StefanoFereri

Hi, there is a document called "[KB6102] Configure ESET Mail Security to protect against ransomware". This confuses me a little. It recommends to add a rule section called "Ransomware droppers" and to add several file extensions. But these file extensions are already part of the prepopulated rule sections like "Dangerous system file attachments" or "Office file attachments with macros". Is there any diffent result in doing it the way this document recommends? Another issue I have with zipped attachments. These are included in the prepopulated section "Forbidden archive file attachments" where the check mark for "password protected" is also set. At the same time, however, there is the section “Archive file attachments with password protection”, which belongs to the “Processing of results” level. What exactly is the difference here? Thanks in advance for a brief enlightenment Stefano

Your question confuses me a little: Could there be another setting that blocks these internal mails where sender and recipient are from same domain? Quarantine manager says: blocked du to spoofing (something like that), so I guess it's blocked by Sender Spoofing Protection. After moving the internal IP range to List of my own IP addresses under Sender Spoofing protection section it worked, indeed. I find it really confusing that there are lists of "allowed addresses", "ignored [infrastructure] addresses" and "my own IP addresses". But it works now, thanks for contribution. Rgards Stefano

Hi, status e-mails from LAN printers are filtered out, according to the quarantine manager it is because of address spoofing. I added the internal IP range to "List of allowed IP addresses" (Spam Protection / Filtering and verification), in the form "192.168.10.0/24". The program obviously ignores this setting. How can I fix this? Thanks and regards Stefano