ESET Mail Security for Exchange letting viruses through to users

[adamj 0]

Greetings

We have recently changed from another a/v vender to ESET.  We are still running Exchange 2003 and have ESET Mail Sercurity for Microsoft Exchange version 4.5.10012.7

 

We are finding that while it is blocking some mailbound viruses from getting to users it is letting a lot through.  The type it seems to be letting through are .exe files which are within a zip folder.  Ideally I would work around it by blocking zip files, but our users have a need to be able to email in this format.  

 

Doe anyone have any suggestions? 

 

As far as I can see ESET is set to scan in achives.  I am a little concerend about this as our previous a/v didn't have this issue and I am worried users are getting viruses delivered straigh to their email.

 

The email recived today was titled "You have recived a new debit" and claimed to be from Lloyds TSB with the attachment Lloyds_message_service_09-25-2013.zip

 

Thanks very much.

 

 

 

[Marcos 5,243]

It happens that such archives are empty or corrupt so their content is benign. Please send some examples of suspicious files get get through your ESET protection as per the instructions here.

[adamj 0]

My Endpoint Security is picking up this file now (wasn't earlier) can't confirm at the moment if the ESET Mail Security is.

Could it be a delay in updates for new threats?

 

[Peter Randziak 1,160]

Hello Adam,

 

shouldn't be.

Check the virus signature database version (and also versions of other modules) on the EMSX and on the endpoints.

[Marcos 5,243]

Without knowing the detection name (and ideally getting the file itself along with the ESET Event log), it's impossible to comment on it. Maybe EMSX updated to the signature database containing a signature for the given malware after the email was received by the mail server.