Difference between revisions of "Notes on Antivirus Software"

[checked revision][checked revision]
 
(9 intermediate revisions by 3 users not shown)
Line 1: Line 1:
 
__NOTOC__
 
__NOTOC__
 +
<!-- Hidden search phrases: -->
 +
<!-- anti-virus -->
 +
Due to the various methods of archiving email supported by {{{product|MailStore Server}}} and its own highly optimized storage technology, please follow the guidance below when using antivirus programs.
  
Due to the various methods of archiving email in MailStore Server and the storage of those using its own highly optimized storage technology, a few notes have to be followed when using antivirus programs.
+
== On-Access Scanner ==
 +
To ensure best possible performance of the storage technology and to prevent disruption caused by antivirus software, it is recommended that you exclude all archive stores, and the location of the master database, from on-access scanning. All data in {{{product|MailStore Server}}} is stored encrypted and compressed and therefore cannot be reliably scanned by antivirus software. In case of false-positives, even corruption of an archive store may occur. The data directory used by MailStore Gateway should be excluded from on-access scanning as well.
 +
 
 +
=== Directories used by MailStore Server ===
 +
 
 +
{| class="wikitable" style="font-size: 85%;"
 +
! style=width:10em | Directory
 +
! Purpose
 +
|-
 +
| <tt>C:\MailArchive</tt>
 +
| Data directory of MailStore Server, can be adjusted
 +
|-
 +
| <tt>C:\ProgramData\MailStore\Debug Log</tt>
 +
| Debuglog files
 +
|-
 +
| <tt>C:\ProgramData\firebird</tt>
 +
| Database internals
 +
|-
 +
| <tt>C:\Windows\Temp\MailStore</tt>
 +
| Temporary, short living files
 +
|-
 +
| <tt>C:\Windows\System32\config\systemprofile\&#11154;
 +
AppData\Local\MailStore&nbsp;Server\Cache\MailboxCache.fdb</tt>
 +
| Cache to increase archiving performance
 +
|-
 +
| <tt>%localappdata%\Microsoft\Windows\INetCache\MailStore</tt>
 +
| Email files to open emails in other programs
 +
|-
 +
| <tt>%localappdata%\MailStore Client Launcher</tt>
 +
| MailStore Client files to connect to a MailStore Server
 +
|}
 +
 
 +
=== Directories used by MailStore Service Provider Edition ===
 +
 
 +
{| class="wikitable" style="font-size: 85%;"
 +
! style=width:10em | Directory
 +
! Purpose
 +
|-
 +
| <tt><configurable></tt>
 +
| Data directory of MailStore SPE instances, can be configured
 +
|-
 +
| <tt>C:\ProgramData\MailStore Infrastructure\Debug Log\<instancename></tt>
 +
| Debuglog files of instances
 +
|-
 +
| <tt>C:\ProgramData\firebird</tt>
 +
| Database internals
 +
|-
 +
| <tt>C:\Windows\SystemTemp\MailStore Infrastructure\<instancename></tt>
 +
| Temporary, short living files
 +
|-
 +
| <tt>C:\Windows\System32\config\systemprofile\&#11154;
 +
AppData\Local\MailStore&nbsp;Infrastructure\Cache\<instancename>\MailboxCache.fdb</tt>
 +
| Cache to increase archiving performance
 +
|-
 +
| <tt>%localappdata%\Microsoft\Windows\INetCache\MailStore</tt>
 +
| Email files to open emails in other programs
 +
|-
 +
| <tt>%localappdata%\MailStore Client Launcher</tt>
 +
| E-mail Archive Client files to connect to a MailStore SPE instance
 +
|}
 +
 
 +
=== Directories used by MailStore Gateway ===
  
== On-Access Scanner ==
+
{| class="wikitable" style="font-size: 85%;"
To ensure best possible performance of the storage technology and to prevent disruption caused by antivirus software, it is recommended that you exclude all archive stores, and the location of the master database, from on-access scanning. All data in MailStore Server is stored encrypted and compressed and therefore cannot be reliably scanned by antivirus software. In case of false-positives, even corruption of an archive store may occur. The directory that is used by the MailStore Proxy, should be excluded from on-access scanning as well.
+
! style=width:10em | Directory
 +
! Purpose
 +
|-
 +
| <tt>C:\ProgramData\MailStore\Gateway</tt>
 +
| Data directory of MailStore Gateway
 +
|}
  
 
== Web and Email Scanner ==
 
== Web and Email Scanner ==
Depending on the email server, MailStore Server uses the HTTP, POP3 or IMAP protocol to access server mailboxes. Most recent antivirus software support scanning for viruses in those network protocols. Unfortunately they appear to be tested only with the most widespread email clients such as Microsoft Outlook and Mozilla Thunderbird. Compatibility with other email applications is often not guaranteed. In case of web scanners, which are optimized for scanning website visits by a normal web browser, issues like timeouts or connection resets may occur when accessing Microsoft Exchange Servers via "WebDAV over HTTP" or "Exchange Web Services" (uses HTTP as well).
+
Depending on the email server, {{{product|MailStore Server}}} uses the HTTP, POP3 or IMAP protocol to access server mailboxes. Most recent antivirus software support scanning for viruses in those network protocols. Unfortunately they appear to be tested only with the most widespread email clients such as Microsoft Outlook and Mozilla Thunderbird. Compatibility with other email applications is often not guaranteed. In case of web scanners, which are optimized for scanning website visits by a normal web browser, issues like timeouts or connection resets may occur when accessing Microsoft Exchange Servers via "WebDAV over HTTP" or "Exchange Web Services" (uses HTTP as well).
  
Should archiving with MailStore Server be affected by one of the above problems and if there is an antivirus software with activated email or web scanner installed on the the computer that executes the archiving profiles, try to disable these component first. Should that not resolve the issue, it may be necessary to temporarily uninstall the antivirus software. We recommend to contact the vendor if the problem can be resolved by either disabling or uninstalling the antivirus software.
+
Should archiving with {{{product|MailStore Server}}} be affected by one of the above problems and if there is an antivirus software with activated email or web scanner installed on the the computer that executes the archiving profiles, try to disable these component first. Should that not resolve the issue, it may be necessary to temporarily uninstall the antivirus software. We recommend to contact the vendor if the problem can be resolved by either disabling or uninstalling the antivirus software.
  
 
== Heuristic & Behavioral Analysis ==
 
== Heuristic & Behavioral Analysis ==
MailStore Server uses multiple methods to access local applications, email servers or other resources for archiving. All these combined into one application seems to cause antivirus software to classify MailStore Server's executables or even the download link as a threat.
+
{{{product|MailStore Server}}} uses multiple methods to access local applications, email servers or other resources for archiving. All these combined into one application seems to cause antivirus software to classify {{{product|MailStore Server}}}'s executables or even the download link as a threat.
  
 
In that case please try to verify that classification with an online virus scanner like [https://www.virustotal.com/ VirusTotal] and contact the vendor of your antivirus software if applicable.
 
In that case please try to verify that classification with an online virus scanner like [https://www.virustotal.com/ VirusTotal] and contact the vendor of your antivirus software if applicable.
 
+
<noinclude>
 
[[de:Hinweise_zu_Antivirenprogrammen]]
 
[[de:Hinweise_zu_Antivirenprogrammen]]
 
[[en:Notes on Antivirus Software]]
 
[[en:Notes on Antivirus Software]]
 +
</noinclude>

Latest revision as of 12:48, 5 September 2024

Due to the various methods of archiving email supported by MailStore Server and its own highly optimized storage technology, please follow the guidance below when using antivirus programs.

On-Access Scanner

To ensure best possible performance of the storage technology and to prevent disruption caused by antivirus software, it is recommended that you exclude all archive stores, and the location of the master database, from on-access scanning. All data in MailStore Server is stored encrypted and compressed and therefore cannot be reliably scanned by antivirus software. In case of false-positives, even corruption of an archive store may occur. The data directory used by MailStore Gateway should be excluded from on-access scanning as well.

Directories used by MailStore Server

Directory Purpose
C:\MailArchive Data directory of MailStore Server, can be adjusted
C:\ProgramData\MailStore\Debug Log Debuglog files
C:\ProgramData\firebird Database internals
C:\Windows\Temp\MailStore Temporary, short living files
C:\Windows\System32\config\systemprofile\⮒

AppData\Local\MailStore Server\Cache\MailboxCache.fdb

Cache to increase archiving performance
%localappdata%\Microsoft\Windows\INetCache\MailStore Email files to open emails in other programs
%localappdata%\MailStore Client Launcher MailStore Client files to connect to a MailStore Server

Directories used by MailStore Service Provider Edition

Directory Purpose
<configurable> Data directory of MailStore SPE instances, can be configured
C:\ProgramData\MailStore Infrastructure\Debug Log\<instancename> Debuglog files of instances
C:\ProgramData\firebird Database internals
C:\Windows\SystemTemp\MailStore Infrastructure\<instancename> Temporary, short living files
C:\Windows\System32\config\systemprofile\⮒

AppData\Local\MailStore Infrastructure\Cache\<instancename>\MailboxCache.fdb

Cache to increase archiving performance
%localappdata%\Microsoft\Windows\INetCache\MailStore Email files to open emails in other programs
%localappdata%\MailStore Client Launcher E-mail Archive Client files to connect to a MailStore SPE instance

Directories used by MailStore Gateway

Directory Purpose
C:\ProgramData\MailStore\Gateway Data directory of MailStore Gateway

Web and Email Scanner

Depending on the email server, MailStore Server uses the HTTP, POP3 or IMAP protocol to access server mailboxes. Most recent antivirus software support scanning for viruses in those network protocols. Unfortunately they appear to be tested only with the most widespread email clients such as Microsoft Outlook and Mozilla Thunderbird. Compatibility with other email applications is often not guaranteed. In case of web scanners, which are optimized for scanning website visits by a normal web browser, issues like timeouts or connection resets may occur when accessing Microsoft Exchange Servers via "WebDAV over HTTP" or "Exchange Web Services" (uses HTTP as well).

Should archiving with MailStore Server be affected by one of the above problems and if there is an antivirus software with activated email or web scanner installed on the the computer that executes the archiving profiles, try to disable these component first. Should that not resolve the issue, it may be necessary to temporarily uninstall the antivirus software. We recommend to contact the vendor if the problem can be resolved by either disabling or uninstalling the antivirus software.

Heuristic & Behavioral Analysis

MailStore Server uses multiple methods to access local applications, email servers or other resources for archiving. All these combined into one application seems to cause antivirus software to classify MailStore Server's executables or even the download link as a threat.

In that case please try to verify that classification with an online virus scanner like VirusTotal and contact the vendor of your antivirus software if applicable.