Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 1 subscriber
  • Views 8996 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

WinMail.exe detection on Windows 7 clients...

Mako-Wish

Hello all,

We use Outlook for email throughout the company, so we have used Sophos to block all other email applications. One issue here is that Windows 7 includes WinMail.exe (Windows Mail). This causes a TON of alert emails being sent to me saying it detected Windows Mail. Unfortunately, Windows Mail cannot be removed or deleted from Windows 7. Is there a way to stop receiving emails JUST for Windows Mail without authorizing its use in the Sophos policies?

Thank you,

Eric

:54906


This thread was automatically locked due to age.
Parents
  • 0

    Hello Eric,

    selective messaging is not available.

    The question is, what triggers these alerts? By default Application Control is not enabled, you can enable on-access and on-demand scanning separately. If the latter is disabled then a detection only occurs when someone deliberately tries to open Windows Mail (unlikely) or "something" (some process, e.g. a backup) accesses the application. So perhaps you can prevent these accesses.

    without authorizing

    Do you think that someone would use Windows Mail (you could still use a Software Restriction Policy to disallow it)? It likely wouldn't make a difference to authorize it and it is safe as opposed to the other option, namely excluding winmail.exe from (on-access) scanning, I don't recommend it as it introduces an, albeit small, risk - though OTOH it wouldn't make you extremely vulnerable.

    HTH

    Christian

    :54913
Reply
  • 0

    Hello Eric,

    selective messaging is not available.

    The question is, what triggers these alerts? By default Application Control is not enabled, you can enable on-access and on-demand scanning separately. If the latter is disabled then a detection only occurs when someone deliberately tries to open Windows Mail (unlikely) or "something" (some process, e.g. a backup) accesses the application. So perhaps you can prevent these accesses.

    without authorizing

    Do you think that someone would use Windows Mail (you could still use a Software Restriction Policy to disallow it)? It likely wouldn't make a difference to authorize it and it is safe as opposed to the other option, namely excluding winmail.exe from (on-access) scanning, I don't recommend it as it introduces an, albeit small, risk - though OTOH it wouldn't make you extremely vulnerable.

    HTH

    Christian

    :54913
Children
No Data