InterScan™ Messaging Security Appliance (IMSA) classifies actions for the Antivirus rule into two parts:
Main Actions—Select default actions that cover email messages violating the Antivirus rule.
Special Viruses—Select actions that specifically apply to email messages with the following characteristics:
Mass-mailing attacks
Containing attachments that contain spyware/grayware
Containing real-time compressed executable files as identified by IntelliTrap
The settings for Special Viruses override the settings for Main Actions.
To select actions for the Antivirus Rule:
The Select Actions screen appears with the Main Actions tab displayed by default. To specify the default actions for email messages, select the options on this tab.
To select the actions for Special Viruses, click the Special Viruses tab.
Under Intercept, click the radio button next to one of the following:
IMSA does not intercept the message. Be aware that allowing messages to enter your network without scanning them could expose your network to Internet threats.
Deletes the message and all attachments.
IMSA puts the message and its attachments into the quarantine area that you select from the drop down box. For instructions on creating a new quarantine area, see Managing Quarantine Areas.
IMSA sends the message to another recipient. Type the recipient email address and separate multiple recipients with a semicolon (;).
IMSA hands off the message to a specific mail server. Select Handoff if you have a secure messaging server on your network that can process or handle the message. Configure the following:
Next to Host, type the FQDN or IP address of the mail server.
Next to Port, type the port number through which the mail server receives email traffic.
|
IMSA can only track a message before it is handed off. After the handoff, the message is not traceable any more as it is no longer within the control of IMSA. |
Under Modify, select the check boxes next to any of the following:
If IMSA finds a virus—Select the check box to enable actions if IMSA finds a virus or other malware, and then click one of the following:
Enable IMSA to automatically use preconfigured scan actions for specific types of viruses/malware.
Attempt to clean attachments. If unable to clean
Select an action for IMSA to take if it cannot clean the attachment:
Delete matching attachment—Remove only the attachments with viruses/malware.
Delete all attachments—Remove all attachments.
Select an action for IMSA to take:
Delete matching attachment—Remove only the attachment with viruses/malware.
Delete all attachments—Remove all attachments.
Insert text at the beginning or end of the message. From the drop down box, select the name of the stamp to insert or click Edit to go to the Stamps screen and manage your stamps.
Insert safe stamp for clean mails (This option is not available on the Special Viruses tab)
Insert text into clean emails signifying that the email is safe. From the drop down box, select the name of the stamp to insert or click Edit to go to the Stamps screen and manage your stamps.
Add text to the subject line of the message. Click tag subject to edit the tag.
Delay delivery until a specified hour of the day. Select the hour of the day and minutes from the drop down boxes.
Under Monitor, select the check boxes next to any of the following:
Send an email message to one or more recipients. To select a type of notification, click Send notifications. For instructions on creating notifications, see Managing the Notifications List.
Archive the message to an archive area. For instructions on creating a new quarantine area, see Archiving Modified Messages.
Blind carbon copy the message to another recipient. Type the recipient's email address and separate multiple addresses with a semicolon (;). Select the BCC option to prevent the intended recipients from seeing the new recipient.
Click Next.
See also: