Key Features

The following table provides a list of features that are available in the ESET Mail Security.

True 64-bit product core

Adding higher performance and stability to the product core components.


An award-winning exlink and innovative defense against malware. This leading-edge technology exlink prevents from attacks and eliminates all types of threats, including viruses, ransomware, rootkits, worms and spyware with cloud-powered scanning for even better detection rates. With a small footprint, it is light on the system resources not compromising its performance. It uses layered security model. Each layer, or a phase, has a number of core technologies. Pre-execution phase has technologies such as UEFI Scanner, Network Attack Protection, Reputation & Cache, In-product Sandbox, DNA Detections. Execution phase technologies are Exploit Blocker, Ransomware Shield, Advanced Memory Scanner and Script Scanner (AMSI), and Post-execution phase uses Botnet Protection, Cloud Malware Protection System and Sandboxing. This feature-rich set of core technologies provides an unrivaled level of protection.


Antispam is an essential component for any mail server. ESET Mail Security uses state-of-the-art Antispam engine that prevents from spam and phishing attempts with very high catch rates. ESET Mail Security has won consecutively spam filtering test by Virus Bulletin, a leading security testing authority, and received the VBSpam+ certification for a number years. Antispam engine have achieved a result of 99.99% spam catch rate with zero false positives making it industry-leading technology in spam protection. ESET Mail Security Antispam incorporates multiple technologies (RBL and DNSBL, Fingerprinting, Reputation checking, Content analysis, Rules, manual whitelisting/blacklisting, Backscatter protection and message validation using SPF and DKIM) to maximize detection. ESET Mail Security Antispam is cloud based and most of the cloud databases are located in ESET data centers. Antispam cloud services allow for prompt data updates which provides quicker reaction time in case of an emergence of new spam.


A feature which prevents users from accessing web pages known for phishing. Email messages may contain links which lead to phishing web pages and ESET Mail Security uses sophisticated parser that searches message body and subject of incoming email messages to identify such links (URL's). The links are compared against phishing database.


The rules enables administrators to filter unwanted emails and attachments based on company's policy. Attachments such as executables, multimedia files, password protected archives, etc. Different actions can be performed with filtered email messages and their attachments, for example quarantine, delete, send notification or log to events.

Office 365 mailbox scan

For businesses who use hybrid Exchange environment, adds the capability to scan mailboxes in the cloud.

ESET Dynamic Threat Defense (EDTD)

ESET Cloud-based service. When ESET Mail Security evaluates an email message as suspicious, it is temporarily put it into the ESET Dynamic Threat Defense quarantine. A suspicious email message is automatically submitted to ESET Dynamic Threat Defense server for analysis by advanced malware detection engines. ESET Mail Security then receives a result of the analysis and suspicious email message is dealt with depending on the result.

Mail quarantine manager with web interface

Administrator can inspect quarantined objects and decide to delete or release them. This feature offers easy to use management tool.

Quarantine web interface allows remote management of the content. It is possible to choose its administrators and/or delegate access. Additionally, users can view and manage their own spam after logging to the Mail Quarantine Web interface, having access to their messages only.

Mail quarantine reports

Quarantine reports are emails sent to selected users or administrators to provide information about all quarantined email messages. It also enables them to remotely manage quarantined content.

On-demand mailbox database scan

On-demand mailbox database scan gives administrators an option to scan selected mailboxes manually, or schedule the scan out of business hours. Mailbox database scanner uses the EWS (Exchange Web Services) API to connect to Microsoft Exchange Server via HTTP/HTTPS. Also, the scanner uses parallelism during scan process to improve the performance.

ESET Cluster

ESET Cluster allows for management of multiple servers from a single location. Similar to ESET File Security for Microsoft Windows Server, joining server nodes to a cluster makes management easier due to the ability to distribute one configuration across all cluster member nodes. ESET Cluster can also be used to synchronize greylisting databases and contents of the Local mail quarantine.

Processes exclusions

Excludes specific processes from Anti-Malware on-access scanning. Anti-Malware on-access scanning may cause conflicts in certain situations, for example during a backup process or live migrations of virtual machines. Processes exclusions help minimize the risk of such potential conflicts and improve the performance of excluded applications, which in turn has a positive effect on the overall performance and stability of the whole system. The exclusion of a process / application is an exclusion of its executable file (.exe).

eShell (ESET Shell)

eShell 2.0 is now available in ESET Mail Security. eShell is a command line interface that offers advanced users and administrators more comprehensive options to manage ESET server products.

ESET Security Management Center

Better integration with ESET Security Management Center including the ability to schedule various tasks exlink. For more information, see ESET Security Management Center Online help exlink.

Component-based installation

Installation can be customized to contain only selected parts of the product.