Installation manual

Server decides whether a background scan will run or not, based on various factors, such as the current system

load, the number of active users, etc. Microsoft Exchange Server keeps a record of scanned messages and the virus

signature database version used. If you are opening a message that has not been scanned by the most current virus

signature database, Microsoft Exchange Server sends the message to ESET Mail Security to be scanned before

opening the message in your email client.

Since background scanning can affect system load (scanning is performed after each virus signature database

update), we recommend using scheduled scanning outside working hours. Scheduled background scanning can be

configured via a special task in the Scheduler/Planner. When you schedule a Background scanning task you can set

the launch time, the number of repetitions and other parameters available in the Scheduler/Planner. After the task

has been scheduled, it will appear in the list of scheduled tasks and as with the other tasks, you can modify its

parameters, delete it or temporarily deactivate the task.

If you want to scan plain text messages, select the Scan plain text message bodies option.

Enabling the Scan RTF message bodies option activates scanning of RTF message bodies. The RTF message bodies

may contain macro viruses.

3.2.1.1.2.1 Actions

In this section you can specify the actions to be performed when a message and/or attachment is evaluated as

infected.

The Action to take if cleaning not possible field allows you to Block infected content, Delete the message or take

No action on the infected content of the message. This action will be applied only if the automatic cleaning

(defined in ThreatSense engine parameter setup > Cleaning ) did not clean the message.

The Deletion option allows you set Message deletion method and Attachment deletion method.

You can set Message deletion method to:

Delete message body – delete the body of the infected message; the recipient will receive an empty message

and any non-infected attachments

Rewrite message body with action information – rewrite the body of the infected message with information

about performed actions

You can set Attachment deletion method to:

Truncate file to zero length – ESET Mail Security truncates the attachment to zero size and lets the recipient see

the attachment file name and type

Replace attachment with action information – ESET Mail Security replaces the infected file with a virus

protocol or rule description

By clicking the Rescan button you will run another scan on messages and files that have already been scanned

before.

3.2.1.1.2.2 Performance

In this section you can set the number of independent scan threads used at a single time. More threads on

multiprocessor machines can increase the scan rate. For the best program performance we advise using an equal

number of ThreatSense scan engines and scan threads.

The Response time limit (sec.) allows you to set the maximum amount of time a thread waits for a message scan

to complete. If the scan is not finished within this time limit, Microsoft Exchange Server will deny the client access

to the email. Scanning will not be interrupted and, after it is finished, every other attempt to access the file will be

successful.

TIP: To determine the Number of scan threads the Microsoft Exchange Server provider recommends, use the

following formula: [number of physical processors] x 2 + 1.

NOTE: Performance is not improved significantly if there are more ThreatSense scanning engines than scanning

threads.