Lists of frequently asked questions

Every day the Doctor Web virus monitoring service collects more than 250,000 new malicious programs, the most dangerous of which have been developed by professional virus writers who are members of criminal organizations. These programs focus on stealing money from single companies (or a series of “targeted” companies); the creators of these programs know what security systems are in use, and devise their malware accordingly.

It is commonly believed that by installing a protection system on a mail server, one can reduce the inflow of spam and the number of viruses in a company network, and speed the delivery of important emails. But apart from solving these problems, a modern mail server anti-virus also affords the opportunity to delete previously unknown malicious programs from mailboxes. Only by installing an anti-virus on a company mail server can one escape situations in which the server becomes a source of infection. An anti-virus can’t protect a server file system, because such anti-viruses can’t cure databases, including mail server databases.

The latest malicious programs, undetected by all heuristic mechanisms, reach the virus monitoring laboratory, and thus their victims, only after criminals have begun spreading them.

It is imperative to take into account the probability of criminals being able to bypass a company’s security systems and access its network (or employees’ PCs) and also the possibility of criminals being able to impact the protection systems in use, with the goal of stopping their operation.

To minimize risks to mail servers in particular, user mailboxes should be scanned regularly with an anti-virus to check for the presence of previously unknown malicious programs.

No anti-virus can detect the newest malicious programs 100 percent of the time. Even tests designed to detect malicious programs created after the latest anti-virus update say nothing about an anti-virus’s capacity to reveal the ‘infection’ created by criminals familiar with the anti-virus. Such anti-virus programs will not be detected by an anti-virus right up to the moment the necessary update is received.

That’s why the choice of an anti-virus should not be based on “test” results, but on an understanding of the following features of an anti-virus system:

• An anti-virus has to have a reliable system of self-protection— criminals must not be able to disable the anti-virus (or one of its components).
• Anti-virus updating and control systems must be completely under the control of the anti-virus’s self-protection system and must not use system components that are not under its control.

Once a company’s computers fall into a botnet, they often become a source of spam, and that harms the company’s reputation among its partners. Using Dr.Web Mail Security Suite and Dr.Web Desktop Security Suite will significantly reduce a company’s risk of becoming compromised by being blacklisted and disconnected from the Internet for acting as a spam bot.

A system for scanning mail traffic must be installed on the server as well as on the work stations, because incoming and outgoing messages go not only through a company’s mail server, but also directly through employees’ PCs (via SMTP, pop3/imap4 and closed links). In addition, the mail server (or the programs installed on it) can create mailings, including unwanted messages.

For evaluation purposes, you can use the trial version. Download the distribution from Doctor Web's site at https://download.drweb.com/demoreq. The demo license period is 30 days.

You can also take advantage of the Dr.Web LiveDemo remote testing service by filling out an application at https://download.drweb.com/live_demo. It should be noted that when testing a product via Dr.Web LiveDemo, the accompanying step-by-step instructions on how to test the product’s basic functionality are tremendously helpful.