Quarantine

  • Article

 

Applies to: Forefront Security for Exchange Server

Forefront Security for Exchange Server, by default, creates a copy of every detected file before a clean, delete, or skip action occurs. These files are stored in an encoded format in the Quarantine folder under the Forefront Security for Exchange Server DatabasePath folder (which defaults to the Installation folder).

Forefront Security for Exchange Server performs two different quarantine operations: quarantine of entire messages or quarantine of attachments only. Entire messages are quarantined only for content filters and file filters that are set to Purge when quarantine is enabled.

An administrator can access the Quarantine pane to delete or extract stored detected file attachments. To view the Quarantine log, click REPORT in the Shuttle Navigator, and then click the Quarantine icon. The Quarantine pane appears.

The quarantine list reports the date the file was quarantined, the name of the file, the type of incident that triggered the quarantine (such as virus or filter match), the name of the infecting virus or the filter name, the subject field of the message, the sender name, the sender address, the recipient names, and the recipient addresses.