ESET Online Help

Search English
Select the topic

Email client protection

Email client protection provides control of email communications received through the POP3 and IMAP protocols. When examining incoming messages, ESET Cyber Security uses all of the advanced scanning methods included in the ThreatSense scanning engine. POP3 and IMAP protocol communications scanning is independent of the email client used. The following settings are available:

Email Protocols

Here you can enable or disable the checking of email communication received through the POP3 and IMAP protocols.

POP3 protocol checking

The POP3 protocol is the most widespread protocol used to receive email communication in an email client application. ESET Cyber Security provides protection for this protocol, regardless of the email client.

The protection module providing this control is automatically initiated at the system startup and is then active in memory. Make sure the module is enabled for protocol filtering to work correctly. POP3 protocol checking is performed automatically with no need to reconfigure your email client. By default, all communication on port 110 is scanned, but you can add other communication ports if necessary. Port numbers must be separated by a comma.

If you enable the POP3 protocol checking option, all POP3 traffic is monitored for malicious software.

IMAP protocol checking

The Internet Message Access Protocol (IMAP) is another Internet protocol for e-mail retrieval. IMAP has some advantages over POP3. For example, multiple clients can simultaneously connect to the same mailbox and maintain message state information such as whether the message has been read, replied to, or deleted. ESET Cyber Security provides protection for this protocol, regardless of the email client.

The protection module providing this control is automatically initiated at the system startup and is then active in memory. Make sure that IMAP protocol checking is enabled for the module to work correctly. IMAP protocol control is performed automatically with no need to reconfigure your email client. By default, all communication on port 143 is scanned, but you can add other communication ports if necessary. Port numbers must be separated by a comma.

If you enable IMAP protocol checking, all traffic through IMAP is monitored for malicious software.

Email Tags

Using email tags allows you to append tag message to email footnote. After an email is scanned, a notification containing the scan results can be appended to the message. Tag messages are a useful tool, but should not be used as the final determination of message safety, since they may be omitted in problematic HTML messages and can be forged by certain threats. The following options are available:

To received and read email when a detection occurs – Only email containing malware is tagged as checked.

To all emails when scanned – All scanned emails are appended with tag messages.

Never – No tag messages are added to any email.

Update subject of received email – Select this check box if you want email protection to include a threat warning in the infected email. This feature allows for simple filtering of infected emails. It also increases the level of credibility for the recipient and, if an infiltration is detected, it provides valuable information about the threat level of a given email or sender.

Add to subject of detected email – Edit this template to modify the subject prefix format of an infected email.

ThreatSense Parameters

Advanced scanner setup enables you to configure cleaning levels, scan options, and file extensions excluded from scanning.