Mail Anti-Virus

Each e-mail received or sent by the user is intercepted by E-mail Anti-Virus.

The e-mail is broken down into its parts: the e-mail heading, its body, and attachments.

The body and attachments of the e-mail (including OLE attachments) are scanned for dangerous objects. Malicious objects are detected using the threat signatures included in the program and with the heuristic algorithm. The signatures contain descriptions of all the malicious programs known to date and methods for neutralizing them. The heuristic algorithm can detect new viruses that have not yet been entered in the threat signatures.

After the virus scan, the following behavior options are available:

if the body or attachments of the e-mail contain malicious code, E-mail Anti-Virus will block the e-mail, place a copy of the infected object in back-up, and will try to disinfect the object. If the e-mail is successfully disinfected, it becomes available to the user again. If not, the infected object in the e-mail is deleted. After the anti-virus scan, special text is inserted in the subject line of the e-mail, stating that the e-mail has been processed by Active Virus Shield.

If code is detected in the body or an attachment that appears to be malicious but there is no guarantee, the suspicious part of the e-mail is sent to Quarantine.

If no malicious code is discovered in the e-mail, it is immediately made available again to the user.

When working with other mail programs (including Microsoft Outlook Express, Mozilla Thunderbird, Eudora, Incredimail), E-mail Anti-Virus scans mail on SMTP, POP3, IMAP, and NNTP protocols.

1. Note that e-mails transmitted on IMAP are not scanned in Thunderbird if you use filters that move them out of your Inbox.

2. It should be noted that e-mail messages transmitted on SSL protocol are not scanned by E-mail Anti-Virus.