Product manual

ManualsBrandsGFI ManualsSoftwareKaspersky Anti-Virus Updates f/MailSecurity, 10-24M, 1Y, ENG

171

172

173

174

175

176

177

178

179

180

GFI MailEssentials 8 Content Filtering | 177

email is triggered as malicious.

5. Specify what to do when an email contains an archive that triggers this filter:

Option Description

Quarantine Quarantines blocked emails

Automatically Delete Deletes blocked emails

NOTE

When GFI MailEssentials is installed on same machine as Microsoft

Exchange 2003, GFI

MailEssentials may not be able to block outbound emails, but instead replaces the

blocked content with a threat report.

6. Select Send a sanitized copy of the original email to recipient(s) to choose whether to forward

a copy of the blocked email to the recipients but with the malicious content removed.

7. Click the Actions tab to configure further actions.

8. GFI MailEssentials can send email notifications whenever an email triggers this filter. To enable

this feature, select any of the following options:

Option Description

Notify

administrator

Notify the administrator whenever this engine blocks an email. For more information, refer to

Administrator email address (page 219).

Notify local

user

Notify the email local recipients about the blocked email.

9. To log the activity of this engine to a log file select Log occurrence to this file. In the text box

specify path and file name to a custom location on disk where to store the log file. By default,

log files are stored in:

<GFI MailEssentials installation

path>\GFI\MailEssentials\EmailSecurity\Logs\<EngineName>.log

10. Click Apply.

Check size of uncompressed files in archives

This filter allows you to block or delete emails with archives that exceed the specified physical size

when uncompressed. Hackers sometimes use this method in a DoS (Denial of Service) attack by

sending an archive that can be uncompressed to a very large file that consumes hard disk space and

takes a long time to analyze by content security or antivirus software.

To configure this filter:

1. Navigate to Content Filtering > Decompression node.

2. From the list of available filters, click Check size of uncompressed files in archives.

3. To enable this filter select Check size of uncompressed files in archives.

4. Specify the maximum size of uncompressed archives in the Maximum size of uncompressed files

in archive in MB text box. If an uncompressed archive’s size is bigger than the specified value,

the email is triggered as malicious.

5. Specify what to do when an email contains an archive that triggers this filter: