Sometimes, if the customer has enabled the option "Detect inside e-mail databases" Antivirus Module iSheriff when the Endpoint detects any message with an infected attachment, moves around the .pst file to the quarantine.
The problem is because Microsoft Office Outlook contains all email messages sent and received in a single .pst file
In some cases, we have successfully restored the .pst file (after disable this option: "Detect inside e-mail databases", to prevent the re Endpoint move to quarantineupon detecting an infected file)
There is some possibility that in later versions of Endpoint, can detect and remove infected attachments without moving around the .pst file to the Quarantine?
Any advances on this issue?
Realtime antivirus will quarantine/delete the infection if the user opens the infected email when "Detect Inside Email Databases" is unchecked.
Also, I would recommend using iSheriff Email Filtering which ensures the attachments are scanned before they are delivered to user mailboxes.
Hi, regarding the suggestion about using iSheriff Email Security, this is not a bad suggestion, but, we have clients that do not have the sufficient resourses to purchase the vector.
So In most cases we have clients that only purchase Endpoint +Web Filtering.
In basic VA products, even the retail kind, we can see the AV scanning the .PST without taking it to quarantine if malware is found. Why can we have that same option? Have our AV scan inside the .PST and if malware is found, eliminate it.
Even with the recovery disk, it scans the .PST and if malware if found it is eliminated. but the file remains in its place.
Pls follow up on this issue.
As of now the Av scanner does not performMailbox scanning, though we have forwarded this to the Development , I will keep you posted as soon as we have an update on this.