Manualshelf

Installation manual

ManualsBrandsESET ManualsComputer equipmentMAIL SECURITY 4 - V4.2 FOR MICROSOFT EXCHANGE SERVER
41424344454647484950
45
3.4 FAQ
Q: After installing EMSX with Antispam, emails stopped being delivered into mailboxes.
A: If Greylisting is enabled, this is normal behavior. In the first hours of full operation emails may arrive with several
hours of delay. If the issue continues for a longer period, we recommend you turn off (or reconfigure) Greylisting.
Q: When the VSAPI scans email attachments, does it also scan email message bodies?
A: In Microsoft Exchange Server 2000 SP2 and later, the VSAPI scans email message bodies as well.
Q: Why does message scanning continue after the VSAPI option has been disabled?
A: Changes to VSAPI settings run asynchronously, meaning the modified VSAPI settings have to be called by the
Microsoft Exchange Server to go into effect. This cyclic process runs in intervals of approximately one minute. The
same applies to all other VSAPI settings.
Q: Can VSAPI remove an entire message containing an infected attachment?
A: Yes, VSAPI can remove the entire message. However, it is necessary to select the Delete whole message option
in the Actions section of the VSAPI settings first. This option is available in Microsoft Exchange Server 2003 and
later. Older versions of Microsoft Exchange Server do not support removal of entire messages.
Q: Is outgoing email also scanned by VSAPI for viruses?
A: Yes, VSAPI scans outgoing emails unless you have configured an SMTP server in your mail client that is different
from your Microsoft Exchange Server. This feature is applied in Microsoft Exchange Server 2000 Service Pack 3 and
later.
Q: Is it possible to add a notification tag text via VSAPI to each scanned message, in the same manner as the
Transport agent?
A: Adding text to messages scanned by VSAPI is not supported in Microsoft Exchange Server.
Q: Sometimes I cannot open a particular email in Microsoft Outlook. Why is that?
A: The Action to take if cleaning not possible option in your VSAPI settings in the Actions section is most likely
set to Block or you have created a rule that includes the Block action. Either of these settings will mark and block
both infected messages and/or messages that fall under the aforementioned rule.
Q: What does the Response time limit item in the Performance section stand for?
A: If you have Microsoft Exchange Server 2000 SP2 or later, the value Response time limit represents the
maximum time in seconds required to finish the VSAPI scanning of one thread. If the scan is not finished within this
time limit, Microsoft Exchange Server will deny the client access to the email. Scanning will not be interrupted and
after it is finished, every other attempt to access the file will be successful. If you have Microsoft Exchange Server
5.5 SP3 or SP4, the value will be expressed in milliseconds and represents the period after which the client will retry
to access the file that had been previously inaccessible due to scanning..
Q: How long can the list of file types be in one rule?
A: The file extensions list can contain a maximum of 255 characters in a single rule.
Q: I have enabled the Background scanning option in VSAPI. Until now, messages on Microsoft Exchange Server
were always scanned after each virus signature database update. This did not happen after the last update. Where
is the problem?
A: The decision to scan all messages immediately or at the user's attempt to access a message depends on several
factors, including server load, CPU time required to scan all messages in bulk and the total number of messages.
The Microsoft Exchange Server will scan every message before it reaches the client’s inbox.
Q: Why did the rule counter increase by more than one after receiving a single message?
A:The rules are checked against a message when it is processed by transport agent (TA) or VSAPI. When both TA
and VSAPI are enabled and the message matches the rule conditions, the rule counter may increase by 2 or more.
VSAPI accesses the parts of the message individually (body, attachment) meaning the rules are consequently
applied to each part individually. Furthermore, rules can be applied during a background scan (e.g. repeated
mailbox-store scan after a virus signature database update), which can increase the rule counter.