ESET Mail Security

Each email detected by ESET Mail Security with ESET LiveGuard Advanced-activated  follows the submission process shown below. Policy settings define the following:

hold time (only for protection of mail boxes)

specific security levels

action after detection (only for protection of host server)

 


important

ESET Mail Security is protecting the host server and also mail boxes

ESET Mail Security with ESET LiveGuard Advanced protects the mail boxes as described below. The protection of the host machine is the same as described for ESET Server Security.

mail_security_scheme

Email analysis follows a four-step process:

1. Email scanning

The mail is downloaded from the internet or another untrusted source. Your ESET security product processes and scans the mail.

ms1

2. Email analysis and delivery

If your mail security product marks an email message for analysis, that email is held for a pre-set time period. While email is on hold, ESET LiveGuard Advanced is analyzing attachment. If the result of the analysis is clean, email is immediately delivered or in case it is malicious, then standard cleaning action takes place. In case result of analysis does not come in pre-defined waiting time, security product releases the email to the recipient. When the result is available later, within 2 minutes, all computers block this attachment immediately.

Emails in "hold" are listed in ESET Mail Security. Navigate to ESET Mail Security > Tools > ESET LiveGuard Advanced to see the list of emails on hold.
 

mail_edtd

Maximum wait time for analysis is set in the ESET Mail Security policy under Computer > Cloud-based protection > ESET LiveGuard > Maximum wait time for the analysis results.

 

ms2

3. Analysis results are shared

ESET LiveGuard Advanced uses four separate detection layers and the results of the analysis are saved to a database in the ESET cloud. The database is synchronized every single minute with ESET PROTECT. All machines with activated ESET LiveGuard Advanced and ESET security product are also synchronized with ESET cloud every 2 minutes.

ms3

4. Evaluation and cleaning

Analysis results are also sent back to your ESET security product and the email is scanned again. If the email is clean, it is delivered (unless the hold period has already passed).

Settings for cleaning actions and detection are set under category Server in the ESET Mail Security policy.

ms4