Configuring virus-scanning options in SecurityGateway

his article explains how to configure SecurityGateway's settings regarding scanning incoming messages for viruses, what action to perform if a virus is found, and which anti-virus engine(s) that you wish to use.

From the Dashboard, after logging in:

  1. Click on Security in the lower-left corner
  2. Locate the Anti-Virus section 
  3. Click on Virus Scanning

You may then configure the following options:

  • Enable virus scanning

    SecurityGateway will scan all incoming messages using either the included ClamAV anti-virus engine that is included with the software, with ProtectionPlus for SecurityGateway, which uses the Kaspersky anti-virus engine, or with both. By default, this is enabled.

     

  • If the anti-virus engine determines the message is infected...

    If a message is determined by ClamAV or ProtectionPlus to be infected, it can either quarantine the message, or refuse to accept it for delivery. By default, infected messages are refused.

    Note that messages quarantined because of infections are only able to be viewed by an administrator, by clicking on Messages / Queues in the lower-left corner, then on 'Quarantined (Admin)' on the left.

  • Quarantine messages that cannot be scanned

    If for some reason SecurityGateway cannot scan a message for viruses, such as if it has an attachment containing a password-protected file, it will quarantine it. This option is disabled by default.

  • Attempt to clean infected messages

    SecurityGateway will attempt to remove viruses from infected files if possible so that the message can be sent onto the recipient without worry of infection. By default, this is enabled.

  • Exclude messages from whitelisted IP addresses and hosts

    If a message comes from an IP address or domain that is listed in SecurityGateway's whitelist, or in a user's personal whitelist, it will not be scanned for viruses. This is disabled by default.

  • Exclude outbound messages

    Any message bound for a remote address will not be scanned for viruses. If you wish to enable this, make sure that SecurityGateway can verify that the sender is allowed to send out through SecurityGateway, to prevent an open-relay situation. By default, this is disabled.

  • Use the ... engine to scan messages

    If you have ProtectionPlus for SecurityGateway installed, you may use both its engine and the included ClamAV engine to scan messages for viruses, or one or the other. Using two anti-virus engines can help increase the chances of catching an infected message.

    Additional Comments

    You may configure virus-scanning options for individual domains, or for the entire server, if you wish. Note that the virus-scanning engines chosen to scan incoming messages affect the entire server.

  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

(FAQ) How to configure Office 365 to route outbound mail through SecurityGateway

Follow the steps below to configure Office 365 to route outbound mail through SecurityGateway....

How to change what directories are used by SecurityGateway

This article explains how to change which directories SecurityGateway uses to store various...

How to view a list of all messages in SecurityGateway

This article explains how to review the messages SecurityGateway has quarantined for review, or...

How do I start and stop SecurityGateway?

How do I start and stop SecurityGateway?   There are three methods to shut down, or start up,...

Upgrading SecurityGateway

his article explains how to upgrade an existing version of SecurityGateway to the current release...