Email Scan

SpIDer Mail scans your email. Email anti-virus SpIDer Mail is installed by default. It resides in memory and runs automatically at OS startup. SpIDer Mail can also scan messages for spam using Dr.Web Anti-spam.

Note

Encrypted traffic is not checked in order to avoid issues with network resources. This is due to the fact that, in order to establish secure connections within the corporate network, the Dr.Web certificate is used instead of the certificates of installed software, which may lead to errors in programs that use a secure protocol for connections and check the integrity of encrypted traffic.

o check encrypted traffic, use the Dr.Web for Microsoft Outlook plug-in or the Dr.Web Mail Security Suite  server products.

To enable or disable email scan

1.Open Dr.Web menu Dr.Web icon, then select Security Center.

2.In the open window, click Files and Network tile.

3.Enable or disable the email anti-virus SpIDer Mail by using the switcher .

Figure 36. Enabling/Disabling SpIDer Mail

In this section:

Message processing

Scanning messages by other components

See also:

Configuring message scan

Anti-spam parameters

Message processing

SpIDer Mail intercepts any incoming messages and scans them before they are received by mail clients. If no threats are detected, messages are passed on to the email client as if they have been received directly from the server. Similar procedure is applied to outgoing messages before they are sent to a server.

By default, SpIDer Mail reacts to detection of infected incoming messages and messages that have not been scanned (for example, due to a complicated structure) as follows:

Message type

Action

Infected messages

Removes malicious content from the messages. Then the messages are delivered as usual. This action is called curing the message.

Messages with suspicious objects

Moves the messages to Quarantine as separate files. The email client receives a notification about this. This action is called moving the message. All moved messages are deleted from the POP3 or IMAP4 mail servers.

Safe messages and messages that have not been scanned

Passes the messages on to the mail client (skips).

Infected or suspicious outgoing messages are not sent to the server. The user is notified that a message will not be sent (usually the email client saves such a message).

Scanning messages by other components

Scanner can also detect threats in mailboxes of several formats, but SpIDer Mail has several advantages:

Not all formats of popular mailboxes are supported by Dr.Web Scanner. When using SpIDer Mail, the infected messages are not even delivered to mailboxes.

Scanner does not check mailboxes at the moment of the mail receipt, but either on user demand. Furthermore, this action is resource consuming and may take a lot of time.