E-mail Anti-malware Configuration
Forefront Security for Exchange Server is configured with default settings to scan e-mail messages and mailboxes for suspicious attachments and content, with the exception of the settings that are listed in the following table. The table lists the e-mail anti-malware settings that are configured specifically for Windows EBS.
For more information about default settings for Forefront Security for Exchange Server, see the Microsoft Web site(https://go.microsoft.com/fwlink/?LinkId=128029).
| Anti-malware Feature | Windows EBS Default Setting | Description |
|---|---|---|
Scanning |
|
|
Background scanning |
VSAPI Background Scan Job is enabled daily at 4:00 AM |
The daily background scan job uses the Microsoft Virus Scanning API (VSAPI) to scan all files in the information store. |
Registry keys
The registry keys in the following table are set in the entry:
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Forefront Server Security\Exchange Server
| Key | Value (dword) |
|---|---|
UpdateDllonScannerUpdate |
00000000 |
RealtimeProcessCount |
00000002 |
InternetProcessCount |
00000002 |
EnableBackgroundScanOnScannerUpdate |
00000000 |
ManualScanDoc |
00000001 |
InternetScanDoc |
00000001 |
RealtimeScanDoc |
00000001 |
QuarantineSecurity |
00000002 |
ProxySettingsEnabled |
00000001 |
ProxyPort |
00001F90 |
Virus-scanning engines
The following virus-scanning engines are enabled by default in Forefront Security for Exchange Server in Windows EBS:
CA Vet
Microsoft Antimalware Engine
Norman Virus Control
Sophos Virus Detection Engine
To modify the virus-scanning engines that are used by Forefront Security for Exchange Server, see Modify the Virus-Scanning Engines Used by Forefront Security for Exchange Server.