Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

How to temporarily disable anti virus?

We've got a proprietary log file that keeps getting stopped for being a virus by the ES5000 running 10.0.6. I had turned off the Capture ATP in the hope it would pass through, but no. Also I've created a filter to skip Spam and Phishing analysis for that sender, but there is no way to disable the AV.

Also, maddeningly, the description of the threat doesn't help: X-Mlf-Threat-Detailed: virus;hasattach; V_gggruggvucftvghtrhhoucdtuddrgeduhedruddufedgjeelucetufdoteggodetrfcurfhrohhfihhlvgemucfuqffpkfevhgetnffnnecuuegrihhlohhuthemuceftddtnecuggfktfgfufcukfhntggvphhtihhonhdvnecujfgurhephffvufffkfgtggesmhdtjhertddtvdenucfhrhhomhepvegrrhihucfotgghhhhorhhtvghruceotghmtgifhhhorhhtvghrsehsthgvrhhilhhithgvrdgtohhmqeenucggtffrrghtthgvrhhnpefgueffveehffdtteeuteevgeefueefhffgieeitdffgfduhfffudetueehvdelgfenucfkphepuddvjedrtddrtddruddpvdduiedrudelgedrvdegrdelfeenucfrrghrrghmpehhvghlohepfhgrkhgvrdhhvghlohdrtghomhdpihhnvghtpeduvdejrddtrddtrddupdhmrghilhhfrhhomheprgguughrvghsshesughomhgrihhnrdgtohhmpdhrtghpthhtoheprgguughrvghsshesughomhgrihhnrdgtohhmpdhrtghpthhtoheprgguughrvghsshdvseguohhmrghinhdrtghomh

Is there a way to temporarily whitelist a sender or file type to not be inspected by the SonicWall AV? The email has already passed through two other AV systems before hitting the ES5000 and was determined to be clean.

Category: Email Security Appliances
Reply

Best Answer

Answers

  • NevyadithaNevyaditha Moderator

    Hi @Craig_S ,

    Please follow the below link for the admin guide and Navigate to "Exception Management"

    Please try and let us know if that helps.

    Thanks

    Nevyaditha P

    Technical Support Advisor, Premier Services

  • Craig_SCraig_S Newbie ✭

    I see that the exception management referenced here is for the Capture ATP, but currently Capture ATP is turned off. The file is still being flagged for a virus by the ES5000.

  • NevyadithaNevyaditha Moderator

    @Craig_S ,

    I would suggest contacting SonicWall support so that we can help you troubleshoot this issue in real-time.

    Thanks !!

    Nevyaditha P

    Technical Support Advisor, Premier Services

  • Halon5Halon5 Enthusiast ✭✭

    Hi @Craig_S

    Two from the bottom of the Actions in the Filter " Skip Capture ATP"

    ---Stephan

  • Halon5Halon5 Enthusiast ✭✭

    Sadly there is no effective means to simply send False Positives / False Negatives for review.

    This really needs to be fixed as the current routine is ridiculously time consuming and inefficient for all involved.

    Having to disable the AV doesn't sound like a great option too me.


    Can we ever expect to see a better result form Vade rather than a long line of "garbage" ?

Sign In or Register to comment.