Content Filtering and Optimizing Scans
198
ProSecure Unified Threat Management (UTM) Appliance
Scan Exceptions
The default maximum size of the email message that is scanned is 2048 KB, but you can define a maximum
size of up to 10240 KB. However, setting the maximum size to a high value might affect the UTM’s
performance (see Performance Management on page 428).
From the drop-down list, select one of the following actions to be taken when the file or message exceeds
the maximum size:
• Skip. The file is not scanned but skipped, leaving the end user vulnerable. This is the default setting.
• Block. The file is blocked and does not reach the end user.
Notification Settings
Insert Warning into
Email Subject (SMTP)
For SMTP email messages, select this check box to insert a warning into the email
subject line:
• Malware Found. If a malware threat is found, a [MALWARE INFECTED]
message is inserted. You can change this default message.
• No Malware Found. If no malware threat is found, a [MALWARE FREE]
message is inserted. You can change this default message.
By default, this check box is cleared, and no warnings are inserted.
Append Safe Stamp
(SMTP and POP3)
For SMTP and POP3 email messages, select this check box to insert a default
safe stamp message at the end of an email. The safe stamp insertion serves as a
security confirmation to the end user. You can change the default message. By
default, this check box is cleared, and no safe stamp is inserted.
Append Warning if
Attachment Exceeds
Scan Size Limit (SMTP
and POP3)
Select this check box to append a default warning message to an email if the
message or an attachment to the message exceeds the scan size limit. The
warning message informs the end user that the attachment was skipped and might
not be safe to open. You can change the default message. By default, this check
box is selected, and a warning message is appended to the email.
Replace Infected
Attachments with the
Following Warning
Message
Select this check box to replace an email that is infected with a default warning
message. The warning message informs the end user about the name of the
malware threat. You can change the default message to include the action that the
UTM has taken (see the following note). By default, this check box is selected, and
a warning message replaces an infected email.
Note: Make sure that you keep the %VIRUSINFO% metaword in a message to
enable the UTM to insert the correct malware information. The following is a
sample message in which the %VIRUSINFO% metaword is replaced with the
Trojan.Cyxorp virus:
This attachment contains malware: File 1.exe contains malware Trojan.Cyxorp
Action: Delete.
Table 42. Anti-Virus screen settings for email traffic (continued)
Setting Description