Jump to content

schuetzdentalCB

Members
  • Posts

    127
  • Joined

  • Days Won

    1

Posts posted by schuetzdentalCB

  1. Hi,

    is there any way to put incoming mails into a queue for specifc inboxes to let eset scan those objects "later"?

    For Example:

    inbox xy getting a phishing mail. as its maybe too new it wouldnt get detected by local and cloud scanner engine. the user of the inbox doesnt need ingoing mails "instantly" so a delay for like 10-15min. would be okay. is this possible to queue them and after this time getting it forwarded to the scanning process?

  2. hi,

    how can i configure eset to NOT move mails into junk folder. i already whitelisted the senders address and disabled "move to junk folder" but i think eset is also scanning the content...we are getting spam reports every night from our mail gateway and sometimes those mails are getting junked away... is there a way to fully exclude a senders address and mail content from getting scanned? thanks 

  3. 24 minutes ago, Marcos said:

    Could you please confirm or deny that you have a scan task scheduled?

    sorry i thought you mean client-tasks in esmc. i indeed have scheduled task scanning clients at 12:00 o'Clock for malware with "do nothing" after finish. i removed this task now...i think this shutdown is triggered by this? but again im pretty sure we had that problem a year before in one of esets updates...cant find the thread btw.

  4. 2 minutes ago, Rob Schember said:

    I do have a scheduled scan task set for 7pm on Wednesday nights, and when I came in this morning, ALL of my computers were shut down, even though the scan task is set to "No Action".

    However, this is a different issue, so there appears to be multiple issues with shut downs happening here. This started happening before the scheduled scan ever would've triggered at 7pm. After a module update, the computers show a window with a 30 second timeout to shut down the computer!

    Another user posted the window I'm talking about. See the attachment here. However, in my case, instead of "Device restart", I believe it said "Device shut down".

    image.png.600a25aa7b1c630ffcffe61994ba084f.png

    i'm running eset on all clients in silent mode. this message wont be visible for my users. - only on my pc its in full mode but this didn't show. but nice try eset gui ^^

  5. hey,

    when adding a transport rule for "Recipient validation result" > is "Contains invalid recipient" > move to quarantine.

    It sometimes happens that normal Mails which should go to an external receiver are getting quarantined.

    For example user gets mail from @gmx.de and answers it back with "ok thanks" or something... then this mail never gets routed to our smtp gateway as i can see in the exchange logs. its just getting directly marked as failed and moved to quarantine by this eset rule. is this a problem with eset or maybe with something internal in our exchange 2019?. or is this rule not for production usage? thanks :)

    image.png

  6. On 3/10/2022 at 8:44 PM, Jamil-soc said:

    This is indeed also useful, but only  assuming that the application is installed on the system. Note that most remote access tools also has a potable version that does not require installation. This report template won't work for those processes :)

    absolutely right - i'm only using it for checking installs from helpdesk team or to check software/versions which we are using in the company.

  7. maybe helpfull:

    i'm doing this over the eset protect console with report template which can be shown on the Dasboard:

    > Reports > And then add:

    Table Columns
    Installed software . Application name
    Installed software . Time of occurrence
    Installed software . Application vendor
    Computer . Computer name
    Computer . Computer description
    ...

    And Sort by
    Installed software . Time of occurrence  OR >  just sort by application name

    - So I can see all Software which has got installed on Clients.

  8. Would be very cool if it could be possible to show a Desktop Message when something is sent to Dynamic Thread Defense even if ESET Gui is running in Terminal/Hidden Mode.

    So that the User knows the reason for not beeing able to open e.g. a PDF File (when Document scanning is enabled).

    I mean you can show it in Gui "Full"-Mode but i dont want the users to be able to show the Gui, Logs and stuff..

  9. Aloha,

    am installing endpoint secrutiy latest version on clients which were running 8.1 before without any issue but now i'm getting the error message: Antimalware Scan Interface (AMSI) integration has failed. 

    For me i doesnt look like that theres something wrong with the client but maybe with the latest eset sec. version? can anyone confirm?

    also tried latest version on a completely new installed win10 client, same error after a few minutes. sometimes restarting is fixing it but it error comes back a few hours later.

     

    thanks your any ideas.

×
×
  • Create New...