Bitdefender Security for Exchange, 1000+u, 2Y
Contents
1. 52 Antispam am Today 7 Days 30 Days Total D Content Filtering Number Percent Number Percent Number Percent Number Percent E Attachment Filtering Clean 60 38 96 60 38 96 60 38 96 60 38 96 2 Update Infected 82 53 25 82 53 25 82 53 25 82 53 25 O General Unscannable o 0 o 0 o 0 o 0 Suspicious 12 7 79 12 7 79 12 7 79 12 7 79 Number of objects samed 154 100 154 100 154 100 154 100 wise Today 7 Days 30 Days Total Number Percent Number Percent Number Percent Number Percent Spam 19 25 33 19 25 33 19 25 33 19 25 33 Not spam 56 74 67 56 74 67 56 74 67 56 74 67 Number of objects scanned 75 100 75 100 75 100 75 100 eS Today 7 Days 30 Days Total Content rater Number Percent Number Percent Number Percent Number Percent Pare Statistics There are five main windows which provide real time statistical information on the overall product activity and the activity of the Antivirus Antispam Content Filtering and Attachment Filtering modules Each of these categories contains several types of statistics grouped into 4 time intervals current day last week last month and total Click a link to access the corresponding statistics The following types of statistics are available e Summary Provides overall statistics on the activity of BitDefender Security for Exchange e Antivirus Contains the statistics on the Antivirus module Provides o2. Monitoring lt y Statistics lt Reports Q Alerts amp Logs E Quarantine Q Antivirus Q Antispam Q Content Filtering Q Attachment Filtering Q Scheduled Tasks A SMTP Groups Antivirus 54 Antispam E Content Filtering E Attachment Filtering 2 Update O General Events BitDefender Security For Exchange Defender Security for Exchange Alerts Logs Events Events I Category I BitDefender error Error Update error Error Infected suspected file detected Warning Ab BitDefender warning Warning File not scanned Warning Ab Key expired Warning Ab Product Update Warning 2 BitDefender information Information Key will expire Information P On demand scanning Information T Rule matched Information 2 Update information Information Report generated Information Configure event Enable Disable All of the events that may occur are listed in the table There are 3 types of events e Information such events provide information about the product activity e A Warning such events provide critical information about aspects of the product activity which require your attention e Error such events provide information about errors that appear during product operation Here is the list of the events that may appear Groups all the errors that may appear during product operation such as service start failure BitDefender Security for Exchange Update Error
3. My Account Please create a BitDefender account sign in to your existing account or choose to create your account later with an account you can always stay connected to BitDefender E mail j Password Sign In Forgot your password You do not have an account or you did not enter your log in information Create a new BitDefender account Create an account later Account Registratiion do not have a BitDefender account To create a BitDefender account select Create a new BitDefender account and provide the required information The data you provide here will remain confidential Note ES If you want to create an account later select the corresponding option e E mail type in your e mail address e Password type in a password for your BitDefender account The password must be at least four characters long e Re type password type in again the previously specified password e First name type in your first name e Last name type in your last name e Country select the country you reside in Registration and My Account Si BitDefender Security for Exchange Note Use the provided e mail address and password to log in to your account at http myaccount bitdefender com Click Create account To successfully create an account you must first activate your e mail address Check your e mail address and follow the instructions in the e mail sent to you by the BitDefender re
4. 2 If you want to run the task repeatedly until a certain date check End Date and specify the end date in corresponding field 3 Specify the start time in the Start Time field 4 Specify the day or days of the week on which the task should be run Select Delete if not scheduled to run again to delete the task after its last execution Click Apply to save the changes If you want to save the changes and close the configuration window click OK If you want to close the configuration window without making any changes click Cancel Configuring Settings Click the Settings tab in the configuration window to modify the report settings Monitoring 100 BitDefender Security for Exchange Scheduled Report Properties 21xi General Schedule Settings Notfications Module Report Type Antivirus O Total O Antispam O Top Malware O Content Fittering O Top Malware Senders O Attachment Filtering Top Malware Receivers r Report Format O HTML O Tet Ocsv Report time interval O Last Day Last Week O Last Month Start date 8 27 2008 y ME Enddate 8 27 2008 gt Cancel Apply Set Defauits Settings Follow these steps to configure the report settings 1 Choose on which module Antivirus Antispam Content Filtering Attachment Filtering to generate the report 2 Select one of the report types available for the previously specified mod
5. Note To view a report you can also double click it e Purge Options opens a new window where you can specify how long report files should be kept Enter the number of hours days weeks months during which to store reports and click OK to save changes Note Reports older than the specified period will be automatically deleted 9 3 2 Creating Reports To create reports on the product activity click New Report and follow the wizard that will appear Note To launch the Report Wizard you can also right click Reports in the tree menu and select New Report in the contextual menu Monitoring 55 BitDefender Security for Exchange Step 1 5 Welcome to the Report Wizard Create a new report 2x Welcome to BitDefender Security for Exchange Report Wizard Report Wizard quides you through the steps required to generate a report regarding the activity of the BitDefender Security for Exchange product installed on the server Click Next to continue or click Cancel to exit the Report Wizard Bak Cancel Welcome Click Next to continue or Cancel to quit Step 2 5 Select Report Type Create a new report Ax Choose the Report Type Module Report Type _ Antivirus Total Antispam Top Malware Content Filtering Top Malware Senders Attachment Filtering C Top Malware Receivers Select the report type Depending on your
6. Step 7 7 View Summary Create a new scheduled task Scheduled Task Summary Task Name Weekly Scan Task Type On demand Scanning Task Runs every 1 weeks Start Time 15 20 Wednesday August 27 2008 Scan Target Public Folders Administrator Usx01 jon 2 Disinfect Delete Object Reject Delete E mail Move To Quarantine Ignore Delete Object Reject Delete E mail Move To Quarantine Ignore Generate scan report View Summary This window displays the task settings You can make any changes by returning to the previous steps click Back Select Open the advanced properties of this task when click Finish if you want the Properties window of this task to be opened after you complete the wizard In this window you can modify the task and configure more advanced settings For more information please refer to Configuring Properties p 110 Click Finish to save the scheduled task Monitoring 109 BitDefender Security for Exchange Note The task will appear in the Scheduled Tasks section Configuring Properties In order to modify an existing scheduled task or to configure more advanced settings unavailable in the configuration wizard just double click the task or select it and click Properties The configuration window will appear Note To open the configuration window you can also select Open the advanced properties of this task when click Finish in the last step of the wizard
7. Apply this rule for messages with lt Helpdesk gt in the e mail subject Filtering Options If you do not want the messages to be scanned using content filtering options select Do not scan Then click OK to save the changes and close the configuration window If you select Scan the messages will be scanned using the content filtering options configured for this policy Next you must specify the rule conditions Note Messages that do not match any rule condition will not be detected Consequently no action will be taken on them and no notification will be issued Messages can be scanned using the following criteria subject sender recipient address body When defining rule conditions any combination of scanning criteria is allowed Filtering Mail by Subject Select Subject and specify the rule strings in order to filter mail by subject All the messages the subject of which matched one of the defined strings will be detected Content Filtering 182 BitDefender Security for Exchange To specify the strings click Configure subject A new window will appear where you can configure the defined strings please see Configuring Strings p 183 Filtering Mail by Sender Address Select Sender and specify the rule strings in order to filter mail by the sender address All the messages the sender address of which matches one of the defined strings will be detected To specify the strings click Configu
8. Monitoring 110 BitDefender Security for Exchange Viewing General Information On demand Scheduled Scanning Properties ax General Schedule Settings Actions Notifications p Task Information Status Idle Lastun Never End Task Enable Task Cancel Apply Set Defauits General You can see general information about the task the name the status the last time when the task ran If you want to change the task name enter a new name in the corresponding field If the task is running you can end the scanning process by clicking End Task To see the report file on the last task execution click View Log To enable the task select Enable Task Otherwise clear this check box Click Apply to save the changes If you want to save the changes and close the configuration window click OK If you want to close the configuration window without making any changes click Cancel Monitoring 111 BitDefender Security for Exchange Modifying Schedule Click the Schedule tab in the configuration window to modify the schedule On demand Scheduled Scanning Properties General Schedule Settings Actions Notifications f Schedule Schedule task to run Start date 8 27 2008 Enddste 8 27 2008 y Starttime 20 16PM every 1 fees x O Delete if not scheduled to run again Cancel Apply Set Defaults Schedule Specify the task sched
9. 8 Registration and My Account csceseeeeeeeeeneeeeeeeeseeuasses OD 8 1 Step 1 3 Register BitDefender Security for Exchange oooommoo 36 8 2 Step 2 3 Register a BitDefender Account 0 ccc eee 37 8 3 Step 3 3 FINIS cerno satis deve e e diia 39 9 Monitoring cccoccconnnnnncocononnnnanannoncasnnanannonnanaaanananas AO A A AO 41 39 11 Important LINKS sico iria dar 42 94162 Status Alanis idad 42 9 13 Scan ACUIVILY suits 48 9 114 Product STATUS icons dro anida 49 9 27 Stats uscar alla dadas dada dabas ls ias 49 9 2 1 Cleaning Al RECORGS erodi i dianoia dida dass 52 9 3 REPOS A g aa a aa a a a a a dra daria das 52 9 3 1 Managing REPOS ay smearail 55 9 3 2 Creating REPONS iuad oaii asad diii iiaii ehig dials eaea dia ia eia 55 OA AlenS S LOGS iras di id dia 60 Am Alen erica coa arica binacional bea 60 SALAS arado 66 94 30 E Venustiano ir dona ios ba 67 9 5 QUITE lt a aiii ada 75 9 5 1 Antivirus Quarantine aisa eeann tion ade 76 9 5 2 Antispam Quarantine yas sagire eaa n e nents 77 9 5 3 Content Filtering Quarantine 2 0 eee 78 9 5 4 Attachment Filtering Quarantine 00 cece eee eee 79 95 5 Managing Quarantine mia ais dr rss aa EE deity 81 9 6 Scheduled TASKS iii as ais 84 9 6 1 Managing Scheduled Tasks 00 00 cece cece eee eee eee 85 9 6 2 Update TASKS dau ase radar dra aid 86 9 6 3 Generate Report Tasks eiii dar ltda li 92 9 6 4 On demand Scanning TasSkS ooooo
10. Click Apply to save the changes If you want to save the changes and close the configuration window click OK If you want to close the configuration window without making any changes click Cancel Configuring Settings Click the Settings tab in the configuration window to modify the task settings Monitoring MS BitDefender Security for Exchange On demand Scheduled Scanning Properties General Schedule Settings Actions Notifications r Scan target Select the mailboxes and public folders to be scanned in this on demand scanning task EM Select all E Mailbox Database El Second Storage Group Clear all Public Folders C Show only selected O Stop scan iit takes longerthan 0 minutes z Cancel Apply Set Defauits Settings Select Scan Target Select the check boxes corresponding to the items groups mailboxes and public folders you want to be scanned If you want to scan all the Exchange databases mailboxes and public folders just click Select All To clear all check boxes and start a new selection click Clear All You can select Show only selected to display only the items to be scanned Set Advanced Settings To set advanced scan settings click Advanced A new window will appear Monitoring 114 BitDefender Security for Exchange On demand Scanning Advanced Settings x p Size TT Maximum e mail message size to be scanned Advanc
11. To edit the text to be delivered instead of such objects follow these steps 1 Click Edit replacement text A new window will appear 2 Do any or both of the following e Select Infected file replaced and type in the edit box the text to be delivered instead of the infected or suspect objects deleted e Select Infected file quarantined and type in the edit box the text to be delivered instead of the infected or suspect objects moved to quarantine Configuring Notifications Click the Notifications tab in the configuration window to configure the notifications Monitoring BitDefender Security for Exchange On demand Scheduled Scanning Properties General Schedule Settings Actions Notifications Please configure the notifications to be sent for this on demand scanning process r Notification types OO Log start end of on demand scanning To change the notification events configuration please go to the Alerts amp Logs section Events tab E Generate scan report Select the location of the on demand scanning report file E Program Files BitDefender BtDefender Security for Exchange Reports Choose the report type HTML Cancel Apply Set Defauits Notifications Log Scanning Select Log start end of on demand scanning to record the start and the end of the process in the log file Note The corresponding event from the Events section must be enabled and prop
12. Update product crashes By agreeing to send dumps to Bitdefender Lab you agree to help us Find quick Fixes for our bugs 2 Up Your contribution could be essential for the development of a stable product that satisfies your needs The dump will General be exclusively used for debugging purposes not as commercial data and it will not be disclosed to third parties Apply Report Incidents By default the reports created automatically during product crashes are not sent to the BitDefender Lab To configure BitDefender to send incident reports to the BitDefender Lab follow these steps 1 Select agree to submit incident reports to the BitDefender Lab 2 Specify your e mail address 3 Click Apply to save the changes General 25 BitDefender Security for Exchange Testing BitDefender BitDefender Security for Exchange 17 Antivirus Test You can verify that the BitDefender Antivirus component works properly by the help of a special test file known as the EICAR Standard Anti virus Test file EICAR stands for the European Institute of Computer Anti virus Research This is a dummy file detected by antivirus products The file can be created using any text editor provided the file is saved in standard MS DOS ASCII format and is 68 bytes long It might also be 70 bytes if the editor puts a CRILF at the end The file must contain the following single line X50 PS AP 4 PZX54 P 7CC 7 SEICAR STANDARD ANTIVIRUS
13. every weeks E _ctox ao cms Run Task Periodically Specify the task schedule You must choose one of the following options from the menu Monitoring BitDefender Security for Exchange e Once to run the task one time only at a given moment Specify the start date and time in the Start Date Start Time fields e Periodically to run the task periodically at certain time intervals minutes hours days weeks months years starting with a specified date and time To configure the necessary settings follow these steps 1 Specify the start date in the Start Date field 2 If you want to run the task repeatedly until a certain date check End Date and specify the end date in the corresponding field 3 Specify the start time in the Start Time field 4 Specify the task frequency by specifying the number of minutes hours days weeks months years between two successive occurrences of such task in the corresponding field e Week Days to run the task repeatedly only in certain days of the week starting with a specified date and time To configure the necessary settings follow these steps 1 Specify the start date in the Start Date field 2 If you want to run the task repeatedly until a certain date check End Date and specify the end date in corresponding field 3 Specify the start time in the Start Time field 4 Specify the day or days of the week on which the task shou
14. xiv BitDefender Security for Exchange 3 Request for Comments Preface We invite you to help us improve the book We have tested and verified all of the information to the best of our ability Please write to tell us about any flaws you find in this book or how you think it could be improved to help us provide you with the best documentation possible Let us know by sending an e mail to documentation bitdefender com Important Please write all of your documentation related e mails in English so that we can process them efficiently XV BitDefender Security for Exchange Installation BitDefender Security for Exchange 1 System Requirements Before installing the product make sure that your system meets the following minimum system requirements e Operating system O Windows 2000 with Service Pack 4 and Update Rollup 1 O Windows Server 2003 with Service Pack 1 O Windows Server 2008 e Exchange 2003 Standard or Enterprise or e Exchange 2000 Standard or Enterprise with Service Pack 3 e Internet Explorer 6 or higher e Hardware O 64 bits Any 64 bit Windows station Intel or AMD Minimum 1 GB of free space on the hard drive O 32 bit Minimum Processor Pentium III 500 MHz Minimum 256 megabytes MB of RAM 512 MB recommended Minimum 1 GB of free space on the hard drive System Requirements 2 BitDefender Security for Exchange 2 Installing BitDefender Security for
15. AF An e mail header is added to the message containing the detected attachment Provide the header name and value in the corresponding fields The detected message is saved to a specified folder To specify the folder click Browse locate it and then click OK The detected message is archived to a specified account Provide the e mail archive address in the field next to this option A Bcc containing the address will be added to the detected message Attachment Filtering BitDefender Security for Exchange Step 6 6 Configure Notifications Click the Notifications tab and specify whether to issue notifications or not when attachments match the rule Attachment Filtering Rule EIE General From To Attachment Fitering Options Actions Notfications Please configure the notifications to be sent for this rule Notification types IV Rule matched To change the notification events configuration please go to the Alerts amp Logs section Events tab Notifications Select Rule matched to issue notifications when attachments match the rule O Note Z The corresponding event in the Events section must be enabled and properly configured For more information please refer to Configuring Events p 70 Click OK to save the changes and close the configuration window Attachment Filtering BitDefender Security for Exchange 15 Update Update New viruses and s
16. If you choose Selected you have to select from the list the groups you want the rule to apply to You can select Match all recipients to apply the rule only if all the recipients of the message belong to the specified groups For example if the e mail is sent to several recipients and at least one of them is not found in the specified groups the rule will not apply Note The addresses in the Cc and Bcc fields also count as recipients Click Select All to select all groups If you click Clear All no group will be selected If necessary you can create a new group by clicking New and configuring it The new group will appear in the Groups section To configure an existing group or to see its parameters select it and click Details Note To learn how to configure a group please refer to Creating Groups p 121 Antivirus 136 BitDefender Security for Exchange Step 4 6 Configure Scan Options Click the Scan Options tab and configure the scan options for the messages matching this policy Antivirus Rule 2 x General From To Scan options Actions Notfications Donot scan Scan Attachment options Select attachment extensions to be scanned Scan all extensions Scan only application extensions Scan custom extensions Scan all except specific extensions m r Size TF Maximum e mail body attachment size to be scanned PB Scan Options If you
17. Logs in the tree menu under Monitoring and then the Alerts tab Monitoring 60 BitDefender Security for Exchange _ 15 x fi BitDefender Security for Exchange File Action View Help e 02 BitDefender Security For Exchange Monitoring Defender Security for Exchange Q Statistics 2 A Saas Alerts Logs Events EE Quarantine Q Scheduled Tasks A SMTP Groups General settings Antivirus 52 Antispam E Content Filtering E Attachment Filtering 7 Update General Enable mail alerts Configure M Enable net send alerts Configure Alerts Mail Alerts BitDefender can notify the network administrator by sending configurable mail alerts in case an event for which they have been set takes place Enabling this alert will provide you with relevant and timely information about the status of your server and may eliminate the need to access the BitDefender management console Note This module integrates with an SMTP Server It works with an ESMTP server as well but it does not use the ESMTP protocol because it is implemented on SMTP In order to use the mail notification service follow these steps 1 Select Enable Mail Alerts to activate the mail notification service and then click Apply to save the changes 61 Monitoring BitDefender Security for Exchange 2 Configure the SMTP settings as described in the Configuring Mail Alert Settings p 62 section 3 Con
18. Managing Quarantine To manage the quarantined files and the quarantine areas use the following buttons e Restore decrypts selected quarantined messages from the Antispam Content Filtering and Attachment Filtering quarantine areas and delivers them to their intended recipients For more information please refer to Restoring Quarantined Items p 81 e Delete deletes one or several selected files e Save to decrypts the quarantined files and saves them to the disk In this way you can see and analyze the quarantined item message attachment e Properties configure the quarantine settings For more information please refer to Configuring Quarantine Properties p 83 Restoring Quarantined Items To decrypt and deliver messages from the Antispam Content Filtering and Attachment Filtering quarantine areas to their intended recipients follow these steps 1 Select one or more quarantined messages 2 Click the Restore button 3 If no SMTP server settings have been configured yet you will be prompted to configure these settings The following window will appear Send from address IP g 2 Port r Use authentication the username has to be associated with the Send from address User mail Server Settings Specify the required SMTP server settings e Send from address type the e mail address that will appear in the sender field Monitoring 81 BitDefender Security for Exchange Important Prov
19. Monitoring Us BitDefender Security for Exchange Important You should NOT modify the strings that begin with the symbol as they provide valuable information about the event Configure Alert Recipients Provide the computer name in the corresponding field and click Add to add the recipient to the list Note Beside the recipients defined here the alert will also be sent to those defined in the Alerts section see Configuring Net Send Alert Recipients p 65 To import computer names from a txt file click Import select the file and then click Open If you want to export the list to a txt file click Export and save the file to the desired location To remove one or several selected recipients click Remove Click Apply to save the changes and OK to close the window Monitoring 74 BitDefender Security for Exchange 9 5 Quarantine BitDefender allows isolating files in a secure area named quarantine To see the quarantined files and manage them click Quarantine in the tree menu under Monitoring fu BitDefender Security for Exchange lolx Eile Action View Help e 02 BitDefender Security for Exchange E Monitoring Defender Security for Exchange Q Statistics Q Reports Q Alerts amp Logs H g Quarantine lt scheduled Tasks A SHIP Cros yo Quarantine WO Antivirus xx Q 24 Antispam E Content Filtering ps Attachment Fitering Q Antivirus i 2 Update View
20. To manage the rules use the following buttons e New Rule creates a new rule You will have to configure the rule before it appears in the table e Copy copies one or several selected rules e Delete deletes one or several selected rules You will have to confirm your choice by clicking Yes e Enable Disable enables disables one or several selected rules e Properties opens the configuration window of a selected rule allowing you to modify the rule To learn how to configure the rule please refer to Configuring Rules p 161 e Up moves a selected rule one level up in the table This will increase the priority of the rule e Down moves a selected rule one level down in the table This will decrease the priority of the rule 12 2 2 Creating Rules To create a rule choose one of these methods e copy an existing rule and click Properties to modify it Antispam 160 BitDefender Security for Exchange e click New Rule and configure the new rule In both cases a new window will appear Next you must configure or modify the rule 12 2 3 Configuring Rules To configure a rule follow these steps Step 1 7 Provide General Data Open the configuration window and provide general data for the rule Antispam Rule 2 x General From To Actions Antispam Engines White Black Lists Bayesian Fiter Rule name Junk mbil to IT Description General Provide the rule n
21. as it takes up system resources When needed you can configure and initiate the on demand scanning of the Exchange databases mailboxes and public folders To do this go to the On demand tab Please note that on demand scanning slows down the system Antivirus 124 BitDefender Security for Exchange 11 1 Real time Antivirus Protection Click Antivirus in the tree menu to enter this section File Action View Help e ABe BitDefender Security for Exchange E Monitoring Defender Security for Exchange lt y Statistics Sy Reports Real time Policies On demand Q Alerts amp Logs EXE Quarantine lt Antivirus lt Y Antispam Real Time Antivirus Scanning lt y Content Filtering Q Attachment Filtering lt y Scheduled Tasks AR SMTP Groups 24 Antispam E Content Filtering Apply E Attachment Filtering lt Update General Options M Enable real time antivirus scanning Real time Antivirus Protection This is where you can enable real time protection and configure advanced antivirus settings If you want the real time antivirus protection to be enabled select Enable real time antivirus scanning Otherwise clear the check box Click Apply to save the changes Note E In order to configure the antivirus scanning options for all of the incoming mail traffic or to create different scanning policies based on user groups go to the Policies section Antivirus BitDefender
22. coooooocooooooooom 219 19 BitDefender Configuration Repair Tool oocococnnoconononannoo 220 20 BitDefender Support Tool nsssssssssssssssussussunsunnunnunnunnun 223 21 SUPPOFt A a 225 21212 Asking for eli ii is 225 21 2 BitDefender Knowledge Base voca ai 225 21 3 Contact IOMA sce cic cepa iers ainssi ee tae a een aha dae OE E E erg 226 235 1 WED AUGrESSOS ir ii a ii ncaa E a 226 21 3 2 BitDefender OMNICES iii Mende ere Heda age henna wed eta 226 vii BitDefender Security for Exchange License and Warranty IF YOU DO NOT AGREE TO THESE TERMS AND CONDITIONS DO NOT INSTALL THE SOFTWARE BY SELECTING ACCEPT OK CONTINUE YES OR BY INSTALLING OR USING THE SOFTWARE IN ANY WAY YOU ARE INDICATING YOUR COMPLETE UNDERSTANDING AND ACCEPTANCE OF THE TERMS OF THIS AGREEMENT These Terms cover BitDefender Corporate Solutions and Services for Companies licensed to you including related documentation and any update and upgrade of the applications delivered to you under the purchased license or any related service agreement as defined in the documentation and any copy of these items This License Agreement is a legal agreement between you either an individual or a legal person and BitDefender for use of BitDefender s software product identified above which includes computer software and services and may include associated media printed materials and online or electronic documentation hereafter designated as Bit
23. new and unknown malware Image Spam Filter BitDefender offers a more accurate image filter which instead of analyzing the text within image spam messages learns the common characteristics of those images in point of color content and proportions The result less false positives and lower spam traffic NeuNet Filter To better deal with new spam the BitDefender Lab has created NeuNet a powerful antispam filter Inside the Antispam Lab NeuNet is pre trained on a series of spam messages so that it learns to recognize new spam by perceiving its similarities with the messages it has already examined Certified Antivirus Engines BitDefender s award winning scan engines featuring the B HAVE technology have been recognized by ICSA Labs Virus Bulletin and Checkmark to provide the most proactive antivirus protection available Services Advanced Update System For permanent server protection the product receives the latest updates and patches based on four configurable technologies on demand scheduled automatic and pushed BitDefender Security for Exchange Upgrades Registered users benefit from free upgrades to any new version of the product during the license period Special price offers are also available to returning customers Free 24 7 Professional Technical Support Certified representatives provide BitDefender business customers with free permanent support online by telephone or e mail This is supplemented by an online
24. such as an update error or an infected file detected O Quarantine stores detected files grouped into four categories Antivirus Antispam Content Filtering Attachment Filtering O Scheduled Tasks allows creating scheduled tasks through an intuitive wizard You can schedule updates on demand scanning processes and reports to be generated e SMTP Groups provides group management By organizing users into groups you can apply different scanning and filtering policies for different user categories e Antivirus this is where you can configure the Antivirus module e Antispam this is where you can configure the Antispam module e Content Filtering this is where you can configure the Content Filtering module e Attachment Filtering this is where you can configure the Attachment Filtering module e Update this is where you can configure the Update module and install new updates when they are available e General provides access to the following sections O Report Virus allows configuring BitDefender to automatically report found viruses and spam to the BitDefender Lab O Report Incidents allows configuring BitDefender to automatically report operation malfunctions to the BitDefender Lab Whenever you need help simply right click an item in the right side menu and click Help in the contextual menu that appears to open the help file Contextual help is available for each window Click to open it 7 1 Co
25. 11 2 3 Configuring Rules To configure a rule follow these steps Step 1 6 Provide General Data Open the configuration window and provide general data for the rule Antivirus Rule Ax General From To Scan options Actions Notifications Rule name ai to IT Description General Antivirus 11 545 BitDefender Security for Exchange Provide the rule name and optionally the rule description To enable the rule select Enabled If you want the rule to be disabled clear the check box Step 2 6 Select Senders Groups Click the From tab and select the groups of senders the rule applies to General From To Scan options Actions Notifications Select the Groups this rule will apply to if they are found in the sender line of an e mail message CA C Selected Groupname Selectal si Clear all New Details gt Show only selected groups To create a new group click New to view change the properties of a selected group click Details Any change made here will be reflected in the groups listed in the Groups section Senders Groups The following options are available e All the rule applies to all senders no matter if they belong to a group or not e Selected the rule applies only to senders from the selected groups If you choose Selected you have to select from the list the groups you want the rule to apply to Click Select All to select all grou
26. BitDefender Security for Exchange how to update test and customize it You will learn how to get best from BitDefender We wish you a pleasant and useful lecture 1 Conventions Used in This Book 1 1 Typographical Conventions Several text styles are used in the book for an improved readability Their aspect and meaning are presented in the table below sample syntax Syntax samples are printed with monospaced characters http www bitdefender com The URL link is pointing to some external location on HTTP or FTP servers sales bitdefender com E mail messages are inserted in the text for contact information Preface p xiii This is an internal link towards some location inside the document filename File and directories are printed using monospaced font option All the product options are printed using strong characters The code listing is printed with monospaced sample code listin a 2 characters Preface xiii BitDefender Security for Exchange 1 2 Admonitions The admonitions are in text notes graphically marked bringing to your attention additional information related to the current paragraph Note The note is just a short observation Although you can omit it the notes can provide valuable information such as specific feature or a link to some related topic Important 2 This requires your attention and is not recommended to skip over it Usually it provides non critical but sign
27. Exchange Group Properties 2x SMTP Group Group name fr Team Description IT staff Specky the usen fet me pat d the gop Click Add to add a new user name or e mail address or click Browse to choose from the existing users admin company com Browse Administrator npwin com eins ie save the citia ees fhi oup fer folre cae click Export to import users from a previously saved group click Import Group Properties To configure the group follow these steps 1 Identify the new group Provide the group name and optionally the group description in the corresponding fields 2 Add users to the new group e Provide the e mail address in the corresponding field and click Add e Add users from the Active Directory user list Click Browse to search users in the Active Directory user list A new window will appear SMTP Groups P22 BitDefender Security for Exchange Mail Server Users x Select the user names that will be added to the existing users in the group E Administrator Ousrxo1 Ousrxoz Ousrxo3 The user list above is updated once a day If you Update Now want to update it now press the Update now button x coma Browse for Users Groups You can see the list of all the users from Active Directory that have an SMTP address assigned The list structure is the one from Active Directory The user list is automatically updated once a day To update the list click Upda
28. Exchange In order to install BitDefender Security for Exchange you need an installation file or an installation CD that contains the installation package The installation file comes under different names depending on the BitDefender business products it contains You can download the installation file from www bitdefender com There are two versions of the installation package e 32 bit use this version if you want to install BitDefender Security for Exchange on a 32 bit computer e 64 bit use this version if you want to install BitDefender Security for Exchange on a 64 bit computer The installation package contains other BitDefender Security for Windows Servers products besides BitDefender Security for Exchange You should install all the products you want to use at the same time If you install only BitDefender Security for Exchange you will then need to modify the existing installation whenever other BitDefender products are installed at a later time As a result of this action some files may need to be replaced which may temporarily interfere with the operation of the existing installed products Depending on whether or not you already have BitDefender products installed on the computer there are two ways to install BitDefender Security for Exchange e Fresh installation no other product from the installation package is installed on the computer e Modifying an existing installation at least one other product from the
29. Fax 40 21 2641799 Phone sales amp technical support 40 21 2063470 Sales sales bitdefender ro Website http Awww bitdefender ro Web Self Service http www bitdefender ro site KnowledgeBase showMain 2 EMEA and APAC Business Unit BITDEFENDER SRL West Gate Park Building H2 24 Preciziei Street Bucharest Sector 6 Romania Fax 40 21 2641799 Phone sales amp technical support 40 21 2063470 Sales sales bitdefender com Website http Awww bitdefender com Web Self Service http www bitdefender com site KnowledgeBase showMain 2 Support 228
30. Filtering This is where you can enable attachment filtering If you want attachment filtering to be enabled select Enable attachment filtering Otherwise clear this check box Click Apply to save the changes Note In order to configure the global attachment filtering options or to create different filtering policies based on user groups go to the Policies section Attachment Filtering BitDefender Security for Exchange 14 2 Policies Click Attachment Filtering in the tree menu and then the Policies tab to enter this section im BitDefender Security for Exchange File Action View Help e 0 0 8 BitDefender Security For Exchange Monitoring Defender Security for Exchange lt Statistics lt Reports lt Alerts amp Logs E Quarantine n Q Antivirus Priority Rule name Sender groups Recipient grat lt gt Antispam ran Mail to IT IT Team lt y Content Filtering iz Default Rule w gt lt Q Attachment Filtering lt y Scheduled Tasks A SMTP Groups Antivirus 22 Antispam O Content Filtering Attachment Filtering Policies E Attachment Filtering s Update O General New Rule Copy Delete Enable Disable Properties a ly Policies This is where you can specify the attachment filtering options You can modify the default rule to specify the attachment filtering options for all of the mail traffic or you can configure new rules in order to create customized group filtering pol
31. Fix to enable antispam filtering e Content Filtering The issues that can be reported are listed in the following table Not configured Requires attention Content filtering is enabled but no content filtering rule is configured Click Fix to go to Content Filtering gt Policies and create appropriate rules Not enabled There are two situations 1 Requires attention Content filtering is not enabled but content filtering rules or policies are configured Click Fix to enable content filtering 2 Not an issue Content filtering is not enabled and no content filtering rule is configured e Attachment Filtering The issues that can be reported are listed in the following table Not configured Requires attention Attachment filtering is enabled but no content filtering rule is configured Click Fix to go to Attachment Filtering gt Policies and create appropriate rules Not enabled There are two situations 1 Requires attention Attachment filtering is not enabled but attachment filtering rules or policies are configured Click Fix to enable attachment filtering Monitoring 44 BitDefender Security for Exchange 2 Not an issue Attachment filtering is not enabled and no attachment filtering rule is configured Update Status If the Update Status button is orange or red there are update issues affecting BitDefender Security for Exchange Click the button to see the res
32. Groups Click the To tab and select the groups of recipients the rule applies to Antispam Rule zix General From To Actions Antispam Engines White Black Lists Bayesian Fiter le OS recipients of an e mail message Check the option Match all recipients if all mail recipients belong to this group list Uncheck it if at least one of the mail recipients belongs to this group list Cc Al Selected TF Match all recipients Groupname Select all MIT Team Clear all TF Show only selected groups To create a new group click New ne view denge fhe properties ala selected group dik Details Groups section Any change made here will be reflected in the groups listed in the o cm me set Defuts Recipients Groups The following options are available e All the rule applies to all recipients no matter if they belong to a group or not e Selected the rule applies only to recipients from the selected groups If you choose Selected you have to select from the list the groups you want the rule to apply to You can select Match all recipients to apply the rule only if all the recipients of the message belong to the specified groups For example if the e mail is sent to several Antispam 163 BitDefender Security for Exchange recipients and at least one of them is not found in the specified groups the rule will not apply Note The addresses in the Cc and Bcc fields also count
33. Monitoring snap in provides you with all the necessary means to monitor and control the product activity If you click Monitoring in the tree menu the dashboard will be displayed The dashboard provides you with useful information on the status of BitDefender Security for Exchange and helps you easily solve the issues that require your attention In the tree menu grouped under the Monitoring snap in you can access the following sections e Statistics provides real time statistic information regarding the activity of the Antivirus Antispam Content and Attachment Filtering modules both separately and as a whole e Reports allows creating customized reports on the product activity e Alerts amp Logs allows configuring the logging options and sending alerts about the events that occur during product operation such as an update error or an infected file detected e Quarantine shows the quarantined files and mails These objects were found to be infected suspect or spam or they matched a content or an attachment filtering rule and were moved to the quarantine folder according to the specified action They are grouped into four categories Antivirus Antispam Content Filtering Attachment Filtering based on the BitDefender component that detected them e Scheduled Tasks allows creating scheduled tasks through an intuitive wizard You can schedule updates on demand scanning processes and reports to be generated In this
34. Others usrx03Enpwin11 local ustx03Enpwin11 local 2008 08 27 13 38 25 1000 Others usrx03Enpwin11 local usrx03 npwin11 lo Quarantine Properties Antispam Quarantine This is where you can see the messages that BitDefender found as being spam and which were stored in the quarantine area For each quarantined message the following information is provided the date and time when it was quarantined the spam score received the filter that classified it as Monitoring Lidl BitDefender Security for Exchange being spam the mail address of the sender the mail address of the recipients the subject and the file name of the message Quarantined files are encrypted In order to see an item from the quarantine area select it and then click Save to disk to decrypt the file In this way you can analyze the item and send it by mail To decrypt and deliver a quarantined message to its intended recipient select the message and click Restore Note To learn how to manage the quarantined files and the quarantine area please refer to Managing Quarantine p 81 9 5 3 Content Filtering Quarantine Click Content Filtering in the tree menu Quarantine module to enter this section BitDefender Security for Exchange Elle Action View Help e mm e m BitDefender Security For Exchange E Monitoring Defender Security for Exchange lt y Statistics lt Q Reports lt y Alerts amp Logs EE Quarantine Q An
35. Register BitDefender Security for Exchange BitDefender Registration Registration This is a trial version of BitDefender Security For Exchange IF you wish to evaluate the product please check Continue evaluating the product IF you want to register the product please check Register the product and fill in your license key To purchase a BitDefender license please visit our online store at Click here Continue evaluating the product 30 days remaining Register the product Enter key Register You have successfully registered your product with license key 3A6A8A50327FF43E7B6E You can take full advantage of the product for the next 30 days Cancel Registration Ifyou do not have a BitDefender license click the provided link to go to the BitDefender online store and purchase a license key To register BitDefender Security for Exchange select Register the product type the license key in the Enter key field and click the Register button If the trial period has not expired and you want to continue evaluating the product select Continue evaluating the product You can see the current license key and when it expires Click Next to continue Note ES If the provided license key is not valid you will be prompted to provide another license key Registration and My Account BitDefender Security for Exchange 8 2 Step 2 3 Register a BitDefender Account BitDefender Registration
36. Security for Exchange 11 1 1 Configuring Advanced Antivirus Settings Several advanced settings concerning the scanning process can be configured These settings are applied regardless of the policy Click Options to open the configuration window of the advanced antivirus settings Antivirus Advanced Settings 2Axi Settings Scanning Instances IV Enable YSAPI scanning IV Enable transport scanning Advanced r Enable SMTP scanning it s recommended to keep it disabled when VSAPI scanning is enabled FZ Add Footer to scanned malls This email was scanned by BitDefender Maximum archive depth to scan Advanced Antivirus Settings In this window you can configure VSAPI scanning and SMTP scanning settings as well as the number of scanning instances and the maximum archive depth to scan VSAPI Scanning Settings Select the Enable VSAPI scanning check box to enable VSAPI based antivirus scanning The antivirus scanning at VSAPI level can be done through three additional scanning methods intended to optimize the overall scanning process background proactive and transport scanning e Enable background scanning select this option if you want background scanning to be enabled Antivirus 126 BitDefender Security for Exchange Antivirus Background scanning means scanning all folders with a low priority When an object that has been checked by the background scanning i
37. Server Click the button to see the respective issues A table named License Status will be displayed and you will be able to see the monitored items and their current status e Registration The issues that can be reported are listed in the following table You are using a trial version of the product and you should register it Your product registration will expire in x days You should renew your registration Product registration expired You should register it The serial number you introduced is not valid Requires attention This status is displayed during the trial period Click Fix to open the registration wizard and register BitDefender Security for Exchange with a new license key Requires attention This status is displayed during the last 30 days of the licensing period Click Fix to open the registration wizard and register BitDefender Security for Exchange with a new license key Critical issue The licensing period has expired Click Fix to open the registration wizard and register BitDefender Security for Exchange with a new license key Requires attention You have entered an invalid license key Click Fix to open the registration wizard where you can register BitDefender Security for Exchange with a new license key e My account The issues that can be reported are listed in the following table Monitoring 47 BitDefender Security for Exchange You do not have an acco
38. TEST FILE H H Copy this line and save the file with any name and com extension for example EICAR COM BitDefender must treat this file as an infected one There is no reason to worry because this file is not a real virus All that ETCAR COM does when executed is display the text ETCAR STANDARD ANTIVIRUS TEST FILE and exit Note The reason we do not include the file in the package is that we want to avoid generating any false alarms for those who use BitDefender or any other virus scanner You can keep the EICAR COM in a safe place and periodically test the server protection You can visit the EICAR website at http eicar com read the documentation and download the file from one of the locations on the following web page http eicar com anti_virus_test_file htm Antivirus Test 2A BitDefender Security for Exchange 18 Antispam Test You can verify that the BitDefender Antispam component is correctly installed and works properly by the help of a special test known as GTUBE GTUBE stands for the Generic Test for Unsolicited Bulk Email The test consists of entering the following 68 byte string as one line in the body of the email XJS C4JDBQADN1 NSBN3 21 DNEN GTUBE STANDARD ANTI UBE TEST EMAIL C 34X When scanning the email BitDefender must tag it as spam You can visit the GTUBE website at http gtube net read the documentation and download the sample RFC 822 format email from the locations on
39. To enable the task select Enable Task Otherwise clear this check box Click Apply to save the changes If you want to save the changes and close the configuration window click OK If you want to close the configuration window without making any changes click Cancel Modifying Schedule Click the Schedule tab in the configuration window to modify the schedule Monitoring 90 BitDefender Security for Exchange Scheduled Update Properties 21xi General Schedule m Schedule Schedule task to run periodically hd Start date 8 27 2008 C End date 8 27 2008 Starttime 3 1706PM every fil Iweeks 7 O Delete f not scheduled to run again Schedule Specify the task schedule You must choose one of the following options from the menu e Once to run the task one time only at a given moment Specify the start date and time in the Start Date Start Time fields e Periodically to run the task periodically at certain time intervals minutes hours days weeks months years starting with a specified date and time To configure the necessary settings follow these steps 1 Specify the start date in the Start Date field 2 If you want to run the task repeatedly until a certain date check End Date and specify the end date in the corresponding field 3 Specify the start time in the Start Time field 4 Specify the task frequency by specifying the number of minutes ho
40. a ai 177 13 2 3 Configuring RUSS o ici a e a a ea eee babe wee 178 14 Attachment Filtering cccscceeeeeeeeeeeesseeeeeseesesseesesss LOO 14 1 Attachment FIKEN gaera rnnr Oe eee awa ee dane ene Re ae dem 189 14 2 POGES ri A ai 190 142 1 Managing RUES niian p ae 190 142 2 Creating RUSS iio aioa aE a O E O E 191 142 3 Configuring RUIES ios 5 ici Me a a mee A E a A 192 15 Update c ccccconcnnnoncnnnnnnnnnnnnnnrrnn rr AUL 191 Update cta denise dentada sde bas lis Janbacots 202 19 11 Update Into mal cosita dades te 202 15 12 Product Update asociar de dh duane an da 203 15 2 Update Settings suscrita dador is das a 204 15 2 1 Configuring Update Schedule ooooocccccccccccnc ro 204 15 2 2 Using Update PUSHING vi iii rada la 205 15 2 3 Configuring Product Updates o o oooooccocccccnccn eee 206 15 3 Update LOCAtONS tii wea a ea a A dee aides 207 15 4 Update NotiicationS cices is dead a eee dade 208 1575s Update Roll BACK eid shat coat inca dc ridad 210 15 6 Manual Updates ae sinuga gatai aia est cetent AS abies 211 BitDefender Security for Exchange 16 General c occcococnncccnccnnocnnncnnocnnnonnrnnnonnnrnnncannosnnnass 213 16 1 REPO VIUS Cari a a 213 116 2 Report INCIGENtS os tis viedo at ds 214 Testing BitDefender eee Pee EERE EPP eee 216 17 ANTIVIFUS TOSt cri n a oad eemminan 217 18 Antispam TeSt ococococonocnncconocannonnronnncanrsnncnanasannass 218 Troubleshooting and Getting Help
41. amp Logs E Quarantine Q Antivirus Priorit Rule name Sender groups Recipient gro lt Antispam a Helpdesk Mail IT Team lt Q Content Filtering 2 Default Rule lt y Attachment Filtering lt Scheduled Tasks A SMTP Groups Antivirus 54 Antispam O Content Filtering E Attachment Filtering 2 Update O General Content Filtering Policies New Rule Copy Delete Enable Disable Properties a y Policies This is where you can specify the content filtering options You can modify the default rule to specify the content filtering options for all of the mail traffic or you can configure new rules in order to create customized group filtering policies 13 2 1 Managing Rules You can see all the existing rules listed in the table For each rule the following information is provided priority the name and the groups of senders and recipients it applies to The rules are listed by order of priority with the first rule counting as the highest priority Content Filtering 176 BitDefender Security for Exchange Note Messages are checked against each rule by order of priority until the sender and the recipients of the message match a rule The message is then processed according to the content filtering options specified by that rule Default Rule There is one rule created by default that manages the global content filtering settings You cannot copy delete or disable this rule The d
42. and close the window If you want to apply the default settings click Set Defaults Scheduled Tasks Scheduled tasks provide great flexibility and help perform administrative security tasks without increasing the workload and affecting the performance of the mail server You can set BitDefender to perform specific tasks one time only or on a regular basis according to a convenient schedule You can schedule the following tasks 9 6 e on demand antivirus scanning of the Exchange databases mailboxes and public folders e update processes e report generation tasks Click Scheduled Tasks in the tree menu Monitoring module to enter this section Monitoring 84 BitDefender Security for Exchange im BitDefender Security for Exchange File Action View Help es 0182 BitDefender Security For Exchange Monitoring lt y Statistics ES peso Logs Scheduled Tasks E Quarantine lt Antivirus Task t Task name Next run time Last run time X Antispam Q Update Monday Update 10 06 50 AM Monday April 27 2009 10 07 00 AM Friday April 24 lt y Content Filtering Generate Report Weekly Report 50 AM Friday April 24 2009 11 AM Friday April 24 lt y Attachment Filtering e On demand Scanning T Weekly Scan 10 11 14 AM Monday April 27 2009 10 11 52 AM Friday April 24 lt y Scheduled Tasks A SMTP Groups Antivirus 52 Antispam E Content Filtering E Attachment Filtering Defender Security for Exch
43. and then click Save to disk to decrypt the file In this way you can analyze the item and send it by mail Note To learn how to manage the quarantined files and the quarantine area please refer to Managing Quarantine p 81 9 5 2 Antispam Quarantine Click Antispam in the tree menu Quarantine module to enter this section BitDefender Security for Exchange BitDefender Security For Exchange E Monitoring Defender Security for Exchange lt y Statistics lt y Reports lt y Alerts amp Logs EXE Quarantine amp Antivirus Date YYYY mmjdd HH MM 55 Score Filter Matched Sender Recipients lt gt A epan 2 2008 08 27 13 38 02 1000 Others usrx02 npwin11 localusrx01 npwin 1 L local lt y Content Filtering 6 2008 08 27 13 38 02 1000 Others usrx02 npwin11 local usrx02 npwin11 local lt y Attachment Filtering 2008 08 27 13 38 03 1000 Others usrx03 npwin11 local usrx02 npwin11 local lt y Scheduled Tasks 2008 08 27 13 38 09 1000 Others usrx03 npwin11 local usrx03 npwin11 local A SMTP Groups 2 2008 08 27 z 788 Others usrx03Enpwin11 local usrx02 npwin11 local antivirus 6 2008 08 27 E 334 Others usrx02 npwin11 local usrx03 npwin11 local 24 Antispam 2008 08 27 E 834 Others usrx03Enpwin11 local usrx01 npwin 11 local E Content Filtering 2008 08 27 788 Others usrx028npwin11 local usrx01 npwin11 local Attachment Filtering 2008 08 27 834 Others usrx03 npwin11 local usrx03 npwin11 local 2008 08 27 1000
44. as recipients Click Select All to select all groups If you click Clear All no group will be selected If necessary you can create a new group by clicking New and configuring it The new group will appear in the Groups section To configure an existing group or to see its parameters select it and click Details Note To learn how to configure a group please refer to Creating Groups p 121 Antispam 164 BitDefender Security for Exchange Step 4 7 Set Actions Click the Actions tab and specify the actions to be taken on the messages matching this policy Antispam Rule 2 x General From To Actions antispam Engines White Black Lists Bayesian Fiter Donot scan Scan Tf the spam score given by the antispam engines exceeds the treshold the e mail message will be considered spam and an action will be taken You can also let BitDefender decide whether the mail received is or not Treshold gS E Action Deliver e mail Y p You can select additional actions Fo Ry Se E Oo onal eee seam subject SPAM Y Add a header to the e mail message detected as spam Header name bitDefenderspam Spam value Hstatus a Non spam value status score IT Save mail to folder Browse r Archive redirect inbound mail to account enter A mail address Cancel apply Set Defaults Actions If you do not want the messages to be scanned using the antispam filters select Do
45. contains legitimate e mail paham S Browse Specify the SPAM folder folder that contains spam pasam Browse Bayesian Filter training interval should be trained very 160 minutes often r Bayesian training interval Press Save trained fier to save the trained Bayesian for future use or press Import trained filter to import a previously saved Bayesian Save trained filter Import trained filter Bayesian Filter The Bayesian Filter constantly collects statistical information about server specific spam and legitimate messages provided by the administrator and it analyzes messages according to this information Select Enable Bayesian Filter to enable the Bayesian Filter To offer good results the Bayesian Filter must be trained on legitimate messages and spam messages specific to the server whose traffic is filtered These messages must be in MIME format this means that they should have the em1 extension Specify the Antispam T72 BitDefender Security for Exchange HAM folder the folder containing legitimate mail and the SPAM folder by clicking Browse Note The messages in the SPAM and HAM folders are deleted after the training is completed In order to get the best results it is recommended to train the Bayesian Filter often Provide the training interval in the corresponding field The recommended interval is 60 minutes y Warning Do not set very low values for t
46. database with answers to Frequently Asked Questions and fixes for common issues Features and Benefits BitDefender Security for Exchange 5 Core Modules The core functionalities of BitDefender Security for Exchange are defined by 4 modules Antivirus Antispam Content Filtering and Attachment Filtering 5 1 Antivirus Basically there are two kinds of antivirus scanning e Antivirus scanning at SMTP Simple Mail Transfer Protocol level e Antivirus scanning at mailbox or VSAPI Virus Scanning Application Program level Antivirus scanning at SMTP level BitDefender scans the SMTP mail entering or leaving the Exchange server for viruses spyware and other malware Different scanning policies can be defined for users and user groups These policies include sets of rules specifying the antivirus scanning settings and the actions to be taken on infected messages depending on the groups the sender and the recipients belong to Antivirus scanning at mailbox VSAPI level BitDefender protects the Exchange server from viruses spyware and other malware by scanning the messages and the files in users mailboxes and server folders upon clients request The MS Exchange mail server was designed with a low level interface VSAPI intended to offer antivirus scanning support This interface also allows scanning messages with multiple recipients once before delivery instead of several times for each mail recipient separately BitDefend
47. inbound mail to account enter E Actions You must choose one of the following actions Description The message containing the detected attachment is deleted The detected attachment is deleted The detected attachment is replaced with a specified text To specify the text to be delivered instead of the attachment click Edit replacement text Provide the text in the edit box that appears and click OK The message containing the detected attachment is moved to the quarantine folder Attachment Filtering 198 BitDefender Security for Exchange Deliver e mail Reject e mail The message containing the detected attachment is delivered in full to its recipients The detected message is rejected with a 550 SMTP error code You can also set additional actions to be taken on the detected messages The following actions are available Modify the subject of the e mail messages that matched this rule Add a header to the e mail messages that matched this rule Save e mail to folder Archive redirect to account The subject of the message containing the detected attachments is modified You can modify the subject pattern We recommend you to use one of these patterns e AF subject to add AF before the subject This is the default subject pattern e AF subject AF to add AF before and after the subject e AF to replace the subject with
48. included in the selected time interval will be shown in the report Click Next to continue or click Cancel to exit the Report Wizard lt Back Nets cos Select Time Interval Select the time interval covered in the report Monitoring 96 BitDefender Security for Exchange e Last day e Last week e Last month e Custom Ifyou need information about the BitDefender activity related to a specific time interval select Custom and specify the start and end date To specify the start and end date either click the numbers in the date field and enter new values or click the arrow to choose a date from the calendar Note The date format is month day year Click Next Step 7 7 View Summary Create a new scheduled task Scheduled Task Summary Task Name Sunday Weekly Report Task Type Generate Report Task Runs Sun Start Time 13 23 Wednesday August 27 2008 Report Type Antivirus Total Report Report Format HTML T Report Start Date 20 8 2008 2 Report End Date 27 8 2008 F Open the advanced properties of this task when click Finish E SN View Summary This window displays the task settings You can make any changes by returning to the previous steps click Back Select Open the advanced properties of this task when click Finish if you want the Properties window of this task to be opened after you complete the wizard In this window you can modify the task and configure
49. loss of confidential information by filtering all mail passing through the Exchange server based on content subject line sender recipient and attachment and the criteria defined for the existing user groups O Provides a highly efficient multi layered antispam protection system which Reduces mail traffic by accurately classifying messages as spam phishing or legitimate Blocks unsolicited mail based on connection filters such as the Allow Deny IP List and Sender Black List on the Bayesian and the Real time Blackhole List RBL filters Allows configuring antispam filter sensitivity by setting very demanding or relaxed thresholds for each user group Automatically redirects spam mails to your Exchange Junk Folder O Provides WBL White List Black List support allowing you to set a list of trusted and untrusted addresses based on which to respectively always accept or always reject mail e Increased usability 0O Allows you to filter mail traffic in a more flexible manner through the use of antivirus antispam content and attachment filtering policies for different groups or users Generates detailed statistics and reports based on a comprehensive database related to the product s activity Allows you to remotely configure server protection by simply installing the management console on one computer inside the network Instantaneously sends detailed warning messages to the network security and management staff if a virus is dete
50. lt y Reports lt Alerts amp Logs EE Quarantine lt Antivirus Groupname Description O lt y Antispam lt Q Marketing Q Content Filtering Q Attachment Filtering lt Scheduled Tasks Groups Antivirus 52 Antispam D Content Filtering E Attachment Filtering 2 Update General New Group Copy Delete Properties Groups You can see all the existing groups listed in the table along with their description SMTP Groups 120 BitDefender Security for Exchange 10 1 Managing Groups To manage the groups use these buttons e New Group creates a new group You will have to configure the group before it appears in the table e Copy copies one or several selected groups e Delete deletes one or several selected groups You will have to confirm your choice by clicking Yes e Properties opens the configuration window of a selected group allowing you to configure it To learn how to configure the group please refer to Configuring Groups p 121 10 2 Creating Groups To create a group choose one of the following methods e copy an existing group and click Properties to modify it e click New Group and configure the new group In both cases a configuration window will appear Next you must configure the group 10 3 Configuring Groups Open the configuration window select the group and click Properties SMTP Groups Loi BitDefender Security for
51. more advanced settings For more information please refer to Configuring Properties p 98 Click Finish to save the scheduled task Monitoring SM BitDefender Security for Exchange Note The task will appear in the Scheduled Tasks section Configuring Properties In order to modify an existing scheduled task or to configure more advanced settings unavailable in the configuration wizard just double click the task or select it and click Properties The configuration window will appear Note To open the configuration window you can also select Open the advanced properties of this task when click Finish in the last step of the wizard Viewing General Information Scheduled Report Properties 2 x General Schedule Settings Notifications p Task Information IV Enable Task General You can see general information about the task the name the status the last time when the task ran If you want to change the task name enter a new name in the corresponding field To enable the task select Enable Task Otherwise clear this check box 98 Monitoring BitDefender Security for Exchange Click Apply to save the changes If you want to save the changes and close the configuration window click OK If you want to close the configuration window without making any changes click Cancel Modifying Schedule Click the Schedule tab in the configuration window to modify the sche
52. not scan Then click OK to save the changes and close the configuration window If you select Scan the messages will be scanned using the antispam filters and the antispam options configured for this policy Next you must configure the threshold level and the actions to be taken on the spam messages Specify Threshold Level BitDefender checks all the message components i e not only the header but also the message body in either HTML or text format against many rules using several filters Some of the filters like the URL Filter the Image Filter and others can indicate if the message is spam directly Antispam 165 BitDefender Security for Exchange PP gt The Bayesian Filter the Pre trained Bayesian Filter and the NeuNet Filter give to each scanned message a Spam score The aggregate of these scores represents an overall spam score The overall spam score is measured against the desired level of spam sensitivity threshold and a decision is made lf the spam score for a message exceeds the threshold the message is considered spam Otherwise the message is not spam and it is delivered in full to its recipients Note Exceptions are made if the sender is in the IPMatch table as not spam or on the White list Specify a threshold value between 0 and 1000 in the corresponding field The default value is 775 If you do not want to set a threshold value select Let BitDefender antispam engines determine the spam stat
53. on the computer will temporarily cease to function 3 3 Remove BitDefender If you want to uninstall all BitDefender products choose Remove Note We recommend that you choose Remove for a clean re installation If you choose to remove BitDefender a new window will appear Click Remove to start unsinstalling BitDefender from your computer Important This will remove all BitDefender products from your computer If you have additional BitDefender products installed and only wish to remove BitDefender Security for Exchange please use the Modify option After the removal process is over we recommend that you delete the BitDefender folder from Program Files Repairing or Removing BitDefender 8 BitDefender Security for Exchange An error occurred while removing BitDefender If an error has occurred while removing BitDefender the removal process will be aborted and a new window will appear Click Run UninstallTool to make sure that BitDefender has been completely removed The uninstall tool will remove all the files and registry keys that were not removed during the automatic removal process Repairing or Removing BitDefender BitDefender Security for Exchange Description BitDefender Security for Exchange 4 Features and Benefits Comprehensive protection for Exchange Servers BitDefender Security for Exchange provides antivirus antispyware antispam antiphishing attachment and content filtering seaml
54. server The incoming mail from these addresses will be dropped before reaching the server Select Enable Sender Black List and add the banned addresses if you want to use the Sender Black List to filter incoming mail traffic Add Addresses Click Add to add a new address to the list Provide the address in the window that will appear and then click OK Antispam 154 BitDefender Security for Exchange Manage Addresses You can see the e mail addresses listed in the table If you want to modify an address either double click it or select it and click Modify To remove one or several selected addresses click Delete and then Yes to confirm your choice Import Export Addresses To import addresses from a txt file click Import select it and then click Open To export the existing addresses to a txt file click Export and save the file to the desired location In this way you can use the address list when configuring BitDefender server products on other machines or after reinstalling the product Click OK to save the changes and close the window If you click Cancel all changes will be lost Step 3 4 Configure IP Match Click the IP Match tab to configure the IP Match filter Antispam Advanced Settings 2 x Allow Deny IP List Sender Black List IP Match Realtime Blackhole List T Check authenticated connections Authenticated connections are safe therefore they can bypass antispam checking keep the option unche
55. the files that BitDefender found infected or suspect and were stored in the General quarantine area lt G Antispam View the files that BitDefender found as being spam and were stored in the quarantine area lt Content Filtering View the e mail messages that matched a Content Filtering rule and were stored in the quarantine area Attachment Filtering View the e mail messages that matched an Attachment Filtering rule and were stored in the quarantine area Quarantine Quarantine is divided into 4 areas e Antivirus contains the objects that BitDefender found infected or suspect and which were stored in the quarantine area e Antispam contains the messages that BitDefender found as being spam and which were stored in the quarantine area e Content Filtering contains the messages that matched a Content Filtering rule and which were stored in the quarantine area Monitoring 75 BitDefender Security for Exchange e Attachment Filtering contains the messages that matched an Attachment Filtering and which were stored in the quarantine area Click a link to see the quarantined files for the corresponding component 9 5 1 Antivirus Quarantine Click Antivirus in the tree menu Quarantine module to enter this section fi BitDefender Security for Exchange 5 xi File Action view Help e anle BitDefender Security for Exchange E Monitoring Defender Security for Exchange Q Statist
56. the installation process will be cancelled Click OK amp Finish to exit the wizard 4 Click Next 5 BitDefender Security for Exchange contains an incident management module that allows creating incident reports during product crashes By agreeing to send the incident reports to the BitDefender Lab you agree to help us find quick fixes for our bugs You could make a major contribution to the development of a stable product that satisfies your needs The reports will only be used for debugging purposes They will never be used as commercial data or disclosed to third parties To send incident reports to the BitDefender Lab select agree to submit incident reports to the BitDefender Lab and specify your e mail address Click Next Installing BitDefender Security for Exchange 5 BitDefender Security for Exchange 6 If you do not want the readme file to be opened at the end of the installation clear the View Readme file check box Click Install in order to begin the installation of the product Note BitDefender will automatically detect your version of Microsoft Exchange Server 7 Click Finish to complete product installation Note You may be asked to restart your system so that the setup wizard can complete the installation process 2 2 Modifying Existing Installation In order to install BitDefender Security for Exchange when one or more BitDefender Security for Windows Servers products are already installed on the compu
57. the web page Antispam Test 218 BitDefender Security for Exchange Troubleshooting and Getting Help BitDefender Security for Exchange 19 BitDefender Configuration Repair Tool If you have problems with BitDefender Security for Exchange you can use the BitDefender Configuration Repair Tool to restore the last known good configuration The BitDefender Configuration Repair Tool backs the configuration file up every hour so that you can restore it if needed This tool can be successfully used to fix a corrupt configuration file issue which may occur in extreme situations such as a forced system shutdown caused by a blackout To restore the last known good version of the configuration file follow these steps 1 Open the BitDefender Configuration Repair Tool using this path from the Windows start menu Start Programs BitDefender Security for Windows Servers gt BitDefender Configuration Repair Tool BitDefender Configuration Repair Tool F Defender Security for Windows Servers defender BitDefender Configuration Repair Tool helps you restore your last known good configurations of your BitDefender Security for Windows Servers products All the new settings made after the last moment the configuration files were saved will be lost You should use this tool only when your current configuration file is corrupted Press Restore to begin restoring your configuration files or Exit to close this dialog and keep
58. their way into the BitDefender Knowledge Base as bugfix reports workaround cheatsheets or informational articles to supplement product helpfiles The BitDefender Knowledge Base is available any time at http kb bitdefender com 21 3 Contact Information Efficient communication is the key to a successful business During the past 10 years BITDEFENDER has established an unquestionable reputation by constantly striving for better communication so as to exceed the expectations of our clients and partners Should you have any questions do not hesitate to contact us 21 3 1 Web Addresses Sales department sales bitdefender com Web self service http kb bitdefender com Documentation documentation bitdefender com Partner Program partners bitdefender com Marketing marketing bitdefender com Media Relations pr bitdefender com Job Opportunities jobs bitdefender com Virus Submissions virus_submission bitdefender com Spam Submissions spam_submission bitdefender com Report Abuse abuse bitdefender com Product web site http www bitdefender com Product ftp archives ftp ftp bitdefender com pub Local distributors http www bitdefender com partner_list 21 3 2 BitDefender Offices The BitDefender offices are ready to respond to any inquiries regarding their areas of operation both in commercial and in general matters Their respective addresses and contacts are listed below Support 226 BitDefender Security for Excha
59. this option if you want to specify a size limit for the mail body or for the attachments to be scanned Provide the size limit in the edit field Step 5 6 Set Actions Click the Actions tab and specify the actions to be taken on infected and suspect objects Antivirus 138 BitDefender Security for Exchange Antivirus Rule 2 xi General From To Scan options Actions Notifications Select the action to be taken on infected files J b Move To Quarantine Delete Object KI T Replace deleted attachments with text file only For SMTP scanning Tf the SMTP scanning is enabled the deleted or quarantined objects are replaced with a text Alacan tst o cance sw set pefauts Actions Different actions can be configured for the infected and suspect objects detected by BitDefender There is a list of actions that can be applied to each category of detected objects infected or suspect When such an object is detected the first action in the corresponding list is applied If this action fails the next action in the list is applied and so on You can change the order in which actions are to be applied Select an action and click 4 or LY to move it up or down in the list Actions for infected objects The following actions are available for infected objects Description Removes the malware code from t
60. to be scanned e mail message size to be scanned and provide the size limit in the corresponding field On demand Scanning Advanced Settings Beside messages you can select other objects to be scanned Contacts Tasks and Appointments Click OK to save changes and close the window Advanced Scan Settings Scanning To start scanning just click Scan Now You can stop the scan process anytime you want to by clicking End Scan If you want to limit the scanning time select Stop scan if it takes longer than and specify the number of minutes or hours At the end of the scanning process you can return to this section and click View Report to view the report file Step 2 3 Set Actions Click the Actions tab and specify the actions to be taken on infected and suspect objects Antivirus 145 BitDefender Security for Exchange Antivirus on demand scanning Ax Settings Actions Notifications Select the action to be taken on infected files Disinfect Move To Quarantine Delete Object Delete E mail Ignore gt Ki Select the action to be taken on suspect files PJ L If the SMTP scanning is enabled the deleted or quarantined objects are replaced with a text Loox _ cma Apply Set Defaults Actions Different actions can be configured for the infected and suspect objects detected by BitDefender There is a list of
61. 4 Features and Benefits ccccccncnencccencncncsnenssesescensseseees LL 4 1 Key Benefits iia icc ead ecw a a aon 11 4 2 Key ESAS tii A A E Mak O E aH 13 4 3 BitDefender Advanced Technologies 0 ccc cece cece eens 13 AA SSOIVICES ii A a Ai 13 5 Core Modules ccceeeccceeeeeceeeeeeeeesseeeeseeeeeseseeessseeeses LO Dells AMUVIFUS oi ot AAA 15 92 AMUIS PAM ctas dadas 16 9 2 Global Filter abia deta o ada dels bic laca 17 02 22 PONEN FINE S cuina iria din Ge A 18 0 9 Content PILE MING ia dia io its apta ra ella be 21 94 Attachment Filter asian et alta 21 6 How Does It Work oocccoconccnnnnccononconnancrnannrrsnanrrnannrrss 22 6 1 SMTP ScaMind isos nai rt AS la a 22 6 1 1 Antispam FitenNg sie iran meros a rc TE ada ee 22 6 12 COmMent FItENNO cra rior ar a Econ i n 24 6 1 3 Attachment PINGING serenor dr ar A A 25 6 14 ANtMITUS SCANNING is rn A A AS RRA 25 BitDefender Security for Exchange 6 2 Mailbox VSAPI SCANMIAG ss ecco ect dee ic at 25 Configuration and Management cocccccnnnncnnnnnnnnnonnos 27 7 Getting Started ccocononooncccononanonncrcsnonannnararsnsasanaararas 2O 7 1 Connecting to Another Computer 0 0 0 ccc cece eee nee 29 7 2 Changing the Administrative Password 0 c sce e eee eee 30 7 3 Exporting Importing Product Settings ccc cece eee 31 1 3 1 Exporting Product SetingS ci n acted a ma hanes 31 7 3 2 Importing Product Settings siii an de san E wen cane 32
62. ANCE OR SUPPORT RELATED THERETO OR ANY OTHER MATERIALS TANGIBLE OR INTANGIBLE OR SERVICES SUPPLIED BY HIM BITDEFENDER HEREBY EXPRESSLY DISCLAIMS ANY IMPLIED WARRANTIES AND CONDITIONS INCLUDING WITHOUT LIMITATION THE IMPLIED WARRANTIES OF MERCHANTABILITY FITNESS FOR A PARTICULAR PURPOSE TITLE NON INTERFERENCE ACCURACY OF DATA ACCURACY OF INFORMATIONAL CONTENT SYSTEM INTEGRATION AND NON INFRINGEMENT OF THIRD PARTY RIGHTS BY FILTERING DISABLING OR REMOVING SUCH THIRD PARTY S SOFTWARE SPYWARE ADWARE COOKIES EMAILS DOCUMENTS ADVERTISEMENTS OR THE LIKE WHETHER ARISING BY STATUTE LAW COURSE OF DEALING CUSTOM AND PRACTICE OR TRADE USAGE DISCLAIMER OF DAMAGES Anyone using testing or evaluating BitDefender bears all risk to the quality and performance of BitDefender In no event shall BitDefender be liable for any damages of any kind including without limitation direct or indirect damages arising out of the use performance or delivery of BitDefender even if BitDefender has been advised of the existence or possibility of such damages SOME STATES DO NOT ALLOW THE LIMITATION OR EXCLUSION OF LIABILITY FOR License and Warranty X BitDefender Security for Exchange INCIDENTAL OR CONSEQUENTIAL DAMAGES SO THE ABOVE LIMITATION OR EXCLUSION MAY NOT APPLY TO YOU IN NO CASE SHALL BITDEFENDER S LIABILITY EXCEED THE PURCHASE PRICE PAID BY YOU FOR BITDEFENDER The disclaimers and limitations set forth above will apply regardles
63. Defender all of which are protected by international copyright laws and international treaties By installing copying or using BitDefender you agree to be bound by the terms of this agreement If you do not agree to the terms of this agreement do not install or use BitDefender BitDefender License BitDefender is protected by copyright laws and international copyright treaties as well as other intellectual property laws and treaties BitDefender is licensed not sold GRANT OF LICENSE BitDefender hereby grants you and only you the following non exclusive limited non transferable and royalty bearing license to use BitDefender APPLICATION SOFTWARE You may install and use BitDefender on as many computers as necessary with the limitation imposed by the total number of licensed users You may make one additional copy for back up purpose SERVER USER LICENSE This license applies to BitDefender software that provides network services and can be installed on computers that provide network services You may install this software on as many computers as necessary within the limitation imposed by the total number of users to which these computers provide network services This limitation refers to the total number of users that has to be less than or equal to the number of users of the license DESKTOP USER LICENSE This license applies to BitDefender software that can be installed on a single computer or on a single operating system any physi
64. Defender Logging Service v2 Y Starting BitDefender Statistics Service v2 Starting BitDefender Scheduler Service v2 Starting BitDefender Mail Service v Starting BitDefender File Service v Starting BitDefender Connector 2007 v Starting BitDefender UpdateService v2 Starting Microsoft Exchange Transport Import Finish Click Exit to close the window BitDefender Security for Exchange 8 Registration and My Account BitDefender Security for Exchange comes with a 30 day trial period If you decide that BitDefender Security for Exchange is the best choice for your organization proceed to register its full version You should also register a BitDefender account in order to benefit from free BitDefender technical support and other free services Go to Monitoring in the tree menu to perform the product and account registration e Click Register to register BitDefender Security for Exchange change the license key create or sign in to your account or see how many days are left until the licensing period expires e Click My account if you only want to register or sign in to a BitDefender account Note If BitDefender Security for Exchange is under the management of BitDefender Management Server the product and account registration are performed from the management console of BitDefender Management Server Registration and My Account 59 BitDefender Security for Exchange 8 1 Step 1 3
65. Refers to the occurrence of an error during the update process Infected suspected file detected Occurs when an infected file or a file suspected of being infected has been detected BitDefender Warning Groups critical information regarding the activity of BitDefender File not scanned Occurs when a file could not be scanned by BitDefender Key expired Indicates the expiration of the registration period Product update Occurs when a product update is available BitDefender information Groups information regarding the activity of BitDefender Key will expire Indicates that there are 3 days left before the product expires On demand scanning Occurs whenever an on demand scan is performed Rule matched Occurs whenever a message matches a Content Filtering or Attachment Filtering rule Update information Contains information about the update process Report generated Occurs whenever a report is generated Managing Events To manage the events use the provided buttons e Configure event opens the configuration window of a selected event allowing you to configure the importance level of the event and if necessary the mail and net send alerts issued when the event occurs For more information please refer to Configuring Events p 70 e Enable Disable enables disables event notification for one or several selected events Monitoring 69 BitDefender Security for Exchange Note 65 If event notific
66. Steps Follow these steps to install BitDefender Security for Exchange 1 Click Next to continue or click Cancel if you want to quit installation Note After you click Next BitDefender will check if your system meets the minimum requirements for the product and will inform you of any issues that might require your attention before installation can continue Installing BitDefender Security for Exchange 4 BitDefender Security for Exchange 2 Please read the License Agreement select accept the terms in the License Agreement and click Next Note If you do not agree to these terms click Cancel The installation process will be abandoned and you will exit setup 3 You can see the list of all BitDefender products designed for Windows based servers available in the installation package Select BitDefender Security for Exchange click the corresponding arrow and then click Will be installed on local hard drive on the shortcut menu The default installation folder is displayed on the lower part of the window To select a different installation folder click Browse locate the folder and then click OK to set the location Note You can also install other BitDefender products for Windows based servers Select them as shown before The items marked with a red cross will not be installed Click Next O Note If BitDefender does not detect a Microsoft Exchange Server installed on the local computer an error message will appear and
67. able file logging BitDefender creates the log file in Program Files BitDefender BitDefender for Windows Servers Services BDLog By default when the file reaches the size limit of 1024 KB a new log file is created Specify the size limit of the log files in the Maximum log file size field If you do not want to limit the size of the log file enter O in the edit field You can specify a folder where files exceeding the specified size limit should be saved Either provide its path in the corresponding field or click Browse locate the folder and then click OK to set the location To set the time period for which logs are to be stored click Purge logs Enter the number of hours days weeks months during which to store reports and click OK Click Apply to save the changes Examining Logs Click View last log to open the last log file If you have set a size limit for the log file you can see any saved log file Click View saved logs locate the log file you want to see and double click it 9 4 3 Events You can completely disable notifications for each event or you can configure BitDefender to send mail and net send alerts when the event occurs To specify the notification methods for each event click Alerts amp Logs in the tree menu under Monitoring and then the Events tab Monitoring 67 BitDefender Security for Exchange im BitDefender Security for Exchange File Action View Help e gt 018
68. actions that can be applied to each category of detected objects infected or suspect When such an object is detected the first action in the corresponding list is applied If this action fails the next action in the list is applied and so on You can change the order in which actions are to be applied Select an action and click L or LY to move it up or down in the list Actions for infected objects The following actions are available for infected objects Description The infected message is disinfected Antivirus 146 BitDefender Security for Exchange Move to Quarantine The infected object mail body attachment public file is moved to the quarantine folder Delete object The infected object mail body attachment public file is deleted Delete e mail The infected message is deleted Ignore The infected message is delivered in full to its recipients Actions for suspect objects The following actions are available for suspect objects Move to Quarantine The suspect object mail body attachment public file is moved to the quarantine folder Delete object The suspect object mail body attachment public file is deleted Delete e mail The suspect message is deleted Ignore The suspect message is delivered in full to its recipients BitDefender replaces the objects that are deleted or moved to quarantine with an explanatory text To change the text to b
69. activity The BitDefender log provides you with a comprehensive list of the events that occured during product operation Note 63 By default the log file is saved in Program Files BitDefender BitDefender for Windows Servers Services BDLog To configure logging and to view the log files click Alerts amp Logs in the tree menu under Monitoring and then the Logs tab File Action View Help e ome a BitDefender Security for Exchange Monitoring lt y Statistics lt y Reports lt Q Alerts amp Logs EEE Quarantine Q Antivirus lt Antispam lt gt Content Filtering Defender Security for Exchange Alerts Events Logs View Logs lt gt Attachment Filtering Q Scheduled Tasks AR SMTP Groups Press View last log to open the latest BitDefender log file View last log View saved logs Antivirus Press View saved logs to open the saved logs folder DS Antispam O Content Filtering E Attachment Filtering 2 Update Log Settings General I Enable file logging Max log size KB 1024 Spedfy where to save the log file that exceeds the maximum allowed size C Program Files BitDefender BitDefender for Windows Servers Services BDLog Browse Press Purge logs to set the purge properties of old log files Purge logs y Done Logs 66 Monitoring BitDefender Security for Exchange Configuring Logging To log the product activity to a file select En
70. alyzes the message and modifies its SPAM score 9 Pre trained Bayesian Filter The filter analyzes the message and modifies its SPAM score 10 NeuNet heuristic Filter The filter analyzes the message and modifies its SPAM score After the last filter checks the message the SPAM score is compared to the threshold level specified for the rule that is applied If the final SPAM score exceeds the threshold level then the message is considered SPAM and the specified action is taken Otherwise the message is allowed to pass and BitDefender adds scan information to the e mail header 6 1 2 Content Filtering If the message is not deleted during antispam filtering it is then verified according to a specific content filtering group policy The message is checked against the content filtering rules by order of priority until the sender and the recipients of the message match a rule The message is then processed according to the options specified by that rule e If the filtering option set for the rule is Do not scan the message is not processed using content filtering e f the filtering option set for the rule is Scan the message is checked according to the content filtering options specified by the rule If the message matches the rule the content filtering stops and the specified actions are taken on the message Otherwise the message is allowed to pass without any action taken How Does It Work BitDefender Security for Exc
71. ame and optionally the rule description To enable the rule select Enabled If you want the rule to be disabled clear the check box Antispam 161 BitDefender Security for Exchange Step 2 7 Select Senders Groups Click the From tab and select the groups of senders the rule applies to Antispam Rule 24x General Fom To Actions Antispam Engines White Black Lists Bayesian Fiter Select the Groups this rule will apply to if they are found in the sender line of an e mail message G Al C Selected DOT Team Clear all New Details TT Show only selected groups pee ee dose e Cepek eS he cae ei la the Groups section Senders Groups The following options are available e All the rule applies to all senders no matter if they belong to a group or not e Selected the rule applies only to senders from the selected groups If you choose Selected you have to select from the list the groups you want the rule to apply to Click Select All to select all groups If you click Clear All no group will be selected If necessary you can create a new group by clicking New and configuring it The new group will appear in the Groups section To configure an existing group or to see its parameters select it and click Details Antispam 162 BitDefender Security for Exchange Note To learn how to configure a group please refer to Creating Groups p 121 Step 3 7 Select Recipients
72. ange Q Update O General AAA mi Run now New Task Copy Delete Enable Disable Properties Scheduled Tasks You can see all the existing scheduled tasks listed in the table For each task the following information is provided the task type and name the last time when it was performed the next time it is scheduled to run and the status 9 6 1 Managing Scheduled Tasks To manage the scheduled tasks use these buttons e Run Now runs a selected scheduled task e New Task launches a wizard that will help you create a new scheduled task Note The configuration wizard is different for each type of scheduled task e Copy copies one or several selected scheduled tasks Monitoring 85 BitDefender Security for Exchange e Delete deletes one or several selected scheduled tasks You will have to confirm your choice by clicking Yes e Enable Disable enables disables one or several selected scheduled tasks e Properties opens the configuration window of a selected scheduled task allowing you to modify it and to configure more advanced settings 9 6 2 Update Tasks Scheduling Tasks To create a new scheduled task click New task The configuration wizard will appear and it will guide you through the process of creating a scheduled task Note The scheduled update tasks will not deactivate the automatic update Follow these steps to schedule an update task Step 1 4 Welcome to the Schedu
73. ation is disabled the event is not logged and no alert is sent when it takes place Configuring Events You can configure the notification methods separately for each event in the list To configure the notification methods for a specific event select it and click Configure event The configuration window will appear Follow these steps to configure event notification Step 1 3 Select Event Importance Open the configuration window to select the importance of the event Configure notifications ax General mai Alerts Net Send Alerts Event Name File not scanned Event Category Warning Importance level O Disabled O Low File O High File Log Mail Alert and Net Send Lx _ cma soply _5et Defaults Select Event Importance You can see the name and category of the event Monitoring 70 BitDefender Security for Exchange When an event takes place based on its importance it can be logged and possibly specified recipients may be notified through mail and net send alerts of its occurrence Choose one of the following options to set the importance level e Disabled to disable event notification Note E If event notification is disabled the event is not logged and no alert is sent when it takes place e Low File Log to keep a record of the event in the log file No alert is sent when the event takes place e Medium File Log and SMTP to log the event and send mail ale
74. ault To activate it follow these steps 1 Select Enable real time virus reports 2 Click Apply to save the changes 16 2 Report Incidents BitDefender Security for Exchange contains an incident management module that allows creating incident reports during product crashes By agreeing to send the incident reports to the BitDefender Lab you agree to help us find quick fixes for our bugs You could make a major contribution to the development of a stable product that satisfies your needs The reports will only be used for debugging purposes They will never be used as commercial data or disclosed to third parties General 214 BitDefender Security for Exchange To configure the incident management module click General in the tree menu and then the Report Incidents tab BitDefende o Of x File Action View Help es a Bl12 BitDefender Security For Exchange E Monitoring Defender Security for Exchange Q Statistics z puso Loss Virus Report Incidents E Quarantine Q Antivirus lt Antispam Report Incidents lt Content Filtering lt Q Attachment Filtering Tagree to submit dumps to BitDefender Lab lt y Scheduled Tasks AR SMTP Groups Specify an e mail address that will be used as the sender of the dumps Antivirus Jadmin company org 52 Antispam E Content Filtering E Attachment Filtering Bitdefender Security for File Servers contains a dump management module that allows creating dumps during
75. bitdefender BUSINESS SOLUTIONS Administrator s guide defender BitDefender Security for Ex BitDefender Security for Exchange Administrator s guide Published 2010 05 21 Copyright 2010 BitDefender Legal Notice All rights reserved No part of this book may be reproduced or transmitted in any form or by any means electronic or mechanical including photocopying recording or by any information storage and retrieval system without written permission from an authorized representative of BitDefender The inclusion of brief quotations in reviews may be possible only with the mention of the quoted source The content can not be modified in any way Warning and Disclaimer This product and its documentation are protected by copyright The information in this document is provided on an as is basis without warranty Although every precaution has been taken in the preparation of this document the authors will not have any liability to any person or entity with respect to any loss or damage caused or alleged to be caused directly or indirectly by the information contained in this work This book contains links to third party Websites that are not under the control of BitDefender therefore BitDefender is not responsible for the content of any linked site If you access a third party website listed in this document you will do so at your own risk BitDefender provides these links only as a convenience and the inclusion
76. button The following window will appear Quarantine Properties zix m Quarantine location Specify the folder the quarantine is located in on Files Bit Quara les Bit Quarantine AN tes Comm Cancel Apply set Defauts Quarantine Properties You can change the folder the quarantine is located in Provide the new path in the edit field or click Browse to set a new location The default location of the quarantine folders is C Program Files BitDefender BitDefender for Windows Servers Services Quarantine Note The default quarantine folders for each component are the following e C Program Files BitDefender BitDefender for Windows vers Services Quarantine AV for the Antivirus module Program Files BitDefender BitDefender for Windows vers Services Quarantine AS for the Antispam module vers Services Quarantine CF for the Content Filtering module r ia e C Program Files BitDefender BitDefender for Windows r Program Files BitDefender BitDefender for Windows Servers Services Quarantine AF for the Attachment Filtering module Monitoring 83 BitDefender Security for Exchange By default quarantined files older than 90 days are automatically deleted To change the time interval during which files are stored in the quarantine type the number of hours days weeks months in the corresponding field Click OK to save the changes
77. cal or virtual machine running an operating system and which does not provide network services License and Warranty viii BitDefender Security for Exchange excepting the case when the desktop computer provides network services by running BitDefender Management Server Each user may install this software on a single computer or on a single operating system and may make one additional copy for backup on a different device The number of users allowed is the number of the users of the license SUITE LICENSE This license applies to BitDefender Suites or software bundles Such Suites or bundles are comprised of e server components that can be installed on as many computers or network servers as necessary while retaining the limitation imposed on the total number of client machines established by the license bought e client components that can be installed on a single desktop computer or on a single operating system any physical or virtual machine running an operating system which does not provide network services excepting the case when the desktop computer provides network services by running BitDefender Management Server the number of client machines allowed is less than or equal to the number of client machines for which the Suite License is granted This limitation refers to the total number of computers or operating systems licensed any physical or virtual machine running an operating system TERM OF LICENSE The license gran
78. ccording to the scanning options specified by the rule If the message is found infected the scanning stops and the specified actions are taken on the message Otherwise the message is allowed to pass and BitDefender adds scan information to the e mail header and optionally to the message footer 6 2 Mailbox VSAPI Scanning When working at VSAPI level BitDefender Security for Exchange can perform only real time and on deman antivirus scanning The messages placed into mailboxes and public folders are intercepted by the VSAPI interface upon clients request and scanned How Does It Work 25 BitDefender Security for Exchange by BitDefender The scanning is performed according to the options specified by the default antivirus rule Real time VSAPI scanning can also be done through three additional methods intended to optimize the overall scanning process background proactive or transport scanning This is how scanning works e If the message was checked through proactive or background scanning and no update has been performed in the meantime the message will be delivered without being scanned again e f the message was checked through proactive transport or background scanning but an update has been performed in the meantime the message will be scanned again How Does It Work BitDefender Security for Exchange Configuration and Management BitDefender Security for Exchange 7 Getting Started BitD
79. ch category of detected objects infected or suspect When such an object is detected the first action in the corresponding list is applied If this action fails the next action in the list is applied and so on You can change the order in which actions are to be applied Select an action and click La or y to move it up or down in the list Actions for infected objects The following actions are available for infected objects Monitoring Description The infected message is disinfected 116 BitDefender Security for Exchange Delete object Delete e mail Move to Quarantine Ignore The infected object mail body attachment public file is deleted The infected message is deleted The infected object mail body attachment public file is moved to the quarantine folder The infected message is delivered in full to its recipients Actions for suspect objects The following actions are available for suspect objects Delete object Delete e mail Move to Quarantine Ignore The suspect object mail body attachment public file is deleted The suspect message is deleted The suspect object mail body attachment public file is moved to the quarantine folder The suspect message is delivered in full to its recipients BitDefender replaces the infected or suspect objects that are deleted or moved to quarantine with an explanatory text
80. chapter you can find a detailed description of each section Monitoring 40 BitDefender Security for Exchange 9 1 Dashboard Click Monitoring in the tree menu to see the dashboard BitD File Action View Help e gt Ame m BitDefender Security for Exchange Monitoring lt y Statistics lt y Reports lt y Alerts amp Logs B Quarantine Buy Myaccount Register Support Help About Q Antivirus lt Antispam lt y Content Filtering Status lt gt Attachment Filtering Q Scheduled Tasks a aaaf ah SMTP Groups 4 issues affect the security of Antivirus your system 2 Antispam O Content Filtering E Attachment Filtering Defender Security for Exchange 2 Update General issue details Scan activity Product status Dashboard The dashboard provides you with useful information on the status of BitDefender Security for Exchange and helps you easily solve the issues that require your attention You should check the dashboard frequently in order to quickly identify and solve the issues affecting the security of the Exchange server 41 Monitoring BitDefender Security for Exchange 9 1 1 Important Links At the top of the dashboard there are several useful links Opens a web page where you can buy the product from Opens your BitDefender account web page Opens the registration wizard Opens the BitDefender support web page Opens the help file Opens a wi
81. chments entering or leaving the Exchange server mailboxes e block potentially dangerous attachments such as vbs or exe files or the e mails containing them for example quarantine e mail or delete attachment e block attachments having offensive names or the e mails containing them for example reject e mail or delete attachment Attachment Filtering is by default enabled but all messages are allowed to pass without being scanned To use Attachment Filtering go to the Policies tab and configure the default rule The default rule manages the attachment filtering settings for all mail traffic reaching or leaving the server By adding new rules you can create different filtering policies based on the groups the sender and the recipients belong to Attachment Filtering BitDefender Security for Exchange 14 1 Attachment Filtering Click Attachment Filtering in the tree menu to enter this section im BitDefender Security for Exchange File Action View Help 2 2 BitDefender Security For Exchange E Monitoring Defender Security for Exchange lt y Statistics 2 yet Logs Attachment Filtering Policies EXE Quarantine Q Antivirus lt Antispam Attachment Filtering lt Content Filtering lt y Attachment Filtering Q Scheduled Tasks A SMTP Groups antivirus 24 Antispam Apply E Content Filtering C Attachment Filtering s Update General M Enable attachment filtering Attachment
82. cked Use IP Match Sory n t dt knor Doce pas thet wa be awed acon the server If an e mail message is found to contain a domain IP pair that is diferent from the one defined in this Ist the respective DEl Domain reser com company com fis Sake Delorean ape Lene ees lick oe from a previously saved list click Import o ceca teo _Set Defauts IP Match Microsoft Exchange Server 2003 allows authenticating connections Connections that are authenticated are trusted therefore they should be allowed to bypass spam detection However you can set BitDefender to scan the incoming mail traffic from authenticated sources by selecting Check authenticated connections Antispam BitDefender Security for Exchange Spammers often try to spoof the sender s e mail address to make the e mail appear as being sent by someone in your domain To prevent this you can use IP Match If an e mail appears to be from a domain that you have specified in the IP Match rule list such as your own company domain BitDefender checks to see if the IP address of the sender matches the IP addresses provided for the specified domain If the domain address of the sender matches the IP address the message bypasses antispam filtering Otherwise the connection is dropped Select Use IP Match and configure the rule list if you want to filter incoming mail traffic using IP Match Add Rules Click Add to add a new
83. cted Can isolate dangerous or restricted mails going through the antivirus antispam content and attachment filtering modules in a quarantine zone where you can deal with them at will e Centralized management support BitDefender Management Server allows centrally managing most of the BitDefender business solutions installed on network computers including BitDefender Security for Exchange This type of integration allows you to use the Management Server console to get centralized access to O Configuration settings for BitDefender Security for Exchange O Critical event information such as update related events configuration warnings license expiration Features and Benefits 12 BitDefender Security for Exchange 4 2 4 3 4 4 Features and Benefits O Easy to interpret statistics and reports based on the information received from BitDefender Security for Exchange Key Features e Certified antivirus engines e Proactive heuristic protection against zero day threats e Multiple layers of anti spam filtering e Content and attachment filtering e Antispyware and antiphishing protection e Centralized management software compatibility BitDefender Advanced Technologies B HAVE BitDefender Security for Exchange includes B HAVE a patent pending technology which analyzes the behavior of potentially malicious codes inside a virtual computer eliminating false positives and significantly increasing detection rates for
84. cted rules click Remove and then Yes to confirm your choice Import Export Rule List To export the rule listto a txt file click Export and save the file to a desired location To import a previously saved list click Import Step 4 4 Configure Real time Blackhole List Click the Real time Blackhole List to configure this filter Antispam Advanced Settings ax Alow Deny IP List Sender Black List IP Match Realtime Blackhole List The RBL module queries RBL servers to determine if the sender s mail server has a spammer reputation A DNS check is performed therefore you must specify a DNS server DNS IP or address 192168151 DNS query timeout 50 miliseconds Specify a list of RBL servers and the confidence level you have in them cbl abuseat org s0 combined njabl org 70 To save the existing IP list for future use click Export to import an IP list from a previously saved list click Import Real time Blackhole List The Real time Blackhole List RBL filter allows checking the mail server from which a message is sent against the RBL servers configured by the administrator It uses Antispam E57 BitDefender Security for Exchange the DNSBL protocol and RBL servers to filter soam based on mail servers reputation as spam senders A DNS check is performed on the domain d c b a rbl example com where d c b ais the reversed IP address of the server and rb1 example com is the RBL server If the DNS repli
85. d 1 Download the update file Please download the cumulative zip and save it somewhere on your disk when prompted 2 Stop antivirus protection Open the management console click Antivirus in the tree menu clear the check box next to Enable real time antivirus scanning and click Apply 3 Open Services Follow the path Start Control Panel Administrative Tools gt Services 4 Stop BitDefender Antivirus Scanning Service Right click BitDefender Antivirus Scanning Service and select Stop The following services should also stop BitDefender Exchange Connector BitDefender Mail Scanning Service and BitDefender File Scanning Service If this does not happen stop these services one by one 5 Copy the update files Goto Program Files BitDefender BitDefender for Windows Servers Services BitDefender Threat Scanner and locate the most recent Engines folder the word Engines will be followed by a Update PAM BitDefender Security for Exchange date stamp in the folder name Extract the content of the archive in the Plugins folder and accept overwriting existing files 6 Start BitDefender Antivirus Scanning Service Right click BitDefender Antivirus Scanning Service and select Start 7 Start BitDefender File Scanning Service Right click BitDefender File Scanning Service and select Start 8 Start BitDefender Mail Scanning Service Right click BitDefender Mail Scanning Service and select Start 9 Start B
86. d the recipients belong to you can specify various actions to be taken on the spam messages The module contains two sections e Antispam Filtering allows you to enable the antispam filtering and to configure the global antispam filters e Policies allows you to configure the filtering options for all incoming mail traffic and to specify different filtering policies based on the groups the sender and the recipients belong to You must configure the global antispam filters in the Antispam tab Then go to the Policies and configure the default rule which controls the antispam policy filters You can add new rules to create different filtering policies based on the groups the sender and the recipients belong to Antispam 150 BitDefender Security for Exchange 12 1 Antispam Filtering Click Antispam in the tree menu and then the Antispam tab to enter this section im BitDefender Security for Exchange File Action View Help 7 H 2 BitDefender Security For Exchange E Monitoring Defender Security for Exchange lt y Statistics lt y Reports lt y Alerts amp Logs EXE Quarantine lt y Antivirus lt y Antispam Antispam lt y Content Filtering lt Q Attachment Filtering Antispam Policies lt y Scheduled Tasks M Enable antispam filtering Global filters A SMTP Groups antivirus gt lt Antispam E Content Filtering E Attachment Filtering s Update General Apply Ant
87. dd to add the recipient to the list Note Beside the recipients defined here the alert will also be sent to those defined in the Alerts section see Configuring Mail Alert Recipients p 63 Monitoring 72 BitDefender Security for Exchange To import e mail addresses from a txt file click Import select the file and then click Open If you want to export the list to a txt file click Export and save the file to the desired location To remove one or several selected recipients click Remove Click Apply to save the changes and OK if you want to close the window Step 3 3 Configure Net Send Alerts If the importance of the event is high net send alerts will be sent Click the Net Send Alerts tab to configure the net send alerts Configure notifications EIE General Mail Alerts Net Send Alerts Configure the content of the alert y BitD Configure the recipients of the alert MOM if tt To delete a selected address click Remove To save the existing list of addresses for future use click Export to import a list of addresses from a previously saved list click Import To configure the alerts text and different recipients For each event go to the Events tab Lo cma oply Set Defaults Configure Net Send Alerts Configure Alert Text BitDefender allows you to configure the alert content You can see the default text in the box Make the desired changes to the alert content
88. do not want the messages to be scanned for malware select Do not scan Then click OK to save the changes and close the configuration window If you select Scan the messages will be scanned for malware using the settings configured for this policy You can specify e Attachment extensions to be scanned select one of the following options in order to scan attachments depending on their extension Antivirus BitDefender Security for Exchange Scan all extensions Scan only application extensions Scan custom extensions Scan all except specific extensions All mail attachments are scanned regardless of their extension Only the attachments containing applications are scanned This category is limited to files with the following extensions exe com d11 ocx scr gia olle S86 WO SyS owe Clas class Ovi lle aabo cos slo ss DEA ONUDI kuiz pot pea oscila oxic wiosi DSC A RE JM casos 1 o Sls o Clas o ale oO dE joa WEIL y Sim jOCES WSLS y mal Se mal loess ENE Chew ja Only the attachments having the specified extensions are scanned Provide the specific extensions in the edit field These extensions must be separated by All attachments except those having the specified extensions are scanned Provide the extensions excepted from scanning in the edit field These extensions must be separated by e Maximum mail body attachment size to be scanned select
89. dule General Schedule Settings Notfications r Schedule Schedule task to run Start date 8 27 2008 y O End date 8 27 2008 y 7 Y lt Start time 1 23 53 PM ES O Von Tue Wed Om Om Osa O Delete f not scheduled to run again Cancel Apply Set Defauits Schedule Specify the task schedule You must choose one of the following options from the menu e Once to run the task one time only at a given moment Specify the start date and time in the Start Date Start Time fields e Periodically to run the task periodically at certain time intervals minutes hours days weeks months years starting with a specified date and time To configure the necessary settings follow these steps 1 Specify the start date in the Start Date field Monitoring 99 BitDefender Security for Exchange 2 If you want to run the task repeatedly until a certain date check End Date and specify the end date in the corresponding field 3 Specify the start time in the Start Time field 4 Specify the task frequency by specifying the number of minutes hours days weeks months years between two successive occurrences of such task in the corresponding field e Week Days to run the task repeatedly only in certain days of the week starting with a specified date and time To configure the necessary settings follow these steps 1 Specify the start date in the Start Date field
90. e itDefender Security for Exchange BitDefender Security For Exchange E Monitoring Defender Security for Exchange lt y Statistics lt Reports Q Alerts amp Logs bind E Quarantine Q Antivirus Q Antispam lt Content Filtering Q Attachment Filtering Q Scheduled Tasks AA SMTP Groups Antivirus 24 Antispam E Content Filtering E Attachment Filtering 2 Update O General rt Name Report Date Cat Fe Report 2009 04 24 10 11 12 24 April 2009 Antivirus Top Senders Report coy al New Report Delete View Report Purge options Reports You can see all the existing reports listed in the table For each report the following information is provided the report name the date when the report was generated the type of information it contains and the format You can create the following types of reports e Antivirus Create custom reports with information on the activity of the Antivirus module Description Provides complete information on the activity of the Antivirus module Provides a table containing the malware detected in descending order Monitoring BitDefender Security for Exchange Top Malware Senders Contains the mail senders ordered by the quantity of malware sent Top Malware Contains the mail recipients ordered by the number of Recipients malware received e Antispam Create custom reports with information on the activity of the Antispam modu
91. e Header value IT Save e mail to folder Browsen p Archive f redirect inbound mail to account enter ME mail address Ex Cancel Apply _SetDefauts Actions You must choose one of the following actions Content Filtering 185 BitDefender Security for Exchange Delete e mail Quarantine e mail Deliver e mail Reject e mail The detected message is deleted The detected message is moved to the quarantine folder The detected message is delivered in full to its recipients The detected message is rejected with a 550 SMTP error code You can also set additional actions to be taken on the detected messages The following actions are available Modify the subject of the e mail messages that matched this rule Add a header to the e mail messages that matched this rule Save e mail to folder Archive to account The subject of the detected message is modified You can modify the subject pattern We recommend you to use one of these patterns e CF subject to add CF before the subject This is the default subject pattern e CF subject CF to add CF before and after the subject e CF to replace the subject with CF An e mail header is added to the detected message Provide the header name and value in the corresponding fields The detected message is saved to a specified folder To specify the folder click Browse locate it and then c
92. e Report Time Interval C Last Day Last Week Last month Custom Start date 8 27 2008 v End date 8 27 2008 z Select the time interval covered in the report Only records included in the selected time interval will be shown in the report Click Next to continue or click Cancel to exit the Report Wizard _ cto Tie cs Select Time Interval Select the time interval covered in the report e Last day e Last week e Last month e Custom If you need information about the BitDefender activity related to a specific time interval select Custom and specify the start and end date To specify the start and end date either click the numbers in the date field and enter new values or click the arrow to choose a date from the calendar Note The date format is month day year Only the records from the specified period will appear in the report Click Next Monitoring 58 BitDefender Security for Exchange Step 5 5 View Summary Create a new report Report Summary The options you selected are listed below Click Back to change the selected options Report Type Antivirus Total Report Report Format HTML Report Start Date 27 7 2008 3 Report End Date 27 8 2008 Click Finish to generate the report with the options listed above Click Cancel to exit the Report Wizard cack mmm Coma View Summary This window displays the selected report settings You can make any cha
93. e delivered instead of such objects follow these steps 1 Click Edit replacement text A new window will appear 2 Do any or both of the following e Select Infected file replaced and type in the edit box the text to be delivered instead of the infected or suspect objects deleted e Select Infected file quarantined and type in the edit box the text to be delivered instead of the infected or suspect objects moved to quarantine 3 Click OK to save the changes and close the window Step 3 3 Configure Notifications Click the Notifications tab and configure the notifications issued for the on demand scan Antivirus 147 BitDefender Security for Exchange Antivirus on demand scanning ef Please configure the notifications to be sent for this on demand scanning process r Notification types OO Log start end of on demand scanning To change the notification events configuration please go to the Alerts amp Logs section Events tab O Generate scan report Select the location of the on demand scanning report file E Program Files Br Defender BrDefender Security for Exchange Reports Change location Choose the report type HTML y Notifications Log Scanning Select Log start end of on demand scanning to record the start and the end of the on demand scanning in the log file O Note The corresponding event from the Events section must be enabled and properly configured For more i
94. e displays the monitored items and their current status When there is an issue concerning one of the monitored items a red Fix link is displayed To quickly solve the existing issues click the Fix links one by one or the Fix all issues button a Important For every monitored item there is a check box selected by default in the Monitor column If you do not want a specific item to be monitored just clear the corresponding check box Server Scan If the Server Scan button is orange or red there are issues affecting the scanning activity of BitDefender Security for Exchange its core modules Click the button to see the respective issues A table named Server scan will be displayed and you will be able to see the monitored items and their current status e Real time protection The issues that can be reported are listed in the following table Critical issue Real time protection is disabled and the Exchange server is not protected against malware Click Fix to enable real time protection Critical issue The licensing period has expired Click Fix to open the registration wizard and register BitDefender Security for Exchange with a new license key e Antispam The issues that can be reported are listed in the following table Monitoring 43 BitDefender Security for Exchange Not enabled Critical issue Antispam filtering is disabled and the Exchange server is not protected against spam Click
95. ed BitDefender Configuration Repair Tool BitDefender Security for Exchange BitDefender Configuration Repair Tool Defender Security for Windows Servers The backup of the BitDefender registry file was successfully restored Action Stopping BitDefender Scanning Service v2 Y Stopping BitDefender Registry Service Y Restoring last known good configuration Y Starting BitDefender Registry Service Y Starting BitDefender Scanning Service v2 Starting BitDefender Logging Service v2 Y Starting BitDefender Statistics Service v2 Y Starting BitDefender Scheduler Service v2 Y Starting BitDefender UpdateService v2 Y Starting BitDefender Security for FileServers Finish Click Exit to close the window tion Repair Tool 222 BitDefender Security for Exchange 20 BitDefender Support Tool The BitDefender Support Tool creates a zip archive of files required by our support technicians to troubleshoot BitDefender Security for Exchange To use the Support Tool follow these steps 1 Open the BitDefender Support Tool using this path from the Windows start menu Start All Programs BitDefender Security for Windows Servers BitDefender Support Tool BitDefender Support Tool Step 1 Welcome to the BitDefender Support Tool The purpose of this tool is to gather the information necessary tor BitDefender engineers to properly identify and reproduce the issue you reported It will gather in
96. ed Scan Settings Limit Scanning Time If you do not want to scan messages that exceed a certain size limit select Maximum mail size to be scanned and provide the size limit in the corresponding field Beside messages you can select other objects to be scanned Contacts Tasks and Appointments Click OK to save changes and close the window If you want to limit the scanning time select Stop scan if it takes longer than and specify the number of minutes or hours Click Apply to save the changes If you want to save the changes and close the configuration window click OK If you want to close the configuration window without making any changes click Cancel Configuring Actions Click the Actions tab and specify the actions to be taken on infected and suspect objects Monitoring BitDefender Security for Exchange On demand Scheduled Scanning Properties 2 x General Schedule Settings Actions Notifications Select the action to be taken on infected files Disinfect Move To Quarantine Delete Object Delete E mail Ignore Select the action to be taken on suspect files D e Tf the SMTP scanning is enabled the deleted or quarantined objects are replaced with a text Actions Different actions can be configured for the infected and suspect objects detected by BitDefender There is a list of actions that can be applied to ea
97. efault rule has the lowest priority therefore you cannot change its priority Because the rule was designed to apply to the entire mail traffic you cannot configure group options However you can configure all the other options Group Filtering Policies To set different filtering policies add new rules In this way you can create customized filtering rules for the mail traffic between certain groups of users To manage the rules use the following buttons e New Rule creates a new rule You will have to configure the rule before it appears in the table e Copy copies one or several selected rules e Delete deletes one or several selected rules You will have to confirm your choice by clicking Yes e Enable Disable enables disables one or several selected rules e Properties opens the configuration window of a selected rule allowing you to modify the rule To learn how to configure the rule please refer to Configuring Rules p 178 e a Up moves a selected rule one level up in the table This will increase the priority of the rule e Down moves a selected rule one level down in the table This will decrease the priority of the rule 13 2 2 Creating Rules To create a rule choose one of these methods e copy an existing rule and click Properties to modify it e click New Rule and configure the new rule In both cases a new window will appear Next you must configure or modify the rule Co
98. efender Security for Exchange can be configured and managed through a centralized MMC based management console The management console provides access to all features and settings of BitDefender Security for Exchange To access the management console use the Windows Start menu by following the path Start Programs BitDefender Security for Windows Servers BitDefender Security for Exchange Eile ae a es o a18 BitDefender Security for Exchange A Monitoring 22 Monitoring AR SMTP Groups A SMTP Groups o Antivirus W antivirus DX Antispam 24 Antispam E Content Fitering E content Filtering E Attachment Filtering Q Update O General D Attachment Filtering 2 Update O General Management Console On the left side of the management console you can see the tree menu e Monitoring displays the dashboard The dashboard provides you with useful information on the status of BitDefender Security for Exchange and helps you easily solve the issues that require your attention Getting Started 28 BitDefender Security for Exchange O Statistics offers real time statistical information regarding the activity of the Antivirus Antispam Content Filtering and Attachment Filtering modules Reports allows you to create customized reports on product activity Alerts amp Logs allows configuring the logging options and sending alerts about the events that occur during product operation
99. efender business products The BitDefender Knowledge Base hosts numerous articles that contain solutions to BitDefender related issues 2 Select your product from the list 3 Search the BitDefender Knowledge Base for articles that may provide a solution to your problem 4 Please read the article most relevant to your problem and try the proposed solution 5 If this solution does not solve your problem use the link in the article to contact BitDefender Customer Care It is recommended that you first login to your BitDefender account and then contact the BitDefender support representatives by e mail chat or phone 21 2 BitDefender Knowledge Base The BitDefender Knowledge Base is an online repository of information about the BitDefender products It stores in an easily accessible format reports on the results of the ongoing technical support and bugfixing activities of the BitDefender support Support ZO BitDefender Security for Exchange and development teams along with more general articles about virus prevention the management of BitDefender solutions with detailed explanations and many other articles The BitDefender Knowledge Base is open to the public and freely searchable The extensive information it contains is yet another means of providing BitDefender customers with the technical knowledge and insight they need All valid requests for information or bug reports coming from BitDefender clients eventually find
100. er Security for Windows Servers from your computer Modify Repair or Remove BitDefender Modify BitDefender The BitDefender Security for Exchange installation package is part of a bigger package that contains all available BitDefender Security for Windows Servers products 3 1 If you choose Modify a new window will appear from which you can select individual BitDefender products for installation or removal You should install all the products you want to use at the same time Repairing or Removing BitDefender 7 BitDefender Security for Exchange To install a product click the corresponding arrow and then select Will be installed on local hard drive on the shortcut menu To remove a product click the corresponding arrow and then select Entire feature will be unavailable on the shortcut menu 3 2 Repair BitDefender If BitDefender Security for Exchange starts to perform unexpectedly you can repair it in order to restore its functionality The repair process consists in completely re installing the product a Important Before repairing the product we recommend you to export the product settings so that you can reload them after the repairing process is completed For more information please refer to Exporting Importing Product Settings p 31 If you choose Repair a new window will appear Click Repair to start the process Important During the repair process all BitDefender products installed
101. er deeply integrates with this interface The antivirus scanning at VSAPI level can be done through three additional scanning methods intended to optimize the overall scanning process background proactive or transport scanning e The purpose of background scanning is to scan all messages stored in the Exchange databases mailboxes and public folders When an object having been checked through background scanning is requested it will not be scanned again unless a virus signature update has been performed in the meantime Although background scanning is performed at low priority the process takes up system resources because databases are re scanned after each update and updates are performed often Core Modules dls BitDefender Security for Exchange O Note By default background scanning is disabled You should enable it only as a second layer of protection when you want to check all your databases and make sure they are clean e Proactive scanning allows scanning messages before they are actually accessed When a message is submitted to the Store it is placed in the global scanning queue and assigned a low priority If and when threads are available in the thread pool and no high priority message remains to be scanned each message in the global scanning queue is submitted for scanning On the other hand if a message in the global scanning queue is requested by a client it is assigned a high priority and it is removed from the
102. erly configured For more information please refer to Configuring Events p 70 Configure Report Settings Select Generate Scan Report to generate a report for the on demand scan By default the report file is saved in C Program Files BitDefender BitDefender Security for Exchange Reports To change this location click Change location Monitoring 118 BitDefender Security for Exchange The report can be generated in HTML text or CSV format You can choose the format of the report file from the menu Note To view the report file at the end of the scanning process open the configuration window select the task and click Properties and then click View Log Click Apply to save the changes If you want to save the changes and close the configuration window click OK If you want to close the configuration window without making any changes click Cancel Monitoring 119 BitDefender Security for Exchange 10 SMTP Groups BitDefender allows creating user groups in order to apply different scanning and filtering policies for different user categories For example you can create appropriate policies for the IT department for the sales team or for the managers of your company To create new user groups or manage existing groups click SMTP Groups in the tree menu File Action View Help es 0 8 82 BitDefender Security for Exchange EJ Monitoring Defender Security for Exchange lt y Statistics
103. es based on the groups the sender and the recipients belong to Content Filtering 174 BitDefender Security for Exchange 13 1 Content Filtering Click Content Filtering in the tree menu to enter this section im BitDefender Security for Exchange File Action View Help ces 6018 BitDefender Security For Exchange E Monitoring Defender Security for Exchange Q Statistics Q Reports Q Alerts amp Logs B Quarantine lt Antivirus lt gt Antispam Content Filtering lt y Content Filtering lt y Attachment Filtering lt Scheduled Tasks A SMTP Groups Antivirus 24 Antispam Apply O Content Filtering E Attachment Filtering 2 Update O General Content Filtering Policies I Enable content filtering Content Filtering This is where you can enable content filtering If you want content filtering to be enabled select Enable content filtering Otherwise clear this check box Click Apply to save the changes Note In order to configure the global content filtering options or to create different filtering policies based on user groups go to the Policies section Content Filtering 175 BitDefender Security for Exchange 13 2 Policies Click Content Filtering in the tree menu and then the Policies tab to enter this section Eile Action View Help es lalale BitDefender Security for Exchange E Monitoring Defender Security for Exchange Q Statistics lt y Reports lt y Alerts
104. es that the domain is valid it means that the IP is listed in the RBL server and a certain server score is provided This score ranges between 0 and 100 according to the configured server confidence trust level The query is performed for every RBL server in the list and the score returned by each one is added to the intermediate score When the score has reached 100 no more queries are performed If the RBL filter score is 100 or higher the message is considered SPAM and the specified action is taken Otherwise a spam score is computed from the RBL filter score and added to the global spam score of the message Provide the IP or the address of the DNS server to query and the query timeout interval in the corresponding fields Add RBL Servers Click Add to add a new RBL server to the list The configuration window will appear RBL Server Specify the Real time Blackhole List Server First specify the name of the RBL server and then the level of trust The level of trust is an indicator elects SSS on a scale from O to 100 which shows the accuracy you consider the RBL server to have AD The value you provide is used when computing the SPAM score Click OK to add the RBL server If an e mail message is found RBL servers the j Cl to the list those servers Co coca Add RBL Servers Manage RBL Servers You can see the RBL servers listed in the table If you want to modify the settings for an RBL server e
105. essly integrated with the MS Exchange Server to create a malware free messaging environment It protects Exchange servers against the latest most sophisticated malware and against attempts to steal users confidential and valuable data BitDefender Security for Exchange Antivirus Comprehensive protection for Exchange Servers 4 1 Key Benefits e Email Protection against malware O Fights e mail borne malware by filtering and blocking messages that carry a virus spyware trojan backdoor or other potentially dangerous active codes Scans e mail messages at the point they enter leave the server so that the messaging environment is free from malware at all times Extends the malware protection span by keeping the external recipients of the filtered e mail customers partners friends safe as well Offers anti phishing protection by proactively detecting forged messages intended trick their recipient into disclosing confidential data O Matches e mails to a particular IP address so that messages with spoofed headers cannot pass the White List filter anymore e Increased business productivity Reduces mail traffic and saves network resources due to its extensive antimalware protection capabilities Features and Benefits 11 BitDefender Security for Exchange O Through its optimized scanning process increases mail delivery speed and reduces server workload O Improves the IT manager s productivity and prevents the
106. figure the recipients of the mail alerts as described in the Configuring Mail Alert Recipients p 63 section 4 Goto the Events tab and configure the events for which mail alerts should be sent as described in the Configuring Events p 70 section If you want to disable this service clear the check box corresponding to Enable Mail Alerts and then click Apply to save the changes Configuring Mail Alert Settings To configure the SMTP settings of mail alerts click the corresponding Configure button A new window will appear Configure notifications 2 x SMTP Settings Recipients SMTP mail alerts Specify the SMTP server IP and e mail sender used to send the mail alerts SMTP Server From address BitDefender TF Use SMTP Server Authentication SMTP Username SMTP Password Lx _ cma Apply Set Defaults SMTP Settings Specify the SMTP settings required for sending the mail alerts e SMTP Server type in the IP address of the SMTP server that your network uses to send messages e From address type in the e mail address that will appear in the sender field Monitoring 62 BitDefender Security for Exchange Important Provide a valid e mail address for the SMTP server otherwise the server may decline to send an e mail whose sender e mail address is unknown to it e If the SMTP server used to send messages requires authentication select Use SMTP Server Authenticati
107. formation related to the Operating System the hardware the BitDefender files and settings and the other applications installed on your machine No other type of information will be gathered or transmitted via this tool By clicking Next you agree to allow BitDefender to gather this information and use IO IO o BitDefender Support Tool 2 Click Next 3 Wait until the Support Tool finishes gathering information BitDefender Support Tool BitDefender Security for Exchange BitDefender Support Tool Step 2 BitDefender Support Tool Information Gathering is Gathering product information mm Please wait while BitDefender Support Tool is gathering information about your system e e Gathering Information The Support Tool gathers product information information related to other applications installed on the machine and the software and hardware configuration 4 The Support Tool informs you when the process has completed BitDefender Support Tool Step 3 BitDefender Support Tool Thank you for your cooperation Please note that an archive has been saved on your desktop under the name can access your desktop by clicking the desktop icon in your Quick Launch toolbar Please send this file to the BitDefender support team by attaching it to the e mail in which you describe the issue in detail Note If you have communicated with the BitDefender support team on
108. ge sent from an address in this list will be identified as legitimate Configure the Black List Any e mail message sent from an address in this list will be identified as spam White List Black List Most people communicate regularly with a group of people or even receive messages from companies or organizations in the same domain By using the White List Black Antispam 169 BitDefender Security for Exchange List filter the administrator can set a list of trusted and untrusted addresses from which to respectively always accept or always reject e mail messages Select Enable White Black Lists to filter messages using the White List and the Black List White List The White List contains e mail addresses expected to send legitimate messages Any mail coming from an address contained in the White list will be considered legitimate and will bypass further antispam filters Note 63 We recommend that you add the trusted addresses to the White List BitDefender does not block messages coming from the addresses on the list therefore adding them helps ensure that legitimate messages get through Click White List to configure the White List A new window will appear White List Specify a list of e mail addresses To save the existing list of addresses for future use dick Export to import a list of addresses from a previously saved list dick Import HE WERE coca White Li
109. gistration service Click Next to continue l already have a BitDefender account BitDefender will automatically detect if you have previously registered a BitDefender account on your computer In this case all you have to do is to click Next If you already have an active account but BitDefender does not detect it select Sign in to an existing BitDefender account provide the e mail address and the password of your account and click Sign In O Note If you provide an incorrect password you will be prompted to re type it when you click Next Click Ok to enter the password again or Cancel to exit the wizard If you have forgotten your password click Forgot your password and follow the instructions Click Next to continue Registration and My Account BitDefender Security for Exchange 8 3 Step 3 3 Finish BitDefender Registration Finish Thank you For using BitDefender Security For Exchange Please refer to the register button in the Dashboard section For information about BitDefender Account and the expiring date of the current license key Your BitDefender license key 3A6A8A50327FF43E 7B6E is Trial Expires in 30 days Your BitDefender Account You do not have an account Please create an account Finish Click Finish to close the window Note To log in to your BitDefender account click My account Registration and My Account BitDefender Security for Exchange 9 Monitoring The
110. gs file previously exported from the products Press Import to begin importing the settings or Exit to dose this dialog and keep your current settings Import Tool 3 Click Import A new window will appear E p Computer a BOOT C E Ga DISK1 D Settings locuments and Settings de ExchangeSetupLogs de Inetpub do Program Files Je Program Files x86 y winoows m Ub wmpub z Import Tool Getting Started 32 BitDefender Security for Exchange 4 Select the folder where the product settings were saved and click OK to import them 5 Wait until the Import Tool completes the importing process BitDefender Settings Import Tool Defender Security for Windows Servers Action Y Stopping Microsoft Exchange Transport v Stopping BitDefender UpdateService v2 Y Stopping BitDefender Connector 2007 49 Stopping BitDefender File Service PIO Importing Settings The Import Tool first stops the Microsoft Exchange Transport service the Microsoft Information Store and the BitDefender Security for Exchange services Then it imports the product settings from the selected folder Finally the Import Tool restarts the processes previously stopped 6 The Import Tool informs you when the settings have been successfully imported 55 Getting Started BitDefender Security for Ex Y Importing product settings Starting BitDefender Scanning Service v2 Y Starting Bit
111. h The filter is highly flexibile as it can be configured separately for different groups of users Note that the lists must be configured for each rule in order to apply the filter to the corresponding incoming mail traffic Block Sexually Explicit Content Starting May 19 2004 spam that contains sexually oriented material must include the warning SEXUALLY EXPLICIT in the subject line or face fines for violations of federal law This filter detects messages marked as SEXUALLY EXPLICIT in the subject line and tags them as SPAM Charset Filter Many spam messages are written in Cyrillic and or Asian charsets The Charset Filter detects this kind of messages and tags them as SPAM URL Filter Almost all spam messages include links to various web locations These locations usually contain more advertising and the possibility to buy things and sometimes they are used for phishing Core Modules 19 BitDefender Security for Exchange BitDefender maintains a database of such links The URL filter checks every URL link in a message against its database If a match is made the message is tagged as SPAM Image Filter Since avoiding heuristic filter detection has become quite a challenge images are increasingly used in spam messages Many spam messages contain either a single spam image or a spam image and a random text meant to deceive the heuristic filter The Image filter deals with image spam It com
112. hange 6 1 3 Attachment Filtering If the message is not deleted during content filtering then the mail attachments if any are verified according to a specific attachment filtering group policy The message is checked against the attachment filtering rules by order of priority until the sender and the recipients of the message match a rule The message is then processed according to the options specified by that rule e f the option set for the rule is Do not scan the message is not processed using attachment filtering e f the filtering option set for the rule is Scan the message is checked according to the attachment filtering options specified by the rule If the message matches the rule the attachment filtering stops and the specified actions are taken on the message Otherwise the message is allowed to pass without any action taken 6 1 4 Antivirus Scanning If the message is not deleted during attachment filtering it is then verified according to a specific antivirus scanning group policy The message is checked against the antivirus scanning filtering rules corresponding to policies by order of priority until the sender and the recipients of the message match a rule The message is then processed according to the options specified by that rule e f the filtering option set for the rule is Do not scan the message is not scanned for malware e If the scan option set for the rule is Scan the message is checked a
113. has reached 100 no more queries are performed If the RBL filter score is 100 or higher the message is considered SPAM and the specified action is taken Otherwise a spam score is computed from the RBL filter score and added to the global spam score of the message Note The RBL filter can be deactivated under certain policies 5 2 2 Policy Filters There are 8 policy filters White List Black List Block sexually explicit content Charset filter URL filter Image filter Bayesian filter Pre trained Bayesian filter and NeuNet Heuristic filter Core Modules 18 BitDefender Security for Exchange O Note These filters can be enabled and configured by the administrator separately for each rule In order to configure them go to the Antispam module Policies section and set the appropriate rules For more details please refer to Creating Rules p 160 White List Black List Most people communicate regularly with a group of people or even receive messages from companies or organizations in the same domain By using the White List Black List filter the administrator can set a list of trusted and untrusted addresses from which to respectively always accept or always reject e mail messages Note ES We recommend that you add the trusted addresses to the White List BitDefender does not block messages coming from the addresses on the list therefore adding them helps ensure that legitimate messages get throug
114. he infected message The infected object mail body attachment is moved to the quarantine folder disie Antivirus BitDefender Security for Exchange A Description The infected object mail body attachment is deleted The infected message is deleted The infected message is delivered in full to its recipients Note The Delete e mail action does not work on Exchange 2000 VSAPI scanning it only works on Exchange 2000 SMTP scanning Actions for suspect objects The following actions are available for suspect objects The suspect object mail body attachment is moved to the quarantine folder The suspect object mail body attachment is deleted The suspect message is deleted The suspect message is delivered in full to its recipients On the Exchange servers installed with the Mailbox role the objects that are deleted or moved to quarantine can be replaced with a text To enable this option select the Replace deleted attachments with text file only for SMTP scanning check box To change the text to be delivered instead of such objects follow these steps 1 Click Edit Replacement text A new window will appear 2 Do any or both of the following e Select Infected file replaced and type in the edit box the text to be delivered instead of the infected or suspect objects deleted e Select Infected file quarantined and type in the edit box the text to be del
115. he new group will appear in the Groups section To configure an existing group or to see its parameters select it and click Details Note To learn how to configure a group please refer to Creating Groups p 121 Step 4 6 Configure Attachment Filtering Options Click the Attachment Filtering Options tab and configure the filtering options for the messages matching this policy Attachment Filtering Rule ax General From To Attachment Fitering Options Actions Notifications C Do not scan Scan p Name Specify the attachment names to be detected wildcards are accepted Click the checkbox if you want to except those file names from detection T Detect all file names except for those listed below p Extension Specify the attachment extensions to be detected Click the checkbox if you want to exclude those extensions from detection T Detect all extensions except for the following Filtering Options Attachment Filtering BitDefender Security for Exchange If you do not want the messages to be scanned using attachment filtering options select Do not scan Then click OK to save the changes and close the configuration window If you select Scan the messages will be scanned using the attachment filtering options configured for this policy Next you must specify the rule conditions Note Messages that do not match any rule condition will not be detected Consequently
116. he specified action is taken on the message 2 White List Black List Filter If a match is found against the White List the filtered message is considered legitimate and the antispam filtering stops If a match is found against the Black List the filtered message is considered SPAM the antispam filtering stops and the specified action is taken on the message 3 Real time Blackhole List RBL The filter analyzes the message and if matches are found modifies its SPAM score If the SPAM score exceeds a certain value the message is considered SPAM the antispam filtering stops and the specified action is taken on the message How Does It Work BitDefender Security for Exchange 4 Block sexually explicit content Filter If the message matches the filtering rule it is considered SPAM the antispam filtering stops and the specified action is taken on the message 5 Charset Filter If the message matches the filtering rule it is considered SPAM the antispam filtering stops and the specified action is taken on the message 6 URL Filter If a match is found against the filter s database the filtered message is considered SPAM the antispam filtering stops and the specified action is taken on the message 7 Image Filter If a match is found against the filter s database the filtered message is considered SPAM the antispam filtering stops and the specified action is taken on the message 8 Bayesian Filter The filter an
117. he training interval otherwise the Bayesian Filter will not have enough time to complete one training before another one starts This means that instead of analyzing messages it will only train itself continuosly To save the current Bayesian dictionary for future use click Save trained filter If you have a Bayesian dictionary that was previously saved with the Save trained filter option you can import it by clicking Import trained filter Click OK to save the changes and close the configuration window Antispam 175 BitDefender Security for Exchange 13 Content Filtering Content Filtering helps you filter e mail messages based on certain character strings found in the e mail headers subject from to cc or in the e mail body By using Content Filtering you can achieve the following goals e prevent unwanted mail content from entering the Exchange server mailboxes e block outgoing mail containing confidential data e archive messages that meet specific conditions for example those coming on your company s support e mail address to a different e mail account or on the disk Content Filtering is by default enabled but all messages are allowed to pass without being scanned To use Content Filtering go to the Policies tab and configure the default rule The default rule manages the content filtering settings for all mail traffic reaching or leaving the server By adding new rules you can create different filtering polici
118. hen the Report Virus tab General Pads BitDefender Security for Exchange BitDefender Se o ange ioj x File Action View Help e gt 2 BitDefender Security for Exchange EP Monitoring Defender Security for Exchange lt Statistics lt Reports Q Alerts amp Logs E Quarantine Report Virus Report Incidents Q Antivirus lt Antispam Virus and Spam Report Information lt Q Content Filtering lt Q Attachment Filtering IV Enable real time reports virus and spam Q Scheduled Tasks A SMTP Groups 3 R O anvas The real time report module sends reports to the BitDefender Lab about the viruses and spam found on your server By enabling this feature you agree to help us identify new viruses and spam and find quick remedies for them Your 24 Antispam contribution could be essential for the development of new tools to protect you and the other users against virus O Content Filtering threats and unsolicited mail Virus reports only contain the country of origin the virus name the number of infected E Attachment Filtering files and the total number of scanned files Spam reports contain the number of mails scanned the number of spam 2 Update received and how much spam was caught by each filter The data is exclusively used for statistics purposes not as al commercial data and they will not be disclosed to the third parties Apply Report Virus Real time Virus Reporting is disabled by def
119. ich the action will apply e If you want to enter a single IP address select One IP address and provide it in the corresponding field e If you want to enter a range of IP addresses select Subnet and provide the subnet identifier and the subnet mask in the corresponding fields 3 Click OK to add the entry to the IP list Antispam T53 BitDefender Security for Exchange Manage IP List You can see the IP addresses and the associated action listed in the table If you want to modify an entry either double click it or select it and click Modify To remove one or several selected entries click Remove and then Yes to confirm your choice Import Export IP List To export the IP list to a txt file click Export and save the file to the desired location To import a previously saved list click Import Step 2 4 Configure Sender Black List Click the Sender Black List tab to configure the Sender Black List filter Antispam Advanced Settings 2 x Alow Deny IP List Sender Black List IP Match Realtime Blackhole List IZ Enable Sender Black List Specify the e mail addresses that will be rejected access to the server john_doe chatalot com en ma To save the existing IP list for future use click Export to import an IP list from a previously saved list click Import Sender Black List The Sender Black List allows the administrator to specify a list of e mail addresses which are denied access to the
120. icies 14 2 1 Managing Rules You can see all the existing rules listed in the table For each rule the following information is provided priority the name and the groups of senders and recipients it applies to The rules are listed by order of priority with the first rule counting as the highest priority Attachment Filtering BitDefender Security for Exchange Note Messages are checked against each rule by order of priority until the sender and the recipients of the message match a rule The message is then processed according to the attachment filtering options specified by that rule Default Rule There is one rule created by default that manages the global content filtering settings You cannot copy delete or disable this rule The default rule has the lowest priority therefore you cannot change its priority Because the rule was designed to apply to the entire mail traffic you cannot configure group options However you can configure all the other options Group Filtering Policies To set different filtering policies add new rules In this way you can create customized filtering rules for the mail traffic between certain groups of users To manage the rules use the following buttons e New Rule creates a new rule You will have to configure the rule before it appears in the table e Copy copies one or several selected rules e Delete deletes one or several selected rules You will have to confirm your ch
121. ick Update in the tree menu and then the Settings tab BitDefender Security for Exchange Elle Action View Help e amem BitDefender Security for Exchange E Monitoring Defender Security for Exchange lt y Statistics lt y Reports lt y Alerts amp Logs B Quarantine lt Antivirus lt y Antispam Update Schedule lt Q Content Filtering lt Q Attachment Filtering M Automatic update interval 1 hours Schedule Update Q Scheduled Tasks AR SMTP Groups Antivirus 52 Antispam Update Pushing O Content Filtering E Attachment Filtering E tn shing Configure Update Settings Locations Notifications BitDefender Security for Exchange can be configured to initiate an update upon receipt of a specially crafted update announcement message from BitDefender Labs subscription service Update pushing is only available for registered users Product Update Product update type Does not require stopping server traffic or to reboot the server Download updates and install automatically C Download updates automatically and install Every Day Download updates and let me decide when to install them Requires stopping server traffic but does not require to reboot the server Update Settings 15 2 1 Configuring Update Schedule There are two ways to update BitDefender Security for Exchange on a regular basis e Using the automatic update The automatic update feature allows updating BitDefender automaticall
122. ics lt y Reports Q Alerts amp Logs Quarantine EE Quarantine ES Antivirus 1 Date HH MM SS Status Virus name Sender recipients Q Antispam 2008 08 27 13 38 03 Infected Weihnacht 1827 usrx01 npwin11 local usrx02 npwin11 local 021 dear lt Content Filtering 6 2008 08 27 13 38 50 Infected Weihnacht 1827 usrx01Enpwin11 local usrx02 npwin1L local 021 dear Q Attachment Filtering 2008 08 27 13 38 59 Infected Weihnacht 1827 usrx02 npwin11 local usrx01 npwin11 local 021 dear Q Scheduled Tasks 2008 08 27 13 39 23 Infected Win95 SK 7972 usrx02 npwin11 local usrx03 npwin11 local susp 2 AR SMTP Groups Antivirus 52 Antispam O Content Filtering E Attachment Filtering 2 Update General AAA Delete Save to Properties Antivirus Quarantine This is where you can see the objects that BitDefender found infected or suspect and which were stored in the quarantine area There are two types of quarantined objects mail body and mail attachment For each quarantined file the following information is provided the date and time when it was quarantined the status infected suspect unscanable the virus name the mail address or mailbox of the sender the mail address or mailbox of the recipients the subject of the message and the file name for attachments Monitoring 76 BitDefender Security for Exchange Quarantined files are encrypted In order to see an item from the quarantine area select it
123. ide a valid e mail address for the SMTP server otherwise the server may decline to send an e mail whose sender e mail address is unknown to it e IP type the IP address used by the server e Port type the port used by the server If the server used to send the messages requires authentication select the Use authentication check box and enter the user name and password associated with the Send from address Note NTLM authentication is not supported Click OK to save the changes and close the window 4 You are ready to start restoring the messages The following window will appear Restore items x Global status Press the Begin button to start restoring emails Mail subject Mail from Mail to Status 49 baby Usrx01 lt usra01 domai Usrx02 lt usrx02 Sdomai Restore pending Restore Items The e mails selected for restoration are listed in this window For each message the subject sender recipient and restoration status are displayed Click Begin to start delivering the messages Once the process begins you can abort it by clicking Stop Monitoring 82 BitDefender Security for Exchange To configure the server settings click Settings This will open the server settings window 5 Wait for the restoration to complete and click Close to close the window Configuring Quarantine Properties To set the location of the quarantine folder and configure the purge options click the Properties
124. ificant information Warning Y This is critical information you should treat with increased caution Nothing bad will happen if you follow the indications You should read and understand it because it describes something extremely risky 2 The Book Structure Preface The book consists of 5 parts containing the major topics Installation Description Configuration and Management Testing BitDefender and Troubleshooting and Getting Help Installation Step by step instructions for installing BitDefender on a workstation This is a comprehensive tutorial on installing BitDefender Security for Exchange Starting with the prerequisites for a successfully installation you are guided through the whole installation process Finally the removing procedure is described in case you need to uninstall BitDefender Description The features and functionality of BitDefender Security for Exchange are presented to you Configuration and Management Description of basic administration and maintenance of BitDefender The chapters explain in detail all options of BitDefender Security for Exchange how to register the product how to configure it how to monitor its activity and how to perform the updates Testing BitDefender Presents two standard testing methods that you can use to check the antivirus and antispam components of BitDefender Troubleshooting and Getting Help Where to look and where to ask for help if something unexpected appears
125. igure the recipients of the net send alerts click the corresponding Configure button A new window will appear Note The recipients specified here will be alerted upon the occurrence of an event for which this type of alert has been set To specify different recipients for each event go to the Events tab and configure the events For more information please refer to Configuring Events p 70 Configure notifications Recipients Specify the global recipients of the alerts Click Add to add a new alert receiver Add Remove admin_comp Export Import To delete a selected alert recipient click Remove To save the existing recipients list For Future use click Export to import a list from a previously saved list click Import To configure the alerts text and different recipients for each event go to the Events tab Recipients Monitoring Provide the computer name in the corresponding field and click Add to add the recipient to the list To import computer names from a txt file click Import select the file and then click Open If you want to export the list to a txt file click Export and save the file to the desired location To remove one or several selected recipients click Remove Click Apply to save the changes and OK to close the window 65 BitDefender Security for Exchange 9 4 2 Logs BitDefender is by default configured to keep a log of its
126. iltering First update location Second update location lt y Scheduled Tasks MN SMTP Groups Specify the update location Specify the update location Antivirus upgrade bitdefender com DS Antispam Content Filtering The second update location is used when the first update Attachment Filtering location cannot be contacted Update Settings Locations Notifications Roll Back T Allow unsigned updates T Allow unsigned updates Updates from a local server are not signed You must allow Updates from a local server are not signed You must allo unsigned updates if the update location is a local server unsigned updates if the update location is a local server I Use proxy F Use proxy Server IP Server IP Port Port User name User name Password Password Update Locations BitDefender can update from the local network over the Internet directly or through a proxy server For more reliable and faster updates you can configure two update locations a First update location and a Second update location Both require the configuration of the following options e Update location type the address of the update server By default the primary update location is upgrade bitdefender com Update 207 BitDefender Security for Exchange Note 63 If you are connected to a local network that has BitDefender virus signatures placed locally you can change the location of the updates here e Allow
127. imum number of scanning threads to be used The recommended number can be computed in this way 2 number of CPU 1 Click OK to save the changes If you want to restore the default settings click Set Defaults SMTP Scanning Options Select the Enable SMTP scanning check box to enable SMTP based antivirus scanning Antivirus 128 BitDefender Security for Exchange If SMTP scanning is enabled BitDefender can add a footer to all scanned mails Select the Add footer to scanned emails check box to activate this option and type the desired text in the text box below Maximum Archive Depth To Scan Archives can contain other archives It is possible to find files with multiple archive levels If there are too many such levels the scanning process can take longer affecting the performance of the server It is advisable to set a maximum level up to which the archives are to be scanned To set the maximum archive depth to scan type the desired level in the corresponding box The default archive depth scanned is 16 Click OK to save the changes If you want to restore the default settings click Set Defaults Scanning Instances Based on the system configuration and on the number of BitDefender products you have chosen to install BitDefender computes an optimal number of scanning instances Though not recommended you may change this value for systems with powerful multicore CPUs to speed up scanning Antivirus 129 BitDefe
128. ing any changes click Cancel Monitoring 102 BitDefender Security for Exchange 9 6 4 On demand Scanning Tasks Scheduling Tasks To create a new scheduled task click New task The configuration wizard will appear and it will guide you through the process of creating a scheduled task Follow these steps to schedule an on demand scanning task Step 1 7 Welcome to the Scheduled Tasks Wizard Welcome to BitDefender Security for Exchange Scheduled Tasks Wizard Scheduled Tasks Wizard guides you through the steps required to generate and schedule an update a report or an on demand scanning task The scheduled update tasks wil not deactivate the automatic update module which will regularly check the update server for new signatures and engines Click Next to continue or click Cancel to exit the wizard Welcome Click Next Monitoring 103 BitDefender Security for Exchange Step 2 7 Select Task Type Create a new scheduled task 21 x Choose the Task Type Task name Weekly Scan Task type Update Task Generate Report Task On demand Scanning Task Select Task Type Provide the task name and then select On demand Scanning Task Click Next Step 3 7 Configure Schedule Create a new scheduled task 21x Configure Schedule Settings Schedule task to nun periodically 7 Start date 8 27 2008 y i I End date 8 27 2008 y 3 Start time 3 20 16 PM
129. installation package is already installed on the computer 2 1 Fresh Installation To begin a fresh installation locate the setup file and double click it A wizard will appear and you must follow its steps to complete installation Detailed information is provided for each situation Follow the instructions suited for your current situation Before launching the setup wizard BitDefender will check for newer versions of the installation package If a newer version is available you will be prompted to download it Click Yes to download the newer version or No to continue installing the version then available in the setup file Installing BitDefender Security for Exchange 3 BitDefender Security for Exchange BitDefender will also check if BitDefender Security for Exchange is already installed on the local computer Ifthe same version as the one in the setup file is installed you will have to modify the existing configuration If an older version is installed the installation process will continue as it should with the only difference that the already installed products will be re installed upgraded by default al Welcome to the BitDefender Security for Windows Servers Setup Wizardl Cck next to contrus or Cancelto stop the irstallation O lt t conc Completing the BitDefender Security for Windows Servers Setup Wizard Chek the Finish butten to eit the Setup Wizard Installation
130. irm your choice by clicking OK To be able to schedule the installation of available product updates that require stopping traffic or rebooting the server click the Fix all issues button instead Critical issue The new kit may come with new features and functionalities Click Fix to install the kit You will have to confirm your choice by clicking OK Please note that installing the kit might require a server restart e Signature update older than one day The issues that can be reported are listed in the following table Updates are old Critical issue More than one day passed since the last update Click Fix to initiate a new update The status will change to Updating percent e Automatic update The issues that can be reported are listed in the following table Automatic update is off and no scheduled update task is defined and on Critical issue BitDefender Security for Exchange is not automatically updated on a regular basis Click Fix to enable automatic update If not already configured the update interval is set to one hour Monitoring 46 BitDefender Security for Exchange License Status If the License Status button is orange or red there are issues concerning the license of your BitDefender Security for Exchange Note The License Status button and the related issues are not available if BitDefender Security for Exchange is managed by BitDefender Management
131. is is where you can see and manage untrusted e mail addresses Add Addresses Click Add to add a new address to the list Provide the address in the window that will appear and then click OK Manage Addresses You can see the e mail addresses listed in the table If you want to modify an address either double click it or select it and click Modify To remove one or several selected addresses click Delete and then Yes to confirm your choice Import Export Addresses To import addresses from a txt file click Import select it and then click Open To export the existing addresses to a txt file click Export and save the file to the desired location In this way you can use the address list when Antispam 171 BitDefender Security for Exchange configuring BitDefender server products on other machines or after reinstalling the product Click OK to save the changes and close the window If you click Cancel all changes will be lost Step 7 7 Configure Bayesian Filter Click the Bayesian Filter tab and configure the Bayesian Filter General From To Actions Antispam Engines White Black Lists Bayesian Fiter Y Enable Bayesian Filter a To offer good results the Bayesian Filter must be trained on the legitimate and spam e mail messages specific for the server whose traffic is filtered Specify two folders where you periodically store spam and legitimate e mail messages Specify the HAM folder folder that
132. ispam Filtering This is where you can enable antispam filtering and configure the global antispam filters If you want the antispam protection to be enabled select Enable antispam filtering Otherwise clear this check box Click Apply to save the changes Note 64 In order to configure the antispam filtering options for all incoming mail traffic or to create different filtering policies based on user groups go to the Policies section Antispam 151 BitDefender Security for Exchange 12 1 1 Configuring Global Antispam Filters Several global antispam filters can be configured to filter all of the incoming mail traffic in order to reduce the traffic on the server These filters are used before a specific group filtering policy is applied Note We recommend you to configure these filters when BitDefender Security for Exchange is installed on a gateway Click Global Filters to open the configuration window and follow these steps to configure the global antispam filters Step 1 4 Configure Allow Deny IP List Click the Allow Deny IP List tab to configure the Allow Deny IP List Antispam Advanced Settings 21x Alow Deny IP List Sender Black List IP Match Realtime Blackhole List F Enable Allow Deny IP List Specify the IP addresses of the servers that will be allowed or denied access to your server SubeviP Address Mask ation Delete en ma To save the existing IP list for future use clic
133. itDefender Exchange Connector Service Right click BitDefender Exchange Connector Service and select Start 10 Start antivirus protection Open the management console click Antivirus in the tree menu check Enable real time antivirus scanning and click Apply Update Paw BitDefender Security for Exchange 16 General The General snap in allows configuring BitDefender to send the BitDefender Lab reports regarding the viruses found on the server and the incidents that occurred during product operation 16 1 Report Virus Real time Virus Reporting RTVR allows sending reports about the viruses and spam found on your server to the BitDefender Lab in order to help us identify new viruses and spam and find quick remedies for them Your contribution could be essential for developing new tools to protect you and other users against virus threats The reports will not contain any personally identifiable data such as your name IP address or others The virus information supplied will contain only the name of the country the virus name the number of infected files and the total number of scanned files Spam information consists of the number of mails scanned the number of spam received and how much spam was caught by each filter The reports themselves are used only for statistic purposes and will never be used as commercial data or disclosed to third parties To configure Real time Virus Reporting click General in the tree menu and t
134. itDefender Security for Exchange The statistics are grouped based on the core modules Antivirus Antispam Content Filtering and Attachment Filtering 9 1 4 Product Status To see information on the product status click a corresponding to the Product status section You can see the name of the server BitDefender Security for Exchange is installed on as well as the product version and the number of available malware signatures Statistics There is a special BitDefender database which stores information regarding the product s activity Based on this database BitDefender offers the possibility to obtain real time statistical data regarding the activity of the Antivirus Antispam Content Filtering and Attachment Filtering modules both separately and as a whole 9 2 If you want to see detailed statistics regarding the real time scanning activity of BitDefender Security for Exchange click Statistics in the tree menu under Monitoring Monitoring 49 BitDefender Security for Exchange Ele Action View Help e 02 BitDefender Security for Exchange E 2 Monitoring Defender Security for Exchange Q Statistics lt y Reports lt y Alerts amp Logs EE Quarantine Q Antivirus Antispam lt Q Content Filtering Statistics lt Attachment Filtering lt y Scheduled Tasks AR SMTP Groups Antivirus Statistics Summary Antivirus Antispam Content Filtering Attachment Filtering
135. ither double click it or select it and click Modify To remove one or several selected RBL servers click Remove and then Yes to confirm your choice Import Export RBL Servers To export the existing RBL servers and their settings to a txt file click Export and save the file to the desired location To import a previously saved database of RBL servers click Import Click OK to save the changes and close the configuration window Antispam 158 BitDefender Security for Exchange 12 2 Policies Click Antispam in the tree menu and then the Policies tab to enter this section im BitDefender Security for Exchange File Action view Help es Ble BitDefender Security For Exchange Ei Monitoring Defender Security for Exchange Q Statistics Q Reports Antispam Policies lt Alerts amp Logs EXE Quarantine Antivirus Priori Rule name Sender Recipient groups lt Q Antispam p Junk Mail to IT IT Team lt y Content Filtering 2 Default Rule lt gt Attachment Filtering lt Scheduled Tasks A SMTP Groups Antivirus gt lt Antispam E Content Filtering E Attachment Filtering s Update General New Rule Copy Delete Enable Disable Properties de Ka Policies This is where you can specify the antispam filtering options You can modify the default rule to specify the antispam filtering options for all of the mail traffic or you can configure new rules in order to create customized grou
136. ity for Exchange 9 2 1 Clearing All Records 9 3 By default BitDefender automatically erases statistical information older than one week If you wish to keep the statistical information for a different period of time click the Purge Options button and set the number of days weeks months for which statistics are to be stored Note Statistics older than the specified period will be automatically deleted In case you wish to clear the database of information regarding product activity you need to follow these steps 1 Right click Statistics in the tree menu a contextual menu will appear 2 Select Clear all records 3 Click Yes to confirm your choice Note The Statistics module shares its database with the Reports module Creating new reports for the period prior to the data clearing will no longer be possible Reports The same BitDefender database used by the Statistics module can also be used to create customized reports regarding the activity of the Antivirus Antispam Content Filtering and Attachment Filtering modules Reports contain general information the report name the time interval for which the report is generated and the server name and specific information which depends on the type of report They can be generated in HTML text or comma separated values CSV format To create view and manage reports go to Reports in the tree menu under Monitoring Monitoring Sy BitDefender Security for Exchang
137. ity for Exchange lolx File Action View Help e omne a BitDefender Security for Exchange E Monitoring Defender Security for Exchange lt y Statistics lt y Reports lt gt Alerts amp Logs EEE Quarantine Q Antivirus Date YYYY mmfdd HH MM SS Rule Matched Sender Recipients Quarantine Q Antispam There are no items to show in this view lt Q Content Filtering lt Attachment Filtering lt y Scheduled Tasks ARK SMTP Groups Antivirus 24 Antispam O Content Filtering E Attachment Filtering Properties Attachment Filtering Quarantine This is where you can see the messages that matched an Attachment Filtering rule and which were stored in the quarantine area For each quarantined message the following information is provided the date and time when it was quarantined the matching rule the mail address of the sender the mail address of the recipients the subject and the file name of the message Quarantined files are encrypted In order to see an item from the quarantine area select it and then click Save to disk to decrypt the file In this way you can analyze the item and send it by mail To decrypt and deliver a quarantined message to its intended recipient select the message and click Restore Note To learn how to manage the quarantined files and the quarantine area please refer to Managing Quarantine p 81 Monitoring 80 BitDefender Security for Exchange 9 5 5
138. ivered instead of the infected or suspect objects moved to quarantine 3 Click OK to save the changes and close the window Antivirus 140 BitDefender Security for Exchange Step 6 6 Configure Notifications Click the Notifications tab and specify whether to issue notifications or not when infected messages are detected or files cannot be scanned Antivirus Rule 2x General From To Scan options Actions Notifications Please configure the notifications to be sent for this rule r Notification types I Infected file detected I File not scanned To change the notification events configuration please go to the Alerts amp Logs section Events tab Notifications Select the events for which to issue notifications e Infected file detected when an infected file was detected e File not scanned when a file could not be scanned Note The corresponding event in the Events section must be enabled and properly configured For more information please refer to Configuring Events p 70 Click OK to save the changes and close the configuration window Antivirus 141 BitDefender Security for Exchange 11 3 On demand Scanning BitDefender can scan the Exchange databases mailboxes and public folders for viruses and spyware on demand To configure and initiate on demand scanning processes click Antivirus in the tree menu and then the On demand tab Note On dema
139. k Export to import an IP list from a previously saved list click Import OK Cancel Apply Set Defaults Allow Deny IP List The Allow Deny IP List enables the administrator to specify IP addresses which are denied access to the server All incoming connections from addresses that appear on the Deny IP List are dropped provided that such addresses do not appear on the Allow IP List Antispam E52 BitDefender Security for Exchange Note The Allow IP List is used to except IP addresses from ranges of IP addresses defined on the Deny IP List Select Enable Allow Deny IP List and configure the IP addresses if you want to use the Allow Deny IP List to filter the incoming mail traffic Add IP Addresses Click Add to add a new IP address to the list The configuration window will appear Allow Deny Server IP xj r Action Allow access C Deny access r IP Address One IP Address Bea e ls Subnet Subnet identifier 0 0 0 0 Subnet mask AAA ej em Add IP Address Follow these steps to configure a new entry on the IP list 1 Choose the action to be applied to the mail traffic coming from the specified IP address Allow access or Deny access e If you select Deny access the incoming connection from the specified IP addresses will be dropped e If you select Allow access messages coming from the specified IP addresses will be allowed to pass 2 Provide the IP addresses to wh
140. ld be run Click Next Monitoring 105 BitDefender Security for Exchange Step 4 7 Select Scan Target Create a new scheduled task 21x Configure Scanning Options Specify the groups mailboxes and public folders to be scanned The Current settings are Select all El MY Mailbox Database Administrator 3 Usd z Usx02 Usnc3 El M Second Storage Group E Public Folders i IT Show only selected m con Select Scan Target Select the check boxes corresponding to the items groups mailboxes and public folders you want to be scanned If you want to scan all the Exchange databases mailboxes and public folders just click Select All To clear all check boxes and start a new selection click Clear All You can select Show only selected to display only the items to be scanned Click Next Monitoring 106 BitDefender Security for Exchange ae Step 5 7 Set Actions Create a new scheduled task 2 xi Configure Scanning Actions Select the action to be taken on Select the action to be taken on infected files suspect files Move To Quarantine Ignore JT Replace deleted attachments with text file only For SMTP scanning Tf a virus is detected BitDefender will apply the action you selected If the selected action is Disinfect and it fails to apply BitDefender will attempt to apply the second action selected l
141. le Total Provides complete information on the activity of the Antispam module Top Spam Senders Contains the mail senders ordered by the spam volume sent Total by filters Contains a top of malware ordered by the antispam filters that caught them e Content Filtering Create custom reports with information on the activity of the Content Filtering module Total Provides complete information on the activity of the Content Filtering module Top Volume Senders Contains the mail senders ordered by the number of content filtering rules matched Top Volume Recipients Contains the mail recipients ordered by the number of content filtering rules matched e Attachment Filtering Create custom reports with information on the activity of the Attachment Filtering module Monitoring 54 BitDefender Security for Exchange Description Provides complete information on the activity of the Attachment Filtering module Contains the mail senders ordered by the number of attachment filtering rules matched Contains the mail recipients ordered by the number of attachment filtering rules matched 9 3 1 Managing Reports To manage the reports use the provided buttons e New Report launches a wizard that will help you create a new report e Delete deletes one or several selected report files You will have to confirm your choice by clicking Yes e View Report opens a selected report file
142. led Tasks AK SMTP Groups Antivirus 24 Antispam O Content Filtering There is no roll back available E Attachment Filtering Update Rollback If a rollback is available the current product version and the version you can roll back to will be displayed Click Roll Back and confirm your choice by clicking Yes in the confirmation window to perform the rollback action After a rollback is performed the version currently in use and the previous version will be displayed You can use the provided link to update back to the newer version Update BitDefender Security for Exchange 15 6 Manual Update This method allows installing the latest virus and spyware signatures To install a patch or a product upgrade of the latest version go to the Product Update section Important 2 Use the manual update when the automatic update cannot be performed or when the computer is not connected to the Internet Manual update is performed using a zip archive cumulative zip which contains the updates of the scanning engines and virus and spyware signatures cumulative zip is released every week on Monday and it includes all the virus and spyware definitions and scan engines updates up to the release date Note E The download locations on FTP and HTTP are e ftp ftp bitdefender com pub updates update_is_90 cumulative zip e http download bitdefender com updates update_is_90 cumulative zip Steps to be followe
143. led Tasks Wizard Create a new scheduled task Welcome to BitDefender Security for Exchange Scheduled Tasks Wizard Scheduled Tasks Wizard guides you through the steps required to generate and schedule an update a report or an on demand scanning task The scheduled update tasks will not deactivate the automatic update module which will regularly check the update server for new signatures and engines Click Next to continue or click Cancel to exit the wizard Welcome Click Next Monitoring 86 BitDefender Security for Exchange Step 2 4 Select Task Type Create a new scheduled task Choose the Task Type Task name Update before weekly scan Task type Update Task Generate Report Task On demand Scanning Task cack Wet cos Select Task Type Provide the task name and then select Update Task Click Next Step 3 4 Configure Schedule Create a new scheduled task 21x Configure Schedule Settings Schedule task to run periodically P Start date 8 27 2008 i TT End date 8 27 2008 y i Start time 3 17 06 PM every P minutes 2 _cto Te cms Run Task Periodically Specify the task schedule You must choose one of the following options from the menu Monitoring BitDefender Security for Exchange e Once to run the task one time only at a given moment Specify the start date and time in the Start Date S
144. lick OK The detected message is archived to a specified account Provide the e mail archive address in the field next to this option A Bcc containing the address will be added to the detected message Content Filtering 186 BitDefender Security for Exchange Step 6 6 Configure Notifications Click the Notifications tab and specify whether to issue notifications or not when messages match the rule Content Filtering Rule 21x General From To Content Fitering Options Actions Notifications Please configure the notifications to be sent for this rule Notification types IV Rule matched To change the notification events configuration please go to the Alerts amp Logs section Events tab Notifications Select Rule matched to issue notifications when messages match the rule Note Z The corresponding event in the Events section must be enabled and properly configured For more information please refer to Configuring Events p 70 Click OK to save the changes and close the configuration window Content Filtering 187 BitDefender Security for Exchange 14 Attachment Filtering The Attachment Filtering module provides filtering features for mail attachments It can detect attachments with certain name patterns of a certain type or exceeding a certain size limit By using Attachment Filtering you can achieve the following goals e limit the size of the atta
145. low priority list Proactive scanning optimizes the overall scanning process because the messages having undergone proactive scanning are not scanned again when accessed unless the virus stamp has changed in the meantime Note By default proactive scanning is enabled e Transport scanning prevents infected messages from entering Exchange mailboxes After entering the Exchange store the messages are scanned before being resubmitted to the transport engine which delivers them to their destination Messages are then scanned again on the back end server Note By default transport scanning is enabled In order to configure proactive background and transport scanning open the management console go to the Antivirus module Real time tab and click Advanced For more information please refer to Configuring Advanced Antivirus Settings p 126 5 2 Antispam BitDefender Antispam employs remarkable technological innovations and industry standard antispam filters to weed out spam before it reaches the user s Inbox Core Modules 16 BitDefender Security for Exchange Different filtering policies can be defined for users and user groups The rules are those that specify which filters to use to analyze the message and the actions to take on spam based on the groups to which the sender and the recipients belong The Antispam filters are grouped into two categories e Global filters configurable filters meant to filter all i
146. ly on MS Exchange Server 2003 Transport scanning means that messages are scanned at the transport level This prevents infected messages from entering the Exchange mailboxes The messages entering the Exchange store are intercepted by the VS API interface and scanned by BitDefender After being scanned the messages are submitted again to the transport engine which will deliver them to their destination Any message scanned at the gateway will be rescanned on the back end server BitDefender Security for Exchange Note We recommend enabling transport scanning only when BitDefender Security for Exchange is installed on a gateway Additional options are available by clicking the Advanced button Antivirus Advanced Settings xj I Scan RTF Y Scan plain text Scan timeout 180 seconds Number of scanning threads 2 number of CPUs 1 recommended E Cancel Set Defaults Advanced VSAPI settings e Scan RTF select this option if you want the body messages in Rich Text Format RTF to be scanned e Scan Plain Text select this option if you want the body messages in plain text format to be scanned e Scan Timeout type in the corresponding field the maximum time allocated to scan an object If the scanning process is not completed before the timeout interval an error is returned and access to the object is denied e Number of scanning threads type in the corresponding field the max
147. main BitDefender checks to see if the IP Core Modules Alyy BitDefender Security for Exchange address of the sender matches one of the IP addresses provided for the specified domain If the domain address of the sender matches an associated IP address the message is considered legitimate and antispam filtering stops Otherwise the message is considered SPAM and the connection is dropped Real time Blackhole List The Real time Blackhole List RBL filter allows checking the mail server from which a message is sent against the RBL servers configured by the administrator It uses the DNSBL protocol and RBL servers to filter soam based on mail servers reputation as spam senders The mail server address is extracted from the e mail header and its validity is checked If the address belongs to a private class 10 0 0 0 172 16 0 0to172 31 0 0 or192 168 0 0 to 192 168 255 0 or itis not relevant it will be ignored A DNS check is performed on the domain d c b a rbl example com where d c b ais the reversed IP address of the server and rb1 example comis the RBL server If the DNS replies that the domain is valid it means that the IP is listed in the RBL server and a certain server score is provided This score ranges between 0 and 100 according to the configured server confidence trust level The query is performed for every RBL server in the list and the score returned by each one is added to the intermediate score When the score
148. messages that match the rule based on the groups to which the sender and the recipients belong Core Modules ZAI BitDefender Security for Exchange 6 How Does It Work 6 1 BitDefender Security for Exchange scans e mail messages both at SMTP Simple Mail Transfer Protocol level and at mailbox or VSAPI Virus Scanning Application Program level E mail messages entering or leaving the Exchange server are scanned at SMTP level Inside the Exchange server e mail messages entering or leaving the users mailboxes are scanned at VSAPI level SMTP Scanning When working at SMTP level BitDefender checks mail using antispam content and attachment filtering and antivirus scanning This keeps clients Inboxes free of spam phishing attempts viruses and spyware as well as other unwanted content Moreover using content and attachment filtering on outgoing mail protects your company against the theft of confidential information Let s consider that all the filters and engines are enabled and see how BitDefender filters the mail traffic A message is verified in the following order by 1 Antispam Filtering only incoming SMTP mail 2 Content Filtering 3 Attachment Filtering 4 Antivirus Scanning 6 1 1 Antispam Filtering The Antispam module will check the message first Antispam filtering works at both connection and content level to ensure efficient protection against spammers and less traffic on the server No
149. more information on the antispam filters mentioned here please refer to Policy Filters p 18 The following options are available e Enable pre trained Bayesian Filter enables disables the pre trained Bayesian Filter e Enable Multi Filter enables disables the Multi Filter This filter has several components O Asian enables disables the filter that blocks mail written in Asian characters O Cyrillic enables disables the filter that blocks mail written in Cyrillic characters O Block sexually explicit content enables disables the filter that blocks messages tagged Sexually Explicit in the subject Antispam 168 BitDefender Security for Exchange e Enable Image Filter enables disables the Image Filter e Enable URL Filter enables disables the URL Filter e Enable RBL Filter enables disables the global RBL Filter e Enable Heuristic Filter enables disables the Heuristic Filter Note To enable disable a filter select clear the corresponding check box Step 6 7 Configure White List Black List Click the White Black Lists tab and configure the White List and the Black List Antispam Rule EIES General From To Actions Antispam Engines White Black Lists Bayesian Fiter Configure the e mail address lists based on which the messages from specific e mail addresses will be accepted or denied Y Enable White Black Lists Configure the White List Any e mail messa
150. n the Start Date field 2 If you want to run the task repeatedly until a certain date check End Date and specify the end date in the corresponding field 3 Specify the start time in the Start Time field 4 Specify the task frequency by specifying the number of minutes hours days weeks months years between two successive occurrences of such task in the corresponding field e Week Days to run the task repeatedly only in certain days of the week starting with a specified date and time To configure the necessary settings follow these steps Monitoring 94 BitDefender Security for Exchange 1 Specify the start date in the Start Date field 2 If you want to run the task repeatedly until a certain date check End Date and specify the end date in corresponding field 3 Specify the start time in the Start Time field 4 Specify the day or days of the week on which the task should be run Click Next Step 4 7 Select Report Type Create a new scheduled task 21x Choose the Report Type Module Report Type Antivirus Total Antispam Top Malware Content Filtering Top Malware Senders Attachment Filtering Top Malware Receivers Select the report type Depending on your selection the report will show the total or the top antivirus antispam content filtering or attachment fitering activity Click Next to continue or Cancel to exit the Repor
151. ncoming mail traffic regardless of the policies set e Policy filters filters applied to the incoming mail traffic according to the specified policies 5 2 1 Global Filters There are 4 global filters Allow Deny IP List Sender Black List IP Match and Real time Blackhole List O Note These filters must be configured globally by the administrator In order to configure them go to the Antispam module Antispam section and click Global Filters For more details please refer to Configuring Global Antispam Filters p 152 Allow Deny IP List The Allow Deny IP List enables the administrator to specify IP addresses which are denied access to the server All incoming connections from addresses that appear on the Deny IP List are dropped provided that such addresses do not appear on the Allow IP List The Allow IP List is used to except IP addresses from ranges of IP addresses defined on the Deny IP List Sender Black List The Sender Black List allows the administrator to specify a list of e mail addresses which are denied access to the server The incoming mail from these addresses will be dropped before reaching the server IP Match Spammers often try to spoof the sender s e mail address to make the e mail appear as being sent by someone in your domain To prevent this you can use IP Match If a message appears to be from a domain that you have specified in the IP Match rule list Such as your own company do
152. nd scanning is available only for back end Exchange servers Fai BitDefender Security for Exchange al File Action View Help es olBl2 BitDefender Security For Exchange EX Monitoring Defender Security for Exchange lt y Statistics ES poe eins Real time Policies On demand E 2 Quarantine lt y Antivirus lt y Antispam On demand Scanning lt y Content Filtering Q Attachment Filtering Manual on demand scan Configure lt y Scheduled Tasks AR SMTP Groups Y Antivirus ee 22 Antispam Status Idle Stop scan E Content Filtering E Attachment Filtering sy Update O General Scan Scheduled on demand scan Schedule Info The list of scheduled tasks can be found in the Monitoring Scheduled Tasks section On demand Scanning In order to perform an on demand scan you must configure the scan settings and then click Scan You can stop the scan process anytime you want by clicking Cancel Antivirus 142 BitDefender Security for Exchange O Note Only one on demand scan can be run at a time Please note that on demand scanning increases resource consumption You should not set BitDefender to scan the Exchange databases when the server workload is at a high level If you want to schedule an on demand scan click Schedule and follow the steps of the wizard For more information please refer to On demand Scanning Tasks p 103 11 3 1 Configuring Scan Settings Click Configure to o
153. nder Security for Exchange Antivirus Advanced Settings 2 x Settings Scanning Instances Static We recommend you use 4 scanning threads due to the Fact that you have 1 processor cores and 1 products installed Note that the number of threads should be in the 4 to 24 interval ae pe soply Set Defaults Scanning Instances 11 2 Policies Click Antivirus in the tree menu and then the Policies tab to enter this section Antivirus BitDefender Security for Exchange im BitDefender Security for Exchange File Action View Help e gt 01018 BitDefender Security For Exchange E Monitoring Defender Security for Exchange lt y Statistics ES los Realtime Policies On demand E Quarantine lt gt Antivirus Priority Rule name Sender groups Recipient groups LY Antispam ran Mail IT IT Team lt Q Content Filtering 2 Default Rule lei ll lt Q Attachment Filtering Q Scheduled Tasks A SMTP Groups Y Antivirus 22 Antispam E Content Filtering E Attachment Filtering 2 Update O General New Rule Copy Delete Enable Disable Properties a y Policies This is where you can configure the rules of the real time antivirus scanning 11 2 1 Managing Rules You can see all the existing rules listed in the table For each rule the following information is provided priority the name and the groups of senders and recipients it applies to The rule
154. ndow where you can see details about the product 9 1 2 Status Area The Status area contains information about and helps you fix the existing issues Three status buttons monitoring three categories of issues immediately inform you about the existence of specific issues e Server scan e Update status e License status Note The License Status button and the related issues are not available if BitDefender Security for Exchange is managed by BitDefender Management Server To the left of the status buttons you can see the number of issues affecting the security of the Exchange server if any The status buttons can be displayed in green orange or red depending on the existing issues that affect the security of the Exchange server e Green indicates that no issue requires your attention e Orange indicates the existence of issues that pose medium security risks These issues do not require your immediate attention but you should check them as soon as possible e Red indicates the existence of critical security issues which require your immediate attention Monitoring 42 BitDefender Security for Exchange To find out details about these issues do one of the following e Click a status button to see the respective category of issues e Click Ml corresponding to Issue details to expand this section and see all possible issues The Issue details section contains three tables one for each status button Each tabl
155. nformation please refer to Configuring Events p 70 Configure Report Settings Select Generate scan report to generate a report for the on demand scan By default the report file is saved in C Program Files BitDefender BitDefender Security for Exchange Reports To change this location click Change location Antivirus 148 BitDefender Security for Exchange The report can be generated in HTML text or CSV format You can choose the format of the report file from the menu Click OK to save the changes and close the configuration window 11 3 2 Viewing Scan Reports By default everytime you scan the Exchange server on demand a scan report is created The report provides you with detailed information about the scanning process and the infected files detected To view the report of an on demand scan go to Reports and double click that report or select it and click View Report If you are interrested only in the last on demand scan report you can open the on demand scan configuration window the Settings tab and click View Report The report file is displayed using the default browser Antivirus 149 BitDefender Security for Exchange 12 Antispam The Antispam module offers protection against spam phishing and other attacks It uses a combination of various filters and engines to determine whether messages are spam or not and to check them for patterns of spam Based on the groups the sender an
156. nge North America BitDefender LLC PO Box 667588 Pompano Beach Fl 33066 Phone sales amp technical support 1 954 776 6262 Sales sales bitdefender com Web http www bitdefender com Web Self Service http kb bitdefender com site KnowledgeBase showMain 2 Germany BitDefender GmbH Airport Office Center Robert Bosch Strake 2 59439 Holzwickede Deutschland Phone office amp sales 49 0 2301 91 84 222 Phone technical support 49 0 2301 91 84 444 Sales vertrieb bitdefender de Website http www bitdefender de Web Self Service http www bitdefender de site KnowledgeBase showMain 2 UK and Ireland Business Centre 10 Queen Street Newcastle Staffordshire ST5 1ED UK Phone sales amp technical support 44 0 8451 305096 E mail info bitdefender co uk Sales sales bitdefender co uk Website http Awww bitdefender co uk Web Self Service http kb bitdefender com site KnowledgeBase showMain 2 Spain and Latin America BitDefender Espa a SLU C Balmes 191 2 1 08006 Barcelona Espa a Support BitDefender Security for Exchange Fax 34 932179128 Phone office amp sales 34 902190765 Phone technical support 34 935026910 Sales comercial bitdefender es Website http www bitdefender es Web Self Service http www bitdefender es site KnowledgeBase showMain 2 Romania BITDEFENDER SRL West Gate Park Building H2 24 Preciziei Street Bucharest Sector 6
157. nges by returning to the previous steps click Back Click Finish to generate the report The report will appear in the Reports section Monitoring 59 BitDefender Security for Exchange 9 4 Alerts amp Logs The Alerts amp Logs snap in allows configuring the BitDefender notification system BitDefender is by default configured to keep a log of its activity The BitDefender log provides you with a comprehensive list of the events that occured during product operation To configure logging or view the log files go to the Logs tab Moreover you can configure BitDefender to immediately alert designated people about the occurrence of certain events during product operation Alerts can be sent through mail or using the net send command To configure the mail and net send alert notification services go to the Alerts tab You can completely disable notifications for each event or you can configure BitDefender to send mail and net send alerts when the event occurs To specify the notification methods for each event go to the Events tab For more information please refer to Configuring Events p 70 9 4 1 Alerts Alerts are messages that include product related information and which are meant to inform their recipients about the product activity BitDefender can be set to notify users and administrators about occurring events through mail or net send alerts To configure the alert notification services click Alerts amp
158. nnecting to Another Computer The management console allows you to remotely manage other BitDefender Security for Exchange products Getting Started 29 BitDefender Security for Exchange Important To remotely manage a BitDefender Security for Exchange product you must first set an administrative password for the respective product To connect to a BitDefender Security for Exchange product installed on a remote computer follow these steps 1 Right click BitDefender Security for Exchange in the tree menu 2 From the contextual menu select Connect to another computer A new window will appear Spedfy the computer name or IP address to connect to Connect to computer fl Password Connect to another computer 3 In the Connect to computer field type the IP address or the name of the remote computer 4 In the Password field type the administrative password of the respective product 5 Click OK 7 2 Changing the Administrative Password In order to remotely manage BitDefender Security for Exchange you must set an administrative password To set or change the administrative password follow these steps 1 Right click BitDefender Security for Exchange in the tree menu 2 From the contextual menu select Change administrative password A new window will appear Getting Started 30 BitDefender Security for Exchange Specify the administrative password used when remotely connecting to this produc
159. no action will be taken on them and no notification will be issued Mail attachments can be scanned using the following criteria name file extension and file size When defining rule conditions any combination of scanning criteria is allowed Filtering Attachments by Name Select Detect all filenames except those listed below and specify the excepted filenames in order to filter attachments by name All attachments with filenames other than those specified as exceptions will be detected Note The term name refers here to the filename and the filename extension For example if the filename is name of file and the filename extension is ext then the name you have to specify as exception is name of file ext To specify exceptions provide the name in the edit field and click Add Note Wildcards can be used to specify exceptions e replaces zero one or more characters For example you can enter file exe to specify a large category of filenames which includes filenames like file01 exe file new exe file exe and others e stands for any single character For example you can enter group _log doc to specify a large category of filenames which includes filenames like group1_log01 doc groupA log19 doc group4 logla doc and others Attachment Filtering BitDefender Security for Exchange All the names excepted from scanning are listed in the box To remove entries select them and click Remove Filtering At
160. no group will be selected If necessary you can create a new group by clicking New and configuring it The new group will appear in the Groups section To configure an existing group or to see its parameters select it and click Details Content Filtering 179 BitDefender Security for Exchange Note To learn how to configure a group please refer to Creating Groups p 121 Step 3 6 Select Recipients Groups Click the To tab and select the groups of recipients the rule applies to Content Filtering Rule zix General From To Content Fitering Options Actions Notifications ld lo ds recipients of an e mail message Check the option Match all recipients if all mail recipients belong to this group list Uncheck it if at least one of the mail recipients belongs to this group list Cc Al Selected TF Match all recipients Groupname Select all HIT Team Clear all TF Show only selected groups To create a new group click New to view change the properties of a selected group click Details Any change made here will be reflected in the groups listed in the Groups section o cm meo Set Defauts Recipients Groups The following options are available e All the rule applies to all recipients no matter if they belong to a group or not e Selected the rule applies only to recipients from the selected groups If you choose Selected you have to select from the list the gr
161. ntent Filtering 177 BitDefender Security for Exchange 13 2 3 Configuring Rules To configure a rule follow these steps Step 1 6 Provide General Data Open the configuration window and provide general data for the rule 21x Content Filtering Rule General From To Content Fitering Options Actions Notfications Rule name Helpdesk Mai Description General Provide the rule name and optionally the rule description To enable the rule select Enabled If you want the rule to be disabled clear the check box Content Filtering 178 BitDefender Security for Exchange Step 2 6 Select Senders Groups Click the From tab and select the groups of senders the rule applies to Content Filtering Rule Ax General From To Content Fitering Options Actions Notifications Select the Groups this rule will apply to if they are found in the sender line of an e mail message G Al C Selected OIT Team Clear all New Details TT Show only selected groups da to view change the Epa a Fae ac a lo Gane a Senders Groups The following options are available e All the rule applies to all senders no matter if they belong to a group or not e Selected the rule applies only to senders from the selected groups If you choose Selected you have to select from the list the groups you want the rule to apply to Click Select All to select all groups If you click Clear All
162. o BitDefender the accompanying printed materials and any copies of BitDefender are owned by BitDefender BitDefender is protected by copyright laws and international treaty provisions Therefore you must treat BitDefender like any other copyrighted material You may not copy the printed materials accompanying BitDefender You must produce and include all copyright notices in their original form for all copies created irrespective of the media or form in which BitDefender exists You may not sub license rent sell lease or share the BitDefender license You may not reverse engineer recompile disassemble create derivative works modify translate or make any attempt to discover the source code for BitDefender LIMITED WARRANTY BitDefender warrants that the media on which BitDefender is distributed is free from defects for a period of thirty days from the date of delivery of BitDefender to you Your sole remedy for a breach of this warranty will be that BitDefender at its option may replace the defective media upon receipt of the damaged media or refund the money you paid for BitDefender BitDefender does not warrant that BitDefender will be uninterrupted or error free or that the errors will be corrected BitDefender does not warrant that BitDefender will meet your requirements EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT BITDEFENDER DISCLAIMS ALL OTHER WARRANTIES EXPRESS OR IMPLIED WITH RESPECT TO THE PRODUCTS ENHANCEMENTS MAINTEN
163. occccccccncco eee 103 10 SMTP Groups cecceeeeeeeneeeeseneeeseeeeeoueesssueessseeeesseas L2O 10 1 Managing Groups cri ctsteeusdcaaaddadwnsawaaedaia wane eae hed ome 121 10 2 Creating Groups i caver envei ceniny einna momar madrid a AR 121 BitDefender Security for Exchange 10 3 Configuring GFOUPS ima r rd ad yp geain ED A 121 11 ANtiviTUS 22 cece eee ee eee eee ee nnana n na 124 11 1 Real time Antivirus Protection esasi ete weed tin aie ae ktm edie diane wee eines 125 11 1 1 Configuring Advanced Antivirus Settings oo oooommmmmm 126 MZ POCOS o A aida amit eu atdoancg ad nog E A 130 11 2 1 Managing RUNES sio ad rd ADE da oh 131 11 2 2 Creating RUES 0 Aca 133 11 23 Configuring RULES is it i ais 133 11 3On demand Scanning cio ia a a 142 11 3 1 Configuring SCan Settings ensite mariti ii dai 143 11 32 VIEWING SCAN FREPOMS viii e A paar 149 12 AntiSpam oococccononcronnncrnnnncronanrrsnnnrrssnnrrsanrrraaaarra LOO 1121 Antispam FIRGEAG asian dasa bi 151 12 1 1 Configuring Global Antispam Filters 0 cee eee 152 12 2 IPOICIOS ica mirada ains dass ida 159 12 21 Managing Rules eun E i i 159 12 2 2 Creating RUES ai guiara is 160 122 3 COMIgurINg RUS eiii a modes 161 13 Content Filtering ocoonoocoonnncsononcsnnnnronnnnrssnrnrsnannos 1 4 TSS Content Filtering siii a a a 175 13 2 Policia A AA anaes 176 13 21 Managing RUICS ocios aaa oat 176 13 22 Creating RUES 200 ao ds
164. of the link does not imply that BitDefender endorses or accepts any responsibility for the content of the third party site Trademarks Trademark names may appear in this book All registered and unregistered trademarks in this document are the sole property of their respective owners and are respectfully acknowledged BitDefender Security for Exchange bitdefender BitDefender Security for Exchange Table of Contents License and Warranty ccceeeeeeeeeeeeeee eee eeeeeeeeeeeeeeeeeeeeeeees Vill Preface is vise sncisies ositiecte seis vied weit vee ced eect we nee ven AM 1 Conventions Wsed in This BOOK sa 2 csetecsa ceded case d xiii 1 1 Typographical Conventions ses posene purria nimeandaa a eens xiii 1 2 AGMONIIONS corras aaa ada dada xiv 2 The Book Structures a2 ica rra riada dada is xiv 3 Request Tor COMMONS iaa A Aa ti aaa Gt Ra et ae xv Installation LAPP ee eee eee eee eee eee eee eee eee eee eee eee eee eee eee eee 1 1 System Requirements cccccononnnonccccsnonnnnnncrcsnannannaransnsss 2 2 Installing BitDefender Security for Exchange ssssessssseeeees 3 Za Eresminstalati ir O pie eee Ra 3 2 2 Modifying Existing Installation 0 0 0 cece cece eee 6 3 Repairing or Removing BitDefender ccceeeseeeueeeeceeseeeees 7 3 1 Modify BitDefender lt 5 acncniGan la 7 3 2 Repair BitDefender ic esawien ins A ni an aa ease 8 3 3 Remove BitDefender 0000 at a eave idee de 8 Description NENA 10
165. of this task when click Finish E SN View Summary This window displays the task settings You can make any changes by returning to the previous steps click Back Select Open the advanced properties of this task when click Finish if you want the Properties window of this task to be opened after you complete the wizard In this window you can modify the task and configure more advanced settings For more information please refer to Configuring Properties p 89 Click Finish to save the scheduled task Note The task will appear in the Scheduled Tasks section Configuring Properties In order to modify an existing scheduled task or to configure more advanced settings unavailable in the configuration wizard just double click the task or select it and click Properties The configuration window will appear Note To open the configuration window you can also select Open the advanced properties of this task when I click Finish in the last step of the wizard Monitoring 89 BitDefender Security for Exchange Viewing General Information Open the configuration window to check general information Scheduled Update Properties ax General Schedule r Task Information IV Enable Task General You can see general information about the task the name the status the last time when the task ran If you want to change the task name enter a new name in the corresponding field
166. oice by clicking Yes e Enable Disable enables disables one or several selected rules e Properties opens the configuration window of a selected rule allowing you to modify the rule To learn how to configure the rule please refer to Configuring Rules p 192 e a Up moves a selected rule one level up in the table This will increase the priority of the rule e Down moves a selected rule one level down in the table This will decrease the priority of the rule 14 2 2 Creating Rules To create a rule choose one of these methods e copy an existing rule and click Properties to modify it e click New Rule and configure the new rule In both cases a new window will appear Next you must configure or modify the rule Attachment Filtering BitDefender Security for Exchange 14 2 3 Configuring Rules To configure a rule follow these steps Step 1 6 Provide General Data Open the configuration window and provide general data for the rule 2x Attachment Filtering Rule General From To Attachment Fitering Options Actions Notifications Rule name mai to IT Description General Provide the rule name and optionally the rule description To enable the rule select Enabled If you want the rule to be disabled clear the check box Step 2 6 Select Senders Groups Click the From tab and select the groups of senders the rule applies to Attachment Filtering Bi
167. on and enter the user name and password in the corresponding fields Note NTLM authentication is not supported Click Apply to save the changes and OK to close the window Configuring Mail Alert Recipients To configure the recipients of the mail alerts click the corresponding Configure button and then the Recipients tab A new window will appear O Note 7 The recipients specified here will be alerted upon the occurrence of an event for which this type of alert has been set To specify different recipients for each event go to the Events tab and configure the events For more information please refer to Configuring Events p 70 Monitoring 63 BitDefender Security for Exchange Provide the e mail address in the corresponding field and click Add to add the recipient to the list Configure notifications 2x SMTP Settings Recipients Specify the global recipients of the alerts Click Add to add a new alert receiver To import e mail addresses from a txt file click Import select the file and then click Open If you want to export the list to a txt file click Export and save the file to the desired location To remove one or several selected To delete a selected alert recipient click Remove To save the existing recipients list for future use click Export to import a list from recipients click Remove a previously saved list click Import To configure the alerts text and different reci
168. oose to enter either a wildcard expression or a regular expression Note You can use the following wildcards e replaces zero one or more characters For example you can enter xxx to detect the messages that contain the xxx string in the headers subject sender address or recipient address e stands for any single character For example if you filter messages by the sender address you can add doe company com to detect the messages that are sent from addresses beginning with any single character and followed by the doe company com string Two additional options are available The rule applies only if the detected item and the specified parameter case match Content Filtering BitDefender Security for Exchange The rule applies only if an entire string matching the specified parameter is detected You can see all the defined strings in the list To remove entries select them and click Remove Click OK to save the changes Step 5 6 Set Actions Click the Actions tab and specify the actions to be taken on the detected messages Content Filtering Rule 2 xi General From To Content Filtering Options Actions Notifications Select the action to be taken when a content filtering rule matches an e mail message Delete E mail Quarantine e mail C Deliver e mail C Reject e mail m You can select additional actions m Dean ee of the e mail messages that ICF 4subject Header nam
169. ough the steps required to generate and schedule an update a report or an on demand scanning task The scheduled update tasks wil not deactivate the automatic update module F which will regularly check the update server for new signatures and z engines Click Next to continue or click Cancel to exit the wizard Welcome Click Next Step 2 7 Select Task Type Create a new scheduled task xi Choose the Task Type Task name Sunday Week Report Task type Update Task Generate Report Task On demand Scanning Task Select Task Type Provide the task name and then select Generate Report Task Click Next Monitoring BitDefender Security for Exchange Step 3 7 Configure Schedule Configure Schedule Settings Schedule task to run week days El Star date 8 27 2008 y 2 I End date 8 27 2008 jw Start time 1 23 53 PM M Sun 7 Mon 7 Tue 7 Wed Dtw lm D Sa lt Back ne cos Run Task Periodically Specify the task schedule You must choose one of the following options from the menu e Once to run the task one time only at a given moment Specify the start date and time in the Start Date Start Time fields e Periodically to run the task periodically at certain time intervals minutes hours days weeks months years starting with a specified date and time To configure the necessary settings follow these steps 1 Specify the start date i
170. oups this rule will apply to if they are found among the recipients of an e mail message Check the option Match all recipients if all mail recipients belong to this group list Uncheck it if at least one of the mail recipients belongs to this group list CA Selected TF Match all recipients Groupname IT Team il TT Show only selected groups To create a new group click New to view change the properties of a selected group click Details Any change made here will be reflected in the groups listed in the Groups section Recipients Groups The following options are available e All the rule applies to all recipients no matter if they belong to a group or not e Selected the rule applies only to recipients from the selected groups If you choose Selected you have to select from the list the groups you want the rule to apply to You can select Match all recipients to apply the rule only if all the recipients of the message belong to the specified groups For example if the e mail is sent to several recipients and at least one of them is not found in the specified groups the rule will not apply Attachment Filtering BitDefender Security for Exchange Note The addresses in the Cc and Bcc fields also count as recipients Click Select All to select all groups If you click Clear All no group will be selected If necessary you can create a new group by clicking New and configuring it T
171. oups you want the rule to apply to You can select Match all recipients to apply the rule only if all the recipients of the message belong to the specified groups For example if the e mail is sent to several Content Filtering 180 BitDefender Security for Exchange recipients and at least one of them is not found in the specified groups the rule will not apply Note The addresses in the Cc and Bcc fields also count as recipients Click Select All to select all groups If you click Clear All no group will be selected If necessary you can create a new group by clicking New and configuring it The new group will appear in the Groups section To configure an existing group or to see its parameters select it and click Details Note To learn how to configure a group please refer to Creating Groups p 121 Step 4 6 Configure Content Filtering Options Click the Content Filtering Options tab and configure the content filtering options for the messages matching this policy Content Filtering 181 BitDefender Security for Exchange Content Filtering Rule 21x General From To Content Fitering Options Actions Notifications Specify the e mail headers that this rule will check and the rule conditions Do not scan Scan r Specify rule condition I subject Configure subject T sender Configure sender T recipients Configure recipients body Configure body Rule description
172. p filtering policies 12 2 1 Managing Rules You can see all the existing rules listed in the table For each rule the following information is provided priority the name and the groups of senders and recipients it applies to The rules are listed by order of priority with the first rule counting as the highest priority Antispam 159 BitDefender Security for Exchange Note Messages are checked against each rule by order of priority until the sender and the recipients of the message match a rule The message is then processed according to the antispam filtering options specified by that rule Please note that the mail traffic is first filtered using the global antispam filters The messages that pass the global filters are then checked against the existing policies For more information please refer to Configuring Global Antispam Filters p 152 Default Rule There is one rule created by default that manages the antispam filtering settings for all groups You cannot copy delete or disable this rule The default rule has the lowest priority therefore you cannot change its priority Because the rule was designed to apply to the entire mail traffic you cannot configure group options However you can configure all the other options Group Filtering Policies To set different filtering policies add new rules In this way you can create customized filtering rules for the mail traffic between certain groups of users
173. pares the image from a message with those from the BitDefender database In case of a match the message is tagged as SPAM Bayesian Filter The Bayesian filter is the trainable component of the Antispam module It constantly collects statistical information about server specific spam and legitimate messages provided by the administrator and it analyzes messages according to this information This information refers to the rate at which specific words appear in messages classified SPAM as compared to those declared NON SPAM This means for example that if a certain four letter word is seen to appear more often in SPAM it will be naturally presumed that it is very likely for the next incoming message including this word to actually be SPAM All relevant words within a message are taken into account By synthesizing the statistical information the overall probability for the whole message to be SPAM is computed and a SPAM score is added to the message Pre trained Bayesian Filter While the Bayesian filter is trained on server specific messages this filter is pretrained by the BitDefender Antispam Lab on our own database of spam and legitimate messages and updated periodically NeuNet Heuristic Filter The NeuNet Heuristic filter performs a set of tests on all message components i e not only the header but also the message body in either HTML or text format looking for words phrases links or other characteristics of SPAM Based on
174. pdate Notifications This is where you can specify the update events for which notifications should be issued Select the update events for which to issue notifications e Update performed when an update was performed e No update available when no update is available e Update failed when an error occurred during an update and the update failed e Product update available when a product update is available Note The corresponding events from the Events section must be enabled and properly configured For more information please refer to Configuring Events p 70 Click Apply to save the changes 209 BitDefender Security for Exchange 15 5 Update Roll Back If you have performed a product update since first installing BitDefender you can always revert to the previous product version using the Rollback feature This feature is very useful in case the product starts behaving unexpectedly To see if there is any rollback available click Update in the tree menu and then the Roll Back tab BitDefender Security for Exchange Elle Action View Help es m e a BitDefender Security For Exchange E Monitoring Defender Security for Exchange lt y Statistics lt y Reports Update Re dl es otit m Update Settings Locations Notifications Roll Back Q Alerts amp Logs pdate ing ation i C B Quarantine lt Antivirus lt Q Antispam Roll Back Options lt Q Content Filtering lt Q Attachment Filtering lt y Schedu
175. pective issues A table named Update Status will be displayed and you will be able to see the monitored items and their current status e Last signature update The issues that can be reported are listed in the following table At least one update Critical issue Contacting one or both update locations location failed was not possible during the last update process Click Fix to initiate a new update No update was performed Critical issue Click Fix to initiate a new update The status will change to Updating percent Update failed because the Critical issue updates on your server are not signed and you chose not to allow unsigned updates You need to go to Update gt Locations and select the Allow unsigned updates check box for your server e Last product update The issues that can be reported are listed in the following table Product update disabled Critical issue Automatic product updates are disabled making you server more vulnerable to security threats Click Fix to enable automatic product updates Monitoring 45 BitDefender Security for Exchange Product update downloaded please install it A new kit is available and it is not installed on your system Critical issue A new product update has been downloaded and it is not installed on your system Clicking Fix will install the update If the update requires stopping traffic or rebooting the server you will have to conf
176. pen the window where you can configure the settings of the on demand scan Follow these steps to configure the scan settings Step 1 3 Configure Scan Settings Specify the scan target and other scan settings Antivirus 143 BitDefender Security for Exchange Antivirus on demand scanning Ax r Scan target Select the mailboxes and public folders to be scanned in this on demand scanning process Select all EM Mailbox Database Administrator Clear all Usrc01 Usrx02 Usrxc03 5 0 Second Storage Group O Public Folders TF Show only selected y Scan now Click Scan now to start an on demand scanning process Scan now End scan FF Stop scan f it takes longer than 0 pares dS Elapsed time since start Oseconds Scan status Idle View report On demand Scan Settings Select Scan Target Select the check boxes corresponding to the items groups mailboxes and public folders you want to be scanned If you want to scan all the Exchange databases mailboxes and public folders just click Select All To clear all check boxes and start a new selection click Clear All You can select Show only selected to display only the items to be scanned Set Advanced Settings To set advanced scan settings click Advanced A new window will appear Antivirus BitDefender Security for Exchange If you do not want to scan messages that sz exceed a certain size limit select Maximum T Maximum e mail message size
177. pients for each event go to the Events tab Click Apply to save the changes and OK to close the window Recipients Net Send Alerts BitDefender can notify the network administrator by sending configurable alerts through the net send command upon the occurrence of an event for which they have been set Note This module integrates with the Net Send command of the Windows Operating System l on which the product is installed and it provides alerts regarding the product activity In order to receive such alerts the Messenger and Alert services must be enabled by the administrator on the server and on the client workstations In order to use the net send notification service follow these steps 1 Select Enable Net Send Alerts to activate the net send notification service and then click Apply to save the changes 2 Configure the recipients of the net send alerts as described in the Configuring Net Send Alert Recipients p 65 section 3 Go to the Events tab and configure the events for which net send alerts should be sent as described in the Configuring Events p 70 section Monitoring 64 BitDefender Security for Exchange If you want to disable this service clear the check box corresponding to Enable Net Send Alerts and then click Apply to save the changes Important Configuring Net Send Alert Recipients In case of a virus outbreak it is not advisable to use this type of alert To conf
178. ps If you click Clear All no group will be selected Antivirus 134 BitDefender Security for Exchange If necessary you can create a new group by clicking New and configuring it The new group will appear in the Groups section To configure an existing group or to see its parameters select it and click Details Note To learn how to configure a group please refer to Creating Groups p 121 Step 3 6 Select Recipients Groups Click the To tab and select the groups of recipients the rule applies to Antivirus Rule 21 xi General From To Scan options Actions Notifications Select the Groups this rule will apply to if they are found among the recipients of an e mail message Check the option Match all recipients if all mail recipients belong to this group list Uncheck it if at least one of the mail recipients belongs to this group list CA Selected TF Match all recipients Groupname IT Team I Show only selected groups To create a new group click New to view change the properties of a selected group click Details Any change made here will be reflected in the groups listed in the Groups section Recipients Groups The following options are available e All the rule applies to all recipients no matter if they belong to a group or not e Selected the rule applies only to recipients from the selected groups Antivirus 135 BitDefender Security for Exchange
179. pyware are found and identified every day This is why it is very important to keep BitDefender up to date with the latest signatures By default BitDefender automatically checks for updates every hour Updates can be classified in the following ways e Antivirus updates as new threats appear the files containing virus and spyware signatures as well as the antivirus engine are updated to ensure permanent up to date protection against them e Antispam updates new rules are added to the NeuNet heuristic and Pre trained Bayesian filters new links are added to the URL filter database and new images are added to the Image filter This helps increase the effectiveness of the Antispam engine e Product updates when a new product version is released new features and scan techniques are introduced to the effect of improving the product s performance Moreover from the administrator s intervention viewpoint we may take into account e Automatic update BitDefender automatically contacts the update server in order to check if an update was released If there are available updates BitDefender is updated automatically O Note In order not to interfere with the server s operation product updates are not automatically installed Go to the Product Update section periodically to see if there are any product updates available and to install them The automatic update can also be done anytime you want by clicking Update now from the Upda
180. re deleted or moved to quarantine with an explanatory text To enable this option select the Replace deleted attachments with text file only SMTP scanning check box Click Next Step 6 7 Configure Notifications Options Create a new scheduled task Configure Report and Notification Choose report type HTML FP Log start end of on demand scanning In order to receive notifications about the on demand scheduled scanning result please configure the AlertsLogs Events module for the On demand scanning event cine ns cm Configure Notifications Options Configure Report Options Select Generate Scan Report to generate a report for the on demand scan By default the report file is saved in C Program Files BitDefender BitDefender Security for Exchange Reports The report can be generated in HTML text or CSV format You can choose the format of the report file from the menu Monitoring 108 BitDefender Security for Exchange Note To view the report file at the end of the scanning open the configuration window select the task and click Properties and then click View Log Log Scanning Select Log start end of on demand scanning to record the start and the end of the process in the log file Note gt The corresponding event from the Events section must be enabled and properly configured For more information please refer to Configuring Events p 70 Click Next
181. re sender A new window will appear where you can configure the defined strings please see Configuring Strings p 183 Filtering Mail by Recipients Address Select Recipients and specify the rule strings in order to filter mail by the recipient address All messages with at least one recipient address matching one of the defined strings will be detected To specify the strings click Configure recipients A new window will appear where you can configure the defined strings please see Configuring Strings p 183 Filtering Mail by Body Content Select Body and specify the rule strings in order to filter mail by content All messages containing one of the defined strings in the e mail body will be detected To specify the strings click Configure body A new window will appear where you can configure the defined strings please see Configuring Strings p 183 Configuring Strings You can see each selected rule condition listed in the box Clickthe specific words link to specify or modify strings A configuration window will appear Content Filtering 183 BitDefender Security for Exchange Enter the words or phrases to be searched for in the mail subject headers or body Select the type of expresion Text Wildcards Expression Regular Expression Addnew Helpdesk sss JT Match whole word only Specify parameters Provide the string in the corresponding field and click Add You can ch
182. rms and conditions concerning confidentiality and restrictions on use shall remain in force even after any termination BitDefender may revise these Terms at any time and the revised terms shall automatically apply to the corresponding versions of the Software distributed with the revised terms If any part of these Terms is found void and unenforceable it will not affect the validity of rest of the Terms which shall remain valid and enforceable In case of controversy or inconsistency between translations of these Terms to other languages the English version issued by BitDefender shall prevail License and Warranty xi BitDefender Security for Exchange Contact BitDefender at 24 Preciziei Street West Gate Park Building H2 ground floor Sector 6 Bucharest Romania or at Tel No 40 21 206 34 70 or Fax 40 21 264 17 99 e mail address office bitdefender com License and Warranty xii BitDefender Security for Exchange Preface This guide is intended to all network administrators who have chosen BitDefender Security for Exchange as a security solution for their company s Microsoft Exchange servers The information presented in this book is suitable not only for computer literates it is accessible to everyone who is able to work under Windows This book will describe for you BitDefender Security for Exchange will guide you through the installation process will teach you how to configure it You will find out how to use
183. rts when the event takes place e High File Log SMTP and Net Send to log the event and send mail and net send alerts when the event takes place Note To make sure that logging and the mail and net send notification services are enabled go to the Logs and Alerts sections Click Apply to save the changes and OK if you want to close the window Step 2 3 Configure Mail Alerts If the importance of the event is medium or high mail alerts will be sent Click the Mail Alerts tab to configure the mail alerts Monitoring Jia BitDefender Security for Exchange Configure notifications ax General Mail Alerts Net Send Alerts pose the content of the alert Configure the recipients of the alert MOY To delete a selected address click Remove To save the existing list of addresses for future use cli toir alist of addresses from a previously saved list dik Import To configure the alerts text and different recipients for each event go to the Events tab Lo _ ca foply Set Defaults Configure Mail Alerts Configure Alert Text BitDefender allows you to configure the alert content You can see the default text in the box Make the desired changes to the alert content Important You should NOT modify the strings that begin with the symbol as they provide valuable information about the event Configure Alert Recipients Provide the e mail address in the corresponding field and click A
184. rule to the list The configuration window will appear IP Match Domain Xx Domain name bitdefender com Specify the IPs that the Domain above can have C One IP Address 192 168 15 0 255 255 255 0 AAA Subnet 6 Identifier 192 168 15 0 __Selectat_ Mask Delete 255 255 255 0 Adding Rules Follow these steps to configure a rule 1 Provide the domain name in the corresponding field 2 Provide the IP addresses associated with the specified domain e If you want to enter a single IP address select One IP address and provide it in the corresponding field Click Add to add the entry to the list e If you want to enter a range of IP addresses select Subnet and provide the subnet identifier and the subnet mask in the corresponding fields Click Add to add the entry to the list Antispam 156 BitDefender Security for Exchange In the table on the right you can see the IP addresses as they are added If you want to modify an existing entry select it make the necessary changes and click Modify To select all entries just click Select All To delete one or several entries from the list select them and click Remove and then Yes to confirm your choice 3 Click OK to add the rule to the list Manage Rules You can see the existing rules listed in the table If you want to modify a rule either double click it or select it and click Modify To remove one or several sele
185. s These alerts are sent to the Update Pushing mailing list by the BitDefender Lab The mailing list is composed of mail addresses that have been submitted by the customers on the BitDefender website The Update Announcement Messages include special elements which trigger the update process when the message is scanned by the product Therefore it is mandatory that the mail address submitted by the customer is a mail address protected by BitDefender To enable Update Pushing check Enable Disable Update Pushing If you do not want to use this service clear the corresponding check box To subscribe to the mailing list click Configure BitDefender Security for Exchange 15 2 3 Configuring Product Updates Installing product updates regularly is essential to the security of your server Depending on the level of interference with the server there are three types of product updates e product updates that do not require stopping server traffic or to reboot the server e product updates that require stopping server traffic but do not require to reboot the server e product updates that require to reboot the server To configure automatic downloads and installation for each type of product update select one of the following options e Download updates and install automatically Select this option and BitDefender will automatically download and install product updates This is the recommended choice for product updates that do not req
186. s are listed by order of priority with the first rule counting as the highest priority Note Messages are checked against each rule by order of priority until the sender and the recipients of the message match a rule The message is then processed according to the antivirus scanning options specified by that rule Please note that messages can be scanned before the rule is applied by the transport only for MS Exchange Server 2003 proactive or background scanning regardless of the policy Antivirus di sil BitDefender Security for Exchange e If the message was not scanned before the client s request it is scanned according to the rule e If the message was checked before by proactive or background scanning and no update was performed in the meantime the message is delivered without being scanned according to the rule e If the message was checked before by proactive or background scanning but an update was performed in the meantime the message is scanned according to the rule e Only for MS Exchange Server 2003 If the message was previously scanned at transport level it is also scanned according to the rule For more information please refer to Configuring Advanced Antivirus Settings p 126 Default Rule There is one rule created by default that manages the global real time antivirus scanning settings You can neither copy delete or disable this rule The default rule has the lowest priority therefore yo
187. s of whether you accept to use evaluate or test BitDefender IMPORTANT NOTICE TO USERS THIS SOFTWARE IS NOT FAULT TOLERANT AND IS NOT DESIGNED OR INTENDED FOR USE IN ANY HAZARDOUS ENVIRONMENT REQUIRING FAIL SAFE PERFORMANCE OR OPERATION THIS SOFTWARE IS NOT FOR USE IN THE OPERATION OF AIRCRAFT NAVIGATION NUCLEAR FACILITIES OR COMMUNICATION SYSTEMS WEAPONS SYSTEMS DIRECT OR INDIRECT LIFE SUPPORT SYSTEMS AIR TRAFFIC CONTROL OR ANY APPLICATION OR INSTALLATION WHERE FAILURE COULD RESULT IN DEATH SEVERE PHYSICAL INJURY OR PROPERTY DAMAGE GENERAL This Agreement will be governed by the laws of Romania and by international copyright regulations and treaties The exclusive jurisdiction and venue to adjudicate any dispute arising out of these License Terms shall be of the courts of Romania Prices costs and fees for use of BitDefender are subject to change without prior notice to you In the event of invalidity of any provision of this Agreement the invalidity shall not affect the validity of the remaining portions of this Agreement BitDefender and BitDefender logos are trademarks of BitDefender All other trademarks used in the product or in associated materials are the property of their respective owners The license will terminate immediately without notice if you are in breach of any of its terms and conditions You shall not be entitled to a refund from BitDefender or any resellers of BitDefender as a result of termination The te
188. s requested it will not be scanned again unless a virus definition update has been made Therefore enabling this scan method optimizes the overall scanning process To perform background scanning of the messages and attachments the Information Store will use one thread per database running at low priority Once the background scanning is completed the thread is terminated This thread is not part of the global virus scanning thread pool used for on access scanning Enable proactive scanning select this option if you want proactive scanning to be enabled Proactive scanning means that when a message is submitted to the information store either via a client or a transport agent it is placed in the global scanning queue with a low priority If and when threads are available in the thread pool and no high priority item remains to be scanned each item with the low priority is submitted for scanning Therefore enabling this scan method optimizes the overall scanning process If an item is on the low priority list and a client attempts to access the message the item will be marked as high priority Also it will be removed from the low priority list and another low priority item will take its place Note We recommend you to keep this setting enabled as it prevents the overloading of the scanning engine Enable transport scanning select this option if you want transport scanning to be enabled Note Transport scanning is available on
189. selection the report will show the total or the top antivirus antispam content filtering or attachment filtering activity Click Next to continue or Cancel to exit the Report Wizard _ctox o_o Select Report Type First you must select the module the generated report is on Antivirus Antispam Content Filtering or Attachment Filtering Then select one of the report types available for the module you have chosen Monitoring 56 BitDefender Security for Exchange Note For more information on the available report types please refer to the table presented at the beginning of the Reports p 52 section Depending on your choice the report may contain a summary of or only specific data about the activity of a specified component Click Next Step 3 5 Select Report Format Create a new report E 21xi Choose the Report Format HTML C Text Select the report format Depending on your selection the report will be created as an htm file a text file or a comma delimited file Click Next to continue or click Cancel to exit the Report Wizard _cto Te cms Select Report Format Select the format of the report file HTML text or CSV Depending on your selection the report will be created as an HTML text or comma separated values CSV file Click Next Monitoring 57 BitDefender Security for Exchange Step 4 5 Select Time Interval Create a new report TES Choose th
190. ssage The spam message is saved to a specified folder To specify the folder click Browse locate it and then click OK The spam message is archived to a specified account Provide the e mail archive address in the field next to this option A Bcc containing the address will be added to the detected message Step 5 7 Configure Antispam Engines Click the Antispam Engines tab and specify which antispam engines to be enabled Antispam BitDefender Security for Exchange Antispam Rule ax General From To Actions Antispam Engines White Black Lists Bayesian Fiter Besides the Bayesian Filter which you can train based on the e mail messages specific for your servers BitDefender also offers a pretrained Bayesian Filter which identifies spam based on the BitDefender collection of spam and non spam messages it was trained on V Enable pretrained Bayesian Filter Enable Multi Filter IV Asian marks as spam the e mail messages that contain Asian characters Cyrillic marks as spam the e mail messages that contain Cyrillic characters IV Block sexually explicit content I Enable Image Fiter detects Image Spam I Enable URL Fiter detects the URLs in the BitDefender Antispam URL Blacklist Specify ff this policy rule uses the global RBL antispam filter or not T Enable RBL Filter IV Enable Heuristic Fiter advanced technologies to identify spam characteristics Antispam Engines Note For
191. st This is where you can see and manage trusted e mail addresses Add Addresses Click Add to add a new address to the list Provide the address in the window that will appear and then click OK Manage Addresses You can see the e mail addresses listed in the table If you want to modify an address either double click it or select it and click Modify To remove one or several selected addresses click Delete and then Yes to confirm your choice Antispam 170 BitDefender Security for Exchange Import Export Addresses To import addresses from a txt file click Import select it and then click Open To export the existing addresses to a txt file click Export and save the file to the desired location In this way you can use the address list when configuring BitDefender server products on other machines or after reinstalling the product Click OK to save the changes and close the window If you click Cancel all changes will be lost Black List The Black List contains e mail addresses expected to send spam messages Any mail coming from an address contained in the Black list will be considered spam and the appropriate action will be taken Click Black List to configure the Black List A new window will appear Specify a list of e mail addresses To save the existing list of addresses for future use GaSe to import a list of addresses from a previously saved list dick Import bl bel pl i Black List Th
192. t Wizard cta mo con Select Report Type First you must select the module the generated report is on Antivirus Antispam Content Filtering and Attachment Filtering Then select one of the report types available for the module you have chosen Note For more information on the available report types please refer to the table presented at the beginning of the Reports p 52 section Depending on your choice the report may contain a summary of or only specific data about the activity of a specified component Click Next Monitoring 95 BitDefender Security for Exchange Step 5 7 Select Report Format Create a new scheduled task Choose the Report Format HTML C Text C csv 2 Select the report format Depending on your selection the report will be created as an html file a text file or a comma delimited file Click Next to continue or click Cancel to ext the Report Wizard _ cto Tie SN Select Report Format Select the format of the report file HTML text or CSV Depending on your selection the report will be created as an HTML text or comma separated values CSV file Click Next Step 6 7 Select Time Interval Create a new scheduled task Ax Choose the Report Time Interval Last Day Last Week Last month Custom Start date 18 27 2008 r End date 8 27 2008 al 2 Select the time interval covered in the report Only records
193. t ia cone Set Actions Different actions can be configured for the infected and suspect objects detected by BitDefender There is a list of actions that can be applied to each category of detected objects infected or suspect When such an object is detected the first action in the corresponding list is applied If this action fails the next action in the list is applied and so on You can change the order in which actions are to be applied Select an action and click 4 or 7 to move it up or down in the list Actions for infected objects The following actions are available for infected objects The infected message is disinfected The infected object mail body attachment public file is moved to the quarantine folder The infected object mail body attachment public file is deleted The infected message is deleted The infected message is delivered in full to its recipients Actions for suspect objects The following actions are available for suspect objects Monitoring 107 BitDefender Security for Exchange xr Description The suspect object mail body attachment public file is moved to the quarantine folder The suspect object mail body attachment public file is deleted The suspect message is deleted The suspect message is delivered in full to its recipients In addition BitDefender can replace the infected or suspect objects that a
194. t user interface Change administrative password 3 In the Password field type the desired administrative password 4 In the Confirm password field type the password again 5 Click OK 7 3 Exporting Importing Product Settings You can export and import the product settings This helps you easily configure other BitDefender Security for Exchange products within the network and restore configured settings in case you repair or reinstall the product 7 3 1 Exporting Product Settings To export the current product settings follow these steps 1 Right click BitDefender Security for Exchange in the tree menu 2 From the contextual menu select Export product settings E pW Computer a BOOT C E ca DISK1 D PESAS Je Program Files x86 a WINDOWS Ub emp zl Import Tool Getting Started Sill BitDefender Security for Exchange 3 Select the folder where to save the product settings and click OK 7 3 2 Importing Product Settings To import previously saved product settings follow these steps 1 Right click BitDefender Security for Exchange in the tree menu 2 From the contextual menu select Import product settings to open the Import Tool BitDefender Settings Import Tool Defender Security for Windows Servers BitDefender Settings Import Tool helps you restore previous saved settings of your BitDefender Security for Windows Servers products You will be prompted to indicate a settin
195. tDefender Security for Exchange Attachment Filtering Rule Ax General From To Attachment Fitering Options Actions Notifications Select the Groups this rule will apply to if they are found in the sender line of an e mail message Al C Selected Select all Clear all New Details O17 Team I Show only selected groups To create a new group click to view change the properties of a selected group click Details oa Senders Groups The following options are available e All the rule applies to all senders no matter if they belong to a group or not e Selected the rule applies only to senders from the selected groups If you choose Selected you have to select from the list the groups you want the rule to apply to Click Select All to select all groups If you click Clear All no group will be selected If necessary you can create a new group by clicking New and configuring it The new group will appear in the Groups section To configure an existing group or to see its parameters select it and click Details Note To learn how to configure a group please refer to Creating Groups p 121 Attachment Filtering BitDefender Security for Exchange Step 3 6 Select Recipients Groups Click the To tab and select the groups of recipients the rule applies to Attachment Filtering Rule ax General From To Attachment Fitering Options Actions Notfications Select the Gr
196. tachments by Type Select Detect all extensions except for the following and specify the excepted extensions in order to filter attachments by type All attachments with extensions other than those specified as exceptions will be detected Specify the permitted extensions in the edit field The extensions must be separated by a semi colon Note In case of a double extension only the last extension will be checked Filtering Attachments by Size To detect attachments exceeding a certain size limit specify the minimum size in the corresponding field By default this is set to 0 KB meaning that no attachment will be detected regardless of its size Step 5 6 Set Actions Click the Actions tab and specify the actions to be taken on the messages containing detected attachments Attachment Filtering BitDefender Security for Exchange PPP PP Attachment Filtering Rule 2 xi General From To Attachment Filtering Options Actions Notifications Select the action to be taken when an attachment filtering rule matches an e mail message Delete e mail Delete attachment Replace attachment with text Quarantine e mail Deliver e mail Reject e mail gt You can select additional actions Modify Gets of the e mail messages that AF subject TF Add a header to the e mail messages that matched this rule Header name Header value l T Save e mail to Folder Browse r are reer
197. tart Time fields e Periodically to run the task periodically at certain time intervals minutes hours days weeks months years starting with a specified date and time To configure the necessary settings follow these steps 1 Specify the start date in the Start Date field 2 If you want to run the task repeatedly until a certain date check End Date and specify the end date in the corresponding field 3 Specify the start time in the Start Time field 4 Specify the task frequency by specifying the number of minutes hours days weeks months years between two successive occurrences of such task in the corresponding field e Week Days to run the task repeatedly only in certain days of the week starting with a specified date and time To configure the necessary settings follow these steps 1 Specify the start date in the Start Date field 2 If you want to run the task repeatedly until a certain date check End Date and specify the end date in corresponding field 3 Specify the start time in the Start Time field 4 Specify the day or days of the week on which the task should be run Click Next Monitoring 88 BitDefender Security for Exchange Step 4 4 View Summary Create a new scheduled task 21x Scheduled Task Summary Task Name Update before weekly scan Task Type Update Task Runs every 0 minutes Start Time 15 17 Wednesday August 27 2008 Open the advanced properties
198. te For detailed information about the Antispam filters check the description of the Antispam Module How Does It Work Z2 BitDefender Security for Exchange Connection Level When an attempt is made to establish a connection the message is checked against the Allow Deny IP List If there is a match the connection is dropped Otherwise the message is checked against the global Sender Black List If the filter finds a match the connection is dropped Content Level If the message passes connection level filters it is unpacked and filtered at content level First the message is checked against the IP Match filter If a match is found there are two possibilities e the message is considered legitimate and antispam filtering stops e the connection is dropped If the message does not match the IP Match filtering criteria it is then checked based on a specific antispam filtering group policy The message is checked against the antispam filtering rules by order of priority until the sender and the recipients of the message match a rule The message is then processed according to the options specified by that rule e f the action set for the rule is Do not scan the antispam filtering stops e If the action set for the rule is Scan several antispam filters will take over the message in the following order 1 G Tube If the message matches the G Tube test it is considered SPAM the antispam filtering stops and t
199. te Now Click the box labeled with to show all items contained by an object or the box labeled with to hide the items contained by an object Select the items you want to add to the new group and click OK e Import e mail addresses from a txt file Click Import select the file and then click Open to add the addresses from the file to the group To remove one or several items from the list select them click Remove and then Yes to confirm your choice You can export the list to a txt file in order to use it when creating other groups Click Export and save the file to the desired location 3 Click OK to save the changes and close the configuration window SMTP Groups Is BitDefender Security for Exchange 11 Antivirus The Antivirus module protects the Exchange server against viruses spyware and riskware and it ensures that users do not access infected e mails It detects infected or suspect messages and attempts to disinfect them or isolates the infection according to the specified actions The default settings can be managed in the Policies tab through the default rule Additionally you can create scanning policies for different user groups You can optimize mail delivery by using background scanning during off working hours To enable background scanning go to the Real time tab click Advanced and select Enable background scanning Do not forget to disable background scanning when the work hours begin
200. te section or by creating a scheduled update task e Manual update you must download and install the latest virus and spyware signatures manually BitDefender Security for Exchange 15 1 Update To find out information on the update status and if product updates are available click Update in the tree menu and then the Update tab BitDefender Security for Exchange fx Elle Action View Help e 0m em BitDefender Security for Exchange E Monitoring Defender Security for Exchange lt y Statistics lt y Reports lt y Alerts amp Logs B Quarantine Q Antivirus Q Antispam eiA 18 02 42 26 februarie 2010 lt y Scheduled Tasks No product updates were installed A SMTP Groups Antivirus 52 Antispam Automatic Update finished 28 files updated O Content Filtering Update Now E Attachment Filtering 2 Update General Update Settings Locations Notifications Roll Back 18 02 42 26 februarie 2010 Product Update There are no new product updates available You have the latest version of BitDefender Security for Exchange installed Update If you want to update BitDefender immediately just click Update Now The Update module will check for updates at the specified update locations If new malware signatures or scanning engine updates are detected BitDefender will automatically download and install them 15 1 1 Update Information In the Update Information box you can see the update stat
201. ted hereunder shall commence on the purchasing date of BitDefender and shall expire at the end of the period for which the license is purchased EXPIRATION The product will cease to perform its functions immediately upon expiration of the license UPGRADES If BitDefender is labeled as an upgrade you must be properly licensed to use a product identified by BitDefender as being eligible for the upgrade in order to use BitDefender A BitDefender labeled as an upgrade replaces and or supplements the product that formed the basis for your eligibility for the upgrade You may use the resulting upgraded product only in accordance with the terms of this License Agreement If BitDefender is an upgrade of a component of a package of software programs that you licensed as a single product BitDefender may be used and transferred only as part of that single product package and may not be separated for use by more than the total number of licensed users The terms and conditions of this license replace and supersede any previous agreements that may have existed between you and BitDefender regarding the original product or the resulting upgraded product License and Warranty ix BitDefender Security for Exchange COPYRIGHT All rights titles and interest in and to BitDefender and all copyright rights in and to BitDefender including but not limited to any images photographs logos animations video audio music text and applets incorporated int
202. ter you need to follow these steps 1 Follow the next path from the Windows Start Menu Start Programs BitDefender Security for Windows Servers Modify Repair or Uninstall Note Alternatively you can double click the BitDefender Security for Windows Servers setup file A welcome window will appear click Next to begin 2 Select Modify 3 You have now reached Step 3 of the Fresh Installation p 3 wizard Follow steps 3 through 7 to complete the installation Installing BitDefender Security for Exchange BitDefender Security for Exchange 3 Repairing or Removing BitDefender If you want to modify repair or remove BitDefender follow this path from the Windows start menu Start Programs BitDefender Security for Windows Servers Modify Repair or Uninstall You will be requested to confirm your choice by clicking Next A new window will appear where you can select e Modify to add new BitDefender products for Windows based servers or to remove currently installed products e Repair to re install BitDefender Security for Exchange e Remove to remove all installed components jig BitDefender Security for Windows Servers Setup E ir or Remove BitDefender g Modify 1a Allows users to change the way features are installed Repair 13 Repairs errors in the most recent installation state fixes missing or corrupt files shortcuts and registry entries Remove El Removes BitDefend
203. the results of the analysis it adds a SPAM score to the message Core Modules 20 BitDefender Security for Exchange 5 3 Content Filtering Content Filtering checks messages to see if the subject the sender s or the recipient s address contain certain specified strings If a defined string matches one of these mail headers the message is detected and the specified action is taken Both incoming and outgoing SMTP mail is verified Different filtering policies can be defined for users and user groups The rules are those that specify the filtering settings and the actions to be taken on the messages that match the rule based on the groups to which the sender and the recipients belong Attachment Filtering Attachment Filtering checks mail attachments to see if their name matches certain patterns if they have a different extension than those specified or if they exceed a certain size limit In any of these cases the message containing the respective attachment is detected and the specified action is taken Both incoming and outgoing SMTP mail is verified The filter will check file headers and correctly identify the attachment file type when scamning for restrictred extensions This means an extension can not be simply renamed to bypass attachment filtering policies Different filtering policies can be defined for users and user groups The rules are those that specify the filtering settings and the actions to be taken on the
204. this issue before please send this file in a reply note to that e mail discussion Finish The name of the zip archive that has been created on your desktop is displayed in this window Click Finish to close the window You can send the zip archive together with your request for support in order to reduce the time needed to resolve the query BitDefender Support Tool 224 BitDefender Security for Exchange 21 Support With BitDefender dedication to saving customers time and money by providing the most advanced products at the fairest prices has always been a top priority Moreover we believe that a successful business is based on good communication and commitment to excellence in customer support You are welcome to ask for support at any time Our customer care representatives will provide you with all the assistance you need 21 1 Asking for Help You can ask for help via the BitDefender Web Self Service or via the telephone The BitDefender Web Self Service assists you with solutions to BitDefender related issues and provides means to contact BitDefender Customer Care The BitDefender Web Self Service addresses and the technical support phone numbers are provided in section Contact Information p 226 To ask for help via the BitDefender Web Self Service follow these steps 1 Go to http kb bitdefender com and access the Business section This is where you can find the BitDefender Knowledge Base for the BitD
205. tivirus Q Antispam There are no items to show in this view Q Content Filtering Attachment Filtering Q Scheduled Tasks AR SMTP Groups Antivirus DS Antispam E Content Filtering E Attachment Filtering lt Update General Quarantine Date YYYY mmfdd HH MM 55 Rule Matched Sender Recipients Properties Content Filtering Quarantine 78 Monitoring BitDefender Security for Exchange This is where you can see the messages that matched a Content Filtering rule and which were stored in the quarantine area For each quarantined message the following information is provided the date and time when it was quarantined the matching rule the mail address of the sender the mail address of the recipients the subject and the file name of the message Quarantined files are encrypted In order to see an item from the quarantine area select it and then click Save to disk to decrypt the file In this way you can analyze the item and send it by mail To decrypt and deliver a quarantined message to its intended recipient select the message and click Restore Note To learn how to manage the quarantined files and the quarantine area please refer to Managing Quarantine p 81 9 5 4 Attachment Filtering Quarantine Click Attachment Filtering in the tree menu Quarantine module to enter this section Monitoring 79 BitDefender Security for Exchange BitDefender Secur
206. u cannot change its priority Because the rule was designed to apply to the entire mail traffic you cannot configure group options However you can configure all the other options Group Filtering Policies To set different antivirus policies add new rules In this way you can create customized filtering rules for the mail traffic between certain groups of users To manage the rules use the following buttons e New creates a new rule You will have to configure the rule before it appears in the table e Copy copies one or several selected rules e Delete deletes one several selected rules You will have to confirm your choice by clicking Yes e Enable Disable enables or disables one or several selected rules e Properties opens the configuration window of a selected rule allowing you to modify the rule To learn how to configure the rule please refer to Configuring Rules p 133 e Up moves a selected rule one level up in the table This will increase the priority of the rule e Down moves a selected rule one level down in the table This will decrease the priority of the rule Antivirus 152 BitDefender Security for Exchange 11 2 2 Creating Rules To create a rule choose one of these methods e copy an existing rule and click Properties to modify it e click New Rule and configure the new rule In both cases a new window will appear Next you must configure or modify the rule
207. uire stopping server traffic or a server reboot e Download updates automatically and install at Select this option if you want BitDefender to install available updates at certain times Select from the corresponding drop down lists the date day and time when you want this to happen This way you can configure BitDefender to perform product updates at times when itis least likely for interferences to occur with server activity during night time for example e Download updates and let me decide when to install them Select this option if you want BitDefender to automatically download product updates but let you decide when to install them This is the recommended choice for product updates that require stopping server traffic or a server reboot To disable automatic product updates select the No automatic product updates check box Note Your server will be more vulnerable unless you install updates regularly Click Apply to save the changes Update 206 BitDefender Security for Exchange 15 3 Update Locations To set the update locations click Update in the tree menu and then the Locations tab BitDefender Security for Exchange Ele Action yew Hep e Amem BitDefender Security for Exchange E Monitoring Defender Security for Exchange lt y Statistics lt y Reports lt y Alerts amp Logs EEE Quarantine Q Antivirus lt Q Antispam Update Locations lt Q Content Filtering Q Attachment F
208. ule Note For more information on the available report types please refer to the table presented at the beginning of the Reports p 52 section 3 Select the format of the report file HTML text or CSV 4 Select the time interval covered in the report e Last day e Last week e Last month e Custom Click Apply to save the changes If you want to save the changes and close the configuration window click OK Monitoring 101 BitDefender Security for Exchange If you want to close the configuration window without making any changes click Cancel Configuring Notifications Click the Notifications tab in the configuration window to configure notifications Scheduled Report Properties ax General Schedule Settings Notfications Please configure the notifications to be sent for this report task Notification types I Report generated To change the notification events configuration please go to the Alerts amp Logs section Events tab Cancel Apply Set Defauts Notifications Select Report Generated to enable notifications on report generation Note To choose how to obtain information about the occurrence of this event go to the Alerts amp Events module Events section and configure the corresponding event Click Apply to save the changes If you want to save the changes and close the configuration window click OK If you want to close the configuration window without mak
209. ule You must choose one of the following options from the menu e Once to run the task one time only at a given moment Specify the start date and time in the Start Date Start Time fields e Periodically to run the task periodically at certain time intervals minutes hours days weeks months years starting with a specified date and time To configure the necessary settings follow these steps 1 Specify the start date in the Start Date field Monitoring Lilo BitDefender Security for Exchange 2 If you want to run the task repeatedly until a certain date check End Date and specify the end date in the corresponding field 3 Specify the start time in the Start Time field 4 Specify the task frequency by specifying the number of minutes hours days weeks months years between two successive occurrences of such task in the corresponding field e Week Days to run the task repeatedly only in certain days of the week starting with a specified date and time To configure the necessary settings follow these steps 1 Specify the start date in the Start Date field 2 If you want to run the task repeatedly until a certain date check End Date and specify the end date in corresponding field 3 Specify the start time in the Start Time field 4 Specify the day or days of the week on which the task should be run Select Delete if not scheduled to run again to delete the task after its last execution
210. unsigned updates select this option to allow updates from a local server to be installed e Use proxy select this option if the company uses a proxy server The following settings must be specified O Server IP type the IP of the proxy server O Port type the port BitDefender uses to connect to the proxy server O User name type a user name recognized by the proxy O Password type the valid password of the previously specified user Click Apply to save the changes 15 4 Update Notifications Click Update in the tree menu and then the Notifications tab to enter this section Update 208 BitDefender Security for Exchange Update BitDefender Security for Exchange AHE Elle Action View Help e ome BitDefender Security for Exchange 3 99 Monitoring Defender Security for Exchange lt y Statistics lt y Reports lt y Alerts amp Logs B Quarantine Q Antivirus lt Q Antispam Notification types lt Q Content Filtering lt Q Attachment Filtering lt y Scheduled Tasks A SMTP Groups T Update performed Antivirus IT No update available 52 Antispam C Content Filtering Update failed E Attachment Filtering Y Product update available Update Settings Locations Notifications Please configure the notifications that should be sent to inform you about the update events To change the notification events configuration please go to the Alerts amp Logs section Events tab Apply U
211. unt Please create an account The password you introduced is incorrect Please try again Server error Please try again later Account locked Requires attention You have not registered an account yet Click Fix to open the registration wizard and create a new account or provide the details of an existing one Click Fix to open the registration wizard where you can create a new account or log in to an existing one Requires attention A connection with the BitDefender server could not be established Click Fix to open the registration wizard and try again Click Fix to open the registration wizard where you can create a new account or log in to an existing one e Registration will expire alert The issues that can be reported are listed in the following table You have x days remaining from your license key Product is expired Requires attention This status is displayed during the last 30 days of the licensing period Click Fix to open the registration wizard and register BitDefender Security for Exchange with a new license key Critical issue The licensing period has expired Click Fix to open the registration wizard and register BitDefender Security for Exchange with a new license key 9 1 3 Scan Activity To see graphical statistics regarding the scanning activity of BitDefender Security for Exchange click a corresponding to the Scan activity section Monitoring 48 B
212. urs days weeks months years between two successive occurrences of such task in the corresponding field Monitoring 91 BitDefender Security for Exchange e Week Days to run the task repeatedly only in certain days of the week starting with a specified date and time To configure the necessary settings follow these steps 1 Specify the start date in the Start Date field 2 If you want to run the task repeatedly until a certain date check End Date and specify the end date in corresponding field 3 Specify the start time in the Start Time field 4 Specify the day or days of the week on which the task should be run Select Delete if not scheduled to run again to delete the task after its last execution Click Apply to save the changes If you want to save the changes and close the configuration window click OK If you want to close the configuration window without making any changes click Cancel 9 6 3 Generate Report Tasks Scheduling Tasks To create a new scheduled task click New task The configuration wizard will appear and it will guide you through the process of creating a scheduled task Follow these steps to schedule a report generation task Monitoring 92 BitDefender Security for Exchange Step 1 7 Welcome to the Scheduled Tasks Wizard Create a new scheduled task 2 x Welcome to BitDefender Security for Exchange Scheduled Tasks Wizard Scheduled Tasks Wizard guides you thr
213. us and when the last update check and update were performed Update 202 BitDefender Security for Exchange 15 1 Update 2 Product Update The product updates are different from the signature updates Their function is to deliver bug fixes and new features to the product There are two types of updates for the product e product updates patches these are files that bring improvements to the current product they are usually smaller size updates that do not require a new version of the product to be delivered e version updates these are installation packages of a new released version of the product Note Patches and newer product versions are not automatically installed because they might require a system restart We advise you to install the latest version of product updates or product version When a new patch is available it is downloaded on the local computer and information about it is displayed You can then choose if you want to install it immediately or schedule it for a later date When a newer version of BitDefender Security for Exchange is available you will see information about that version Also you will be provided with a link to the web page where you can download the installation package from Click the respective link and download and install the new version 203 BitDefender Security for Exchange 15 2 Update Settings To configure the update frequency and the update settings cl
214. us of the mail to let the BitDefender Antispam Engine to decide whether a message is spam or not Set Actions Choose from the menu one of the following actions to be taken on the spam messages Description The spam message is delivered in full to its recipients The spam message is deleted The spam message is moved to the quarantine folder The spam message is rejected with a 550 SMTP error code In order to help you process spam messages several additional actions are available The subject of the messages detected as spam is modified You can modify the subject pattern We recommend you to use one of these patterns Antispam BitDefender Security for Exchange Add a header to the e mail message detected as spam Save e mail to folder Archive redirect to account e SPAM subject SPAM to add SPAM before and after the subject This is the default subject pattern e SPAM to replace the subject with SPAM e Sscore SPAM subject to add x SPAM before the subject where x represents the spam score An e mail header is added to the messages detected as spam You can modify the header name and the spam and non spam values By default the spam and non spam values are status score This means that for a spam message the header will be Name Yes x while for a legitimate message the header will be Name No x where x represents the spam score received by the me
215. verall statistics on the activity of the Antivirus module BitDefender Security for Exchange Top Malware Top Malware Senders Top Malware Recipients Shows the top of the malware detected Lists mail senders based on the quantity of malware sent Lists mail recipients based on the quantity of malware received e Antispam Contains the statistics on the Antispam module Antispam Summary Top Spam Senders Provides overall statistics on the activity of the Antispam module Lists mail senders based on the spam volume sent e Content Filtering Contains the statistics on the Content Filtering module Content Filtering Summary Top Volume Senders Top Volume Recipients Provides overall statistics on the activity of the Content Filtering module Lists mail senders based on the number of content filtering rules matched Lists mail recipients based on the number of content filtering rules matched e Attachment Filtering Contains the statistics on the Attachment Filtering module Attachment Filtering Summary Top Attachment Volume Senders Top Attachment Volume Recipients Provides overall statistics on the activity of the Attachment Filtering module Lists mail senders based on the number of attachment filtering rules matched Lists mail recipients based on the number of attachment filtering rules matched Monitoring Sdi BitDefender Secur
216. y on a regular basis without the administrator s intervention By default BitDefender checks for updates at the specified update locations every hour If new malware signatures or scanning engine updates are detected BitDefender will automatically download and install them Update 204 BitDefender Security for Exchange 15 2 Update Important Keep automatic update enabled in order to be protected against the latest threats O To change the frequency BitDefender checks for updates follow these steps 1 Type the number of hours between two consecutive checks for updates in the Automatic update interval field 2 Click Apply to save the changes To disable automatic update follow these steps 1 Clear the check box corresponding to Automatic update interval 2 Click Apply to save the changes e Using a scheduled update task Scheduled update tasks allow automatically updating the BitDefender malware signatures and scanning engines according to a convenient schedule Click Schedule Update to create a scheduled update task For more information please refer to Update Tasks p 86 Note Scheduled update tasks will not de activate automatic update so that the update locations will be checked for new updates on a regular basis 2 Using Update Pushing Update Pushing is a feature that is available only when the product is registered This feature allows customers to benefit from Update Announcement Message
217. your current settings Restore Cancel BitDefender Configuration Repair Tool 2 Click Restore to begin restoring the backup copy of the configuration file 3 Wait until the BitDefender Configuration Repair Tool completes the restoration process BitDefender Configuration Repair Tool BitDefender Security for Exchange BitDefender Configuration Repair Tool Defender Security for Windows Servers Stopping services Action Stopping BitDefender Security for FileServers Y Stopping BitDefender UpdateService v2 Done Y Stopping BitDefender Scheduler Service v2 Done 49 Stopping BitDefender Statistics Service v2 Processing Repairing Configuration The window displays the status of the restoration process First the BitDefender Configuration Repair Tool stops the services belonging to the BitDefender Security for Windows Servers products installed on the system services belonging to Microsoft applications may also be stopped for example Microsoft Exchange Transport if BitDefender Security for Exchange is installed Then the BitDefender Configuration Repair Tool replaces the corrupt configuration file with the backup file an older working copy of the configuration file Finally the BitDefender Configuration Repair Tool restarts the processes previously stopped 4 The BitDefender Configuration Repair Tool informs you when the backup copy of the configuration file has been successfully restor
Download Pdf Manuals
Related Search