Configuring antimalware scanning
Applies to: Forefront Protection for Exchange
You can use Forefront Protection 2010 for Exchange Server (FPE) to help combat malware in your Microsoft Exchange environment. Malware is comprised of viruses, worms, and spyware. Viruses infect other programs and data, and they spread throughout your computer looking for programs to infect. Worms also infect but do not need to be attached to another program. Spyware usually refers to any non-viral malware that pretends to be something it is not, such as games or screensavers. As its name implies, spyware spies on you, gathering personal information (such as logon data) that it sends back to its installer.
FPE enables you to configure the following antimalware scanning options:
Transport—Scans e-mail messages that are inbound or outbound from an Exchange Transport stack, and it also scans all internal mail. For more information, see Scanning e-mail for malware during transport.
Realtime—Scans e-mail messages and attachments that are accessed in mailboxes and public folders on your Exchange server. For more information, see Scanning mailboxes and public folders for malware in real time.
Scheduled—Similar to realtime scanning, scanning occurs in the Exchange information store. Scheduled scans are typically used to scan the entire information store. For more information, see Scheduling malware scanning of mailboxes and public folders.
On-demand—Scans are typically used to immediately scan specific mailboxes to localize a known issue. For more information, see Scanning specific mailboxes for malware on-demand.
Note
You can configure FPE to bypass virus scanning of messages that were already scanned by Forefront Online Protection for Exchange (FOPE). For more information, see Bypassing virus and spam scanning for messages already scanned.