Mail Shield - Settings

Manage these settings from: Settings ▸ Components ▸ Mail Shield ▸ Customize

Mail Shield is an additional layer of active protection in Avast Antivirus. It scans your incoming and outgoing email messages in real-time for malicious content such as viruses. Scanning applies only to messages sent or received using a mail management software (email clients, such as Microsoft Outlook or Mozilla Thunderbird). If you access your web based email account via an internet browser, your PC is protected by other Shields.

By default, Mail Shield is configured to provide optimal protection when switched on. We therefore strongly recommend you keep this Shield turned on at all times and only make configuration changes if you have an advanced understanding of malware protection principles.

Use the tabs on the left-side of the window to manage different aspects of Mail Shield behavior. After making any changes, click OK to save Mail Shield settings.

Main settings

The Main settings screen allows you to specify which type of messages are scanned by Mail Shield. All options are enabled by default:

  • Inbound (POP3, IMAP4): scans emails you receive.
  • Outbound (SMTP): scans emails you send.
  • Newsgroup messages (NNTP): scans all communication from news servers.

Note: We recommend you keep scanning enabled for all email types to ensure your full security.


The Behavior screen allows you to enable or disable Avast email signatures that inform both you and recipients of clean or infected emails. Additionally, you can manage what actions occur during scans, and configure options for Microsoft Outlook.

The following settings attach notes to the bottom of incoming and outgoing emails:

  • Insert note into clean message (incoming): informs you that the email you received does not contain malware.
  • Insert note into infected message (incoming): informs you that the email you received likely contains malware.
  • Insert note into clean message (outgoing): informs recipients that the email you sent does not contain malware. This option is ticked by default.
  • Mark in subject of mail containing a virus: tags emails with the subject line **VIRUS** if the email contains malware. This option is ticked by default. You can also specify your own tag in the text box.

The following settings are for Microsoft Outlook users only:

  • Show splash screen: displays a temporary Avast splash screen when Microsoft Outlook is launched to confirm that Mail Shield is running.
  • Scan attachment when attaching: scans attachments before the email is sent. This option is ticked by default.
  • Scan archived messages when opening: scans archived messages every time they are opened. You can specify that scanning applies to Unread messages only.

SSL scanning

Scan SSL connections: enables scanning of emails sent or received using SSL/TLS encrypted connection. This option is ticked by default. If disabled, only emails sent or received via unsecured connections are scanned.

If you use a third-party email client, you may be required to export a certificate from Mail Shield and import it into your email client's certificate store to enable SSL scanning. To export the Mail Shield certificate, follow these steps:

  1. Click Export certificate.
  2. Select a location to save the exported Mail Shield certificate, then click Save.
  3. Click OK to confirm the action.
  4. Import the Mail Shield certificate into your email client.

For further instructions, refer to your email client's documentation.


The Actions screen allows you to configure automatic responses to any threats detected by Mail Shield.

Follow these steps:

  1. Select a detection type (Virus, PUP or Suspicious), then select a primary action and a secondary action in case the first action fails:
    Note: You can specify different action combinations for each detection type.
    • Fix automatically (default): attempts to repair the file. If unsuccessful, moves the file to the Virus Chest or deletes the file if neither action is successful.
    • Move to Chest: sends the file to the Virus Chest where the file cannot harm your system.
    • Repair: removes malicious code if the file is only partially infected. This action is not possible if the entire code is malware.
    • Ask: notifies you of detected threats and asks you to decide which action to take.
    • Delete: permanently removes the file from your PC.
    • No action: makes no changes to the contents or location of the file (not recommended as an automatic action).
  2. Tick Show a notification window when action is taken to be notified of all actions (ticked by default).
  3. Specify the action you want to take if the Shield detects a malicious or suspicious file or program contained in an archive (specified in Packers):
    • Try to remove only the packed file from the archive; if it fails, do nothing (default): attempts to remove the contained file or program but does not delete the entire archive.
    • Try to remove only the packed file from the archive; if it fails, remove the whole containing archive: deletes the entire archive if unable to remove the file or program contained within.
  4. Click OK.


The Packers screen allows you to indicate the compressed file types that you want Mail Shield to unpack when checking for malware. For example, .zip, and .rar. The Shield is better able to analyze files for malware when files are unpacked. To unpack a file is the same as to extract a file from an archive. Original archives, including the files contained within, remain intact when being processed by the Shield.

By default, All packers are ticked.

Note: For more information about a specific file type, tick the file type and refer to the information under Packer description at the bottom of the screen.


The Sensitivity screen allows you to define the following settings for Mail Shield:

  • Heuristics: heuristics enable Avast to detect unknown malware by analyzing code for commands which may indicate malicious intent. Specify your preferences for the following options:
    • Use the orange bars to indicate your preferred level of heuristic sensitivity. The default setting is Normal (three bars). With higher sensitivity, Avast is more likely to detect malware, but also more likely to make false-positive detections (incorrectly identify files as malware).
    • Tick Use Code Emulation to unpack and test any suspected malware in an emulated environment where the file cannot cause damage to your PC. This option is ticked by default.
  • Sensitivity: tick Test whole files if you want the scan to analyze entire files rather than only the parts typically affected by malicious code. When this option is ticked, the scan is slower but more thorough.
  • PUP and suspicious files: tick Scan for potentially unwanted programs (PUPs) if you want the scan to look for programs that are stealthily downloaded with other programs and typically perform unwanted activity.

Note: The more options you tick and the higher the sensitivity you set, the more thoroughly the Shield scans your PC. With higher sensitivity, false-positive detections are more likely and more resources are consumed on your PC.

Report file

The Report file screen allows you to specify whether you want Mail Shield to produce reports of scan results. When troubleshooting issues with Avast Support representatives, you may be requested to provide a report file.

To generate automatic scan reports, follow these steps:

  1. Tick Generate report file. This option is ticked by default.
  2. Manage the following settings:
    • File name: provide a name for the report file.
    • File type: select the format of the report file - plain text ANSI, plain text Unicode, or XML.
    • If file exists: select Append if you want new results to be added to the end of the previous report, or Overwrite if you want new results to replace the previous report.
  3. Define the contents of the report:
    • Infected items: files and areas of the scanned environment which are identified as containing malware. This option is ticked by default.
    • Hard errors: unexpected errors which require further investigation. This option is ticked by default.
    • Soft errors: minor errors such as a file being unable to be scanned because it was in use.
    • OK items: files and areas which were identified as being clean. Ticking this option results in very long reports.
    • Skipped items: files and areas which the Shield did not check because of the scan settings.
  4. Click OK.

Report files are saved in one of the following locations:

  • Windows 10, Windows 8.1, Windows 8, Windows 7, or Windows Vista: C:\ProgramData\Avast Software\Avast\report
  • Windows XP: C:\Documents and Settings\All Users\Application Data\Avast Software\Avast\report