Configuring the action when a filter is matched
Applies to: Forefront Protection for SharePoint
Topic Last Modified: 2010-01-20
You must indicate the action that Microsoft Forefront Protection 2010 for SharePoint (FPSP) should take upon detecting a match to your filter criteria.
|You must set the action for each filter list you configure. The action setting is not global.|
The action options are only available after a filter list has been enabled, and the types of action options that are available are dependent upon the type of filtering you are performing. Possible action choices are listed and described in the following table. Click Save after making any changes to your action settings.
Records the number of files that meet the filter criteria, but enables uploading and downloading to take place normally. If, however, Delete corrupted compressed files, Delete corrupted UUEncoded Files, or Delete encrypted compressed files was selected in Global Settings - Advanced Options, a match to any of those conditions causes the item to be deleted. This setting is the default for all filters.
Deletes the file, inserting deletion text in its place. This setting only applies to scheduled and on-demand filters.
For information about modifying deletion text, see Editing deletion text for file filters.
Prevents the file from being uploaded or downloaded. The user receives a SharePoint message that the file was infected and could not be uploaded or downloaded. This setting only applies to realtime filters.
|Extreme care should be taken when implementing actions for filter lists because they also affect files submitted for antimalware scanning by SharePoint. This can potentially include ASPX and other operational pages. It is recommended that you tune your filter lists by using an action of Skip detect prior to implementing a Delete or Suspend action.|