Mail transport protection

You can configure actions for detected threats on the transport layer for each ESET Mail Security module (Antivirus, Anti-Phishing and Antispam) separately.

Actions to take if cleaning not possible:

No action - Retain infected messages that cannot be cleaned

Quarantine message - Puts infected messages to the quarantine mailbox

Reject message - Reject an infected message

Drop message silently - Delete messages without sending NDR (Non-Delivery Report)


NOTE

If you select No action and at the same time have Cleaning level set to No cleaning in ThreatSense parameters of Antivirus and antispyware, then the protection status will change to yellow. This is because it is a security risk and we do not recommend that you use this combination. Change one or the other setting in order to achieve a good level of protection.

Action to take on phishing message:

No action - Keep the message even if it is marked as phish

Quarantine message - Puts messages marked as phish to the quarantine mailbox

Reject message - Reject messages marked as phish

Drop message silently - Delete messages without sending NDR (Non-Delivery Report)

Action to take on spam messages:

No action - Keep the message even if it is marked as spam

Quarantine message - Puts messages marked as spam to the quarantine mailbox

Reject message - Reject messages marked as spam

Drop message silently - Delete messages without sending NDR (Non-Delivery Report)

Action to take on messages with a spoofed domain:

No action - Keep the message even if it is marked as spoofed

Quarantine message - Puts messages marked as spoofed to the quarantine mailbox

Reject message - Reject messages marked as spoofed

Drop message silently - Delete messages without sending NDR (Non-Delivery Report)

mail_trans_protection

Save a copy of cleaned and deleted attachments in mail quarantine

A copy of the original file attachment will be stored in the mail quarantine.

Use custom text to replace deleted attachments

When enabled, you can specify custom text that replaces deleted attachments.

Format of the text used to replace deleted attachments

Replaces attachment with a text file that contains detailed information about an action taken. If you enabled the setting above (Use custom text), you can modify the default text with your custom details using variables if you wish.


EXAMPLE

Use variables when customizing your text that will be used as a replacement for deleted attachments in an email message.

%PRODUCTNAME%
%FILENAME%
%VIRUSNAME%
%DETECTIONNAME%
%FILESIZE%

Attachment %FILENAME%, with the size of %FILESIZE%, has been deleted by %PRODUCTNAME% due to the %DETECTIONNAME%.

The custom text format will have the following visible output:

Attachment eicar_com.zip, with the size of 184 B, has been deleted by ESET Mail Security due to the Eicar test file.

SMTP Reject Response

You can specify a Response code, Status code and Response message which define the SMTP temporary denial response sent to the SMTP server if a message is refused. You can enter a response message in the following format:

Response code

Status code

Response message

250

2.5.0

Requested mail action okay, completed

451

4.5.1

Requested action aborted:local error in processing

550

5.5.0

Requested action not taken:mailbox unavailable

554

5.6.0

Invalid content


NOTE

You can also use system variables when configuring SMTP Reject Responses.

Add notification to the body of scanned messages offers three options:

Do not append to messages - Information will not be added.

Append to infected messages only - Affect only infected messages.

Append to all messages (doesn't apply to internal messages) - All messages will be marked.

Modify subject

When enabled, you can modify templates added to the subject of infected messages, spam or phish messages.

Template added to the subject of infected messages

ESET Mail Security will append a notification tag to the email subject with the value defined in the Template added to the subject of infected messages text field (predefined default text is [found threat %VIRUSNAME%]). This modification can be used to automate filtering of infected messages by filtering emails with a specific subject, for example using rules or alternatively on the client side (if supported by the email client) to put such email messages into a separate folder.

Template added to the subject of spam messages

ESET Mail Security will append a notification tag to the email subject with the value defined in the Template added to the subject of spam messages text field (predefined default text it [SPAM]). This modification can be used to automate spam filtering by filtering emails with a specific subject, for example using rules or alternatively on a client side (if supported by the email client) to put such email messages into a separate folder.

Template added to the subject of phish messages

ESET Mail Security will append a notification tag to the email subject with the value defined in the Template added to the subject of phish messages text field (predefined default text it [PHISH]). This modification can be used to automate spam filtering by filtering emails with a specific subject, for example using rules or alternatively on a client side (if supported by the email client) to put such email messages into a separate folder.


NOTE

You can also use system variables when editing text which will be added to the subject.