of the following statuses:

  • not infected – the object does not contain any threats;
  • infected – the object contains a threat that matches a signature in Kaspersky Lab anti-virus databases; the disinfection operation is applied to such objects;
  • not scanned – Kaspersky Anti-Virus was unable to scan the object; the object scan may have returned an error or the time allocated for scanning has elapsed;
  • protected – the object is a password-protected archive.

The attachment filter settings are configured in the mail protection, replication protection and database scan settings for each protection component individually.

After filtering, objects are processed according to status labels assigned to them during filtering: actions are applied to objects based on their assigned statuses according to the actions specified in the mail protection, replication protection, or database scan settings.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.