Enabling proactive scanning

 

Applies to: Forefront Protection for Exchange

Microsoft Exchange proactive scanning can be enabled on Mailbox servers. With proactive scanning, Mailbox servers that contain public folder databases scan files as they are posted to the server. Proactive scanning also causes a scan of messages in the Sent Items folder in mailbox databases.

By default, proactive scanning is disabled. However, because content posted to a public folder database is usually not routed through a Hub Transport server, in order to ensure that the content is scanned before it gets to the store, it is recommended that you enable proactive scanning for public folder databases. Scanning material as it is posted to the public folder database also prevents download delays when the content is accessed.

You can enable proactive scanning in one of the following ways:

  • Set the following Exchange DWORD registry value to 1:

    HKEY_Local_Machine\System\CurrentControlSet\Services\MSExchangeIS\VirusScan\ProactiveScanning

    By default, this registry value is set to 0 (proactive scanning is disabled).

  • Select the Scan after engine update check box for the realtime scan. When you enable this setting, the realtime scan job rescans previously scanned messages when they are accessed following an engine or definition update. Enabling this setting also automatically sets the ProactiveScanning registry value to 1. However, you may want to enable proactive scanning without rescanning messages after engine updates, since this may impact server performance. In this case, you should set the ProactiveScanning registry value to 1 without selecting the Scan after engine update check box.

    For more information about the Scan after engine update setting for the realtime scan, see "Configuring additional real time scanning options" in Configuring the realtime scan.