Export (0) Print
Expand All

Disable or Bypass Anti-Malware Scanning

 

Applies to: Exchange Server 2013

Topic Last Modified: 2014-04-03

In Microsoft Exchange Server 2013, you can disable or bypass malware filtering of all email messages in transit on a server. This must be done on a Mailbox server.

You may want to disable Exchange 2013 malware filtering if you are using another product for malware filtering. When malware filtering is disabled, the Exchange malware agent is unhooked and not running, and engine updates are not kept up-to-date.

ImportantImportant:
Bypassing malware filtering should only be done when troubleshooting a problem. When malware filtering is bypassed, the Exchange malware agent remains hooked, and engine updates are kept up-to-date. However, malware filtering is skipped while you attempt to resolve whatever problems you are encountering. After you have finished troubleshooting, you should restore malware filtering.

  • Estimated time to complete each procedure: 15 minutes

  • You can only use the Shell to perform this procedure.

  • Disabling or enabling malware filtering restarts the Microsoft Exchange Transport service on the server. This may temporarily disrupt mail flow in your organization.

  • Bypassing or restoring malware filtering doesn't require you to restart any services. However, changes to the setting may take up to 10 minutes to take effect.

  • If you have multiple Exchange servers performing malware filtering, you must perform these steps on each server.

  • You need to be assigned permissions before you can perform this procedure or procedures. To see what permissions you need, see the “Anti-malware” entry in the Anti-Spam and Anti-Malware Permissions topic.

  • For information about keyboard shortcuts that may apply to the procedures in this topic, see Keyboard Shortcuts in the Exchange Admin Center.

TipTip:
Having problems? Ask for help in the Exchange forums. Visit the forums at: Exchange Server, Exchange Online, or Exchange Online Protection.

To disable malware filtering, run the following command:

& $env:ExchangeInstallPath\Scripts\Disable-Antimalwarescanning.ps1

NoteNote:
To re-enable malware filtering, use Enable-Antimalwarescanning.ps1 instead of Disable-Antimalwarescanning.ps1.

To verify that malware filtering is disabled, run the following command and confirm that it returns a value of False:

Get-TransportAgent "Malware Agent"

ImportantImportant:
Bypassing malware filtering should only be done when troubleshooting a problem. You should restore malware filtering after you have finished troubleshooting.

To temporarily bypass malware filtering, run the following command:

Set-MalwareFilteringServer <ServerIdentity> -BypassFiltering $true

To restore malware filtering, run the following command:

Set-MalwareFilteringServer <ServerIdentity> -BypassFiltering $false

To verify that malware filtering is being bypassed, run the following command and confirm that it returns a value of True:

Get-MalwareFilteringServer | Format-List BypassFiltering
 
Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft