To configure virus protection for your organization, go to the Administration Console to check your settings for Virus Blocking, Connection Manager, and Attachment Manager. Follow the instructions from the checklist below. If necessary, you can make a few adjustments.
To optimize your service for virus protection, follow this checklist:
Configure Connection Manager settings
To help protect your organization from viruses, set the Virus Outbreak sensitivity in Connection Manager to VERY HIGH. A virus outbreak is a DoS attack whereby a statistically significant amount of virus traffic relative to valid email traffic is received from a particular sending server over a period of time. This setting identifies a sudden spike in the volume of virus-laden messages relative to total inbound messages.
To set the Virus Outbreak sensitivity to Very High:
- In the Administration Console, go to Orgs and Users > Orgs and select an organization that contains your users.
- Click Inbound Servers.
- Select Connection Mgr on the tab bar.
- Click Edit.
- In the Sensitivity drop-down list for Virus Outbreak, select Very High, and click Submit.
Configure Virus Blocking settings
Virus Blocking settings allow you to configure the disposition of virus-infected messages and other processing options for an organization.
To set both "Message Fragment Bouncing" and "Non Account Virus Blocking" to ON
- In the Administration Console, go to Orgs and Users > Orgs and select an organization that contains your users.
- Under Inbound Services, click Virus Blocking.
- Set “Message Fragment Bouncing” and “Non Account Virus Blocking” to ON, and then click Save.
To set "Early Detection Filtering" to ON
- In the Administration Console, go to Orgs and Users > Orgs and select an organization that contains your users..
- Under Inbound Services, click Virus Blocking.
- Set Early Detection Filtering to ON, and click Save.
Notes:
- Early Detection Filtering works only when you have Spam Filtering turned on (the default setting).
- User settings may allow quarantined messages to be released.
- With Early Detection Filtering, messages with attachments will be quarantined for 8 hours.
Configure Attachment Manager settings
To protect against zero hour viruses (emerging threats in the environment), configure Attachment Manager as follows:
- Set both "Binary Scanning" and "Scan Inside Compressed Files" to ON.
- Set "System Threats" to Bounce or Quarantine.
To configure Attachment Manager:
- Go to Orgs and Users > Orgs and select an organization that contains your users.
- Click the Attachment Manager icon in the Inbound Services or Outbound Services section.
- Click Filters in the gray bar.
- Under Scanning Options near the top of the page, select the check boxes for Scan inside compressed file types and Enable binary scanning.
- Under System Threats, select Bounce or User Quarantine from the drop-down lists for Executables and Compressed Files.
- Under Custom File Types, delete any custom executable file types specified in the Approve field, and copy them to Bounce or User Quarantine.
- Click Save at the bottom of the page.
Note: User settings may allow quarantined messages to be released.
For additional help on optimizing your virus protection, you can also click the Health Check tab in the Administration Console. See also Run a Health Check.
Back to Postini Security Central
