Configuring protection from e-mail-based threats

Updated: February 1, 2011

Applies To: Forefront Threat Management Gateway (TMG)

The following topics describe how to protect your organization from malware that is delivered by e-mail.

Before you begin

Before you can configure an e-mail policy, you must install some prerequisite applications. For details, see Installing prerequisites for email protection.


If you enable antispam filtering in Forefront Protection for Exchange (FPE), it will ignore any content filtering settings that you configure on Forefront TMG; that is, any Exchange content filtering settings. We recommend that you enable antispam filtering in FPE. However, if you require Forefront TMG and Exchange Server’s content filtering settings, do one of the following on each Forefront TMG array member:

  • Configure antispam filtering manually in the FPE Administration Console or Management Shell. Note: all subsequent antispam filtering settings changes should be done on each server separately because Forefront TMG does not track these settings.

  • Disable antispam filtering or do not enable it when you install FPE, and restart the MSExchangeTransport service.

  • Enable the Content Filter Agent using the Enable-TransportAgent cmdlet and restart the MSExchangeTransport service.

For further information see Exchange Content Filter settings are ignored.


Installing prerequisites for email protection
Subscribing the Edge Transport Server to the Exchange Organization


Protecting your networks