ESET Online Help

Search English
Select the topic

Email Client Protection

Email client protection provides control of email communications received through the POP3 and IMAP protocols. When examining incoming messages, ESET Endpoint Antivirus for macOS uses the advanced scanning methods included in the ThreatSense scanning engine. POP3 and IMAP protocol communications scanning are independent of the email client used. The following settings are available:

Email Protocols

Here you can enable or disable the checking of email communication received through the POP3 and IMAP protocols.

POP3 protocol checking

The POP3 protocol is the most widespread protocol used to receive email communication in an email client application. ESET Endpoint Antivirus for macOS protects this protocol, regardless of the email client.

The protection module providing this control is automatically initiated at the system startup and is then active in memory. Ensure the module is enabled for protocol filtering to work correctly. POP3 protocol checking is performed automatically with no need to reconfigure your email client. By default, all communication on port 110 is scanned, but you can add other communication ports if necessary. Port numbers must be separated by a comma.

If you enable the POP3 protocol checking option, all POP3 traffic is monitored for malicious software.

IMAP protocol checking

The Internet Message Access Protocol (IMAP) is another internet protocol for email retrieval, and has some advantages over POP3. For example, multiple clients can simultaneously connect to the same mailbox and maintain message state information, such as whether the message has been read, replied to or deleted. ESET Endpoint Antivirus for macOS provides protects this protocol, regardless of the email client.

The protection module providing this control is automatically initiated at the system startup and is then active in memory. Ensure that IMAP protocol checking is enabled for the module to work correctly. IMAP protocol control is performed automatically without needing to reconfigure your email client. By default, all communication on port 143 is scanned, but you can add other communication ports if necessary. A comma must separate port numbers.

If you enable IMAP protocol checking, all traffic through IMAP is monitored for malicious software.

Email Tags

Using email tags allows you to append tag messages to email footnotes. After an email is scanned, a notification containing the scan results can be appended. Tag messages are a useful tool, but should not be used to determine message safety, since they may be omitted in problematic HTML messages and can be forged by certain threats. The following options are available:

oTo received and read email when a detection occursOnly email containing malware is tagged as checked

oTo all emails when scannedAll scanned emails are appended with tag messages

oNever—No tag messages are added to any email

Update subject of received email—Select this check box if you want email protection to include a threat warning in the infected email. This feature allows for simple filtering of infected emails. It also increases the level of credibility for the recipient, and if an infiltration is detected, it provides valuable information about the threat level of a given email or sender.

Add to subject of detected email—Edit this template to modify an infected email's subject prefix format.

ThreatSense Parameters

Advanced scanner setup enables you to configure cleaning levels, scan options and file extensions excluded from scanning.