11.2 How to choose and setup antiviruses
We strongly discourage administrators from changing the default value for file size limit. In any case, do not set the value to more than 4 MB.
Figure 11.5 Selecting application protocols to be scanned and setting file size limits
Parameters for HTTP and FTP scanning can be set in the HTTP and FTP scanning (refer to chapter 11.3), while SMTP and POP3 scanning can be configured in the Email scanning tab (see chapter 11.4).
Warning:
1.In case of SMTP protocol, only incoming traffic is checked (i.e. traffic from the In- ternet to the local network — incoming email at the local SMTP server). Checks of outgoing SMTP traffic (from the local network to the Internet) might cause problems with temporarily undeliverable email — for example in cases where the destination SMTP server uses so called greylisting.
To perform smooth checks of outgoing traffic, define a corresponding traffic rule using the SMTP protocol inspector. Such rule may be useful for example if clients in the local network send their email via an SMTP server located in the Internet. Checking of outgoing SMTP traffic is not apt for local SMTP servers sending email to the Internet.
An example of a traffic rule for checking of outgoing SMTP traffic is shown at fig- ure 11.6.
Figure 11.6 An example of a traffic rule for outgoing SMTP traffic check
2.Substandard extensions of the SMTP protocol can be used in case of communication of two Microsoft Exchange mailservers. Under certain conditions, email messages are transmitted in form of binary data. In such a case, WinRoute cannot perform antivirus check of individual attachments.
In such cases, it is recommended to use an antivirus which supports Microsoft Ex- change and not to perform antivirus check of SMTP traffic of a particular server