Symantec 10490452 Administration Guide - Page 84
Determining your suspicious attachment policy, Changing default virus actions, Add Action
UPC - 037648265683
View all Symantec 10490452 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 84 highlights
84 Configuring email filtering Creating virus, spam, and compliance filter policies If a message is unscannable A message can be unscannable for viruses for a variety for viruses of reasons. For example, if it exceeds the maximum file size or maximum scan depth configured on the Scanning Settings page, or if it contains malformed MIME attachments, it may be unscannable. Compound messages such as zip files that contain many levels may exceed the maximum scan depth. If a message contains an encrypted attachment The message contains an attachment that cannot be scanned because it is encrypted. If a message contains a suspicious attachment The message contains an attachment that, according to Symantec filters, may contain a virus or other threat. If a message contains spyware or adware The message contains spyware or adware. 7 Select the desired action. See Table 4-2, "Filtering actions by verdict," on page 64. For some actions you need to specify additional information in fields that appear below the action. 8 Click Add Action. 9 If desired, add more actions. See Table 4-3, "Compatibility of filtering actions by verdict," on page 68. 10 Click Save. Determining your suspicious attachment policy When you choose the condition, "If a message contains a suspicious attachment," two additional actions become available: ■ Delay message delivery ■ Strip and hold in Suspect Virus Quarantine Both of these actions enable you to make use of the Suspect Virus Quarantine to delay filtering these messages until a later time, when updated virus definitions may be available. This provides enhanced protection against new and emerging virus threats. By default, these messages are held in the Suspect Virus Quarantine for 6 hours. You can vary the number of hours on the Settings > Quarantine page, Virus tab. Changing default virus actions By default, inbound and outbound messages containing a virus or mass-mailing worm, and unscannable messages, including malformed MIME messages, will be