14.4  Server responses to detection of a virus or a damaged/encrypted attachment

The Kerio MailServer administrator can set a detailed course of action for the mailserver if a virus or a damaged attachment is detected in an email. Use the Action tab to set this.

Server responses to detection of a virus or a damaged/encrypted attachment

Figure 14.3. Server responses to detection of a virus or a damaged/encrypted attachment


Discard the message

The message will be removed.

Deliver the message with the attachment removed

The message will be delivered to the recipient but without the attachment. Instead, a server message will be attached saying that the attachment has been removed.

Forward the message to the administrator address

The message will be forwarded (intact — with possibly infected or forbidden attachment) to the email address specified. It is not important whether the address is local or remote.

Forward the filtered message to administrator address

The message without an infected or prohibited attachment will be (apart from the actions selected below) forwarded to the specified email address as well. This can be used for verification of proper functionality of the antivirus and/or attachment filter.

If an attachment cannot be scanned ...

This section defines actions to be taken if one or multiple files attached to a message cannot be scanned for any reason (e.g. password-protected archives). The following actions can be taken:

  • Append a warning to the message — the message (or attachment) will be delivered unchecked. The user will be warned that the message may still contain viruses.

  • Reject the message — the system will react the same way as when a virus was detected (i.e. the message will be delivered without any attachment or rejected). This option is safe, but sending password-protected archives is virtually impossible.

Each message is evaluated first by an antispam system, then by antivirus. This saves computer time, since the antispam check is considerably less demanding than the antivirus check. If the messages marked as spam are set to be discarded automatically (in the Spam filter section), all spam messages containing viruses will be discarded as well.