Advanced settings

In this section you can change advanced settings for the transport agent:

Scan also messages received from authenticated or internal connections - You can choose what type of scan should be performed on messages received from authenticated sources or local servers. Scanning of such messages is recommended as it increases protection, but necessary if you are using the built-in Microsoft SBS POP3 Connector to fetch email messages from external POP3 servers or mail services (for example,,, gmx.dem, etc.). For more information see POP3 Connector and antispam.

note_icon_note NOTE

This setting turns Antispam protection on/off for authenticated users and internal connections. Emails from non-authenticated connections are always scanned, even if Do not scan is selected here.

note_icon_note NOTE

Internal messages from Outlook inside the organization are sent in the TNEF format (Transport Neutral Encapsulation Format). TNEF is not supported by antispam. Therefore, internal TNEF formatted emails will not be scanned for SPAM even if you have selected Scan by antispam protection or Scan by antivirus and antispam protection.


Search for sender's originating IP address in headers - If enabled, ESET Mail Security looks for the originating IP address in message headers so that different protection modules (Antispam and others) can use it. If your Exchange Organization is separated from the internet by a Proxy, Gateway or Edge Transport Server, email messages appear to arrive from a single IP address (usually an internal one). It is common that on the outside server (for example Edge Transport in DMZ) where senders IP address is known, this IP address is written into the message headers of the email message that is being received. The value specified in the Header with the originating IP field below is the header that ESET Mail Security looks for in message headers.

Header with the originating IP - Is the header that ESET Mail Security looks for in message headers. It is usually X-Originating-IP, but you can enter additional industry-standard headers such as X-Forwarded-For or Forwarded (see the list of HTTP header fields).

Enable quarantining of internal messages to mailbox quarantine - When enabled, internal messages will be quarantined. There is usually no need to quarantine internal messages.

Remove existing SCL header before the scan - This option is enabled by default. You can disable it if required to keep Spam Confidence Level (SCL) header.