Table of Contents
Advertisement
Examples of entering conditions:
By target mailbox:
smith
By email sender:
smith@mail.com
By email recipient:
"J.Smith" or "smith@mail.com"
By email subject:
" "
By attachment name:".com" OR ".exe"
By email body:
("free" OR "lottery") AND ("win" OR
"buy")
4.1.1.2
Actions
This section allows you to select actions to take with
messages and/or attachments matching conditions
defined in rules. You can take no action, mark the
message as if it contained a threat/spam or delete the
whole message.When a message or its attachment
matches the rule conditions, it is not scanned by the
antivirus or antispam modules by default, unless
scanning is enabled explicitly by selecting the respective
check boxes at the bottom (the action taken then
depends on the antivirus/antispam settings).
No action – no action will be taken with the message
Mark as uncleaned threat - the message will be
marked as if it contained an uncleaned threat
(regardless of whether it contained the threat or not)
Mark as unsolicited email - the message will be
marked as if it were spam (regardless of whether it is
spam or not)
Delete message – removes the entire message with
content that meets the conditions
Quarantine file quarantines the attachments
NOTE: Do not confuse this with mail quarantine (see
chapter
Message quarantine)
Submit file for analysis sends suspicious attachments
to ESET's lab for analysis
Send event notification sends a notification to the
administrator (based on settings in Tools > Alerts and
notifications)
Log writes information about the applied rule to the
program log
14
14
Evaluate other rules allows the evaluation of other
rules, enabling the user to define multiple sets of
conditions and multiple actions to take, given the
conditions
Scan by antivirus and antispyware protection scans
the message and its attachments for threats
Scan by antispam protection scans the message for
spam
The last step in the new rule creation wizard is to name
each created rule. You can also add a Rule comment.
This information will be stored in the Microsoft Exchange
Server log.
4.1.2
Log files
Log files settings let you choose how the log file will be
assembled. More detailed protocol can contain more
information but it may slow server performance.
If Synchronized writing without using cache is
enabled, all the log entries will be immediately written in
the log file without being stored in the log cache. By
default, ESET Mail Security components running in
Microsoft Exchange Server store log messages in their
internal cache and send them to the application log at
periodic time intervals to preserve performance. In this
case, however, the diagnostic entries in the log might not
be in the proper order. We recommend keeping this
setting turned off unless it is necessary for diagnostics.
You can specify the type of information stored in the log
files in the Content menu.
4.1.3
Message quarantine
The Message quarantine mailbox is a special mailbox
defined by the system administrator to store potentially
infected messages and SPAM. Messages stored in
quarantine can be analyzed or cleaned later using a
newer virus signature database.
Advertisement
Table of Contents
