Author Topic: SBS Standard Edition - Exchange plugin not detecting virus  (Read 4117 times)

0 Members and 1 Guest are viewing this topic.

skoekemoer

  • Guest
SBS Standard Edition - Exchange plugin not detecting virus
« on: July 28, 2005, 07:55:49 PM »
Hi there, was wondering if anyone has had a similar problem.

I see 2 posts on here that seem to indicate that others are having the same issue, however they do not seem to have a resolution, so I suppose I will post again.

I have a machine, SBS2003 that is running the Standard SBS Edition of Avast, which I believe has an integrated Exchange Plugin. Users are getting emails that have the following virus,

avast! Antivirus: Inbound message INFECTED:
\account-password.zip#4266006214 (Win32:Mytob-FE [Wrm]) was (BEWARE!!!) left intact in the message.

however this has not been detected at the server level, but at the client/workstation level! It makes me very nervous, as this should never get to a user in the first place, as this increases the security risk if there is for some reason, a client workstation that has no AV protection.

I have looked at every setting to my knowledge and I cannot see how to configure how Avast behaves when it finds an email with a virus or suspicious content. Basically, where do you configure the plugin and how? If you cannot do this, then how do I check that it is installed in the first place (the installation option for the Exchange Plugin is all grey'd in the Server Deployment Wizard), working correctly and scanning email. I have tried all levels of logging and I am very confused about this product. It seems to run fine, but from an Administrator perspective it does not have much documentation and configurable options (I have found the advanced options). Most of all, the least I would expect from an Exchange Plugin, is to be able to trap a virus before it hits a users mailbox!

Lastly, is there a way of changing the scanned messages etc., or is this a hard coded feature in the standard edition for SBS. I feel like I am missing an interface where all this should be configured.

If I am doing something wrong, it would be appreciated if someone could point me in the right direction.

Cheers
Tango