IMAP-Proxy: AntiVirus

If you have purchased and enabled the Gateway AntiVirus feature, you can configure the actions the IMAP proxy takes when a virus is found in an email message. You can also specify the actions the Firebox takes when an email message contains an attachment that the Firebox cannot scan.

APT Blocker is part of the same scan process as Gateway AntiVirus. When you enable APT Blocker in a proxy action, APT Blocker scans content only when content matches a proxy action rule configured with the AV Scan action.

In the Gateway AV settings in the proxy action, you can select the Enable Gateway AntiVirus check box to automatically change the action for all rules in the proxy action from Allow to AV Scan.

In the Gateway AV settings in the proxy action, you can set the actions to take if a virus is detected or if a file cannot be scanned.

Screen shot of the Gateway AV settings for an IMAP proxy action in Fireware Web UI
Screen shot of the Gateway AntiVirus configuration settings in an IMAP proxy action in Fireware Web UI

Screen shot of the Gateway AV settings in an IMAP proxy action in Policy Manager
Screen shot of the Gateway AntiVirus settings for an IMAP proxy action in Policy Manager

The options for antivirus actions in an IMAP proxy action are:

Allow

Allows the packet to go to the recipient, even if the content contains a virus.

Lock

Locks the attachment. This is a good option for files that cannot be scanned by the Firebox. A file that is locked cannot be opened easily by the user. Only the administrator can unlock the file. The administrator can use a different antivirus tool to scan the file and examine the content of the attachment. For information about how to unlock a file locked by Gateway AntiVirus, see Unlock a File Locked by Gateway AntiVirus.

Remove

Removes the attachment and allows the message through to the recipient.

If you set the configuration to allow attachments, your configuration is less secure.

You can also configure the Scan size limit. Gateway AntiVirus does not scan files that are larger than the configured scan size limit.

The default and maximum scan size limits changed in Fireware v12.0.1. When you upgrade Fireware OS, the Gateway AntiVirus Scan size limit does not automatically change to the new default. We recommend that you update the Scan size limit to the default value for your Firebox model. For more information, see About Gateway AntiVirus Scan Limits.

For more information about how to configure the Gateway AntiVirus actions and scan size limit see Configure Gateway AntiVirus Actions.

Related Topics

About the IMAP-Proxy

About Gateway AntiVirus