Community forum to discuss cxs.
If you believe that there is a problem with your cxs installation and want support then, as a paid product, you should use the helpdesk after having consulted the documentation.
I don't know where all the other options are added or which one I should remove so that I'm only warned via e-mail when something gets blocked / quarantined / deleted
You must have put a list of options in your defaults file at some point. It is the "--options T" that is reporting every php script. Check the file /etc/cxs/cxs.defaults and remove that to stop cxs ftp scanning from reporting every script being uploaded.
As for your other question about configuring cxs to only send an email when something is quarantined, cxs has two primary actions as we recommend configuring it:
1) To automatically quarantine files that match as known viruses or exploits. We configure cxs to do this by default when we install it (unless requested to not do so).
2) To alert you to files or directories that are suspicious for one reason or another, but do not match as already known viruses or exploits. Some of the matches in this category are probably exploits and therefore you should examine the file reported to determine whether or not it is an exploit.
If you are getting repeated reports for files that you know are not exploits, you can configure cxs to ignore them. Please see the cxs documentation for the "--ignore [file]" option as well as the file /etc/cxs/cxs.ignore or /etc/cxs/cxs.ignore.example.
It is not possible to configure cxs to scan for certain file types but not send an email if it detects them, as that would be pointless. If you do not want cxs to even scan for certain types of files or matches, then you can change the "--options" setting in your cxs command or script file (cxswatch.sh, cxsftp.sh, etc.). Please see the documentation for the various file types and how to configure the "--options" setting.