CHAPTER 2. OPERATION OF
KASPERSKY ANTI-VIRUS
Kaspersky Anti-Virus scans and, if it is possible, disinfects all incoming, outgoing
e-mail messages as well as messages stored at the server. The application
analyzes the body of the message and attached files of any format.
The scan for the viruses and the disinfection of infected objects are performed
based on the records in the
anti-virus database
that is updated by Kaspersky Lab
on a regular basis and contains description and the methods of disinfection of all
currently known malicious programs, joke programs, potentially dangerous
software and programs that are not potentially dangerous, but may be a part of
the software used for development of such software.
The application performs a real-time scan of all e-mail messages arriving to the
server. Before the message is scanned it cannot be viewed.
E-mail messages stored at the server and the content of all public folders are
scanned each time the anti-virus database is updated or according to the
schedule. The scan may identify new viruses that were not described in the anti-
virus database at the time when previous scans were performed. This task is
performed as a background scan and does not have any effect on the
performance of the mail server. If the user requests a message that has not been
scanned with the updated anti-virus database, such message will be scanned
prior to the delivery to the user. Thus, the user will always receive e-mail
messages that have been analyzed using the latest version of the anti-virus
database, no matter when a particular message arrived to the server.
The application processes each object according to its current settings: it
disinfects or deletes the infected object from the message, replacing it with the
corresponding notification. The administrator may select a mode in which the
application will deliver messages with infected objects to the user, although it will
modify the object's name by adding information about the virus to it and change
the object's extension.
Before processing an object, the application can save a copy of this object in a
special backup storage for the consequent restoring or sending to Kaspersky
Labs for analysis.
The program sends notifications about detected viruses to the administrator, to
the recipient and to the sender of the infected message and enters corresponding
records into the Windows application log and into the application's internal logs.
If the virus outbreaks detection tool is enabled, the application registers the virus
activity level and sends notifications about a new virus outbreak threat or enters
Содержание ANTI-VIRUS 5.5 - FOR MICROSOFT EXCHANGE SERVER 2000-2003
Страница 1: ...KASPERSKY LAB Kaspersky Anti Virus 5 5 for Microsoft Exchange Server 2000 2003 Administrator s Guide...
Страница 60: ...60 Kaspersky Anti Virus for Microsoft Exchange Server Figure 23 Creating the background scan schedule...
Страница 107: ...Reports 107 Figure 60 Viewing a report delivered by e mail...