AVG 9.0 Email Server Edition User Manual Document revision 90.5 (1. 6. 2010) C opyright AVG Technologies C Z, s.r.o. All rights reserved. All other trademarks are the property of their respective owners. This product uses RSA Data Security, Inc. MD5 Message-Digest Algorithm, C opyright (C ) 1991-2, RSA Data Security, Inc. C reated 1991. This product uses code from C -SaC zech library, C opyright (c) 1996-2001 Jaromir Dolecek (dolecek@ics.muni.cz).
Contents ........................................................................................................................ 4 1. Introduction ........................................................................................................................ 5 2. AVG Installation Requirements 5 2.1 Operation.......................................................................................................... Systems Supported ....................................................................
........................................................................................................................ 35 6. AVG for Kerio MailServer .......................................................................................................... 35 6.1 Configuration .......................................................................................................... 35 6.1.1 Antivirus ..........................................................................................................
1. Introduction This user manual provides comprehensive documentation for AVG 9.0 Email Server Edition. Congratulations on your purchase of AVG 9.0 Email Server Edition! AVG 9.0 Email Server Edition is one of a range of award winning AVG products designed to provide you with peace of mind and total security for your PC. As with all AVG products AVG 9.
2. AVG Installation Requirements 2.1. Operation Systems Supported AVG 9.0 Email Server Edition is intended to protect e-mail servers running under the following operating systems: · Windows 2008 Server Edition (x86 and x64) · Windows 2003 Server (x86, x64) SP1 · Windows 2000 Server SP4 + Update Rollup 1 2.2.
· 600 MB of free hard drive space (for installation purposes) · 512 MB of RAM memory 2.4. Uninstall Previous Versions If you have an older version of AVG Email Server installed, you will need to uninstall it manually before installing AVG 9.0 Email Server Edition. You must manually perform the uninstallation of the previous version, using the standard windows functionality.
For MS Exchange 2003 Server no additional service pack is needed; however, it is recommended to keep your system as up to date with the latest service packs and hotfixes as possible in order to obtain maximal available security. Service Pack for MS Exchange 2003 Server (optional): http://www.microsoft.com/exchange/evaluation/sp2/overview.mspx At the beginning of the setup, all system libraries versions will be examined.
3. AVG Installation Process To install AVG on your computer, you need to get the latest installation file. You can use the installation file from the CD that is a part of your box edition but this file might be out-of-date. Therefore we recommended getting the latest installation file online. You can download the file from the AVG website (at http://www.avg.com/download? prd=msw). During the installation process you will be asked for your license number.
3.2. License Agreement The License Agreement dialog provides the full wording of the AVG license agreement. Please read it carefully and confirm that you have read, understood and accept the agreement by checking the I have read license agreement checkbox and pressing the Accept button. If you do not agree with the license agreement press the Don't accept button, and the installation process will be terminated immediately.
3.4. Select Installation Type The Select Installation Type dialog offers the choice of two installation options: Standard Installation and Custom Installation. For most users, it is highly recommended to keep to the Standard Installation that installs AVG in fully automatic mode with settings predefined by the program vendor. This configuration provides maximum security combined with the optimal use of resources.
Press the Next button to continue the installation process. If in the previous step you have selected the standard installation, you will be redirected directly to the Setup Summary dialog. If custom installation was selected you will continue with the Destination Folder dialog. 3.6. Custom Installation - Destination Folder The Destination folder dialog allows you to specify the location where AVG should be installed. By default, AVG will be installed to the program files folder located on drive C:.
3.7. Custom Installation - Component Selection The Component Selection dialog displays an overview of all AVG components that can be installed. If the default settings do not suit you, you can remove/add specific components. However, you can only select from components that are included in your purchased AVG edition.
· E-mail Scanner for MS Exchange (routing Transport Agent) Checks all incoming, outgoing and internal e-mail messages going through the MS Exchange HUB role. Available for MS Exchange 2007 and can be installed for HUB role only. · E-mail Scanner for MS Exchange (SMTP Transport Agent) Checks all e-mail messages coming through the MS Exchange SMTP interface. Available for MS Exchange 2007 only and can be installed for both EDGE and HUB roles.
3.9. Installing The Installing dialog shows the progress of the installation process, and does not require any intervention. Please wait until the installation is complete, then you will be redirected to the Installation Complete dialog. 3.10.
In this dialog you decide whether you want to activate the option of anonymous reporting of exploits and bad sites to AVG virus lab. If so, please mark the I agree to provide ANONYMOUS information about detected threats to improve my security option. Press the Finish button to continue. A new AVG Optimization Scan dialog will appear. The scanning optimization functionality searches the Windows and Program files folders where it detects appropriate files (at the moment those are the *.exe, *.dll and *.
· E-mail Scanner for MS Exchange Server 2007/2010 · E-mail Scanner for MS Exchange Server 2000/2003 · AVG for Kerio MailServer A V G 9 .0 E mail Server E dition © 2 0 1 0 C opyright A V G T ec hnologies C Z, s .r.o. A ll rights res erved.
4. E-mail Scanner for MS Exchange Server 2007/2010 4.1. Overview The AVG for MS Exchange Server 2007 configuration options are fully integrated within the AVG 9.0 Email Server Edition as server components. Basic overview of the individual server components: · Anti-Spam - Anti-Spam Server for MS Exchange Checks all incoming e-mail messages and marks unwanted e-mails as SPAM.
Available for MS Exchange 2007 and can be installed for HUB role only. · EMS (SMTP) - E-mail Scanner for MS Exchange (SMTP Transport Agent) Checks all e-mail messages coming through the MS Exchange SMTP interface. Available for MS Exchange 2007 only and can be installed for both EDGE and HUB roles. · EMS (VSAPI) - E-mail Scanner for MS Exchange (VSAPI) Checks all e-mail messages stored in user mailboxes. If any viruses are detected, they are moved to the Virus Vault, or completely removed.
Here you can check messages divided into several tabs according to their severity. See configuration of individual components for amending the severity and reporting. By default there are displayed only results for the last two days. You can change the displayed period by amending the following options: o Show last - insert preferred days and hours. o Show selection - choose a custom time and date interval. o Show all - Displays results for the whole time period.
· Back - press this button to return to the Server components overview. You will find more information on individual settings of all components in the chapters below. 4.2. E-mail Scanner for MS Exchange (routing TA) To open the settings of E-mail Scanner for MS Exchange (routing transport agent) , select the Settings button from the interface of the component.
· Log file size - choose a preferred size of the log file. Default value: 100 MB. The Scanning properties section: · Use Heuristics - check this box to enable heuristic analysis method during scanning. · Report Potentially Unwanted Programs and Spyware threats - check this option to report the presence of potentially unwanted programs and spyware. · Scan inside archives - check this option to let the scanner look also inside archived files (zip, rar, etc.
4.4. E-mail Scanner for MS Exchange (VSAPI) This item contains settings of the E-mail Scanner for MS Exchange (VSAPI). The Basic Settings section contains the following options: · Enable component - uncheck to disable the whole component. · Language - select preferred component language. The Logging settings section: · Log file size - choose a preferred size of the log file. Default value: 100 MB.
not examined objects runs in parallel. A specific low priority thread is used for each database, which guarantees other tasks (e.g. e-mail messages storage in the Microsoft Exchange database) are always carried out preferentially. · Proactive Scan (incoming messages) You can enable or disable the proactive scanning function of VSAPI 2.0/2.5 here. This scanning occurs when an item is delivered to a folder, but a request has not been made by a client.
· Scan inside archives - check this option to let the scanner look also inside archived files (zip, rar, etc.) The E-mail attachments reporting section allows you to choose which items should be reported during scanning. The default configuration can be easily amended in the Detection actions section, part Information (see below).
4.5. Detection Actions In the Detection actions sub-item you can choose automatic actions that should take place during the scanning process. The actions are available for the following items: · Infections · PUP (Potentially Unwanted Programs) · Warnings · Information Use the roll-down menu to choose an action for each item: · None - no action will be taken. · Move to Vault - the given threat will be moved to Virus Vault. · Remove - the given threat will be removed. A V G 9 .
To select a custom subject text for messages that contain the given item/threat, check the Mark subject with... box and fill-in a preferred value. Note: The last mentioned feature is not available for E-mail Scanner for MS Exchange VSAPI. 4.6. Mail Filtering In the Mail Filtering sub-item you can choose which attachments should be automatically removed, if any. The following options are available: · Remove attachments - check this box to enable the feature.
5. E-mail Scanner for MS Exchange Server 2000/2003 5.1. Overview The E-mail Scanner for MS Exchange Server 2000/2003 configuration options are fully integrated within the AVG 9.0 Email Server Edition as a server component. The server components include the following: Basic overview of the individual server components: · Anti-Spam - Anti-Spam Server for MS Exchange Checks all incoming e-mail messages and marks unwanted e-mails as SPAM.
Checks all e-mail messages stored in user mailboxes. If any viruses are detected, they are moved to the Virus Vault, or completely removed. Double-click a required component to open its interface. With the exception of AntiSpam, all the components share the following common control buttons and links: · Scan Results Opens a new dialog where you can review scan results: A V G 9 .0 E mail Server E dition © 2 0 1 0 C opyright A V G T ec hnologies C Z, s .r.o. A ll rights res erved.
Here you can check messages divided into several tabs according to their severity. See configuration of individual components for amending the severity and reporting. By default there are displayed only results for the last two days. You can change the displayed period by amending the following options: o Show last - insert preferred days and hours. o Show selection - choose a custom time and date interval. o Show all - Displays results for the whole time period.
· Back - press this button to return to the Server components overview. You will find more information on individual settings of all components in the chapters below. 5.2. VSAPI 2.0 Virus Scanning API 2.0 (VSAPI 2.0 as provided in MS Exchange 2000 Server) does not allow the deletion of infected e-mail files. Since the virus infected e-mail message attachment cannot be deleted, its filename is changed: AVG for Exchange 2000/2003 Server appends the .virusinfo.txt extension to the original filename.
The Basic Settings section contains the following options: · Enable component - uncheck to disable the whole component. · Language - select preferred component language. The Logging settings section: · Log file size - choose a preferred size of the log file. Default value: 100 MB. The Scan settings section: · Background Scan – you can enable or disable the background scanning process here. Background scanning is one of the features of the VSAPI 2.0/2.5 application interface.
The minimum number of threads is computed as ('number of processors'+1) divided by 2. The maximum number of threads is computed as 'Number of Processors' multiplied by 5 + 1. If the value is the minimum or lesser value or the maximum or greater, the default value is used. · Scan Timeout - the maximum continuous interval (in seconds) for one thread to access the message that is being scanned (the default value is 180 seconds).
There are also these sub-items available in the following tree structure: · Detection actions · Mail filtering 5.4. Detection Actions In the Detection actions sub-item you can choose automatic actions that should take place during the scanning process. The actions are available for the following items: · Infections · PUP (Potentially Unwanted Programs) · Warnings · Information Use the roll-down menu to choose an action for each item: A V G 9 .
· None - no action will be taken. · Move to Vault - the given threat will be moved to Virus Vault. · Remove - the given threat will be removed. 5.5. Mail Filtering In the Mail Filtering sub-item you can choose which attachments should be automatically removed, if any. The following options are available: · Remove attachments - check this box to enable the feature. · Remove all executable files - removes all executables. · Remove all documents - removes all document files.
6. AVG for Kerio MailServer 6.1. Configuration The anti-virus protection mechanism is integrated directly into the Kerio MailServer application. In order to activate e-mail protection of Kerio MailServer by the AVG scanning engine, launch the Kerio Administration Console application.
In the following section you can specify what to do with an infected or filtered message: · If a virus is found in a message This frame specifies the action to be carried out when a virus is detected in a message, or when a message is filtered by an attachment filter: · o Discard the message – when selected, the infected or filtered message will be deleted.
o Deliver the original message with a prepared warning — the message (or attachment) will be delivered unchecked. The user will be warned that the message may still contain viruses. o Reject the message as if it was virus — the system will react the same way as when a virus was detected (i.e. the message will be delivered without any attachment or rejected). This option is safe, but sending password protected archives will be virtually impossible. 6.1.2.
external address. · Forward the filtered message to administrator address The message without its infected or prohibited attachment will be (apart from the actions selected below) forwarded to the specified e-mail address. This can be used to verify the correct functioning of the antivirus and/or attachment filter. In the list of extensions, each item has four fields: · Type – specification of the kind of attachment determined by the extension given in the Content field.
· In the If a mail message contains an attachment where field you can select the type of attachment (File name or MIME type). You can also choose a particular extension from the offered extensions list, or you can type the extension wildcard directly. In the Then field you can decide whether to block the defined attachment or accept it. A V G 9 .0 E mail Server E dition © 2 0 1 0 C opyright A V G T ec hnologies C Z, s .r.o. A ll rights res erved.
7. Anti-Spam Configuration 7.1. Anti-Spam Interface You will find the Anti-Spam server component's dialog in the Server Components section (left menu). It contains a brief information about the functionality of the server component, information on its current status (Anti-Spam Server for MS Exchange component is active.), and some statistics. Available links: · Scan Results Opens a new dialog where you can review anti-spam scan results: A V G 9 .
Here you can check messages detected either as a SPAM (unwanted messages) or a Phishing attempt (an effort to steal your personal data, banking details, identity etc.). By default there are displayed only results for the last two days. You can change the displayed period by amending the following options: o Show last - insert preferred days and hours. o Show selection - choose a custom time and date interval. o Show all - Displays results for the whole time period.
7.2. Anti-Spam Principles Spam refers to unsolicited e-mail, mostly advertising a product or service that is mass mailed to a huge number of e-mail addresses at a time, filling recipients’ mail boxes. Spam does not refer to legitimate commercial e-mail for which consumers have given their consent. Spam is not only annoying, but also can often be a source of scams, viruses or offensive content. Anti-Spam checks all incoming e-mail messages and marks unwanted e-mails as SPAM.
being marked as spam). The most easily identified spam will be filtered out, but a significant amount of spam may still be allowed through. · Value 80-89 - E-mail messages likely to be spam will be filtered out. Some nonspam messages may be incorrectly filtered as well. · Value 60-79 - Considered as a quite aggressive configuration. E-mail messages that are possibly spam will be filtered out. Non-spam messages are likely to be caught as well. · Value 50-59 - Very aggressive configuration.
There are the following options to choose from: · A specific e-mail client - if you use one of the listed e-mail clients (MS Outlook, Outlook Express, The Bat!, Mozilla Thunderbird), simply select the respective option · Folder with EML files - if you use any other e-mail program, you should first save the messages to a specific folder (in .eml format), or make sure that you know the location of your e-mail client message folders.
that you will be able to filter the messages in the next step, so the folder does not have to contain only training e-mails. You can also remove unwanted selected folders from the list by clicking the Remove folder button. When done, click Next and proceed to Message filtering options. Specific e-mail client Once you confirm one of the options, new dialog will appear. Note: In case of Microsoft Office Outlook, you will be prompted to select the MS Office Outlook profile first.
7.3.3. Message filtering options In this dialog, you can set filtering of the e-mail messages. If you are sure that the selected folder contains only messages you want to use for training, select the All messages (no filtering) option. If you are unsure about the messages contained in the folder, and you want the wizard to ask you about every single message (so that you can determine whether to use it for training or not), select the Ask for each message option.
7.4. Performance The Engine performance settings dialog (linked to via the Performance item of the left navigation) offers the Anti-Spam component performance settings. Move the slider left or right to change the level of scanning performance ranging between Low memory / High performance modes. · Low memory - during the scanning process to identify spam, no rules will be used. Only training data will be used for identification.
7.5. RBL The RBL item open an editing dialog called Realtime Blackhole Lists: In this dialog you can switch on/off the Query RBL servers function. The RBL (Realtime Blackhole List) server is a DNS server with an extensive database of known spam senders. When this feature is switched on, all e-mail messages will be verified against the RBL server database and marked as spam if identical to any of the database entries.
7.6. Whitelist The Whitelist item opens a dialog with a global list of approved sender e-mail addresses and domain names whose messages will never be marked as spam. In the editing interface you can compile a list of senders that you are sure will never send you unwanted messages (spam). You can also compile a list of full domain names (e.g. avg.com), that you know do not generate spam messages.
7.7. Blacklist The Blacklist item opens a dialog with a global list of blocked sender e-mail addresses and domain names whose messages will always be marked as spam. In the editing interface you can compile a list of senders that you expect to send you unwanted messages (spam). You can also compile a list of full domain names (e.g. spammingcompany.com), that you expect or receive spam messages from. All e-mail from the listed addresses/domains will be identified as spam.
7.8. Advanced Settings Typically it is recommended to keep the default settings and only change them if you have a valid reason to do so. Any changes to configuration should only be done by expert users! If you still believe you need to change the Anti-Spam configuration at the very advanced level, please follow the instructions provided directly in the user interface.
8. AVG Settings Manager The AVG Settings Manager is a tool suitable mainly for smaller networks that allows you to copy, edit and distribute AVG configuration. The configuration can be saved to a portable device (USB flash drive etc.) and then applied manually to chosen stations. The tool is included in the installation of AVG and available via Windows Start menu: All Programs/AVG 9.
Use this button to save the AVG configuration file (.pck) of the local AVG installation. If you did not set a password for the Allowed actions, you may experience the following dialog: Answer Yes if you wish to set the password for access to Allowed items now and then fill-in the required information and confirm your choice. Answer No to skip the password creation and continue to save the local AVG configuration to a file.
You can use the Proxy button to define a proxy server settings if your network requires this for a successful connection. By clicking OK the cloning process begins and should shortly finish. You may also experience a dialog asking about setting password to Allowed items (see above). Once finished, there should be AvgSetup.bat available in the chosen folder along with other files. If you run the AvgSetup.bat file, it will install AVG according to the parameters chosen above. A V G 9 .
9. FAQ and Technical Support Should you have any problems with your AVG, either business or technical, please refer to the FAQ section of the AVG website at http://www.avg.com. If you do not succeed in finding help this way, contact the technical support department by email. Please use the contact form accessible from the system menu via Help / Get help online. A V G 9 .0 E mail Server E dition © 2 0 1 0 C opyright A V G T ec hnologies C Z, s .r.o. A ll rights res erved.