To configure threat detection, do the following:
To configure a threat detection
In the console on the primary navigation bar, click Policies.
In the sidebar under Antivirus, click Antivirus Settings.
In the content area under Antivirus Settings, check Enable virus scanning.
Virus scanning is enabled by default.
In the Bloodhound detection list, select one of the following using the drop-down menu:
Check Delete mass-mailer worm-infected messages (no notifications) to automatically delete mass-mailer messages.
This feature is enabled by default.
In the Rules table, select any of the following rules to view or modify them in the preview pane:
Basic Virus Rule | Applies to the messages or the attachments that contain repairable threats. This option is always enabled. |
Unrepairable Virus Rule | Applies to the messages or the attachments that contain the threats that cannot be repaired. This option is always enabled. |
Security Risk Rule | Applies to messages that contain security risks, such as adware or spyware. See Configuring a security risk detection. This option is enabled by default. |
The settings for the rule that you select appear in the preview pane.
In the preview pane, in the Action to take list, select the action to take when a threat is detected using the drop-down menu.
In the Replacement text box, type your customized message if you want to replace the message or the attachment body with a text message.
The default text is: Symantec Mail Security replaced %attachment% with this text message. The original file contained %violation% and was %action%.
You can use variables in your customized text.
Check one or more of the following to send email notifications about the detection:
Notify administrators
Click the down arrow and type your customized text in the Subject line box and the Message body box. The default Subject line and Message body text is as follows:
Default subject line text: Administrator Alert: Symantec Mail Security detected %violation%
Default message body text: Location of the infected item: %location% Sender of the infected item: %sender% Subject of the message: %subject% The attachment(s) "%attachment%" was %action% for the following reasons: %information% This was done due to the following Symantec Mail Security settings: Scan: %scan% Rule: %rule%
Notify internal sender
Click the down arrow and type your customized text in the Subject line box and the Message body box. The default Subject line and Message body text is as follows:
Notify external sender
Click the down arrow and type your customized text in the Subject line box and the Message body box. The default Subject line and Message body text is as follows:
On the toolbar, click Deploy changes to apply your changes.