
filips
ESET Staff-
Content Count
154 -
Joined
-
Last visited
-
Days Won
3
filips last won the day on July 10 2018
filips had the most liked content!
Profile Information
-
Gender
Not Telling
-
Location
Slovakia
-
Hi raimund, Attachment type rules are evaluated on all files in archives - zipped document with macro will be caught by the rule (unless it's password protected). Rules support only comparing of static strings so it is not possible to compare From: and Return-Path: headers. Not a perfect solution, but something like this should do the job: From Header - display name contains one of [@customer1.com, @customer2.com] Message headers do not match regular expression "\nReply-To: .*(@customer1.com|customer2.com)"
-
filips reacted to a post in a topic: How to deal with display name spoofing, when contains right mailadress also in reply, but "name@abc.com" is different
-
Issues with logging of Scheduled Scans
filips replied to RichardW's topic in ESET Products for Windows Servers
Hi Richard, There is a known bug in creation of new log files (wrong file number generation) that causes new log files to not be created. As a temporary workaround we suggest removing all old scan logs. -
Peter Randziak reacted to a post in a topic: Cycled antispam
-
Hi yardstudio, Releasing of spam from mail quarantine should work even if you don't report the false positive. The message is resent using replay directory and antispam is not evaluated again. If the email was marked as spam again, it means that it was routed through SMTP agent and tested for spam again - this is not the usual case. Do you have more Exchange servers in your environment? If yes can you describe routing of mail? Information about delivery of the message can be seen in "Received" headers (in the detail dialog) of the message that returned to quarantine. Please post th
-
espkiller reacted to a post in a topic: EFS 7.0.12014.0 - MSSQL ERROR
-
olsheset reacted to a post in a topic: Mail security 6, Spam rules dont apply for incoming email for quarantine mailbox?
-
Of course you can create separate mailbox, but it's not necessary. EMSX skips scanning of emails going to the address set as quarantined mailbox in advanced setup. It should be enough to give the shared mailbox 2 addresses, e.g. info@ and quarantine@. Then set @quarantine as quarantine mailbox in advanced setup (so only emails going to @quarantine are skipped).
-
The antispam engine will be disabled competely. We are already releasing new Mailserver module that disables the antispam engine to prevent more serious errors that could occur after April 1st. We prepared a KB article with details, you can find it at https://support.eset.com/kb7118/ Yes, anti-malware will work correctly
-
filips reacted to a post in a topic: SPF Checking in Mail Security for Exchange v7
-
SharePoint not accessible issue
filips replied to jinlei801011's topic in ESET Products for Windows Servers
Hi, Try executing "SHPIO13.exe displaystructure" under the same account as provided to our product. Are there any errors? -
Exclude whitelisted/ignored emails from rules?
filips replied to davidenco's topic in ESET Products for Windows Servers
Filtering rules are executed before AS/AV scan and result processing after AS/AV scan (https://help.eset.com/emsx/7.0/en-US/idh_config_mailserver_rules.html) X-ESET-AS is header with some diagnostic information, you could compare it with regex, it looks like header of whitelisted mail contains "OP=WL" -
Exclude whitelisted/ignored emails from rules?
filips replied to davidenco's topic in ESET Products for Windows Servers
Hi davidenco, "Approved Domain to IP List" and the "Ignored Domain to IP List" are used only by antispam engine To whitelist some IP addresses, modify the rule - create a condition "Sender's IP address is not any" and specify list of allowed IP addresses Only on-demand database scan rules can affect emails while scanning with on-demand database scan, transport rules are used only when scanning by transport agent -
Beech Horn reacted to a post in a topic: EFS 7.0.12014.0 - MSSQL ERROR
-
Peter Randziak reacted to a post in a topic: EFS 7.0.12014.0 - MSSQL ERROR
-
Hi, as marcos noted this error is logged when automatic exclusions for Microsoft SQL server are enabled. Automatic exclusions for Microsoft SQL server are using ADO API to read information from "sys.master_files" table to get list of files to exclude from scanning. The ADO API obviously loads a DLL that is not signed. As a workaround, automatic exclusions for Microsoft SQL server can be disabled.
-
Peter Randziak reacted to a post in a topic: eShell and license activation
-
eShell and license activation
filips replied to Lockbits's topic in ESET Products for Windows Servers
Hi, you can use command "import license key xxxx-xxxx-xxxx-xxxx" -
Why has this option been removed??
filips replied to davidenco's topic in ESET Products for Windows Servers
Hi, Another reason for removing the option from screens was that it was misused most of the time (lowering the detection rate of antispam engine). However, it's still supported by the backend and can be configured using XML. -
Quarantine report sender addresses
filips replied to paul's topic in ESET Products for Windows Servers
Hi Paul, there is no way to change this in current version of EMSX. The envelope sender address was chosen on purpose because From: header can be spoofed easily. I tracked this as an improvement as it wouldn't be a problem to add such option or display both addresses. Can you give us some examples of envelope sender address causing you problems? thanks