Does XMON scans only attachments or email bodies as well?

It depends on your MS Exchange Server version. From SP2 2000 version XMON scans also email bodies.

Why there are some items in XMON module settings inactive (grayed out)?

XMON is a universal module able to work with different MS Exchange Server versions (from 5.5 SP3, 2000 SP2 to 2003). If some items in settings are grayed out, the reason is that your MS Exchange Server version does not support that function.

Why scanning messages continues after the “Active control” choice was turned off?

Communication between MS Exchange Server and XMON module is asynchronous, meaning that XMON sets its requirement and MS Exchange Server picks it up. This all runs in approximately 1 minute intervals. Therefore turning “Active control” off will be applied within the next minute. The same applies to other XMON settings.

Can XMON remove entire infected email if it contains infected attachment?

Yes, XMON can remove entire email. Yet, it is necessary to choose “Delete whole message” option in “Deleting” section. This option is available only if you have MS Exchange Server 2003 and higher.

Is outgoing email also scanned by XMON for viruses?

Yes, XMON also scans outgoing emails unless you have set other SMPT server in your mail client than your MS Exchange Server. The condition is at least MS Exchange Server 2000 Service Pack 3.

Is it possible to set text that would be added to each scanned message in XMON module, similarly to IMON when scanning POP3 protocol?

Adding text to scanned messages is not possible, because MS Exchange Server does not support this option.

Sometimes I cannot open some emails via MS Outlook. Why is that?

Most probably you have chosen “No action, mark as infected” in “Action” section or you have added the rule with predefined “Mark as infected” action. The result of both these actions is that infected messages or messages coming under this rule are marked and blocked by MS Exchange Server.

Is rebooting after installation really necessary? Is it enough to run NOD32 Kernel Service?
If you are really skilled administrator and this is the first NOD32 for MS Exchange Server installation, it can be done in this way. If we are talking about reinstall or uninstall, rebooting is necessary.

What does “time limit” item in “Performance” section exactly express?

In case you have MS Exchange Server 2000 SP2 or higher, time limit is a maximum time in seconds needed for scanning an individual file. If the scanning is not finished within this limit, MS Exchange Server declines access to the message. Scanning is not interrupted and after it is finished, every other attempt to access file will be successful. On the other hand, if you have MS Exchange Server 5.5 SP3 or SP4, the value is given in milliseconds and expresses in what time user should try to reaccess file, which could not be accessed before due to the unfinished testing.

How long can the file types list be in one rule?
The file type list can be 225 wild cards long in one rule.

I’ve checked the “Background scanning” option. Till now, after each virus signature database update, messages on MS Exchange Server have been always scanned. This didn’t happen after last update. Where is the problem?

There’s no problem. MS Exchange Server chooses on its own whether it will scan all the messages immediately, or only after user’s request to access given message.

If I chose the “Rename attachment /delete message” option in “Action” section, will the renamed attachment be scanned in following controls?

Naturally, that depends on renamed file format and on whether you have marked “Scan all files” check box. If yes, we are talking about format with header (EXE, DLL, DOC,… file types) and file will always be tested, because format is the deciding factor. On the other hand, when we are talking about format without header (e.g. COM, BAT, JS, VBS file types), file won’t be tested anymore, because the format is not know, and the file type is the deciding factor. If you decided for the “Rename attachment” option, we recommend combining it with appropriate rule and thus preventing multiple scanning of renamed file.