Protocol filtering

Malware protection for application protocols is provided by the ThreatSense scanning engine, which integrates multiple advanced malware scanning techniques. Protocol filtering works automatically, regardless of the Internet browser or email client used. If protocol filtering is enabled, ESET Mail Security will be checking communications that uses the SSL/TLS protocol, go to Web and email > SSL/TLS.

Enable application protocol content filtering

If you disable protocol filtering, note that many ESET Mail Security components (Web access protection, Email protocols protection and Anti-Phishing protection) depend on it and not all their features will be available.

Excluded applications

To exclude the communication of specific network-aware applications from content filtering, select them in the list. HTTP/POP3 communication of the selected applications will not be checked for threats. Enables you to exclude specific applications from protocol filtering. Click Edit and Add to select an executable from the list of applications to exclude it from protocol filtering.


We recommend only using this option for applications that do not work properly with their communication being checked.

Excluded IP addresses

Allows you to exclude specific remote addresses from protocol filtering. IP addresses in this list will be excluded from protocol content filtering. HTTP/POP3/IMAP communication from/to the selected addresses will not be checked for threats.


We recommend that you only use this option for addresses that are known to be trustworthy.

Click Edit and Add to specify IP address, address range or subnet to which the exclusion will be applied. When you select Enter multiple values, you can add multiple IP addresses delimited by newlines, commas or semicolons. When multiple selection is enabled, addresses will be shown in the list of excluded IP addresses.


Exclusions are useful when protocol filtering causes compatibility issues.