SmarterMail Help

Antivirus

SmarterMail supports multiple methods of antivirus protection for securing your mail server. The default installation includes, at no additional cost, effective and self-updating antivirus protection with ClamAV. SmarterMail also supports additional third-party solutions, including command-line antivirus solutions and Cyren Zero-hour Outbreak Detection. (Cyren Zero-hour Outbreak Detection is a paid SmarterMail add-on and can be licensed in 12-month subscriptions. Start a 30 day trial in the Licensing settings, or contact SmarterTools Sales for purchasing details.) In addition, SmarterMail has the ability to check a quarantine directory and respond to users that attempted to send an email containing a virus.

To view the antivirus settings for your server, log in to SmarterMail as an Administrator and click on the Settings icon. Then click on Antivirus in the navigation pane. The following settings will be available:

Options

  • Virus Quarantine - Allows you to specify the amount of time you want to quarantine any detected viruses.
  • Quarantine Directory - The full path to the quarantine directory for the server. This is where emails that are allegedly infected with a virus are temporarily held. The default location is C:\SmarterMail\Spool\Quarantine.
  • Scan Incoming/Outgoing Messages - This dropdown list allows you to specify the types of messages that will be scanned for the virus quarantine: Incoming, Outgoing or Both.

Command-Line Antivirus

Administrators can integrate SmarterMail with third-party antivirus programs via a command-line execution. This can be an efficient solution for high-volume mail environments by reducing the burden on the mail server itself.

Once a message comes into the SmarterMail spool, it will then be scanned for viruses using the command-line antivirus and any built in antivirus measures that have been enabled in SmarterMail. If the command-line scanner picks up a virus, it will be up to the command-line antivirus program to delete/quarantine the message according to the application's configuration.

  • Enable command-line antivirus - Toggle the switch to the right to enable command-line antivirus.
  • Command Line - Enter the executable for the antivirus program. For example, if you'd like to integrate with ESET Endpoint Antivirus, you might enter something like: C:\Program Files\ESET\ESET Endpoint Antivirus\ecls.exe /base-dir="C:\Program Files\ESET\ESET Endpoint Antivirus" /aind /arch //sfx /adware /clean-mode=Delete %FILEPATH

Note: %FILEPATH will be replaced with the path to the file to be scanned.

ClamAV

ClamAV is a third-party open source antivirus toolkit, designed especially for scanning email on mail gateways. ClamAV is included at no additional cost in the default installation of SmarterMail. For more information on ClamAV, visit: www.clamav.com

Note: ClamAV's virus definitions are updated whenever the service starts and every 6 hours thereafter. To manually update the ClamAV definitions, click on the Actions (...) button and select Update ClamAV Definitions.

  • Enable ClamAV - Toggle the slider to the right to enable ClamAV.
  • ClamAV is on a remote server - Toggle the slider to the right if the server is a remote server.
  • IP Address - The IP address of the ClamAV server to use.
  • Port - The port that the ClamAV server is listening on.
  • Timeout - The maximum number of seconds SmarterMail should wait for ClamAV to respond before moving on to the next message. By default, the timeout is 10 seconds.
  • Failures Before Disable - The maximum number of ClamAV timeouts allowed before it is disabled. By default, ClamAv is limited to 5 failures.

Cyren Zero-hour Outbreak Detection

The Cyren Zero-hour Outbreak Detection add-on uses Recurrent Pattern Detection technology to identify viruses based on their unique distribution patterns and provides a complementary shield to conventional AV technology, protecting in the earliest moments of malware outbreaks and continuing protection as each new variant emerges.

Cyren evaluates each message and determines the probability that the message contains a virus. For more information, or to purchase this add-on, visit the SmarterTools website.

  • Enable Cyren Zero-Hour Outbreak Detection - Toggle the slider to the right to enable Cyren Zero-hour Outbreak Detection. Note: Cyren Zero-hour Outbreak Detection is a paid SmarterMail add-on and can be licensed in 12-month subscriptions. Start a 30 day trial in the Licensing settings, or contact SmarterTools Sales for purchasing details.
  • Virus Result - Choose the default action taken on a message when Cyren determines that it has a definite probability of containing a virus. The available options are: Take No Action, Delete Message, Move to Junk Email Folder or Prefix Subject With Text.
  • High Result - Choose the default action taken on a message when Cyren determines that it has a high probability of containing a virus. The available options are: Take No Action, Delete Message, Move to Junk Email Folder or Prefix Subject With Text.
  • Medium Result - Choose the default action taken on a message when Cyren determines that it has a medium probability of containing a virus. The available options are: Take No Action, Delete Message, Move to Junk Email Folder or Prefix Subject With Text.