AVG Email Server Edition 2011 User Manual Document revision 2011.01 (22. 9. 2010) C opyright AVG Technologies C Z, s.r.o. All rights reserved. All other trademarks are the property of their respective owners. This product uses RSA Data Security, Inc. MD5 Message-Digest Algorithm, C opyright (C ) 1991-2, RSA Data Security, Inc. C reated 1991. This product uses code from C -SaC zech library, C opyright (c) 1996-2001 Jaromir Dolecek (dolecek@ics.muni.cz).
Contents ........................................................................................................................ 4 1. Introduction ........................................................................................................................ 5 2. AVG Installation Requirements 5 2.1 Operation.......................................................................................................... Systems Supported ....................................................................
.......................................................................................................... 37 7.1 Anti-Spam Interface .......................................................................................................... 39 7.2 Anti-Spam Principles .......................................................................................................... 39 7.3 Anti-Spam Settings ..........................................................................................................
1. Introduction This user manual provides comprehensive documentation for AVG Email Server Edition 2011. Congratulations on your purchase of AVG Email Server Edition 2011! AVG Email Server Edition 2011 is one of a range of award winning AVG products designed to provide you with peace of mind and total security for your PC.
2. AVG Installation Requirements 2.1. Operation Systems Supported AVG Email Server Edition 2011 is intended to protect e-mail servers running under the following operating systems: · Windows 2008 Server Edition (x86 and x64) · Windows 2003 Server (x86, x64) SP1 2.2. Email Servers Supported The following e-mail servers are supported: · MS Exchange 2003 Server version · MS Exchange 2007 Server version · MS Exchange 2010 Server version · AVG for Kerio MailServer – version 6.7.2 and higher 2.3.
Programs select the correct program from the list of installed software. Be careful to select the correct AVG program for uninstallation. You need to uninstall the Email Server Edition before uninstalling the AVG File Server Edition. · Once you have uninstalled the Email Server Edition, you can proceed to uninstall your previous version of AVG File Server Edition. This can be done easily from the start menu Start/All Programs/AVG/Uninstall AVG · If you have previously used the AVG 8.
3. AVG Installation Process To install AVG on your computer, you need to get the latest installation file. You can use the installation file from the CD that is a part of your box edition but this file might be out-of-date. Therefore we recommended getting the latest installation file online. You can download the file from the AVG website (at http://www.avg.
Attention: You will be able to choose also additional languages for the application interface later during the installation process. 3.2. Activate Your License In the Activate your License dialog you have to fill in your license number. Enter your license number into the License Number text field. The license number will be in the confirmation e-mail that you received after purchasing your AVG on-line. You must type in the number exactly as shown.
3.3. Select Installation Type The Select type of Installation dialog offers the choice of two installation options: Quick Install and Custom Install. For most users, it is highly recommended to keep to the Quick Install that installs AVG in fully automatic mode with settings predefined by the program vendor. This configuration provides maximum security combined with the optimal use of resources.
3.4. Custom Install - Custom Options The Destination folder dialog allows you to specify the location where AVG should be installed. By default, AVG will be installed to the program files folder located on drive C:. If you want to change this location, use the Browse button to display the drive structure, and select the respective folder. The Component selection section displays an overview of all AVG components that can be installed.
· Anti-Spam Server for MS Exchange Checks all incoming e-mail messages and marks unwanted e-mails as SPAM. It uses several analyzing methods to process each e-mail message, offering maximum possible protection against unwanted e-mail messages. · E-mail Scanner for MS Exchange (routing Transport Agent) Checks all incoming, outgoing and internal e-mail messages going through the MS Exchange HUB role. Available for MS Exchange 2007/2010 and can be installed for HUB role only.
AVG is now installed on your computer and fully functional. The program is running in the background in fully automatic mode. To individually setup protection for your e-mail server, follow the appropriate chapter: · E-mail Scanner for MS Exchange Server 2007/2010 · E-mail Scanner for MS Exchange Server 2003 · AVG for Kerio MailServer A V G E mail Server E dition 2 0 1 1 © 2 0 1 0 C opyright A V G T ec hnologies C Z, s .r.o. A ll rights res erved.
4. E-mail Scanner for MS Exchange Server 2007/2010 4.1. Overview The AVG for MS Exchange Server 2007/2010 configuration options are fully integrated within the AVG Email Server Edition 2011 as server components. Basic overview of the individual server components: · Anti-Spam - Anti-Spam Server for MS Exchange Checks all incoming e-mail messages and marks unwanted e-mails as SPAM.
· EMS (SMTP) - E-mail Scanner for MS Exchange (SMTP Transport Agent) Checks all e-mail messages coming through the MS Exchange SMTP interface. Available for MS Exchange 2007/2010 only and can be installed for both EDGE and HUB roles. · EMS (VSAPI) - E-mail Scanner for MS Exchange (VSAPI) Checks all e-mail messages stored in user mailboxes. If any viruses are detected, they are moved to the Virus Vault, or completely removed.
Here you can check messages divided into several tabs according to their severity. See configuration of individual components for amending the severity and reporting. By default there are displayed only results for the last two days. You can change the displayed period by amending the following options: o Show last - insert preferred days and hours. o Show selection - choose a custom time and date interval. o Show all - Displays results for the whole time period.
You will find more information on individual settings of all components in the chapters below. 4.2. E-mail Scanner for MS Exchange (routing TA) To open the settings of E-mail Scanner for MS Exchange (routing transport agent) , select the Settings button from the interface of the component. From the Server components list select the E-mail Scanner for MS Exchange (routing TA) item: The Basic Settings section contains the following options: · Enable component - uncheck to disable the whole component.
scanning. · Report Potentially Unwanted Programs and Spyware threats - check this option to report the presence of potentially unwanted programs and spyware. · Report enhanced set of Potentially Unwanted Programs - check to detect extended package of spyware: programs that are perfectly ok and harmless when acquired from the manufacturer directly, but can be misused for malicious purposes later, or programs that always harmless but might be unwanted (various toolbars etc.).
4.4. E-mail Scanner for MS Exchange (VSAPI) This item contains settings of the E-mail Scanner for MS Exchange (VSAPI). The Basic Settings section contains the following options: · Enable component - uncheck to disable the whole component. · Language - select preferred component language. The Logging settings section: · Log file size - choose a preferred size of the log file. Default value: 100 MB.
A specific low priority thread is used for each database, which guarantees other tasks (e.g. e-mail messages storage in the Microsoft Exchange database) are always carried out preferentially. · Proactive Scan (incoming messages) You can enable or disable the proactive scanning function of VSAPI 2.0/2.5 here. This scanning occurs when an item is delivered to a folder, but a request has not been made by a client.
when acquired from the manufacturer directly, but can be misused for malicious purposes later, or programs that always harmless but might be unwanted (various toolbars etc.). This is an additional measure that increases your computer security and comfort even more, however it can possibly block legal programs, and is therefore switched off by default.
we recommend a small fix (see below) to resolve this issue instantly. Note: Adjusting registry is advised only to experienced users. We recommend that before you edit the registry, you back up the registry and understand how to restore it if a problem occurs. Open the Registry editor (Windows menu Start/Run, type in regedit and press enter).
4.6. Detection Actions In the Detection actions sub-item you can choose automatic actions that should take place during the scanning process. The actions are available for the following items: · Infections · PUP (Potentially Unwanted Programs) · Warnings · Information Use the roll-down menu to choose an action for each item: · None - no action will be taken. · Move to Vault - the given threat will be moved to Virus Vault. · Remove - the given threat will be removed.
To select a custom subject text for messages that contain the given item/threat, check the Mark subject with... box and fill-in a preferred value. Note: The last mentioned feature is not available for E-mail Scanner for MS Exchange VSAPI. 4.7. Mail Filtering In the Mail Filtering sub-item you can choose which attachments should be automatically removed, if any. The following options are available: · Remove attachments - check this box to enable the feature.
5. E-mail Scanner for MS Exchange Server 2003 5.1. Overview The E-mail Scanner for MS Exchange Server 2003 configuration options are fully integrated within the AVG Email Server Edition 2011 as a server component. The server components include the following: Basic overview of the individual server components: · Anti-Spam - Anti-Spam Server for MS Exchange Checks all incoming e-mail messages and marks unwanted e-mails as SPAM.
Double-click a required component to open its interface. With the exception of AntiSpam, all the components share the following common control buttons and links: · Scan Results Opens a new dialog where you can review scan results: A V G E mail Server E dition 2 0 1 1 © 2 0 1 0 C opyright A V G T ec hnologies C Z, s .r.o. A ll rights res erved.
Here you can check messages divided into several tabs according to their severity. See configuration of individual components for amending the severity and reporting. By default there are displayed only results for the last two days. You can change the displayed period by amending the following options: o Show last - insert preferred days and hours. o Show selection - choose a custom time and date interval. o Show all - Displays results for the whole time period.
You will find more information on individual settings of all components in the chapters below. 5.2. E-mail Scanner for MS Exchange (VSAPI) This item contains settings of the E-mail Scanner for MS Exchange (VSAPI). The Basic Settings section contains the following options: · Enable component - uncheck to disable the whole component. · Language - select preferred component language. The Logging settings section: · Log file size - choose a preferred size of the log file. Default value: 100 MB.
virus base update is encountered in the users’ mailbox folders, it is submitted to AVG for Exchange Server to be scanned. Scanning and searching for the not examined objects runs in parallel. A specific low priority thread is used for each database, which guarantees other tasks (e.g. e-mail messages storage in the Microsoft Exchange database) are always carried out preferentially. · Proactive Scan (incoming messages) You can enable or disable the proactive scanning function of VSAPI 2.0/2.5 here.
option to report the presence of potentially unwanted programs and spyware. · Report enhanced set of Potentially Unwanted Programs - check to detect extended package of spyware: programs that are perfectly ok and harmless when acquired from the manufacturer directly, but can be misused for malicious purposes later, or programs that always harmless but might be unwanted (various toolbars etc.).
5.3. Detection Actions In the Detection actions sub-item you can choose automatic actions that should take place during the scanning process. The actions are available for the following items: · Infections · PUP (Potentially Unwanted Programs) · Warnings · Information Use the roll-down menu to choose an action for each item: · None - no action will be taken. · Move to Vault - the given threat will be moved to Virus Vault. · Remove - the given threat will be removed.
5.4. Mail Filtering In the Mail Filtering sub-item you can choose which attachments should be automatically removed, if any. The following options are available: · Remove attachments - check this box to enable the feature. · Remove all executable files - removes all executables. · Remove all documents - removes all document files. · Remove files with these comma separated extensions - fill the box with file extensions you wish to automatically remove. Separate the extensions with comma.
6. AVG for Kerio MailServer 6.1. Configuration The anti-virus protection mechanism is integrated directly into the Kerio MailServer application. In order to activate e-mail protection of Kerio MailServer by the AVG scanning engine, launch the Kerio Administration Console application.
In the following section you can specify what to do with an infected or filtered message: · If a virus is found in a message This frame specifies the action to be carried out when a virus is detected in a message, or when a message is filtered by an attachment filter: · o Discard the message – when selected, the infected or filtered message will be deleted.
(or attachment) will be delivered unchecked. The user will be warned that the message may still contain viruses. o Reject the message as if it was virus — the system will react the same way as when a virus was detected (i.e. the message will be delivered without any attachment or rejected). This option is safe, but sending password protected archives will be virtually impossible. 6.1.2.
The message without its infected or prohibited attachment will be (apart from the actions selected below) forwarded to the specified e-mail address. This can be used to verify the correct functioning of the antivirus and/or attachment filter. In the list of extensions, each item has four fields: · Type – specification of the kind of attachment determined by the extension given in the Content field. Possible types are File name or MIME type.
In the Then field you can decide whether to block the defined attachment or accept it. A V G E mail Server E dition 2 0 1 1 © 2 0 1 0 C opyright A V G T ec hnologies C Z, s .r.o. A ll rights res erved.
7. Anti-Spam Configuration 7.1. Anti-Spam Interface You will find the Anti-Spam server component's dialog in the Server Components section (left menu). It contains a brief information about the functionality of the server component, information on its current status (Anti-Spam Server for MS Exchange component is active.), and some statistics.
Here you can check messages detected either as a SPAM (unwanted messages) or a Phishing attempt (an effort to steal your personal data, banking details, identity etc.). By default there are displayed only results for the last two days. You can change the displayed period by amending the following options: o Show last - insert preferred days and hours. o Show selection - choose a custom time and date interval. o Show all - Displays results for the whole time period.
7.2. Anti-Spam Principles Spam refers to unsolicited e-mail, mostly advertising a product or service that is mass mailed to a huge number of e-mail addresses at a time, filling recipients’ mail boxes. Spam does not refer to legitimate commercial e-mail for which consumers have given their consent. Spam is not only annoying, but also can often be a source of scams, viruses or offensive content. Anti-Spam checks all incoming e-mail messages and marks unwanted e-mails as SPAM.
Here is a general review of the scoring threshold: · Value 90 - Most incoming e-mail messages will be delivered normally (without being marked as spam). The most easily identified spam will be filtered out, but a significant amount of spam may still be allowed through. · Value 80-89 - E-mail messages likely to be spam will be filtered out. Some nonspam messages may be incorrectly filtered as well. · Value 60-79 - Considered as a quite aggressive configuration.
There are the following options to choose from: · A specific e-mail client - if you use one of the listed e-mail clients (MS Outlook, Outlook Express, The Bat!, Mozilla Thunderbird), simply select the respective option · Folder with EML files - if you use any other e-mail program, you should first save the messages to a specific folder (in .eml format), or make sure that you know the location of your e-mail client message folders.
In this dialog, please select the folder with the messages you want to use for training. Press the Add folder button to locate the folder with the .eml files (saved e-mail messages). The selected folder will then be displayed in the dialog. In the Folders contain drop-down menu, set one of the two options - whether the selected folder contains wanted (HAM), or unsolicited (SPAM) messages.
Note: In case of Microsoft Office Outlook, you will be prompted to select the MS Office Outlook profile first. In the Folders contain drop-down menu, set one of the two options - whether the selected folder contains wanted (HAM), or unsolicited (SPAM) messages. Please note that you will be able to filter the messages in the next step, so the folder does not have to contain only training e-mails. A navigation tree of the selected e-mail client is already displayed in the main section of the dialog.
If you are sure that the selected folder contains only messages you want to use for training, select the All messages (no filtering) option. If you are unsure about the messages contained in the folder, and you want the wizard to ask you about every single message (so that you can determine whether to use it for training or not), select the Ask for each message option. For more advanced filtering, select the Use filter option.
left navigation) offers the Anti-Spam component performance settings. Move the slider left or right to change the level of scanning performance ranging between Low memory / High performance modes. · Low memory - during the scanning process to identify spam, no rules will be used. Only training data will be used for identification. This mode is not recommended for common use, unless the computer hardware is really poor. · High performance - this mode will consume large amount of memory.
7.5. RBL The RBL item open an editing dialog called Realtime Blackhole Lists: In this dialog you can switch on/off the Query RBL servers function. The RBL (Realtime Blackhole List) server is a DNS server with an extensive database of known spam senders. When this feature is switched on, all e-mail messages will be verified against the RBL server database and marked as spam if identical to any of the database entries.
No personal data is sent to the server! 7.6. Whitelist The Whitelist item opens a dialog with a global list of approved sender e-mail addresses and domain names whose messages will never be marked as spam. In the editing interface you can compile a list of senders that you are sure will never send you unwanted messages (spam). You can also compile a list of full domain names (e.g. avg.com), that you know do not generate spam messages.
can be done from Windows Address Book or Microsoft Office Outlook. · Export - if you decide to export the records for some purpose, you can do so by pressing this button. All records will be saved to a plain text file. 7.7. Blacklist The Blacklist item opens a dialog with a global list of blocked sender e-mail addresses and domain names whose messages will always be marked as spam. In the editing interface you can compile a list of senders that you expect to send you unwanted messages (spam).
· Import - you can import your existing e-mail addresses by selecting this button. The input file can be a text file (in plain text format, and the content must contain only one item - address, domain name - per line), WAB file or the import can be done from Windows Address Book or Microsoft Office Outlook. · Export - if you decide to export the records for some purpose, you can do so by pressing this button. All records will be saved to a plain text file. 7.8.
8. AVG Settings Manager The AVG Settings Manager is a tool suitable mainly for smaller networks that allows you to copy, edit and distribute AVG configuration. The configuration can be saved to a portable device (USB flash drive etc.) and then applied manually to chosen stations.
Answer Yes if you wish to set the password for access to Allowed items now and then fill-in the required information and confirm your choice. Answer No to skip the password creation and continue to save the local AVG configuration to a file. · Clone AVG installation This option allows you to make an exact copy of the local AVG installation by creating an installation package with custom options. To proceed first select folder where the installation script will be saved.
along with other files. If you run the AvgSetup.bat file, it will install AVG according to the parameters chosen above. A V G E mail Server E dition 2 0 1 1 © 2 0 1 0 C opyright A V G T ec hnologies C Z, s .r.o. A ll rights res erved.
9. FAQ and Technical Support Should you have any problems with your AVG, either business or technical, please refer to the FAQ section of the AVG website at http://www.avg.com. If you do not succeed in finding help this way, contact the technical support department by email. Please use the contact form accessible from the system menu via Help / Get help online. A V G E mail Server E dition 2 0 1 1 © 2 0 1 0 C opyright A V G T ec hnologies C Z, s .r.o. A ll rights res erved.
