SmarterMail Help
Community Knowledge Base

Virus Quarantine

Inbound and outbound messages that have been flagged as containing viruses by SmarterMail's ClamAV or the Cyren Zero-hour Outbreak Detection add-on are quarantined, by default, for 30 days. Quarantining such messages allows Administrators to investigate for any false positives and make appropriate adjustments or notify the developer of the virus scanner, if necessary.

To view a list of quarantined virus messages, log into SmarterMail as a System Administrator and click on Manage icon. Click on Spool from the navigation pane, then click on the Virus Quarantine tab. Messages that have been flagged and quarantined by SmarterMail's antivirus measures (including the Cyren Zero-hour Outbreak Detection add-on, if enabled) will be listed. The following details can be seen for each entry:

  • File Name - The unique name of the EML file on the hard disk of the SmarterMail server.
  • Date - The date and time the message was flagged for quarantine.
  • Sender - The email address that initially sent the email.
  • Recipients - The number of delivered/total recipients.
  • Size - The total size of the message on the hard drive, in kilobytes.
  • Attempts - The number of delivery attempts that have been made.
  • Time in Spool - The amount of time the message has been quarantined.
  • Time of Removal - The date and time that a message will be automatically removed from quarantine and permanently deleted.

To view the contents of a message or its intended recipients, click on the entry's row. The email will load in a popup window.

The following actions can be taken on selected entries using the Actions (...) button:

  • Resend - Moves the selected message(s) to the spool for delivery to its intended recipients.
  • Delete - Remove the selected message(s) from the quarantine list.
  • Move Messages - Moves the location of the selected message(s) from the general email directory to a new path on the server. Use the default path provided or enter any folder path on the server. For example, it's possible to move messages to a "Moved Items" folder within the Spool folder using this path "C:\SmarterMail\Spool\MovedItems\". Moving the .eml files to their own folder on the server is useful because it allows an administrator to review the messages before taking actions against them. While it is possible to move quarantined messages to another user's folder (the folder path would look like "C:\SmarterMail\Domains\[Domain.com]\Users\[Username]\Mail\[Folder Name]\"), this isn't recommended as these messages have been flagged as possibly containing viruses; moving them to a user folder could "enable" any virus contained in a message if it's not handled properly.
  • Download EML - Allows you to download the raw EML file for the message.

Important Notes:

  • Virus Quarantine settings can be managed from the Antivirus section. To access this section, click on the Settings icon. Then click on Antivirus in the navigation pane. For more information, refer to the Antivirus page.
  • Spam Quarantine and Virus Quarantine tabs will only load a maximum of 5,000 messages combined. (E.g., 2,000 Spam Quarantine items displayed and 3,000 Virus Quarantine items displayed - together they'll never show more than 5,000 messages). That means that if the two numbers add up to 5000, it's very likely there are MORE than the number of individual emails for each Quarantine type than can be displayed. If there are, they will need to be reviewed/handled from within the appropriate directory on the server.
Copyright © SmarterTools Inc. All rights reserved.