Mailbox protection

To access the settings of the antivirus protection for Exchange Server, click Settings / Profiles / Add profile/ Exchange Servers / Antivirus.

Here you can configure the basic operation of the antivirus with respect to the mailbox protection.

Mailbox protection

Select the Enable mailbox protection checkbox.

By enabling the mailbox protection you will keep the emails stored in your Exchange Server mailboxes malware-free. This will improve your security and prevent data theft and data loss.

In Malicious software to detect, select the items to detect.

In versions earlier than Microsoft Exchange 2013, there is a virus scanning API to check messages and protect mailboxes.

In Exchange 2013, a new interceptor has been developed to intercept the SMTP traffic that goes between mailboxes.

How the mailbox protection works

The mailbox protection acts on the specific malicious or suspicious item rather than on the entire message. That is, if malware is detected in an attached file, the protection will act on that file.

The protection works as follows:

  1. The protection takes on the malicious file the action defined by our laboratory experts: Disinfect, Delete, Move to quarantine, etc.

  2. A security_alert.txt notification is sent to the user.

  3. If restored from quarantine, the email is restored to the recipient’s mailbox. If a problem occurs during the restore process, the message is directly moved to the Lost&Found folder, where a file will appear with the name of the quarantined item.

How the mailbox protection works in Exchange 2013

The mailbox protection for Exchange 2013 works in the same way as the transport protection. It works as follows:

  1. Should malware or suspicious files be detected, the entire email will be moved to quarantine.

  2. These messages will be kept in quarantine for a certain period of time.

Classification

Time

Action taken after this period of time

Malware

7 days

Delete

Suspicious item

14 days

Restore

 

  1. If a message is moved to quarantine, a notification will be sent to the message recipient(s) with the original subject and a warning indicating that the message has been blocked and they must contact the administrator if they want to retrieve the message.

  2. If restored from quarantine, the email will be restored to the recipient’s mailbox. If a problem occurs during the restore process, the message is directly moved to the Lost&Found folder, where a file will appear with the name of the message subject. This file contains the whole message.