How to work the antispam and antivirus under ex10.biz

From EN Ikoula wiki
Revision as of 14:37, 6 October 2015 by Ikbot (talk | contribs)
⧼vector-jumptonavigation⧽ ⧼vector-jumptosearch⧽

fr:Comment fonctionnent l'antispam et l'antivirus sous ex10.biz

This article has been created by an automatic translation software. You can view the article source here.




How are tagged messages considered as SPAM ? or can we consult them ? How does antivirus ?


Microsoft® Forefront™ Protection 2010 for Exchange Server provides fast and effective protection against malware and spam with multiple scanning engines from partners leaders in the security marka.


This solution allows to filter content without blocking messages. Indeed, the anti-spam engines sometimes tend to block messages that are yet desirable.


ForeFront has therefore been configured to not delete messages considered as spam. They receive a "SCL" (Spam Confidence Level), which is a score included bet 1 et 9. More score is high, more the message is considered spam.


ForeFront Mark unwanted messages with a score to 9, what is that, once in the Outlook client, the mail is automatically passed the folder "Spam ". A periodic check on the part of the user is necessary in order to not miss some important messages.


You can test this feature by sending you a message in the following character string :


XJS*C4JDBQADN1. NS3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X


This chain is a signature that is recognized by all the anti-spam market as the test string. If it is located in the body of an email or an attachment, the message is considered spam by all engines.


You can see in the headers of the mail that the following line is inserted by ForeFront, following receipt of this messag :


X-MS-Exchange-Organization-SCL: 9


Conversely, a message seen by ForeFront as healthy will get a score of "-1"in order to ensure that no other anti-spam engine (such as those that are integrated into the mail) should duplicate an additional scan.


Antivirus de ForeFront is based on 5 engines market leaders. This allows to scan each message 5 time, wit 5 bases of different signatures. Thus, the detection rate is very high.


Rather than the full message quarantined ForeFront only quarantines the infected attachment, and replaces it with the following text file :


FILE QUARANTINED

 


Microsoft Forefront Protection for Exchange Server removed a file since it was found to be infected.

File name: "eicarcom2.zip>eicar_com.zip>eicar.com"

Malware name: "DOS/EICAR_Test_File"


So, you can prevent your correspondent that his machine seems corrupted, and you lose that little information.


More info : Hosted Exchange


You are not allowed to post comments.

Retrieved from "https://en-wiki.ikoula.com/index.php?title=How_to_work_the_antispam_and_antivirus_under_ex10.biz&oldid=2672"