 [. . . ] ESET Mail Security 4
for Microsoft Exchange Server
Version 4. 3

Installation Manual and User Guide
Microsoft® Windows® Server 2000 / 2003 / 2008

Click here to download the most recent version of this document

ESET Mail Security 4
Copyright ©2011 by ESET,  spol. No part of this documentation may be reproduced,  stored in a retrieval system or transmitted in any form or by any means,  electronic,  mechanical,  photocopying,  recording,  scanning,  or otherwise without permission in writing from the author. reserves the right to change any of the described application software without prior notice. Customer Care Worldwide: www. eset. eu/support Customer Care North America: www. eset. com/support REV.  [. . . ] HTTPs checking can be performed in the following modes: Do not use HTTPS protocol checking – Encrypted communication will not be checked Use HTTPS protocol checking for selected ports – HTTPs checking only for ports defined in Ports used by HTTPs protocol

53

4. 1. 4. 1. 1 Address management This section enables you to specify HTTP addresses to block,  allow or exclude from checking. Websites in the list of excluded addresses are accessed without being scanned for malicious code. If you select the Allow access only to HTTP addresses in the list of allowed addresses option,  only addresses present in the list of allowed addresses will be accessible,  while all other HTTP addresses will be blocked. The asterisk substitutes any character string,  and the question mark substitutes any symbol. Particular care should be taken when specifying excluded addresses,  because the list should only contain trusted and safe addresses. If you wish to be notified when entering an address from the current list,  select Notify when applying address from the list option. 

54

4. 1. 4. 1. 2 Active mode ESET Mail Security also contains the Web browsers feature,  which allows you to define whether the given application is a browser or not. If an application is marked as a browser,  all communication from this application is monitored regardless of the port numbers involved. The Web browsers feature complements the HTTP checking feature,  as HTTP checking only takes place on predefined ports. However,  many Internet services utilize changing or unknown port numbers. To account for this,  the Web browser feature can establish control of port communications regardless of the connection parameters. 

The list of applications marked as web browsers is accessible directly from the Web browsers submenu of the HTTP,  HTTPs branch. This section also contains the Active mode submenu,  which defines the checking mode for Internet browsers. 

55

Active mode is useful because it examines transferred data as a whole. If it is not enabled,  communication of applications is monitored gradually in batches. This decreases the effectiveness of the data verification process,  but also provides higher compatibility for listed applications. If no problems occur while using it,  we recommend that you enable active checking mode by selecting the checkbox next to the desired application. 

4. 1. 5 On-demand computer scan If you suspect that your computer is infected (it behaves abnormally),  run an On-demand computer scan to examine your computer for infiltrations. From a security point of view,  it is essential that computer scans are not just run when an infection is suspected,  but regularly as part of routine security measures. Regular scanning can detect infiltrations that were not detected by the real-time scanner when they were saved to the disk. This can happen if the real-time scanner was disabled at the time of infection,  or if the virus signature database is not up-todate. We recommend that you run an On-demand computer scan at least once a month. Scanning can be configured as a scheduled task from Tools > Scheduler. 

56

4. 1. 5. 1 Type of scan Two types of On-demand computer scan are available. Smart scan quickly scans the system with no need for further configuration of the scan parameters. Custom scan… allows you to select any of the predefined scan profiles,  as well as choose specific scan targets. 

4. 1. 5. 1. 1 Smart scan Smart scan allows you to quickly launch a computer scan and clean infected files with no need for user intervention. Its main advantages are easy operation with no detailed scanning configuration.  [. . . ] The functionality is based on the following principle: The learning process takes place in the first phase. The user manually marks a sufficient number of messages as legitimate messages or as spam (normally 200/200). The filter analyzes both categories and learns,  for example,  that spam usually contains the words “rolex” or “viagra”,  and legitimate messages are sent by family members or from addresses in the user’s contact list. Provided that a sufficient number of messages are processed,  the Bayesian filter is able to assign a specific “spam index” to each message in order to determine whether it is spam or not.  [. . . ]