Administrator's Guide - Kerio Software Archive
Administrator's Guide - Kerio Software Archive Administrator's Guide - Kerio Software Archive
Chapter 17Antivirus Control of Email And Attachment FilteringIn Kerio MailServer, you can check all incoming emails for viruses. The control can be performedby using two combinable methods. For this purpose, you can use either the internalMcAfee antivirus, or any of the external supported antiviruses.Immediately after the installation of Kerio MailServer, the internal McAfee antivirus is started.It is possible to support it by enabling any other of the supported external antivirus applications.Both antivirus programs can run concurrently. This provides for reliable protectionof your local network, since the virus databases updates will be performed faster (one of theantiviruses can react to a new virus occurrence a couple of hours sooner than the other). Theupdate speed is a key element of the protection against new viruses.Both antiviruses can be also switched off, but it is not recommended, because users are notprotected against infected emails.Kerio MailServer checks (independently of the antivirus) JPEG attachments for corruption andpresence of GDI+ exploit (a malicious code, usually with a virus, that can run the exploit uponsystem breakdown). All messages with such attachment will be deleted automatically.Figure 17.1Antivirus196
17.1 Integrated McAfee Anti-VirusBesides cooperation with an antivirus program, Kerio MailServer allows you to filter certain filetypes from email attachments (using file extension or MIME type), regardless of whether theyare infected by a virus or not. To specify these options, go to the Configuration → Attachmentfiltering section.17.1 Integrated McAfee Anti-VirusCheck Scan mail using McAfee Anti-virus engine in the Antivirus tab of the internal version.Note: The external McAfee Anti-Virus is not supported by Kerio MailServer.Check for updates everyInterval for automatic update of the antivirus database and of the antivirus itself (inhours). Information about updates can be found in the Security log (see chapter 22.4).Note: To enable automatic updates well-working connection to the Internet must be provided.Automated dialing is not supported. In case of dial-ups we recommend you toperform updates by hand (see below).Virus definition updates are downloaded via HTTP. If the Kerio MailServer is behind a firewallyou must allow for outbound communication over an appropriate TCP port (port 80by default).Click Update now to start the update of the virus database and antivirus software manually.When this button is pressed, the update progress window is displayed. Informationabout updates can be found in the Security log (see chapter 22.4).Note: The update progress window can be closed anytime by pressing the OK button (itis not necessary to wait until the update is finished).Current virus database is ...The time that has elapsed since the last successful update of the virus database (with anaccuracy of minutes).Last update check performedThe time elapsed from the last successful update attempt. The fact whether a new versionhas been available on the server is irrelevant.Warning: If the time is significantly (several times) greater than the interval set for automaticupdate, then the automatic updates are not working correctly. In this case werecommend updating the database manually and to inspect the Error and Security logsfor a failure explanation.17.2 Choosing an external module for an antivirus programParameters for antivirus control are set in the Content Filter → Antivirus section with theAntivirus tab. To use an external antivirus program, check Use external antivirus. This menushows the antivirus software which can be used for email scanning. The antivirus softwaremust be installed prior to making a selection (we recommend stopping the Kerio MailServerEngine before the antivirus installation).197
- Page 145 and 146: 15.2 SMTP serverLimit maximum incom
- Page 147 and 148: 15.3 AliasesMaximum number of deliv
- Page 149 and 150: 15.3 AliasesCharacter typea-zA-ZDes
- Page 151 and 152: 15.4 remote POP3 mailboxesFigure 15
- Page 153 and 154: 15.4 remote POP3 mailboxesthe messa
- Page 155 and 156: 15.4 remote POP3 mailboxesFigure 15
- Page 157 and 158: 15.6 Advanced OptionsDescriptionA c
- Page 159 and 160: 15.6 Advanced Optionsnot have to wo
- Page 161 and 162: 15.6 Advanced OptionsPLAIN authenti
- Page 163 and 164: 15.6 Advanced OptionsWatchdog Hard
- Page 165 and 166: 15.6 Advanced OptionsFigure 15.22HT
- Page 167 and 168: 15.6 Advanced Optionsstartup of the
- Page 169 and 170: 15.6 Advanced OptionsKerio WebMail
- Page 171 and 172: 16.1 Spam Rating tab16.1 Spam Ratin
- Page 173 and 174: 16.2 Blacklists tabtration Console
- Page 175 and 176: 16.2 Blacklists tabInternet databas
- Page 177 and 178: 16.3 Custom RulesSORBSSpam and Open
- Page 179 and 180: 16.3 Custom RulesUse the Add button
- Page 181 and 182: 16.3 Custom RulesTypeType of condit
- Page 183 and 184: 16.4 SpamAssassinFigure 16.7SpamAss
- Page 185 and 186: 16.5 Email policy records checksend
- Page 187 and 188: 16.6 Spam repellentFigure 16.9SPFOn
- Page 189 and 190: 16.7 Recommended configuration of a
- Page 191 and 192: 16.7 Recommended configuration of a
- Page 193 and 194: 16.8 Monitoring of spam filter’s
- Page 195: 16.8 Monitoring of spam filter’s
- Page 199 and 200: 17.4 Server responses to detection
- Page 201 and 202: 17.5 Filtering Email Attachments17.
- Page 203 and 204: 17.6 Antivirus control statisticsFi
- Page 205 and 206: 18.1 ArchivingPath to the archive d
- Page 207 and 208: 18.2 Backup of user foldersFigure 1
- Page 209 and 210: 18.2 Backup of user foldersFigure 1
- Page 211 and 212: 18.2 Backup of user folders• Save
- Page 213 and 214: 18.2 Backup of user folders2. The s
- Page 215 and 216: Chapter 19LDAP serverThe built-in L
- Page 217 and 218: 19.2 Configuring Email ClientsFigur
- Page 219 and 220: 19.2 Configuring Email ClientsMaxim
- Page 221 and 222: 20.2 Creating a Mailing List• con
- Page 223 and 224: 20.2 Creating a Mailing ListFigure
- Page 225 and 226: 20.3 Posting rulesFigure 20.4Creati
- Page 227 and 228: 20.4 Moderators and MembersAdd this
- Page 229 and 230: 20.4 Moderators and MembersAdding a
- Page 231 and 232: 20.5 Mailing list archiving2. This
- Page 233 and 234: 20.7 How to use Mailing ListsExampl
- Page 235 and 236: Chapter 21Status InformationKerio M
- Page 237 and 238: 21.2 Message queue processingFrom,
- Page 239 and 240: 21.3 Active ConnectionsActive Conne
- Page 241 and 242: 21.4 Opened FoldersComponentsThree
- Page 243 and 244: 21.5 Traffic ChartsTime rangeIn the
- Page 245 and 246: 21.6 StatisticsRefreshThis button r
17.1 Integrated McAfee Anti-VirusBesides cooperation with an antivirus program, <strong>Kerio</strong> MailServer allows you to filter certain filetypes from email attachments (using file extension or MIME type), regardless of whether theyare infected by a virus or not. To specify these options, go to the Configuration → Attachmentfiltering section.17.1 Integrated McAfee Anti-VirusCheck Scan mail using McAfee Anti-virus engine in the Antivirus tab of the internal version.Note: The external McAfee Anti-Virus is not supported by <strong>Kerio</strong> MailServer.Check for updates everyInterval for automatic update of the antivirus database and of the antivirus itself (inhours). Information about updates can be found in the Security log (see chapter 22.4).Note: To enable automatic updates well-working connection to the Internet must be provided.Automated dialing is not supported. In case of dial-ups we recommend you toperform updates by hand (see below).Virus definition updates are downloaded via HTTP. If the <strong>Kerio</strong> MailServer is behind a firewallyou must allow for outbound communication over an appropriate TCP port (port 80by default).Click Update now to start the update of the virus database and antivirus software manually.When this button is pressed, the update progress window is displayed. Informationabout updates can be found in the Security log (see chapter 22.4).Note: The update progress window can be closed anytime by pressing the OK button (itis not necessary to wait until the update is finished).Current virus database is ...The time that has elapsed since the last successful update of the virus database (with anaccuracy of minutes).Last update check performedThe time elapsed from the last successful update attempt. The fact whether a new versionhas been available on the server is irrelevant.Warning: If the time is significantly (several times) greater than the interval set for automaticupdate, then the automatic updates are not working correctly. In this case werecommend updating the database manually and to inspect the Error and Security logsfor a failure explanation.17.2 Choosing an external module for an antivirus programParameters for antivirus control are set in the Content Filter → Antivirus section with theAntivirus tab. To use an external antivirus program, check Use external antivirus. This menushows the antivirus software which can be used for email scanning. The antivirus softwaremust be installed prior to making a selection (we recommend stopping the <strong>Kerio</strong> MailServerEngine before the antivirus installation).197