Export (0) Print
Expand All
Expand Minimize
This topic has not yet been rated - Rate this topic

Set-MalwareFilteringServer

 

Applies to: Exchange Server 2013

Topic Last Modified: 2013-03-05

Use the Set-MalwareFilteringServer cmdlet to configure the Malware agent settings in the Transport service on a Mailbox server.

For information about the parameter sets in the Syntax section below, see Syntax.

Set-MalwareFilteringServer -Identity <MalwareFilteringServerIdParameter> [-BypassFiltering <$true | $false>] [-Confirm [<SwitchParameter>]] [-DeferAttempts <Int32>] [-DeferWaitTime <Int32>] [-DomainController <Fqdn>] [-ForceRescan <$true | $false>] [-MinimumSuccessfulEngineScans <Int32>] [-PrimaryUpdatePath <String>] [-ScanErrorAction <Block | Allow>] [-ScanTimeout <Int32>] [-SecondaryUpdatePath <String>] [-UpdateFrequency <Int32>] [-UpdateTimeout <Int32>] [-WhatIf [<SwitchParameter>]]

This example sets the following Malware agent settings on the Mailbox server named Mailbox01:

  • Sets the update frequency interval to 2 hours

  • Sets the time to wait between resubmit attempts to 10 minutes

Set-MalwareFilteringServer Mailbox01 -UpdateFrequency 120 -DeferWaitTime 10

You need to be assigned permissions before you can run this cmdlet. Although all parameters for this cmdlet are listed in this topic, you may not have access to some parameters if they're not included in the permissions assigned to you. To see what permissions you need, see the "Anti-malware" entry in the Anti-Spam and Anti-Malware Permissions topic.

 

Parameter Required Type Description

Identity

Required

Microsoft.Exchange.Configuration.Tasks.MalwareFilteringServerIdParameter

The Identity parameter specifies the server where you want to configure the anti-malware settings. You can use any value that uniquely identifies the server. For example:

  • Name

  • FQDN

  • Distinguished name (DN)

  • Exchange Legacy DN

BypassFiltering

Optional

System.Boolean

The BypassFiltering parameter temporarily bypasses malware filtering without disabling the Malware agent on the server. The Malware agent is still active, and the agent is still called for every message, but no malware filtering is actually performed. This allows you to temporarily disable and then enable malware filtering on the server without disrupting mail flow by restarting the Microsoft Exchange Transport service. Valid input for this parameter is $true or $false. The default value is $false.

Confirm

Optional

System.Management.Automation.SwitchParameter

The Confirm switch causes the command to pause processing and requires you to acknowledge what the command will do before processing continues. You don't have to specify a value with the Confirm switch.

DeferAttempts

Optional

System.Int32

The DeferAttempts parameter specifies the maximum number of times to defer a message that can't be scanned by the Malware agent. Valid input for this parameter is an integer between 1 and 5. The default value is 3.

After the maximum number of deferrals is reached, the action taken by the Malware agent depends on the error. For scan timeouts and engine errors, the action is to fail the message and return a non-delivery report (NDR) to the sender immediately after the last defer attempt. For all other errors, the message is retried for up to 48 hours, with each retry attempt taking place one hour longer than the last one. For example, starting after the last defer attempt, the first retry attempt will occur in 1 hour, the next retry attempt will occur 2 hours after that, the next retry attempt will occur 3 hours after the second retry attempt, and so on for up to 48 hours. After 48 hours have elapsed, the action is to fail the message and return a non-delivery report (NDR) to the sender.

DeferWaitTime

Optional

System.Int32

The DeferWaitTime parameter specifies the time period in minutes to increase the interval to resubmit messages for malware filtering in an effort to reduce the workload on the server.

For example, the first retry after the original failed scan occurs after the interval specified by the DeferWaitTime parameter. The second retry after the first retry occurs after two times the value of the DeferWaitTime parameter. The third retry after the second retry occurs after three times the value of the DeferWaitTime parameter, and so on. The maximum number of retries is controlled by the DeferAttempts parameter.

Valid input for this parameter is an integer between 0 and 15. The default value is 5. This means the first resubmit occurs 5 minutes after the original failed scan, the second retry occurs 10 minutes after the first retry, the third retry occurs 15 minutes after the second retry, and so on. The value 0 means messages are resubmitted for malware filtering after any failed scanning attempts without any delay.

DomainController

Optional

Microsoft.Exchange.Data.Fqdn

The DomainController parameter specifies the fully qualified domain name (FQDN) of the domain controller that writes this configuration change to Active Directory.

ForceRescan

Optional

System.Boolean

The ForceRescan parameter specifies that messages should be scanned by the malware agent, even if the message was already scanned by Exchange Online Protection. Valid input for this parameter is $true or $false. The default value is $false.

MinimumSuccessfulEngineScans

Optional

System.Int32

This parameter is reserved for internal Microsoft use.

PrimaryUpdatePath

Optional

System.String

The PrimaryUpdatePath parameter specifies where to download malware scanning engine updates. The default value is http://forefrontdl.microsoft.com/server/scanengineupdate. The location specified by the PrimaryUpdatePath parameter is always tried first.

ScanErrorAction

Optional

Microsoft.Exchange.Data.Directory.SystemConfiguration.MalwareScanErrorAction

The ScanErrorAction parameter specifies the action to take when a message can't be scanned by the malware filter. Valid values for this parameter are Block or Allow. The default value is Block.

ScanTimeout

Optional

System.Int32

The ScanTimeout parameter specifies the timeout interval in seconds for messages that can't be scanned by the malware filter. Valid input for this parameter is an integer between 10 and 900. The default value is 300 (5 minutes).

SecondaryUpdatePath

Optional

System.String

The SecondaryUpdatePath parameter specifies an alternate download location for malware scanning engine updates. The default values is blank ($null). This means no alternate download location is specified.

The alternate download location is used when the location specified by the PrimaryUpdatePath parameter is unavailable for the time period specified by the UpdateTimeout parameter. On the next malware scanning engine update, the location specified by the PrimaryUpdate path parameter is tried first.

UpdateFrequency

Optional

System.Int32

The UpdateFrequency parameter specifies the frequency interval in minutes to check for malware scanning engine updates. Valid input for this parameter is an integer between 1 and 38880 (27 days). The default value is 60 (one hour). The locations to check for updates are specified by the PrimaryUpdatePath and SecondaryUpdatePath parameters.

UpdateTimeout

Optional

System.Int32

The UpdateTimeout parameter specifies the timeout interval in seconds to use when checking for malware scanning engine updates. Valid input for this parameter is an integer between 60 and 300. The default value is 150 seconds (2.5 minutes).

If the location specified by the PrimaryUpdatePath parameter is unavailable for the time period specified by the UpdateTimeout parameter value, the location specified by the SecondaryUpdatePath parameter is used.

WhatIf

Optional

System.Management.Automation.SwitchParameter

The WhatIf switch instructs the command to simulate the actions that it would take on the object. By using the WhatIf switch, you can view what changes would occur without having to apply any of those changes. You don't have to specify a value with the WhatIf switch.

To see the input types that this cmdlet accepts, see Cmdlet Input and Output Types. If the Input Type field for a cmdlet is blank, the cmdlet doesn’t accept input data.

To see the return types, which are also known as output types, that this cmdlet accepts, see Cmdlet Input and Output Types. If the Output Type field is blank, the cmdlet doesn’t return data.

 
Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft. All rights reserved.