virusscanningtarget
A brief description of the options available on this screen is available below.
Enable transport level real-time security risk scan: Select this to scan the Transport level.
This check box displays for ScanMail with Exchange Server 2010 and 2007 with the Edge Transport or Hub Transport server role. Transport scan addresses messages, mainly SMTP, processed in the Hub Transport or Edge Transport server role.
Enable store level real-time security risk scan: Select this to scan the Store level.
This check box displays for ScanMail with Exchange 2010 or 2007 servers with Mailbox server roles. Store scan addresses messages processed in the Exchange Information Store.
Enable real-time security risk scan: Select this to scan for security risks.
This displays for ScanMail with Exchange Server 2003.
Virus/Malware Scan: Specify basic scan options.
All attachment files: ScanMail scans for viruses/malware, worms, Trojans, and other malicious code in all files except unscannable files. Unscannable files are password protected files, encrypted files, or files that exceed the user-defined scanning restrictions. Other malicious code describes previously unknown threat types for which you want to configure a ScanMail action.
IntelliScan: IntelliScan uses Trend Micro recommended settings to perform an efficient scan.
Specify file types: Click the link to expand the list and select the files you want ScanMail to scan. These files are "true file types". The scan engine examines the file header rather than the file name to ascertain the actual file type. Or, select to create a list of file extensions by selecting Specify file extensions.
For example: If you click Specify file types and then click Application and executables > Executable (.exe; .dll, .vxd), then ScanMail scans executable, DLL, and VXD file types - even when the file has a false file extension name (is labeled .txt when it is actually a .exe). However, if you click Specify file extensions and type .exe, then ScanMail scans only .exe type files. ScanMail does not recognize falsely labeled file types.
IntelliTrap: Select to use heuristic evaluation of compressed files that help reduce the risk that a virus/malware compressed using different file compression schemes will go undetected. This feature detects packed files.
Spyware/Grayware Scan: By default, ScanMail scans the target files for viruses/malware and spyware/grayware. However, you can select from this list to customize the types of security risks that ScanMail will scan for.
Advanced Options: Specify Scan Restriction Criteria to enhance performance and protect against Denial-of-Service attacks.
Tip: Trend Micro recommends using scanning restrictions to protect against Denial-of-Service attacks. Denial-of-Service is an attack on a computer or network that causes a loss of 'service', namely a network connection. Typically, Denial-of-Service (DoS) attacks negatively affect network bandwidth or overload computer resources such as memory.
You can configure how ScanMail scans email messages that are very large or contain very large attachments and/or compressed files. Specify Scan restriction criteria options to configure limits for ScanMail. When ScanMail encounters an email message that exceeds your specified limits, it will skip scanning that email message. You can specify the following actions for these email messages under Unscannable Message Parts:
Replace with text/file
Quarantine entire message
Quarantine message part
Delete entire message
Pass
Note: There is one key difference between using IntelliScan and performing other scans using ScanMail true file type recognition. ScanMail true file type recognition allows users to define their own selection of files to scan, while IntelliScan always uses the Trend Micro recommended selection of files to scan.
The following lists the procedure required to configure security risk scan target settings.
To configure security risk scan target settings:
Log on to the product console.
Click Security Risk Scan. The Security Risk Scan screen displays.
Select one of the following for security risk scan:
All attachment files
IntelliScan: uses "true file type" identification
Specify file types
To scan the message body, select Scan message body.
To use IntelliTrap technology, select Enable IntelliTrap.
To scan for spyware/grayware, select Select All for Spyware/Grayware Scan or select from the following:
Spyware
Dialers
Hacking Tools
Password Cracking Applications
Adware
Joke Programs
Remote Access Tools
Others
Click Scan Restriction Criteria if performance improvement is required.
Select from the following options to skip scans for files that fall within this criteria and specify the value:
Message body size exceeds:
Attachment size exceeds:
Decompressed file count exceeds:
Size of decompressed file exceeds:
Number of layers of compression exceeds:
Size of decompressed file is "x" times the size of compressed file:
Click Save.
Click the Notification Tab.
Select notification options.
Click Save.
See also: