Rescan messages already malware scanned by the hosted filtering service

Exchange 2013

Applies to: Exchange Server 2013

Topic Last Modified: 2015-04-08

You can configure Microsoft Exchange Server 2013 to rescan email messages already scanned for malware by the hosted email filtering service. Enabling this functionality provides another layer of defense against malware because the cloud-hosted filtering only scans inbound and outbound messages. Internal messages are scanned by the built-in anti-malware protection capabilities of Exchange 2013. By default, messages scanned in the cloud are not resubmitted for malware scanning on-premises.

This topic only applies to Microsoft Exchange Server 2013 customers who are using cloud-hosted email filtering.

  • Estimated time to complete: 15 minutes

  • You can only use the Shell to perform this procedure.

  • You need to be assigned permissions before you can perform this procedure or procedures. To see what permissions you need, see the “Anti-malware�? entry in the Anti-spam and anti-malware permissions topic.

  • For information about keyboard shortcuts that may apply to the procedures in this topic, see Keyboard shortcuts in the Exchange admin center.

Having problems? Ask for help in the Exchange forums. Visit the forums at Exchange Server, Exchange Online, or Exchange Online Protection.

  1. To rescan messages already malware scanned by the hosted filtering service, run the following command:

    Set-MalwareFilteringServer -ForceRescan $true
    To return to the default setting of not rescanning messages, re-set the above parameter to $false.

To verify that your Exchange 2013 server is rescanning messages for malware, run the following command and confirm that it returns a value of True:

Get-MalwareFilteringServer | Format-List ForceRescan