Installation manual
18
When evaluating the message source, the method takes into account the configurations of the Approved IP
addresses list, the Ignored IP addresses list, the Safe Senders and Allow IP lists on the Exchange server and the
AntispamBypass settings for the recipient mailbox. Greylisting must be thoroughly configured, or else unwanted
operational flaws (e.g. delays in legitimate message deliveries etc.) may occur. These negative effects recede
continuously as this method fills the internal whitelist with trusted connections. If you are not familiar with this
method, or if you consider its negative side-effect unacceptable, we recommend that you disable the method in the
Advanced settings menu under Antispam protection > Microsoft Exchange Server > Transport agent > Enable
Greylisting.
We recommend disabling greylisting if you intend to test the product's basic functionalities and do not want to
configure the advanced features of the program.
NOTE: Greylisting is an additional layer of antispam protection and does not have any effect on the spam
evaluation capabilities of the antispam module.
Configure Background Scanning
In some cases, particularly when ESET Mail Security is installed in a clustered environment, background scanning
can cause excess system load which can slow the reception and sending of email. If you notice that the
transmission of email is slowed after installing ESET Mail Security we recommend that you disable Background
scanning and create a new scheduled task to perform background scanning during non-work hours. To do so,
follow the step-by-step instructions below:
1) Press F5 to enter Advanced setup.
2) Expand Server protection > Microsoft Exchange Server > Antivirus and antispyware > Microsoft Exchange
Server > VSAPI x.x.
3) Deselect the check box next to Background scanning and click OK. Email delivery speed should return to normal
shortly.
4) Create a new scheduled task to perform the Run mail server background scan during non-work hours. For
instructions to set up a scheduled background scan, see the Creating new tasks section of this guide.
Antivirus protection setup
Quarantine
Depending on the type of cleaning mode you are using, we recommend that you configure an action to be
performed on infected (not cleaned) messages. This option can be set in the Advanced settings window Server
protection > Antivirus and antispyware > Microsoft Exchange Server > Transport agent.
If the option to move messages into email quarantine is enabled, you need to configure the quarantine under
Server protection > Message quarantine in the Advanced settings window.
Performance
If there are no other restrictions, our recommendation is to increase the number of ThreatSense scan engines in the
Advanced settings window (F5) under Computer protection > Antivirus and antispyware > Performance,
according to this formula: number of ThreatSense scan engines = (number of physical CPUs x 2) + 1. Also, the number of
scan threads should be equal to the number of ThreatSense scan engines. You can configure the number of scan threads
under Server protection > Antivirus and antispyware > Microsoft Exchange Server > VSAPI > Performance.
Here is an example:
Let's say you have a server with 4 physical CPUs. For the best performance, according to formula above, you should
have 9 scan threads and 9 scan engines.
NOTE: Acceptable value is 1-20, so the maximum number of ThreatSense scan engines you can use is 20. The
change will be applied only after restart.
NOTE: We recommend that you set the number of scan threads equal to the number of ThreatSense scan engines
used. It will have no effect on performance if you use more scan threads than scan engines.
NOTE: If you are using ESET Mail Security on a Windows Server that acts as a Terminal Server and do not want the
ESET Mail Security GUI to start up every time a user logs in, see the Disable GUI on Terminal Server chapter for
specific steps to disable it.
89
116