Mail Anti-Virus

Mail Anti-Virus scans incoming and outgoing messages for malicious objects. It loads when the operating system launches and runs continually, scanning all email sent or received on the POP3, SMTP, IMAP, MAPI and NNTP protocols, as well as on secure connections (SSL) for POP3 and IMAP.

The indicator of the component’s operation is the application icon in the taskbar notification area, which looks like Kapersky Antivirus tray on mail 1 Mail Anti Virus whenever an email message is being scanned.

You can specify the types of messages that should be scanned and select the security level (configuration settings affecting the scan intensity).

The application intercepts each message that the user sends or receives and parses it into basic components: message header, body, attachments. Message body and attachments (including attached OLE objects) are scanned for the presence of threats.

An attached object or an object embedded into another file. Kaspersky Lab application allows scanning OLE objects for viruses. For example, if you insert a Microsoft Office Excel table into a Microsoft Office Word document, the table is scanned as an OLE object.

By default, the mode of using records from application databases to scan for threats is always enabled. In addition, you can enable heuristic analysis. Furthermore, you can enable filtering of attachments, which allows automatic renaming or deletion of specified file types.

Databases created by Kaspersky Lab’s experts and containing a detailed description of all current threats to computer security as well as methods used for their detection and disinfection. These databases are constantly updated by Kaspersky Lab as new threats appear. In order to achieve a higher quality of threat detection we recommend that you copy databases from Kaspersky Lab’s update servers on a regular basis.

If a threat is detected, Kaspersky Anti-Virus assigns one of the following statuses to the found object:

  • malicious program (such as a virus or Trojan);
  • potentially infected (suspicious) status if the scan cannot determine whether the object is infected or not. The file may contain a sequence of code appropriate for viruses, or modified code from a known virus.

The application blocks a message, displays a notification about detected threat and performs the assigned action. You can change actions to be taken on detected threats.

If you work in automatic mode, Kaspersky Anti-Virus will automatically apply the action recommended by Kaspersky Lab’s specialists when dangerous objects are detected. For malicious objects this action is Disinfect. Delete if disinfection fails, for suspicious objects – Move to Quarantine.

Before attempting to disinfect or delete an infected object, Kaspersky Anti-Virus creates a backup copy for subsequent restoration or disinfection. Suspicious (potentially infected) objects are quarantined. You can enable the automatic scan of quarantined objects after each update.

After the email message is successfully disinfected, it returns to the user. If the disinfection fails, the infected object is deleted from the message. After the virus scan, a special text is inserted in the subject line of the email, stating that the email was processed by Kaspersky Anti-Virus.

A special plug-in is provided for Microsoft Office Outlook; it can configure email scans more exactly.

If you use The Bat!, Kaspersky Anti-Virus can be used in conjunction with other anti-virus applications. In addition, the rules for processing email traffic are configured directly in The Bat! and supersede the application’s mail protection settings.

When working with other mail programs, including Microsoft Outlook Express/Windows Mail, Mozilla Thunderbird, Eudora, and Incredimail, the Mail Anti-Virus component scans email on SMTP, POP3, IMAP, and NNTP protocols.

Note that when working with the Thunderbird mail client, email messages transferred via IMAP will not be scanned for viruses if any filters moving messages from the Inbox folder are used.

In this section:

Enabling and disabling Mail Anti-Virus

Creating a protection scope

Changing and restoring security level

Using heuristic analysis

Changing actions to be performed on detected objects

Attachment filtering

Scan of compound files

Email scanning in Microsoft Office Outlook

Email scanning in The Bat!

Mail Anti-Virus