TechNet
Export (0) Print
Expand All
Collapse the table of content
Expand the table of content
Expand Minimize

Set-MalwareFilteringServer

 

Applies to: Exchange Server 2016

This cmdlet is available only in on-premises Exchange Server 2016.

Use the Set-MalwareFilteringServer cmdlet to configure the Malware agent settings in the Transport service on a Mailbox server.

For information about the parameter sets in the Syntax section below, see Syntax.

Set-MalwareFilteringServer -Identity <MalwareFilteringServerIdParameter> [-BypassFiltering <$true | $false>] [-Confirm [<SwitchParameter>]] [-DeferAttempts <Int32>] [-DeferWaitTime <Int32>] [-DomainController <Fqdn>] [-ForceRescan <$true | $false>] [-MinimumSuccessfulEngineScans <Int32>] [-PrimaryUpdatePath <String>] [-ScanErrorAction <Block | Allow>] [-ScanTimeout <Int32>] [-SecondaryUpdatePath <String>] [-UpdateFrequency <Int32>] [-UpdateTimeout <Int32>] [-WhatIf [<SwitchParameter>]]

This example sets the following Malware agent settings on the Mailbox server named Mailbox01:

  • Sets the update frequency interval to 2 hours

  • Sets the time to wait between resubmit attempts to 10 minutes

Set-MalwareFilteringServer Mailbox01 -UpdateFrequency 120 -DeferWaitTime 10

You need to be assigned permissions before you can run this cmdlet. Although all parameters for this cmdlet are listed in this topic, you may not have access to some parameters if they're not included in the permissions assigned to you. To see what permissions you need, see the "Anti-malware" entry in the Anti-spam and anti-malware permissions topic.

 

Parameter Required Type Description

Identity

Required

Microsoft.Exchange.Configuration.Tasks.MalwareFilteringServerIdParameter

The Identity parameter specifies the server where you want to configure the anti-malware settings. You can use any value that uniquely identifies the server. For example:

  • Name

  • FQDN

  • Distinguished name (DN)

  • Exchange Legacy DN

BypassFiltering

Optional

System.Boolean

The BypassFiltering parameter temporarily bypasses malware filtering without disabling the Malware agent on the server. The Malware agent is still active, and the agent is still called for every message, but no malware filtering is actually performed. This allows you to temporarily disable and then enable malware filtering on the server without disrupting mail flow by restarting the Microsoft Exchange Transport service. Valid input for this parameter is $true or $false. The default value is $false.

Confirm

Optional

System.Management.Automation.SwitchParameter

The Confirm switch specifies whether to show or hide the confirmation prompt. How this switch affects the cmdlet depends on if the cmdlet requires confirmation before proceeding.

  • Destructive cmdlets (for example, Remove-* cmdlets) have a built-in pause that forces you to acknowledge the command before proceeding. For these cmdlets, you can skip the confirmation prompt by using this exact syntax: -Confirm:$false.

  • Most other cmdlets (for example, New-* and Set-* cmdlets) don't have a built-in pause. For these cmdlets, specifying the Confirm switch without a value introduces a pause that forces you acknowledge the command before proceeding.

DeferAttempts

Optional

System.Int32

The DeferAttempts parameter specifies the maximum number of times to defer a message that can't be scanned by the Malware agent. Valid input for this parameter is an integer between 1 and 5. The default value is 3.

After the maximum number of deferrals is reached, the action taken by the Malware agent depends on the error. For scan timeouts and engine errors, the action is to fail the message and return a non-delivery report (NDR) to the sender immediately after the last defer attempt. For all other errors, the message is retried for up to 48 hours, with each retry attempt taking place one hour longer than the last one. For example, starting after the last defer attempt, the first retry attempt will occur in 1 hour, the next retry attempt will occur 2 hours after that, the next retry attempt will occur 3 hours after the second retry attempt, and so on for up to 48 hours. After 48 hours have elapsed, the action is to fail the message and return a non-delivery report (NDR) to the sender.

DeferWaitTime

Optional

System.Int32

The DeferWaitTime parameter specifies the time period in minutes to increase the interval to resubmit messages for malware filtering in an effort to reduce the workload on the server.

For example, the first retry after the original failed scan occurs after the interval specified by the DeferWaitTime parameter. The second retry after the first retry occurs after two times the value of the DeferWaitTime parameter. The third retry after the second retry occurs after three times the value of the DeferWaitTime parameter, and so on. The maximum number of retries is controlled by the DeferAttempts parameter.

Valid input for this parameter is an integer between 0 and 15. The default value is 5. This means the first resubmit occurs 5 minutes after the original failed scan, the second retry occurs 10 minutes after the first retry, the third retry occurs 15 minutes after the second retry, and so on. The value 0 means messages are resubmitted for malware filtering after any failed scanning attempts without any delay.

DomainController

Optional

Microsoft.Exchange.Data.Fqdn

The DomainController parameter specifies the domain controller that's used by this cmdlet to read data from or write data to Active Directory. You identify the domain controller by its fully qualified domain name (FQDN). For example, dc01.contoso.com.

The DomainController parameter isn't supported on Edge Transport servers. An Edge Transport server uses the local instance of Active Directory Lightweight Directory Services (AD LDS) to read and write data.

ForceRescan

Optional

System.Boolean

The ForceRescan parameter specifies that messages should be scanned by the malware agent, even if the message was already scanned by Exchange Online Protection. Valid input for this parameter is $true or $false. The default value is $false.

MinimumSuccessfulEngineScans

Optional

System.Int32

This parameter is reserved for internal Microsoft use.

PrimaryUpdatePath

Optional

System.String

The PrimaryUpdatePath parameter specifies where to download malware scanning engine updates. The default value is http://forefrontdl.microsoft.com/server/scanengineupdate. The location specified by the PrimaryUpdatePath parameter is always tried first.

ScanErrorAction

Optional

Microsoft.Exchange.Data.Directory.SystemConfiguration.MalwareScanErrorAction

The ScanErrorAction parameter specifies the action to take when a message can't be scanned by the malware filter. Valid values for this parameter are Block or Allow. The default value is Block.

ScanTimeout

Optional

System.Int32

The ScanTimeout parameter specifies the timeout interval in seconds for messages that can't be scanned by the malware filter. Valid input for this parameter is an integer between 10 and 900. The default value is 300 (5 minutes).

SecondaryUpdatePath

Optional

System.String

The SecondaryUpdatePath parameter specifies an alternate download location for malware scanning engine updates. The default values is blank ($null). This means no alternate download location is specified.

The alternate download location is used when the location specified by the PrimaryUpdatePath parameter is unavailable for the time period specified by the UpdateTimeout parameter. On the next malware scanning engine update, the location specified by the PrimaryUpdate path parameter is tried first.

UpdateFrequency

Optional

System.Int32

The UpdateFrequency parameter specifies the frequency interval in minutes to check for malware scanning engine updates. Valid input for this parameter is an integer between 1 and 38880 (27 days). The default value is 60 (one hour). The locations to check for updates are specified by the PrimaryUpdatePath and SecondaryUpdatePath parameters.

UpdateTimeout

Optional

System.Int32

The UpdateTimeout parameter specifies the timeout interval in seconds to use when checking for malware scanning engine updates. Valid input for this parameter is an integer between 60 and 300. The default value is 150 seconds (2.5 minutes).

If the location specified by the PrimaryUpdatePath parameter is unavailable for the time period specified by the UpdateTimeout parameter value, the location specified by the SecondaryUpdatePath parameter is used.

WhatIf

Optional

System.Management.Automation.SwitchParameter

The WhatIf switch simulates the actions of the command. You can use this switch to view the changes that would occur without actually applying those changes. You don't need to specify a value with this switch.

To see the input types that this cmdlet accepts, see Cmdlet Input and Output Types. If the Input Type field for a cmdlet is blank, the cmdlet doesn’t accept input data.

To see the return types, which are also known as output types, that this cmdlet accepts, see Cmdlet Input and Output Types. If the Output Type field is blank, the cmdlet doesn’t return data.

 
Show:
© 2016 Microsoft