Chapter 11 Antivirus control
Note: Regardless of what action is set to be taken, the attachment is always removed and a warning message is attached instead.
Use the TLS connections section to set firewall behavior for cases where both mail client and the server support
In case that TLS protocol is used, unencrypted connection is established first. Then, client and server agree on switching to the secure mode (encrypted connection). If the client or the server does not support TLS, encrypted connection is not used and the traffic is performed in a
If the connection is encrypted, firewall cannot analyze it and perform antivirus check for transmitted messages. WinRoute administrator can select one of the following alter- natives:
•Enable TLS. This alternative is suitable for such cases where protection from wiretap- ping is prior to antivirus check of email.
HINT: In such cases, it is recommended to install an antivirus engine at individual hosts that would perform local antivirus check.
•Disable TLS. Secure mode will not be available. Clients will automatically assume that the server does not support TLS and messages will be transmitted through an unencrypted connection. Firewall will perform antivirus check for all transmitted mail.
The If an attachment cannot be scanned section defines actions to be taken if one or multiple files attached to a message cannot be scanned for any reason (e.g. password- protected archives, damaged files, etc.):
•Reject the attachment — WinRoute reacts in the same way as when a virus was de- tected (including all the actions described above).
•Allow delivery of the attachment — WinRoute behaves as if
Generally, this option is not secure. However, it can be helpful for example when users attempt to transmit big volume of compressed
