F-Secure scheduled scan causes high CPU usage. How can I reduce this?
Follow the steps below to change the priority of the scan from "Normal" to "Background" to improve the host performance during scheduled scanning:
Open F-Secure Policy Manager console. Click on the Settings tab. Select Advanced view. Click F-Secure Anti-Virus. Click Settings. Click Settings for Manual Scanning. Click Scanning Options. Change the Priority value to Background.
Article no: 000001585
Multiple issues observed:
SPAM emails are coming through Emails that are wrongly quarantined, cannot be released The usual SPAM emails in Quarantine are missing Cannot quarantine messages
You can use different approaches to troubleshot the problem. Here are few approaches how to make sure your SPAM engine is working properly:
Make sure that Scanning 'message' by F-Secure Spam Scanner was successful. The anti-spam engine is a cloud-based solution, so it will simply not work if it doesn't have a working connection to the detection center https://aspam.sp.f-secure.com/. If you require a proxy to connect to this site with your browser, then the anti-spam engine needs to be configured to use the same proxy. Make sure that the Hydra and Gemini Engines are up-to-date.
Open the Web GUI and navigate to Settings and Engines: Under the Server Statistics, you should see that F-Secure Hydra and F-Secure Gemini are up to date and the icon is green.
3. If the Icon of the two modules is Orange, contact F-Secure support to retrieve a file (fsavsd). Mention this article as reference. Once you have the file, do as follows:
Stop F-Secure Content Scanner Server Daemon in services.msc. Go to C:\Program Files (x86)\F-Secure\Content Scanner Server. Rename fsavsd.exe to fsavsd.exe.OLD. Copy the new fsavsd file obtained from F-Secure support into the folder. Start F-Secure Content Scanner Server Daemon in services.msc.
4. If the SPAM filter is still not working properly, check the following rights:
The service "Microsoft Exchange Transport" runs under "NETWORK SERVICE". Therefore "NETWORK SERVICE" should have read/execution rights on FQM.EXE and FqmAssembly.dll. These rights should be defined during installation and transferred from the "...Program Files (x86)\F-Secure" folder. This can be viewed on the 'Advanced Security' page of the 'F-Secure' folder.
If none of the steps above helped, open a support ticket with F-Secure support for further assistance with this issue. To speed up the process, mention the following items when creating the support ticket:
If Hydra and Gemini are being disabled, please inform. If quarantine is inaccessible, please inform.
Article no: 000011216
How to block specific extensions using “Disallowed Inbound Files“ for incoming, outgoing and Internal with F-Secure Email and server security. I want to block only these extensions " *.doc *.docx *.docm *.xlx *.xlsx *.xlsm" for Internal email only, but not Outgoing or Incoming
Each mail route has its own settings. You need to individually define which match list to use. You can use Policy Manager Console to make these changes, if you are managing your F-Secure Email and Server Security via Policy Manager, or use the Web Console to login to your Email and Server Security locally. As you can see here, I am using a different Match list for each of my mail route, where I have defined the file types I want to block. On Actions, I have however selected "only drop the attachment", not the whole message. Now, I have activated each list for my Email traffic scanning accordingly, and each of them has their own list that contains the Extensions I want to be blocked from attachments.
Note: I did not use the default "Disallowed Files" from Lists and templates as I wanted to have my own customized lists. If you are using the default list on each email route, it means that the same rules will apply for all.
Article no: 000016592
Email messages are or were incorrectly classified by F-Secure spam scanner.
If your email messages were incorrectly classified by our spam scanner, we would like to receive a copy by email. Do note that the copy must be sent to the right channel, otherwise, it be rejected by our automated systems.
Create a new message and address it to:
firstname.lastname@example.org for spam messages which the spam scanner failed to filter email@example.com for legitimate, non-spam messages which were accidentally filtered as spam firstname.lastname@example.org for spam that attempts to trick the recipient into disclosing personal, private, or sensitive information (e.g., online banking password)
Add the spam sample as an attachment (multiple samples of the same type can be sent in a single submission)
In Microsoft Outlook, drag the sample from your inbox into the composition pane so they appear as an attachment in the new message In other email program, refer to the product documentation for instructions on how to obtain the full header of an email message using your email program
Important! Sample should be submitted with its full header, and if possible, in the message/rfc822 format. For meaningful analysis, do not edit the original message in any way. In the message, provide the name of the F-Secure product used and its version number Submit the sample from a valid, live email address. In rare cases, we may need to reply to you if we have questions.
Note: Submissions are primarily handled by automated systems; if you wish to include comments related to the submission, they should be communicated to your designated support contact to ensure proper attention. Mention the support ticket ID in the Subject header of the sample submission.
Article no: 000008306