Add an SMTP malware scan policy
With SMTP malware scan policies, you can specify filter criteria and action for malware and attachments in senders’ and recipients’ emails.
- Go to EmailPolicies, click Add a policy and then click SMTP malware scan.
- Enter a name.
- Specify the email address or domain groups of senders and recipients.
-
Specify the filters for attachments.
Option Description Block file types Select the type of attachments to block. To select more than one file type, press Ctrl+Shift. MIME headers populate the MIME whitelist. MIME whitelist To allow certain file types, select their MIME headers. Antivirus scanning blocks the remaining file types. -
Select the scanning action.
Option Description Disable Emails aren’t scanned Single antivirus Primary antivirus engine scans emails Dual antivirus Primary and secondary engines scan emails sequentially Note In models lower than Sophos Firewall XG 105, you can turn on scanning only with the primary antivirus engine. -
Select the action for scanned emails.
Option Description Quarantine
Select to quarantine the email.
Note Quarantined emails are delivered based on the recipient action that you specify.Notify sender
Select to withhold mail and notify the sender that an email is infected.
Note To notify sender, you need to set recipient action to Don’t deliver.Delivery option for recipient
Select the recipient action for infected and protected attachments. The action applies to suspicious attachments too.
Don’t deliver: Doesn’t send email and notification to recipient
Deliver original: Sends email to recipient
Remove and deliver: Removes infected attachment, sends notification of removal, and delivers the emailNote Doesn’t apply to the blocked file types that you’ve specified.Delivery option for administrator
Select the action to notify administrators for infected and protected attachments.
Don’t deliver: Doesn’t notify administrators
Send original: Sends email to administrators
Remove attachment: Sends email to recipient without attachment. Sends notification of removal to administrators.
Note Doesn’t scan protected attachments, but notifies recipient, if not specified otherwise. - Click Save.