This site is for Avast Business products only. For articles on AVG Business products, see AVG Business Help. If you are in the right place but cannot find what you are looking for, please contact Avast Business Support for further assistance.

Mail Shield

This Article Applies to:

  • Avast Small Business Solutions
  • Avast Small Office Protection
  • Avast Business Antivirus
  • Avast Business Antivirus Pro
  • Avast Business Antivirus Pro Plus
  • Avast Business CloudCare Antivirus

 

Mail Shield checks incoming and outgoing email messages in real time for viruses and links to malicious websites. This only applies to messages handled by mail management software installed on your computer, such as Microsoft Outlook. If accessing a web-based email account via an internet browser, the device is protected by other Antivirus shields.

We do not recommend installing this component on a server OS that is also running Microsoft Exchange. The Exchange and Anti-Spam components handle the Exchange-level filtering and will conflict with Mail Shield.

 

Mail Shield is part of the Core Shields of the Avast Business client.

From Protection > Core Shields, you can enable/disable this component using the dedicated toggle.

Note that it is not possible to individually enable/disable Mail Shield in managed devices - only all core shields can be disabled/enabled at once from the Advanced Settings. Unmanaged devices have free control over disabling/enabling these shields.

Configuring Mail Shield Settings

Advanced Mail Shield settings can be accessed by either clicking the gear icon on the Core Shields screen or navigating to Menu > Settings > Protection > Core Shields, then selecting the Mail Shield tab under Configure shield settings.

The following options are available here:

  • Enable Mail Shield: Turns the shield on/off
  • Scan inbound emails (POP3, IMAP4): Scans all incoming emails sent using an SSL/TLS encrypted connection
  • Scan outbound emails (SMTP): Scans all outbound emails sent using an SSL/TLS encrypted connection
  • Add a signature to the end of sent emails: Includes a message for the recipient in an outgoing email confirming the email has been scanned for malware and is clean
  • Mark in subject of mail containing a virus: Allows specifying a word or phrase that will automatically be added to the subject of any email containing a virus
  • Scan attachment when attaching (MS Outlook only): Scans outgoing email attachments sent with Microsoft Outlook
  • Generate report file: Logs the actions of the Mail Shield in C:\ProgramData\Avast Software\Avast\report

At the top of the Core Shields screen, you can also configure some general settings such as scan sensitivity and response to malware detections, as well as enable additional features like CyberCapture or Hardened Mode. Note that these settings apply to all Core Shields. For more information, see Core Shields Settings.

Additional Geek Area Settings

Within the Geek Area, there are several further settings for Mail Shield. To access these:

  1. Go to Menu, then select Settings
  2. Click Search in the top right corner
  1. Type geek:area in the search field, then hit Enter
  1. Scroll down to the Mail Shield section

There are four detection types you can configure here:

  • Action to be performed when a virus is found
  • Action to be performed when a potentially unwanted program is found
  • Action to be performed when a potentially unwanted tool is found
  • Action to be performed when a suspicious object is found

For each type, it is possible to only configure one single action. The available actions can be selected from each drop-down menu:

  • Auto: Runs a sequence of actions (repair file; if not possible, then move to Quarantine; if not possible, then delete)
  • Ask: Avast asks what you want to do with a detected threat before any action is taken
  • Nothing: No action is taken; the threat is listed in your scan results and you can decide what to do later
  • Move to Quarantine: Sends the threat to Quarantine, where it cannot harm your system
  • Repair: Removes only malicious code attached to an otherwise safe file — this is not possible for files that are entirely malware
  • Delete: Permanently removes the file from your computer

Apart from these options, you can define whether Mail Shield will:

  • Show a notification window when action is taken: Choose whether a notification is displayed when Mail Shield takes an action
  • Scan archived messages when opening: Select from the available options (No, All Messages, Unread Messages Only)
  • Scan SSL connections: Choose whether Mail Shield scans SSL connections
  • Export certificate: Click the Perform button to save the Mail Shield certificate (File Explorer will open to choose a save location)

It is also possible to configure the report file here in order to enhance the reporting of the shield:

  • Report file name: Enter a name for the report file (default * will use the default file name)
    • The Generate report file checkbox needs to be ticked for the report file to be created.
  • Report file type: Select the format of the report file:
    • Plain text (ANSI)
    • Plain text (Unicode)
    • XML
  • If report file exists: Select Append if you want new results to be added to the end of the previous report, or Overwrite if you want new results to replace the previous report
    • Using the Append option will gradually increase the size of the report file on the disk. Including informative events such as OK will also greatly increase the size on the disk as every clean file will be reported.
  • Reported items: Define which events appear in report files. Type any of the following events into the text box provided, ensuring entries are separated by semicolons:
    • Infected — Files and areas of the scanned environment that the virus scan identifies as containing malware
    • HardErrors — Unexpected errors that require further investigation
    • SoftErrors — Minor errors, such as a file being unable to be scanned because it was in use
    • OK — Files and areas that the virus scan identified as being clean
    • Skipped — Files and areas that the virus scan did not check because of the scan settings

Finally, the default ports are listed for each protocol (unsecured and secured). It is possible to change/add ports (comma separated) if there are different ports used by the mail client.

Addresses where the communication will be ignored can be defined here as well (so Mail Shield will not scan those connections). The Ignore local communication option is used to ignore the communication on local (private) networks.

Adding Mail Shield Exceptions

Apart from the above-mentioned feature in the Geek Area where you can exclude addresses from Mail Shield scanning, there are no other types of exceptions for Mail Shield (e.g. in the Exceptions section of the client).

FAQ

The managed endpoints are designed to be controlled from the policies, therefore the important shields are inaccessible from the UI to be disabled individually. Core Shields can only be disabled together.

The local Antivirus is simplified with its controls in the UI. The user can only control all shield settings from these toggles at once, rather than individual settings for each shield.

We have the advanced controls in our managed policies to be able to configure each shield individually, which overwrites the local client settings, leading to these options being empty.

They are still configured correctly, they simply are not visible in the local client UI.

Enable the password protection of the UI (locally in unmanaged, from the policies in managed) in order to prevent the local user disabling shields.

Usually this indicates the underlying certificate of the mail server has the issue, rather than our certificate having a problem. Disabling the Mail Shield temporarily and reopening the mail client again will show the original certificate, which can be verified.

No, it cannot be disabled, unless the user disables the Mail Shield (and Web Shield). It is not an actual VPN, just the method used for scanning.

Host names will be resolved when the user attempts to add an exception - if the resolution fails, the entry will be rejected. IP addresses can be added regardless.

 

Other Articles In This Section:

Core Shields Settings

File Shield

Web Shield

Behavior Shield

Related Articles:

Configuring Antivirus Exceptions

Services Overview

Troubleshooting 'Invalid Mail Server Certificate' Warnings