ESET Mail Security

Each email detected by ESET Mail Security with ESET Dynamic Threat Defense-activated  follows the submission process shown below. Policy settings define the following:

hold time (only for protection of mail boxes)

specific security levels

action after detection (only for protection of host server)

 

important

ESET Mail Security is protecting the host server and also mail boxes

ESET Mail Security with ESET Dynamic Threat Defense protects the mail boxes as described below. The protection of the host machine is the same as described for ESET File Security.

Email analysis follows a four-step process:

1. Email scanning

The mail is downloaded from the internet or another untrusted source. Your ESET security product processes and scans the mail.

ms1

2. Email analysis and delivery

If your mail security product marks an email message for analysis, that email is held for a pre-set time period. While email is on hold, ESET Dynamic Threat Defense is analyzing attachment. If the result of the analysis is clean, email is immediately delivered or in case it is malicious, then standard cleaning action takes place. In case result of analysis does not come in pre-defined waiting time, security product releases the email to the recipient. When the result is available later, within 2 minutes, all computers block this attachment immediately.

Emails in "hold" are listed in ESET Mail Security. Navigate to ESET Mail Security > Tools > ESET Dynamic Threat Defense to see the list of emails on hold.
 

mail_edtd

Maximum wait time for analysis is set in the ESET Mail Security policy under Computer > Cloud-based protection > ESET Dynamic Threat Defense > Maximum wait time for the analysis results.

 

ms2

3. Analysis results are shared

The results of the analysis are saved to a database in the ESET cloud. The database is synchronized every single minute with ESET Security Management Center. All machines with activated ESET Dynamic Threat Defense and ESET security product are also synchronized with ESET cloud every 2 minutes.

ms3

4. Evaluation and cleaning

Analysis results are also sent back to your ESET security product and the email is scanned again. If the email is clean, it is delivered (unless the hold period has already passed).

Settings for cleaning actions and detection are set under category Server in the ESET Mail Security policy.

ms4