• Article

ScanMail for Microsoft Exchange SMTP scanning enabled on mailbox server

[This topic is intended to address a specific issue called out by the Exchange Server Analyzer Tool. You should apply it only to systems that have had the Exchange Server Analyzer Tool run against them and are experiencing that specific issue. The Exchange Server Analyzer Tool, available as a free download, remotely collects configuration data from each server in the topology and automatically analyzes the data. The resulting report details important configuration issues, potential problems, and nondefault product settings. By following these recommendations, you can achieve better performance, scalability, reliability, and uptime. For more information about the tool or to download the latest versions, see "Microsoft Exchange Analyzers" at https://go.microsoft.com/fwlink/?linkid=34707.]  

Topic Last Modified: 2005-12-15

The Microsoft® Exchange Server Analyzer Tool reads the following property in the Microsoft Internet Information Services (IIS) metabase to determine the current configuration settings for Trend Micro ScanMail for Microsoft Exchange:

LM/SmtpSvc/%SMTPINSTANCE%/EventManager/EventTypes/{76719654-05A6-11d2-9dfd-00C04FA322BA}/Bindings/{6BA0CE4C-AC34-411E-B58A-EB715D04019D}/Enabled

The Exchange Server Analyzer also queries the Active Directory® directory service to determine the value for the serverRole attribute of the Exchange server object. A value of 1 for the serverRole attribute indicates that the Exchange server has been configured as a front-end server. A value of 0 indicates that the Exchange server is not configured as a front-end server.

The Exchange Server Analyzer also queries the Win32_OperatingSystem Microsoft Windows® Management Instrumentation (WMI) class to determine the value of the OSProductSuite key for the Exchange server. This query is performed to determine the specific operating system that is running on the Exchange server.

The Exchange Server Analyzer also reads the following registry value to determine the version of ScanMail for Exchange that is running on the Exchange server:

HKEY_LOCAL_MACHINE\Software\TrendMicro\ScanMail for Exchange\CurrentVersion\Version

If the value data for the Version value starts with 7, it indicates that ScanMail for Microsoft Exchange Version: 7 is installed.

Finally, the Exchange Server Analyzer queries Active Directory to determine the number of objects that have a homeMDBBL attribute configured. Objects that have the homeMDBBL attribute configured are mailbox-enabled objects. Therefore, the count of the number of objects that have homeMDBBL configured is the number of mailboxes that exist.

The Exchange Server Analyzer displays a best practice message if the following conditions are true:

  • ScanMail for Microsoft Exchange Version: 7 is installed.

  • ScanMail for Microsoft Exchange is configured to perform SMTP scanning on an Exchange server that is not configured as a front-end server.

  • The Exchange server contains more than 20 mailboxes.

  • The Exchange server is not running Microsoft Windows Small Business Server 2003 or Microsoft Small Business Server 2000.

Trend Micro recommends that users of ScanMail for Microsoft Exchange Version: 7 disable SMTP scanning that uses the ScanMail management console on mailbox servers if there are separate dedicated gateway or bridgehead servers. For best performance and security, Trend Micro recommends that SMTP scanning be enabled on gateway bridgehead servers instead of on mailbox servers.