Kaspersky Lab WorkSpace Security EU ED, 250-499u, 1Y, RNW KL4851XATFR Manual Do Utilizador
Códigos do produto
KL4851XATFR
M
A I L
A
N T I
- V
I R U S
55
I
N THIS SECTION
Component operation algorithm ......................................................................................................................................
Changing security level ...................................................................................................................................................
Changing actions to be performed on detected objects...................................................................................................
Creating a protection scope .............................................................................................................................................
Selecting the scan method ..............................................................................................................................................
Email scanning in Microsoft Office Outlook .....................................................................................................................
Email scanning by the plug-in in The Bat! .......................................................................................................................
Using heuristic analysis ...................................................................................................................................................
Scan of compound files ...................................................................................................................................................
Attachment filtering ..........................................................................................................................................................
Restoring default mail protection settings ........................................................................................................................
Email protection statistics ................................................................................................................................................
C
OMPONENT OPERATION ALGORITHM
Mail Anti-Virus loads when the operating system launches and runs continually, scanning all email on the POP3, SMTP,
IMAP, MAPI and NNTP protocols, as well as on secure connections (SSL) for POP3 and IMAP.
IMAP, MAPI and NNTP protocols, as well as on secure connections (SSL) for POP3 and IMAP.
The indicator of the component's operation is the application icon in the taskbar notification area, which looks like
whenever an email message is being scanned.
By default, email protection is carried out as follows:
1. Each email received or sent by the user is intercepted by the component.
2. The email is broken down into its parts: the email heading, its body, and attachments.
3. The body and attachments of the email message (including OLE objects) are scanned for dangerous objects.
Malicious objects are detected using both databases used by the application and the heuristic algorithm. The
database contains descriptions of all the malicious programs known to date and methods for neutralizing them.
The heuristic algorithm can detect new viruses that have not yet been entered in the database.
database contains descriptions of all the malicious programs known to date and methods for neutralizing them.
The heuristic algorithm can detect new viruses that have not yet been entered in the database.
4. After the virus scan, the following behavior options are available:
If the body or attachments of the email contain malicious code, Mail Anti-Virus will block the email, place a
copy of the infected object in the backup, and try to disinfect the object. If the email is successfully
disinfected, it becomes available to the user again. If the disinfection fails, the infected object in the email is
deleted. After the virus scan, special text is inserted in the subject line of the email, stating that the email
has been processed by the application.
copy of the infected object in the backup, and try to disinfect the object. If the email is successfully
disinfected, it becomes available to the user again. If the disinfection fails, the infected object in the email is
deleted. After the virus scan, special text is inserted in the subject line of the email, stating that the email
has been processed by the application.
If potentially malicious code is detected in the body or an attachment (but the maliciousness is not
absolutely guaranteed), the suspicious part of the email will be placed to the special storage area called
Quarantine.
absolutely guaranteed), the suspicious part of the email will be placed to the special storage area called
Quarantine.
If no malicious code is discovered in the email, it is immediately made available again to the user.