pop3-detect

Function

The pop3-detect command enables antivirus (AV) scanning for the files transmitted using POP3.

The undo pop3-detect command disables AV scanning for the files transmitted using POP3.

Format

pop3-detect [ action { alert | declare | delete-attachment } ]

undo pop3-detect [ action ]

Parameters

Parameter	Description	Value
action { alert \| declare \| delete-attachment }	Specifies the response action.	The response action can be either of the following (the default action is alert): alert: The system permits files and generates logs. declare: The system permits files, add declarations to the email bodies, and generates logs. delete-attachment: The system deletes the email attachments, add declarations to the email bodies, and generates logs.

Views

Antivirus profile view

Default Level

2: Configuration level

Usage Guidelines

By default, the system scans viruses on files downloaded using POP3.

If no response action is configured, the default action alert takes effect.

The client/server type of protocols supported by the AV function also applies to the direction.

Upload: The file is sent from a client to a server.
Download: The file is sent from a server to a client.

Connections are generally initiated by a client. To ensure that connections can be established and the AV process can be implemented successfully, you need to configure the zone of the client as the source and that of the server as the destination when you configure the security policy.

POP3 can be used only for downloading files. Therefore, this command can be used only to detect viruses on files downloaded using POP3.

Example

# Create profile av_pop3, configure AV scanning on files downloaded using POP3, and set the response action to declare.

<sysname> system-view
[sysname] profile type av name av_pop3
[sysname-profile-av-av_pop3] pop3-detect action declare