ESET Online Help

Search English
Select the topic

Mail transport protection

You can configure actions for detected threats on the transport layer for each ESET Mail Security module (Antivirus, Anti-phishing and Antispam) separately.

Actions to take if cleaning not possible:

No action—Retain infected messages that cannot be cleaned

Quarantine message—Place infected messages into the quarantine mailbox

Reject message—Reject an infected message

Drop message silently—Delete messages without sending an NDR (Non-Delivery Report)


note

If you select No action and set Cleaning level to No cleaning in the Antivirus and antispyware ThreatSense parameters, the protection status changes to yellow. It is a security risk, and we do not recommend using this combination. Change one or the other setting to achieve the best protection.

Action to take on phishing message:

No action—Keep the message even if it is marked as phish

Quarantine message—Puts messages marked as phish to the quarantine mailbox

Reject message—Reject messages marked as phish

Drop message silently—Delete messages without sending NDR (Non-Delivery Report)

Action to take on spam messages:

No action—Keep the messages

Quarantine message—Put messages marked as spam in the quarantine mailbox

Reject message—Reject messages marked as spam

Drop message silently—Delete messages without sending an NDR (Non-Delivery Report)

Action to take on messages with a spoofed domain:

No action—Keep the messages

Quarantine message—Put messages marked as spoofed in the quarantine mailbox

Reject message—Reject messages marked as spoofed

Drop message silently—Delete messages without sending an NDR (Non-Delivery Report)

mail_transport

Save a copy of cleaned and deleted attachments in mail quarantine

A copy of the original file attachment will be stored in the mail quarantine.

Use custom text to replace deleted attachments

When enabled, you can specify custom text that replaces deleted attachments.

Format of the text used to replace deleted attachments

Replaces attachments with a text file that contains detailed information about an action taken. If you enable the setting above (Use custom text), you can modify the default text with your custom details using variables.


example

Use variables when customizing your text that will replace deleted attachments in an email message.

%PRODUCTNAME%
%FILENAME%
%VIRUSNAME%
%DETECTIONNAME%
%FILESIZE%

Attachment %FILENAME%, with the size of %FILESIZE%, has been deleted by %PRODUCTNAME% due to the %DETECTIONNAME%

The custom text format will have the following visible output:

Attachment eicar_com.zip, with the size of 184 B, has been deleted by ESET Mail Security due to the Eicar test file.

SMTP Reject Response

You can specify a Response code, Status code and Response message that define the SMTP temporary denial response sent to the SMTP server if a message is refused. You can enter a response message in the following format:

Response code

Status code

Response message

250

2.5.0

Requested mail action okay, completed

451

4.5.1

Requested action aborted: local error in processing

550

5.5.0

Requested action not taken: mailbox unavailable

554

5.6.0

Invalid content


note

You can also use system variables when configuring SMTP Reject Responses.

Write scan results to message headers

When enabled, scan results are written into message headers. These message headers start with X_ESET, making them easy to recognize (for example X_EsetResult or X_ESET_Antispam).

Add notification to the body of scanned messages offers three options:

Do not append to messages—Information will not be added

Append to infected messages only—Affects only infected messages

Append to all messages (does not apply to internal messages)—All messages will be marked

Modify subject

When enabled, you can modify templates added to the subject of infected messages, spam or phishing messages.

Template added to the subject of infected messages

ESET Mail Security will append a notification tag to the email subject with the value defined in the Template added to the subject of infected messages text field (pre-defined default text is [found threat %VIRUSNAME%]). This modification can be used to automate infected message filtering by filtering emails with a specific subject, for example, using Rules or alternatively on the client side (if supported by the email client) to put those email messages in a separate folder.

Template added to the subject of spam messages

ESET Mail Security will append a notification tag to the email subject with the value defined in the Template added to the subject of spam messages text field (pre-defined default text it [SPAM]). This modification can be used to automate spam filtering by filtering emails with a specific subject, for example, using Rules or alternatively on a client side (if supported by the email client) to put those email messages into a separate folder.

Template added to the subject of phish messages

ESET Mail Security will append a notification tag to the email subject with the value defined in the Template added to the subject of phish messages text field (pre-defined default text it [PHISH]). This modification can be used to automate spam filtering by filtering emails with a specific subject, for example, using Rules or alternatively on a client side (if supported by the email client) to put those email messages into a separate folder.


note

You can use system variables when editing text that will be added to the subject.