Dr.Web for MIMEsweeper
Buy online
Buy from partners
Renew license
Documentation
|
Dr.Web for MIMEsweeper is an efficient tool of ant-virus and anti-spam protection of e-mail traffic of ClearSwift MIMEsweeper. The product works as an anti-virus and anti-spam policy that defines procedures applied to content of e-mail messages to filter out viruses, spam and other unsolicited e-mail.
Dr.Web for MIMEsweeper features advanced non-signature detection technology – Origins Tracing™ that works as an addition to the traditional signature-based scan and heuristic analyzer. The anti-spam filter is powered by the Vade Retro library. If a threat is detected, Dr.Web for MIMEsweeper will classify a message according to policies of ClearSwift MIMEsweeper and will disarm detected malicious objects.
Easy to install and configure
Configuration tools of Dr.Web for MIMEsweeper – scenario creation wizard – allow automating creation of best-fit check-scenarios (type 1 in the ClearSwift classification). Depending on the settings of a scenario report on check and actions can be added to the header or to the body of a disarmed message.
Flexible settings
If an infected object is detected, the plugin will attempt to cure it or remove, if the curing option has not been enabled. If an e-mail has several files attached (even if archived), the plugin will disarm only infected attachments. If malicious code is found in the body of a message, the message will be moved to the quarantine. Clean messages and attachments are directed to a recipient unchanged. Messages that can’t be disarmed by the Dr.Web plugin are marked as infected and get to the quarantine.
|
DEP compatibility
Dr.Web для MIMEsweeper supports DEP (Data Execution Prevention) that allows running additional checks of RAM and preventing execution of malicious codes. That’s why a user doesn’t need to change DEP settings which in turn prevents using the exception processing mechanism of Windows by malware.
Event log
The Dr.Web plugin registers errors and events in the Event log and in a text log. The log files store information about start and stop of the plugin, settings of modules, and virus notifications for each message or virus, spam notifications.
|
Dr.Web for MIMEsweeper is installed on a computer running ClearSwift MIMEsweeper and works as a filtering scenario of the first type. It checks all messages received by the content filter and detects viruses, dialers, adware, suspicious programs, hack tools and jokers. If an Anti-virus&Anti-spam license is purchased, the product will also be able to detect spam, phishing, pharming, scamming and bounce messages.
In a protected system Dr.Web для MIMEsweeper works as a filtering scenario of the first type recommended by ClearSwift and performs the following tasks:
- checks e-mails including archived attachments prior to their procession by a mail server;
- detects malicious objects;
- cures infected objects;
- filters out spam and unsolicited e-mail messages;
- blocks and moves incurable and suspicious objects to quarantine;
- updates the Dr.Web virus database on a regular basis.
High level of protection
A virus database containing thousands of entries with constantly improved heuristic analyzer ensure that no viruses (including macro-viruses, Trojans and other types of malicious code) get to user workstations through mail messages. Dr.Web for MIMEsweeper is sure to detect malware targeting any platform – Windows, Unix, DOS, including Microsoft Office worms. An administrator can choose files for scan by type and and set a response to athreat – notify, cure infection, remove, quarantine or rename.
High speed scan
A special scanning algorithm and flexible administration system of the scanning process provide high-speed and resource-efficient scanning The multi-thread scan enables the plugin to process huge amount of e-mail traffic real-time simultaneously instead of placing messages in queue. It means that that users get messages without any notable delay!
Dr.Web is not an anti-virus only!
Dr.Web successfully detects, cures or removes viruses and all types of malicious objects, including rootkits, mail and network worms, file viruses, Trojan programs, spyware, adware, hacker tools, paid dialers and joke programs.
Unique non-signature detection technology
The Origins Tracing™ technology has been added to traditional signature scan and heuristic analysis. It significantly improves detection of yet unknown viruses. Malicious objects detected using the new technology get the .Origin extension to their names.
Correct scan of archived and packed files
Dr.Web correctly checks the majority of existing formats of packed files and archives with any nesting level, including multi-volume and self-extracting, which is extremely important for e-mail systems. Dr.Web recognizes over 1000 types of archives and packers.
Very frequent updates of the virus database
Updates to the Dr.Web virus database are released as soon as new entries are added – up to several times per hour. "Hot" add-ons are released as soon as a new piece of malware is caught and analyzed. Dr.Web global monitoring network collects samples of new viruses from all over the world. Updates are delivered to customers from several updating servers located in different parts of the globe.
Dr.Web has the most compact virus database
That’s why files are scanned quickly, sparing hard drive disk space and RAM, as well as Internet traffic for downloading of the updates is almost instantaneous. Just one entry in the Dr.Web virus database allows detecting dozens, or hundreds, or even thousands of similar viruses.
Quarantine
Infected and suspicious objects are moved to the Quarantine so a user can work with such messages later and try to extract important information, cure or remove infected items.
Notifications
Depending on settings of the scenario the content filter may add information about scan and actions performed by a plugin to a header or in the body of a message.
Efficient spam-filtering
The intelligent filtering technology uses multi-level processing system ensuring the high probability of detection. Dr.Web for MIMEsweeper can change its behaviour depending on an envelope of a processed message or upon detection of blocking objects. Unlike Bayesian anti-spam filters the Dr.Web anti-spam doesn’t require any training. The antis-am starts working as soon as the first message is received. Various filtering techniques are applied to various types of spam ensuring higher detection probability.
High performance
Dr.Web anti-spam checks on-the-fly over 100 messages in one second, which provies 8,64 million scanned messages in twenty-four hours!
Spam filtering technologies
The anti-spam technologies consist of several thousands of rules which can be divided into several groups.
Heuristic analysis
A highly intelligent technology that empirically analyzes all parts of a message: header, message body, etc. Not only the message itself, but its attachment is analyzed. The heuristic analyzer is being constantly improved; new rules are frequently added.
Counter-reaction
The counter-reaction technique is one of the most advanced and efficient technologies of Dr.Web anti-spam. It helps counteract techniques and tricks used by spammers to avoid detection.
HTML-patterns
Messages containing HTML code are compared with a list of known patterns from the anti-spam library. Such comparison, in combination with data on sizes of images typically used by spammers, helps protect users against spam messages featuring HTML-code, which often contains online images.
Semantic analysis
During a semantic analysis words and phrases of a message are compared with words and phrases typical of spam. A special dictionary is used for the analysis. All words, phrases and symbols are analyzed – both those visible to the human eye and those masqueraded by the technical tricks of spammers.
Anti-scamming technology
Scam (as well as pharming messages – a type of scam-messages) is the most dangerous type of spam, including the so-called “Nigerian” scams, loan scams, lottery and casino scams and false messages from banks and credit organizations. A special module of Dr.Web anti-spam is used to filter scams.
Technical spam filtering
So-called bounces are delivery-failure messages sent by a mail server. An actual recipient of a bounce is not necessarily a sender of an undelivered message; such a message could be sent by a mail worm. Therefore bounces are as unwanted as spam A special module of Dr.Web anti-spam filters such messages as unwanted.
System requirements
- At lest 35 MB of free disk space.
- Windows 2000 Server with SP4 or higher or Windows Server 2003 or later
- ClearSwift MIMEsweeper™ for SMTP 5.2 or later.
Licensing
The product is licensed per number of users of ClearSwift MIMEsweeper. Minimal license is for 15 users. License options: Anti-virus, Anti-virus&Anti-spam.
Licensed components
- Anti-virus.
- Anti-spam.
- Automatic updating module.
Choose license
|
