Jump to content
Kaspersky Support Forum

KS 9.0 for Exchange - Release infected mail from Backup to analyse it

rolfroyce

By rolfroyce
in Kaspersky Endpoint Security for Business

 Share

Recommended Posts

rolfroyce

rolfroyce

Posted
  • Author
Posted
Kaspersky Security 9.0 for Microsoft Exchange (9.5.153.9) Exchange 2016 on Windows Server 2016 Hi, does anyone have a workflow to release an infected mail which was stopped by Anti-Virus on Hub-Transport? Unlike to the attachment filter, I can't define exceptions like sender- or recipient-addresses. When I send it again to an other mailbox, Kaspersky strikes again and the mail goes to Backup. When I download it, the Antivir Server-Client will notice it. The only way I see is to disable the Anti-Virus check on Hub-Transport or Antivir Server-Client, which is not the best solution I think.. Thanks!
  • 1 year later...
knut2nd

knut2nd

Posted
Posted

Kaspersky Security 9.0 for Microsoft Exchange (9.5.153.9)
Exchange 2016 on Windows Server 2016

Hi,
does anyone have a workflow to release an infected mail which was stopped by Anti-Virus on Hub-Transport? Unlike to the attachment filter, I can't define exceptions like sender- or recipient-addresses. When I send it again to an other mailbox, Kaspersky strikes again and the mail goes to Backup. When I download it, the Antivir Server-Client will notice it. The only way I see is to disable the Anti-Virus check on Hub-Transport or Antivir Server-Client, which is not the best solution I think..

Thanks!


Hi,

With KS 9.0, how can you view catched emails? With backup feature, I can not see quarantine, although statistics show few mails.
Thanks!

ak01

ak01

Posted
Posted

please check “advanced anti-virus settings” tab.

But if all the anti virus products detect a virus, I would be careful (maybe you send the mail to kaspersky to analyze it → company account)?

knut2nd

knut2nd

Posted
Posted

please check “advanced anti-virus settings” tab.

But if all the anti virus products detect a virus, I would be careful (maybe you send the mail to kaspersky to analyze it → company account)?

Thank you for your reply.

I can not see quarantine setting on this tab (https://support.kaspersky.com/KS4Exchange/9.6/en-US/48563.htm)

Yes, you’re right, we must be carefull.. I don’t have ideas about which mails are in quarantine (sender, recipient, etc.)

Thanks for helping

ak01

ak01

Posted
Posted

you can define trusted recipients, file masks.

rolfroyce

rolfroyce

Posted
  • Author
Posted

please check “advanced anti-virus settings” tab.

But if all the anti virus products detect a virus, I would be careful (maybe you send the mail to kaspersky to analyze it → company account)?

Thank you for your reply.

I can not see quarantine setting on this tab (https://support.kaspersky.com/KS4Exchange/9.6/en-US/48563.htm)

Yes, you’re right, we must be carefull.. I don’t have ideas about which mails are in quarantine (sender, recipient, etc.)

Thanks for helping

Hi, not sure if I understand your question right. But in our setup we can find the quarantined mails in “backup”, based on rules which are set in anti-virus for mailbox and transport (see screenshots). Sure, the mails/attachments are potentially harmful. But in some cases we need to know, why they came to exchange and were not blocked before (gateways etc...).

 

you can define trusted recipients, file masks.

That doesn’t work. Even if the sender (kasperksy daemon mail) and recipient ist trusted etc., the mail is blocked again - but only if it’s blocked because auf virus. If it’s block because of forbidden attachment, it works.

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing


×
×
  • Create New...