Configuring Content Scanning Targets

Collapse All Expand All

access control
- configuring [1] [2] [3]
- enabling [1]
- permissions [1]
  - full [1]
  - read [1]
- role [1]
- Search & Destroy administrator [1]
actions [1] [2]
- advanced spam prevention [1]
- attachment blocking [1]
- compressed files [1]
- Data Loss Prevention [1]
- security risk scan [1]
- spam prevention
  - content scanning [1]
- web reputation [1]
activating ScanMail
- Activation Code [1]
  - additional features [1]
  - suite [1]
activating Trend Micro products [1] [2]
- Activation Code
  - standard [1]
- reactivating [1]
Activation Code [1]
- locating [1]
- reactivating [1]
- standard [1]
- suite [1]
- suite with additional features [1]
ActiveAction [1] [2]
ActiveUpdate [1] [2]
- incremental updates [1]
advanced spam prevention [1] [2] [3]
- actions [1]
- configuring target settings [1]
- enabling advanced spam prevention [1]
- notifications [1]
advanced spam prevention scan [1]
advanced threats [1]
- actions [1] [2]
- APT [1]
- exploits [1]
- targeted attacks [1]
- zero-day attacks [1]
Advanced Threat Scan Engine [1]
- about [1]
- actions [1] [2]
Advanced Threat Scan Engine (ATSE)
- scan engine [1] [2]
adware [1]
alerts [1] [2]
- notifications [1]
- outbreak [1]
- system events [1]
ATSE [1]
- about [1]
- actions [1] [2]
attachment blocking [1]
- actions [1] [2] [3]
  - configuring [1]
- compressed file handling [1]
- enabling [1]
- exceptions
  - add [1]
  - edit [1]
- global policy [1]
- logs [1]
- notifications
  - settings [1]
- target
  - configuring [1]
Business Email Compromise (BEC) [1]
Command & Control Contact Alert Services [1]
- categories [1]
- Global Intelligence list [1]
- Smart Protection Server [1]
- Virtual Analyzer [1]
- Virtual Analyzer list [1]
compressed files [1] [2] [3] [4] [5] [6]
- actions [1]
- compression ratios [1]
- compression types [1]
- Denial-of-Service [1]
compression types [1]
configuring
- access control [1] [2]
- advanced spam prevention scan
  - target [1]
- internal domains [1]
- local sources [1]
- macro scans [1]
- notifications [1]
- proxy settings [1] [2]
- quarantine folder/directory [1]
- real-time scan [1]
- security risk scan
  - target [1]
- server groups [1]
- special groups [1] [2]
- web reputation [1]
content filtering [1]
- actions [1] [2] [3]
- data leakage prevention [1]
- enabling [1] [2]
- exceptions [1]
- global settings [1]
- keywords [1] [2] [3]
- logs [1]
- policies [1]
  - edit [1]
  - enabling [1]
  - exceptions [1]
  - name and priority [1]
  - selecting accounts [1]
  - specify action [1]
  - specify notification [1]
  - specify target [1]
content scanning [1]
- actions [1]
- enabling [1]
- target [1]
Control Manager
- see Trend Micro Control Manager [1]
criteria
- customized expressions [1]
- keywords [1]
customized expressions [1] [2]
- criteria [1]
customized keywords [1]
- criteria [1]
data identifiers [1]
- expressions [1]
  - creating [1]
  - importing [1] [2]
- keyword lists
  - creating [1]
- keywords [1]
data leakage prevention [1]
Data Loss Prevention [1] [2]
- actions [1] [2] [3]
- data identifiers [1]
  - best practices [1]
  - expressions [1] [2] [3]
  - keyword lists [1]
- enabling [1]
- expressions [1] [2] [3] [4]
- global settings [1]
- hidden keys [1]
- keywords [1] [2] [3] [4]
- logs [1]
- policies [1] [2] [3] [4] [5] [6] [7]
  - actions [1]
  - creating [1]
  - enabling [1]
  - name and priority [1]
  - notifications [1]
  - selecting accounts [1]
  - targets [1]
- templates [1] [2]
  - best practices [1]
  - creating [1]
  - deleting [1]
  - exporting [1]
  - importing [1]
Denial-of-Service [1] [2] [3]
Denial-of-Service attack [1]
dialers [1]
disease vector [1]
documentation feedback [1]
EICAR [1]
email reputation
- actions [1]
- enabling [1]
- target [1]
email reputation services [1]
- advanced [1]
- standard [1]
encoding types [1]
End User Quarantine [1] [2]
Enterprise Protection Strategy [1]
expressions [1] [2]
- customized [1]
  - criteria [1]
- predefined [1]
false positive [1]
file reputation [1]
File Reputation Services [1]
files
- uncleanable [1]
frequently asked questions
- backup folders [1] [2]
- calculating decompressed file size [1]
- central reports [1]
- checking pattern file updates [1]
- checking service pack updates [1]
- compression ratios [1]
- dangerous files [1]
- EICAR test virus [1]
- End User Quarantine spam folder [1]
- false positives [1]
- firewall port exceptions [1]
- handling large files [1]
- latest patches [1]
- locating Activation Code [1]
- locating Registration Key [1] [2]
- mapped network drives [1]
- phish attacks [1]
- public folder scan [1]
- quarantine folders [1] [2]
- regular expressions [1]
- remote SQL server password changed [1]
- removing quarantined email messages [1]
- sending detected viruses to Trend Micro [1]
- sending suspected threats to Trend Micro [1]
- spyware/grayware [1]
- time settings [1] [2]
- UNC paths [1]
- using keywords [1] [2] [3]
- using operators with keywords [1]
- virtual analyzer
  - working modes [1]
global policy [1]
global settings
- quarantine folder/directory [1]
grayware [1]
hacking tools [1]
hot fixes [1]
icons [1]
integrated server [1]
IntelliScan [1] [2]
IntelliTrap [1]
internal domains [1]
- configuring [1]
joke program [1] [2]
keywords [1] [2] [3] [4] [5]
- customized [1] [2]
- predefined [1]
known issues [1]
licenses [1]
- registering [1]
local sources
- configuring [1]
- settings [1]
- Smart Protection Server [1]
logs [1]
- maintenance [1]
- querying [1]
- Search & Destroy [1]
- types [1]
- Windows events [1]
machine learning [1]
macro scan [1]
macro viruses/malware [1]
mailbox search
- configuring [1]
- criteria
  - date [1]
  - discovery mailbox [1]
  - keywords [1]
  - mailbox components [1]
  - mailboxes [1]
  - specific senders or recipients [1]
- deleting [1]
- keywords [1]
- modifying [1]
- options [1]
- results [1]
- syntax [1]
- types [1]
- viewing [1]
maintaining security [1]
managing outbreak situations [1]
- analyzing [1]
- confirming the outbreak [1]
- recovering [1]
- responding [1]
manual scan [1]
- alerts [1]
- characteristics [1]
- compressed file handling [1] [2] [3]
- settings [1]
manual updates [1]
mass-mailing attack [1]
master services
- ScanMail EUQ Monitor [1]
- ScanMail for Exchange Remote Configuration Server [1]
- ScanMail for Microsoft Exchange Master Services [1]
- ScanMail for Microsoft Exchange System Watcher [1]
- starting and stopping [1]
multipurpose internet mail extensions [1]
notifications [1] [2] [3]
- about [1]
- actions that trigger [1]
- advanced spam prevention [1]
- alerts [1]
- configuring [1]
- global settings [1]
- web reputation [1]
one-time reports [1] [2]
- generating [1]
online help
- accessing [1]
operator [1]
outbreak alerts [1]
Outbreak Prevention Services [1]
- alerts [1]
password cracking applications [1]
patches [1]
- updating FAQ [1]
pattern files [1] [2] [3] [4]
- incremental updates [1]
- Smart Scan Agent pattern [1]
- Smart Scan pattern [1]
- spam pattern files [1]
- updates [1]
- updating manually [1]
- Web Blocking list [1]
PCRE [1]
Perle Compatible Regular Expressions [1]
phish [1] [2] [3] [4]
policies
- content filtering [1]
- Data Loss Prevention [1]
post-installation
- spam folder [1]
predefined expressions [1]
predefined templates [1]
product console [1]
- banner [1]
- configuration area [1]
- getting help [1]
- side menu [1]
- viewing remote servers [1]
- viewing servers [1]
proxy settings [1] [2]
- configuring [1] [2]
quarantine
- alerts [1]
- configuring [1]
- folder/directory [1]
- global settings [1]
- queries
  - maintenance [1] [2]
  - performing [1]
- resending messages [1]
quarantine folder/directory [1]
- alerts [1]
quarantine query
- maintenance
  - automatic [1]
  - manual [1]
- performing [1]
- resending messages [1]
ransomware [1]
reactivating Trend Micro products [1]
real-time monitor [1]
- viewing remote servers [1]
real-time scan [1] [2]
- characteristics [1]
- configuring [1]
registering
- to Control Manager [1]
registering ScanMail
- reseller purchase [1]
registering Trend Micro products [1]
- how to [1]
- online purchase [1]
- Registration Key [1]
Registration Key
- locating [1] [2]
regular expressions [1]
remote access tools [1]
remote servers
- viewing with real-time monitor [1]
replicating configurations [1] [2]
reports [1]
- generating scheduled [1]
- maintenance [1]
- one-time reports [1] [2]
- scheduled [1]
role
- operator [1]
scan engine [1]
- ATSE [1] [2]
- hierarchy [1]
- machine learning [1]
- update manually [1]
- updates [1]
- Virtual Analyzer [1] [2]
- VSAPI [1] [2]
ScanMail EUQ Monitor [1]
ScanMail for Exchange Remote Configuration Server [1]
ScanMail for Microsoft Exchange Master Services [1]
ScanMail for Microsoft Exchange System Watcher [1]
ScanMail technology [1]
scans [1]
- about scans [1]
- actions [1] [2]
- logs [1]
- macro scan [1]
- manual scan [1]
- manual scan settings [1]
- on cluster servers [1]
- real-time scan [1]
- scheduled scan [1]
- scheduled scan settings [1]
scheduled scan [1]
- alerts [1]
- characteristics [1]
- compressed file handling [1] [2] [3]
- settings [1]
scheduled updates [1]
Search & Destroy
- about [1]
- access account [1] [2]
  - configuring [1]
- activating [1]
- discovery mailbox [1] [2]
- event logs [1]
- mailbox search [1]
  - configuring [1]
  - deleting [1]
  - keywords [1]
  - modifying [1]
  - options [1]
  - syntax [1]
  - types [1]
  - viewing [1]
- service account [1] [2]
- settings [1]
- troubleshooting [1]
Search & Destroy administrator [1]
security baseline [1]
- managing real-time monitor [1]
- performing a manual scan [1]
- update ScanMail [1]
security risks [1]
- advanced threats [1]
- compressed files [1]
- Denial-of-Service [1]
- Denial-of-Service attack [1]
- disease vector [1]
- encoding types [1]
- grayware [1]
- joke program [1]
- macro viruses/malware [1]
- mass-mailing attack [1]
- multipurpose internet mail extensions [1]
- other malicious codes [1]
- packed files [1]
- phish [1] [2] [3]
- ransomware [1]
- spyware [1]
- spyware/grayware [1] [2]
- Trojan Horse [1] [2]
- true file type [1]
- virus/malware writers [1]
- viruses/malware [1] [2]
- worms [1] [2]
- zip-of-death [1]
security risk scan
- about [1]
- actions [1] [2]
  - settings [1]
- ActiveAction [1]
- compressed file handling [1] [2]
- configuring target settings [1]
- custom settings [1]
- enabling real-time scan [1]
- IntelliScan [1] [2]
- IntelliTrap [1]
- logs [1]
- notifications
  - settings [1]
- summary screen [1]
server groups [1]
- configuring [1]
server management console [1]
- activating [1]
- replicating configurations [1] [2]
- replicating servers [1]
- view last replication [1]
- view pattern and engine version [1]
- view scan results [1]
- view scan status [1]
- view smart scan status [1]
Server Management Console
- about [1]
service packs [1] [2]
services
- starting and stopping [1]
smart protection [1] [2] [3] [4] [5]
- File Reputation Services [1]
- Smart Protection Network [1]
- source [1] [2]
- sources
  - comparison [1]
  - protocols [1]
- volume of threats [1]
Smart Protection [1]
- File Reputation Services [1]
- integrated server [1]
- pattern files [1]
- Smart Protection Server [1]
- standalone server [1]
- Web Reputation Services [1] [2]
Smart Protection Network [1] [2]
- web reputation [1]
Smart Protection Server [1] [2] [3] [4]
- alerts [1]
- integrated server [1]
- security risk scan
  - alerts [1]
- standalone [1]
- web reputation [1] [2] [3] [4]
Smart Protection sources
- integrated server [1]
- local source settings [1]
- Smart Protection Server [1]
- standalone server [1]
spam engine [1]
spam maintenance [1]
- End User Quarantine [1]
spam pattern files [1]
spam prevention [1]
- content scanning [1]
  - actions [1]
  - enabling [1]
  - target [1]
- email reputation
  - actions [1]
  - enabling [1]
  - target [1]
- email reputation services [1]
- End User Quarantine [1]
- maintenance [1]
- spam engine [1]
- spam pattern files [1]
special groups [1] [2]
- configuring [1] [2]
spyware [1]
spyware/grayware [1] [2] [3] [4]
- adware [1]
- dialers [1]
- entering the network [1]
- hacking tools [1]
- joke program [1]
- malware naming [1]
- password cracking applications [1]
- remote access tools [1]
- risks and threats [1]
SQL server
- manually updating password [1]
standalone server [1]
summary [1]
- ransomware tab [1]
- security risks [1]
- spam tab [1]
- system tab [1]
support
- resolve issues faster [1]
support/system debugger [1]
- modules [1]
- using [1]
targets
- web reputation [1]
technology
- scan engine [1]
templates [1] [2]
- creating [1]
- deleting [1]
- exporting [1]
- importing [1]
- predefined [1]
Trend Micro Control Manager [1] [2]
- agent [1]
- communication protocol [1]
- communicator [1]
- entity [1]
- registering [1]
- server [1]
- unregistering [1]
Trojan Horse [1] [2]
true file type [1]
uncleanable files [1]
unregistering
- from Control Manager [1]
updates
- ActiveUpdate [1]
- alerts [1]
- components on clusters [1]
- download source [1]
- latest patches FAQ [1]
- logs [1]
- manual updates [1]
- pattern file, manual [1]
- pattern files [1]
- scan engine, manual [1]
- scheduled updates [1]
updating, about [1]
URLs
- Knowledge Base [1]
- update center [1]
URL time-of-click protection
- enabling URL time-of-click protection [1]
version comparison [1]
Virtual Analyzer [1]
- about [1]
- configuring [1]
- scan engine technology [1]
- settings [1]
virtual analyzer working modes [1]
virtual servers [1]
viruses/malware [1] [2] [3]
- boot [1]
- file [1]
- malware naming [1]
- script [1]
- writers [1]
Virus Scan Application Programming Interface (VSAPI) [1]
Virus Scan Engine [1]
- scan engine [1]
web reputation [1] [2] [3] [4] [5] [6]
- about [1]
- actions [1] [2] [3]
- alerts [1]
- configuring [1]
- enabling [1]
- logs [1]
- notifications [1]
- Smart Protection Network [1]
- Smart Protection Server [1] [2] [3]
- targets [1]
Web Reputation Services [1] [2]
wildcard [1]
wildcards [1]
Windows event log codes [1]
worms [1] [2]
writing style training
- manual [1]
- regular [1]
writing style verification
- configuring [1]
- enabling [1]
zip-of-death [1]

Configuring Content Scanning Targets

Procedure

Go to the Content Scanning screen by navigating to Spam Prevention → Content Scanning.
Click the Target tab.
Select a detection level:
- High: This is the most rigorous level of spam detection. ScanMail monitors all email messages for suspicious files or text, but there is greater chance of false positives. False positives are those email messages that ScanMail filters as spam when they are actually legitimate email messages.
- Medium: ScanMail monitors at a high level of spam detection with a moderate chance of filtering false positives.
- Low: This is the default setting. This is most lenient level of spam detection. ScanMail will only filter the most obvious and common spam messages, but there is a very low chance that it will filter false positives.

Select Detect new spam sources to scan email messages containing URLs that may be new spam sources.

Important

You must enable Web Reputation Services to detect new spam sources. For details, see Enabling Web Reputation.

For details about new spam sources, see New Spam Sources.

Identify your company's Organizational MX records and add the MX records to the list.
Identify your company's Organizational mail gateway IP addresses and add the IP addresses to the list.

Add IP addresses from which the email messages will not be treated as spam.
Add email addresses or domain names to the list of Approved Senders and Blocked Senders.
Click Save.

ScanMail™ for Microsoft™ Exchange 12.5 SP1 Online Help

Configuring Content Scanning Targets

Procedure

Important