On the General tab, you can select actions to apply to threats detected by SpIDer Mail, depending on their type.
•Cure, move to quarantine if not cured. Instructs to restore the original state of the object before infection. If the object is incurable, or the attempt of curing fails, this object is moved to quarantine. The action is available only for the objects with a known threat that can be cured except for the Trojan programs and files within complex objects.
•Cure, delete if not cured. Instructs to restore the original state of the object before infection. If the object is incurable, or the attempt of curing fails, this object is deleted. The action is available only for the objects with a known threat that can be cured except for the Trojan programs and files within complex objects.
•Move to quarantine. This action moves a detected threat to a special folder that is isolated from the rest of the system.
•Delete. It is the most effective way to remove all types of threats. This action implies full deletion of a dangerous object.
•Ignore. No actions are applied to the object. Notifications are not displayed.
|
The default settings are optimal for most cases. Do not change them unnecessarily. |
Actions applied to threats detected by SpIDer Mail
Object |
Action |
||||
|---|---|---|---|---|---|
Cure, move to quarantine if not cured |
Cure, delete if not cured |
Move to quarantine |
Delete |
Ignore |
|
Infected messages |
+/* |
+ |
+ |
+ |
|
Suspicious messages |
|
|
+/* |
+ |
+ |
Non-checked messages |
|
|
+ |
+ |
+/* |
Malformed messages |
|
|
+ |
+ |
+/* |
Adware |
|
|
+/* |
+ |
+ |
Dialers |
|
|
+/* |
+ |
+ |
Jokes |
|
|
+ |
+ |
+/* |
Hacktools |
|
|
+ |
+ |
+/* |
Riskware |
|
|
+ |
+ |
+/* |
+ |
action is enabled for this type of object |
+/* |
action is set as default for this type of object |
Scan options
The following settings allow you to configure additional email scanning parameters:
•Use heuristic analysis. In this mode, special methods are used to detect suspicious objects in emails that are most likely to be infected with unknown malware. Disable this option to not use the heuristic analysis.
•Check installation packages. It instructs to check installation package files. This option is disabled by default.
Scanning optimization options
You can set the condition under which SpIDer Mail should acknowledge complex messages, whose scan is time consuming, as unchecked. To do that, enable the Message scan time-out (sec.) option and set the maximum email scanning time. After the expiry of the specified period, SpIDer Mail stops scan of the email. Default value is 250 seconds.
Additional actions on messages
In this group, you can configure additional actions to be applied when SpIDer Mail processes emails.
•Insert “X-AntiVirus” header. It instructs to add scan results and information on Dr.Web version to email headers after processing by SpIDer Mail. You cannot edit a header format. This option is enabled by default.
•Delete modified messages on server. It instructs to remove emails to which either Delete or Move to Quarantine action was applied by SpIDer Mail. The emails are removed from mail servers regardless of the mail client settings.
•Check archives. This option instructs SpIDer Mail to scan archived files transferred via email. After enabling the option, the following parameters are available:
▫Maximum file size to extract. If an archive size exceeds the specified value, SpIDer Mail does not unpack and scan the archive. The default value is 30,720 KB;
▫Maximum compression ratio. If an archive compression ratio exceeds the specified value, SpIDer Mail does not unpack and check the archive. The default value is 0 KB;
▫Maximum archive nesting level. If a nesting level is greater than the specified value, SpIDer Mail proceeds unpacking and scanning the archive until this limit is exceeded. The default value is 64 KB.