Notes on Antivirus Software

Revision as of 12:48, 5 September 2024 by Ltalaschus (talk | contribs) (→‎Directories used by MailStore)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Due to the various methods of archiving email supported by MailStore Server and its own highly optimized storage technology, please follow the guidance below when using antivirus programs.

On-Access Scanner

To ensure best possible performance of the storage technology and to prevent disruption caused by antivirus software, it is recommended that you exclude all archive stores, and the location of the master database, from on-access scanning. All data in MailStore Server is stored encrypted and compressed and therefore cannot be reliably scanned by antivirus software. In case of false-positives, even corruption of an archive store may occur. The data directory used by MailStore Gateway should be excluded from on-access scanning as well.

Directories used by MailStore Server

Directory Purpose
C:\MailArchive Data directory of MailStore Server, can be adjusted
C:\ProgramData\MailStore\Debug Log Debuglog files
C:\ProgramData\firebird Database internals
C:\Windows\Temp\MailStore Temporary, short living files
C:\Windows\System32\config\systemprofile\⮒

AppData\Local\MailStore Server\Cache\MailboxCache.fdb

Cache to increase archiving performance
%localappdata%\Microsoft\Windows\INetCache\MailStore Email files to open emails in other programs
%localappdata%\MailStore Client Launcher MailStore Client files to connect to a MailStore Server

Directories used by MailStore Service Provider Edition

Directory Purpose
<configurable> Data directory of MailStore SPE instances, can be configured
C:\ProgramData\MailStore Infrastructure\Debug Log\<instancename> Debuglog files of instances
C:\ProgramData\firebird Database internals
C:\Windows\SystemTemp\MailStore Infrastructure\<instancename> Temporary, short living files
C:\Windows\System32\config\systemprofile\⮒

AppData\Local\MailStore Infrastructure\Cache\<instancename>\MailboxCache.fdb

Cache to increase archiving performance
%localappdata%\Microsoft\Windows\INetCache\MailStore Email files to open emails in other programs
%localappdata%\MailStore Client Launcher E-mail Archive Client files to connect to a MailStore SPE instance

Directories used by MailStore Gateway

Directory Purpose
C:\ProgramData\MailStore\Gateway Data directory of MailStore Gateway

Web and Email Scanner

Depending on the email server, MailStore Server uses the HTTP, POP3 or IMAP protocol to access server mailboxes. Most recent antivirus software support scanning for viruses in those network protocols. Unfortunately they appear to be tested only with the most widespread email clients such as Microsoft Outlook and Mozilla Thunderbird. Compatibility with other email applications is often not guaranteed. In case of web scanners, which are optimized for scanning website visits by a normal web browser, issues like timeouts or connection resets may occur when accessing Microsoft Exchange Servers via "WebDAV over HTTP" or "Exchange Web Services" (uses HTTP as well).

Should archiving with MailStore Server be affected by one of the above problems and if there is an antivirus software with activated email or web scanner installed on the the computer that executes the archiving profiles, try to disable these component first. Should that not resolve the issue, it may be necessary to temporarily uninstall the antivirus software. We recommend to contact the vendor if the problem can be resolved by either disabling or uninstalling the antivirus software.

Heuristic & Behavioral Analysis

MailStore Server uses multiple methods to access local applications, email servers or other resources for archiving. All these combined into one application seems to cause antivirus software to classify MailStore Server's executables or even the download link as a threat.

In that case please try to verify that classification with an online virus scanner like VirusTotal and contact the vendor of your antivirus software if applicable.