Viruses, malware, and other online risks are frequently spread via email, therefore it’s critical that emails are virus-scanned before they reach users’ inboxes. Spam and its dangerous attachments, such as viruses, malware, ransomware, spyware, and other threats, are aggressively blocked by Mail Assure.
Pre-virus scan blocks
Because most viruses try to spread through spam emails, the majority of email viruses are blocked as spam before they reach our antivirus systems. Even viruses that virus scanners have yet to detect are safely quarantined or rejected outright as a result of this.
Viruses in emails usually spread as executable attachments. You may control which attachments should be restricted by default on the Incoming – Protection Settings > Attachment Restrictions page, which can be accessible from the Domain Level Control Panel. You can also choose from the following options on this page:
- Password-protected archive attachments should be blocked.
- Block attachments that may be undesired.
- Attachments with hidden executables should be blocked.
When this option is activated, email attachments that are possibly harmful are not accepted. For further information, see Manage Attachment Restrictions.
Additional antivirus protection provided by Mail Assure includes the use of a variety of technologies to safeguard against viruses. Several external partners have given us with advanced datasets specialised in detecting zero-day email viruses. This external data is then integrated with internal data that is created both automatically and by our analysts. N-able can provide real-time, excellent protection against the current virus outbreaks by merging several technologies. Our internal spam reputation methods (including fuzzy fingerprinting) also help with virus screening, ensuring the best possible security against malware, phishing, and infections.
The wait between the actual email processing and the user opening the message enables other antivirus vendors more opportunity to update their signatures, therefore running antivirus on the endpoint is just as vital. Mail Assure’s systems automatically re-adjust in response to any false negative virus reports received, and our analysis staff conducts in-depth investigation as needed. The majority of the reports are in the form of mails that have gotten past filtering since senders/recipients matching the virus email were explicitly allowed.
We constantly update our detection methods by actively analysing viral emails in order to catch zero-day malware. We use sandboxing for analysis in our central environments, but we don’t use real-time sandboxing in our scanning operations. Since email should not be used to distribute executables, we have not found any significant statistical evidence proving the effectiveness of sandboxing. Mail Assure has built-in technology to quarantine or drop ANY email that includes an attachment with executable content (including non-malicious executables).