Mail Quarantine

One of the basic steps in setting up protection in ESET Mail Security is creating the quarantine that safely stores infected notes. Only the administrator of the IBM Domino mail server has access to the quarantine. This quarantine is excluded from additional scanning.

The quarantine has different view options, depending on the note type (mail, document), subcategory and reason for storing the file in the quarantine (spam, infected file, user-defined rule). It is possible to recover a quarantined note, recovered notes will be copied into the original database in which they were stored. These notes will be scanned again after recovery. If the reason for quarantine is no longer present, a note will be handled normally. If these reasons persist, a note will be stored in the quarantine again. Notes are not scanned by the antispam module after recovery.

note_icon_note NOTE

Only the administrator has access to the quarantine. In order for the quarantine to work properly, scripts must be enabled when the administrator opens the quarantine for the first time.

mail_quarantine

Automatically create quarantine - By default, this option is enabled. It will automatically create a server database (NSF) where quarantined messages  or documents are stored.

Quarantine filename - Choose a name for the quarantine. By default, it is eQuarantine.nsf.

note_icon_note NOTE

The quarantine is created after the first infected file is found and sent to the quarantine. If the Automatically create quarantine option is not selected and the quarantine is not created, the file will be processed. The quarantine is created from the EsetQuarantine.ntf template, which is copied into the IBM Domino data folder during the installation. Each IBM Domino server Partition has its own quarantine. In case you uninstall ESET Mail Security, quarantine database file and quarantine template are not removed. This is because the quarantine contains valid data and the template is necessary to allow for viewing the quarantine database.

Automatically delete notes in quarantine - Deletes notes older than specified number of days.

Delete notes older than (days) - Automatically deletes quarantined notes after a selected amount of time. The predefined value is 30 days.

Enable whitelisting of notes released from quarantine - Use this setting when you want to recover a note (email or attachment) from ESET Quarantine and have an active rule in place that would automatically put recovered note back to the quarantine. Whitelisting will ignore rules to prevent this from happening. Once you enable whitelisting, ESET Mail Security will start writing a signature into every quarantined note. This signature is then used to whitelist notes.

note_icon_important IMPORTANT

Enabled whitelisting has an effect on rules and antivirus protection. Any note (email or attachment) that contains a signature will never be processed by rules and will never be scanned for viruses or other infiltrations. When whitelisting is disabled, notes will be processed by rules and antivirus protection regardless of the signature.

note_icon_example EXAMPLE

Enabled whitelisting:

Signature is being written to all newly quarantined notes. Existing notes already present in your quarantine will not have the signature written.

Signatures are taken into account when recovering a note from the ESET Quarantine to ignore rules and antivirus protection.

Disabled whitelisting:

Signature will not be written to notes that are being quarantined from then on.

Signatures of existing notes already present in your quarantine will not be taken into account when recovering a note from the ESET Quarantine to ignore rules and antivirus protection.

If you are enabling whitelisting again, previously signed notes can be recovered from the ESET Quarantine with the rules being ignored because signatures are being taken into account again.