We keep getting the [avast! - SUSPICIOUS] on internal emails. We are using ADNM with Avast server and Avast pro. This is a new install. What can we do to stop this?
Most of the time, the messages are quick notes. There is no scripts, attachments, etc on the email.
Do the alerts not say why they are thought Suspicious ?
Check the avast! Log Viewer (right click the avast ‘a’ icon), Warning section, this contains information on all avast detections.
I don’t know if you have a similar log viewer on the ADNM or if you would have to check one of the pro clients log viewer.
We had this problem too. What was happening is that in the “quick messages and notes” people do not tend to put a subject. This annoys Avast, and it will flag it as potentially dangerous. You can either convince your users to always put a subject, or do the following:
Locate the resident task you are currently using
Go down to Outlook/Exchange (or other mail provider, depending on what you use)
Under “Heuristics” change it to “custom” and click the “customize button”
In the dialog that pops up uncheck “Subject Structure Check”
You can also disable the option to mark the subject line in the previous window.
I have found the settings, however they are greyed out. I haven’t changed much of the default configuration here. Is there somewhere you need to enable this first?
Actually, I hadn’t changed the “Heuristics” level to customize. Now I am able to modify the settings, however “Subject Structure Check” was already unchecked (I am using the “Default Resident Task” and modifying Heuristics for Outlook/Exchange). Is there anything else I would need to change so that empty subject lines in emails would not trigger the Suspicious alert?
Yes, the “Subject Structure Check” is the right one.
On High sensitivity all options are ON, but when you switch to Custom, all but “Subject Structure Check” are preset to ON as a hint.