Table of Contents
Advertisement
will typically not attempt to resend the message, as they
usually go through thousands of email addresses and do
not waste time resending. Greylisting is an additional
layer of antispam protection and does not have any effect
on the spam evaluation capabilities of the antispam
module.
When evaluating the message source the method takes
into account the configurations of the Approved IP
addresses list, the Ignored IP addresses list, the Safe
Senders and the Allow IP lists on the Exchange server
and the AntispamBypass settings for the recipient
mailbox. Emails from these IP addresses/senders lists or
emails delivered to a mailbox that has the
AntispamBypass option enabled will be bypassed by the
greylisting detection method.
The SMTP response for temporarily denied connections
field defines the SMTP temporary denial response sent to
the SMTP server if a message is refused.
Example of SMTP response message:
Primary
Complementary
response code
status code
451
Warning: Incorrect syntax in SMTP response codes may
lead to malfunctioning of greylisting protection. As a
result, spam messages may be delivered to clients or
messages may not be delivered at all.
Time limit for the initial connection denial (min.) -
when a message is delivered for the first time and
temporarily refused, this parameter defines the time
period during which the message will always be refused
(measured from the first refusal). After the defined time
period has elapsed, the message will be successfully
received. The minimum value you can enter is 1 minute.
Unverified connections expiration time (hours) – this
parameter defines the minimum time interval for which
the triplet data will be stored. A valid server must resend
a desired message before this period expires. This value
must be greater than the value of Time limit for the
initial connection denial.
Verified connections expiration time (days) – the
minimum number of days for which the triplet
information is stored, during which emails from a
particular sender will be received without any delay. This
value must be greater than the value of Unverified
connections expiration time.
NOTE: You can also use system variables when defining
the SMTP reject response.
22
Description
4.7.1
Requested action
aborted: local error
in processing
4.4 FAQ
Q: After installing ESET Mail Security with Antispam,
emails stopped being delivered into mailboxes.
A: If Greylisting is enabled, this is normal behavior. In the
first hours of full ESET Mail Security operation emails may
arrive with several hours of delay. If the issue continues
for a longer period, we recommend you turn off (or
reconfigure) Greylisting.
Q: When the VSAPI scans email attachments, does it also
scan email message bodies?
A: In Microsoft Exchange Server 2000 SP2 and later, the
VSAPI scans email message bodies as well.
Q: Why does message scanning continue after the VSAPI
option has been disabled?
A: Changes to VSAPI settings run asynchronously,
meaning the modified VSAPI settings have to be called by
the Microsoft Exchange Server to go into effect. This
cyclic process runs in intervals of approximately one
minute. The same applies to all other VSAPI settings.
Q: Can VSAPI remove an entire message containing an
infected attachment?
A: Yes, VSAPI can remove the entire message. However,
it is necessary to select the Delete whole message option
in the Actions section of the VSAPI settings first. This
option is available in Microsoft Exchange Server 2003 and
later. Older versions of Microsoft Exchange Server do not
support removal of entire messages.
Q: Is outgoing email also scanned by VSAPI for viruses?
A: Yes, VSAPI scans outgoing emails unless you have
configured an SMTP server in your mail client that is
different from your Microsoft Exchange Server. This
feature is applied in Microsoft Exchange Server 2000
Service Pack 3 and later.
Q: Is it possible to add a notification tag text via VSAPI to
each scanned message, in the same manner as the
Transport agent?
A: Adding text to messages scanned by VSAPI is not
supported in Microsoft Exchange Server.
Q: Sometimes I can't open a particular email in Microsoft
Outlook. Why is that?
A: The Action to take if cleaning not possible option in
your VSAPI settings in the Actions section is most likely
set to Block or you have created a rule that includes the
Block action. Either of these settings will mark and block
both infected messages and/or messages that fall under
the aforementioned rule.
Q: What does the Response time limit item in the
Performance section stand for?
Advertisement
Table of Contents
