A single place to manage email, calendar, contacts, notes and tasks. In the office. On the road. At home.

Participate in a survey

There are two main approaches for Mail Servers to incorporate the use of Anti-Virus. One way is to integrate the Anti-Virus engine into the mail server as a plug-in (AV enabled). The other method is to use an additional SMTP gateway that is provided by the Anti-Virus vendor and typically does not run on the same computer as the Mail Server. Kerio Mail Server can take advantage of both options; however, for the reasons outlined below KMS should only be used as an AV enabled Mail Server.

AV enabled Mail Server

The Mail Server uses a 3rd party AV scanning engine to scan all e-mail communication. This solution is transparent and does not require any changes in the existing network/client configuration. Under this scenario both the Anti-Virus component and Mail Server reside on the same physical computer.

Usually available from the AV vendor, this solution works by scanning SMTP communication before it is passed to the Mail Server. This is achieved by running the SMTP AV gateway as a separate component either on a remote computer or, in some cases, on the same computer as the mail server. This type of scenario is generally used only when the mail server cannot support an Integrated AV solution.

AV enabled Mail Server vs. SMTP AV Gateway

Feature	AV enabled Mail Server	SMTP AV Gateway
Security	Modern mail servers support multiple messaging protocols, like IMAP, WWW based interface or MAPI. There are many ways that a message can enter the Mail Server system, not only through SMTP. Whenever a new message enters the system (or an existing message is updated), it must be checked for viruses. An AV enabled Mail Server will pass all email to the AV engine, regardless of the protocol used.	Only messages entering the mail system through SMTP are checked for viruses. If, for example, an employee of a company uses webmail to send a piece of mail to another employee within the same company, the email will be placed directly in the recipients mailbox without using SMTP protocol and therefore will never be scanned by the Anti-Virus gateway.
	All components are part of the Mail Server. All email is therefore processed directly through the mail server, ensuring that no email could be delivered without being scanned.	If the mail server does not offer a sufficient level of security features it may be possible to bypass the AV SMTP gateway and send mail directly through the mail server.
Functionality	The AV scanning engine does not interact directly with users or the administrator in case of AV related events. Interaction is rather performed by the mail server (notifiyng users/administrator of infected files). Messages coming from the messaging system (MailServer+AV) are more consistent, since they are generated by the MailServer only.	The AV software uses its SMTP service to gererate its own messages about AV related events. The AV does not know any users local to the Mail Server and cannot act accordingly so it will additionally rely on the administrator of the Mail Server to take further action. In other words, there is a reaction to an infected email from both the AV gateway as well as the Mail Server.
Configuration	By enabling AV functionality in the Mail Server configuration, the solution is up and ready. The administrator can configure AV functions from within the Mail Server administration.	The administrator will need to reconfigure the Mail Server to listen on different ports if both components are located on the same comptuer. This also requires that the AV SMTP gateway is able to send email using the TCP port that the Mail Server is listening on for SMTP mail. The SMTP service of the Mail Server must also need to be configured so that the AV SMTP gateway cannot be bypassed.
Relay Protection	The Mail Server receives SMTP mail directly, it can authenticate users through an SMTP session or use other verification means to suit a specific environment.	When SMTP-AV is deployed the AV SMTP gateway cannot use authentication because the SMTP-AV does not have the user database. It may support IP based relay control but this solution is only viable when trusted users have static (known) IP addresses.
Encryption	Many SMTP servers such as Kerio Mail Server support encryption using SSL to protect message content as it is transmitted over non-trusted networks such as the Internet.	These solutions usually do not support encrypted SMTP. This means that users on public networks may capture the SMTP communication and view the content of messages.