Hello everyone.
I have the enterprise version 100.0.9581.25517 (3/26/2026) on Windows
With message sniffer + Cyren antispam
I also had Cyren antivirus, but honestly, it doesn't seem to do anything.
I have clamav with additional definitions via sercuriteinfo
but only updating some of the signatures.
This is because some signatures concern the antispam, in my opinion.
Anyway.
I tried activating Windows Defender again.
I had already tried it in the past, and it generated false positives, so I gave up (meaning that if I rechecked with the same Defender, it didn't give me a positive result).
I reported the problem to support, who told me that in a future version they would do a double pass with Windows Defender to confirm, so as to avoid false positives.
I tried again, and after almost 48 hours, I can say it intercepted quite a few viruses. I manually checked the quarantine using Virus Total, and so far, everything is confirmed.
I'm pleasantly surprised by Windows Defender.
What's the problem?
I need to install Sophos on the endpoint server, which also has XDR, to increase protection.
Sophos doesn't intercept the viruses that Defender intercepted. The explanation seems to be the different way they work. Sophos would intervene when the malicious file is executed/opened.
So, for protecting my clients, the Clamav + Windows Defender combination seems better.
But for protecting the server, is Sophos better?
And here comes the big question:
If Defender is in passive mode:
Can SmarterMail still use it for email scanning?
or does it stop completely?