Protection modules

Antivirus protection is one of the basic functions of ESET Mail Security . Antivirus protection guards against malicious system attacks by controlling file, email and Internet communication. If a threat with malicious code is detected, the Antivirus module can eliminate it by blocking it and then cleaning it, deleting it, or moving it to Quarantine.

Antispam protection incorporates multiple technologies (RBL, DNSBL, Fingerprinting, Reputation checking, Content analysis, Rules, Manual whitelisting/blacklisting, etc.) to maximize detection of email threats.

ESET Mail Security Antispam is cloud based and most of the cloud databases are located in ESET data centers. Antispam cloud services allow for prompt data updates which provides quicker reaction time in case of an emergence of new spam. It also allows incorrect or false data to be removed from ESET blacklists. Communication with Antispam cloud services is done over a proprietary protocol on port 53535, whenever possible. If it is not possible to communicate through ESET's protocol, DNS services are used instead (port 53). However, using DNS is not as effective because it requires multiple requests to be sent during spam classification process of a single email message.

Normally, no email messages or their parts are sent during spam classification process. However, if ESET LiveGrid® is enabled and you have explicitly allowed samples to be submitted for analysis, only message marked as spam (or most likely spam) may be sent in order to help thorough analysis and cloud database enhancement.

If you want to report spam false positive or negative classification, see our KB article for details.

In addition, ESET Mail Security can also use Greylisting method (disabled by default) of spam filtering.

ESET Mail Security includes Anti-Phishing protection which prevents users from accessing web pages known for phishing. In case of email messages that may contain links which lead to phishing web pages, ESET Mail Security uses sophisticated parser that searches message body and subject of incoming email messages to identify such links (URL's). The links are compared against phishing database and rules with condition Message body are evaluated.

The availability of rules for Mailbox database protection, On-demand mailbox database scan and Mail transport protection on your system depend on which Microsoft Exchange Server version is installed on the server with ESET Mail Security.

Rules enables you to manually define email filtering conditions and actions to take with filtered emails. There are different sets of conditions and actions. You can create individual rules that may also be combined. If one rule uses multiple conditions, the conditions will be linked using the logical operator AND. Consequently, the rule will be executed only if all its conditions are met. If multiple rules are created, the logical operator OR will be applied, meaning the program will run the first rule for which the conditions are met.

In the scanning sequence, the first technique used is greylisting - if it is enabled. Consequent procedures will always execute the following techniques: protection based on user-defined rules, followed by an Antivirus scan and, lastly, an Antispam scan.