EXCHANGE13/16 Anti-Malware protection

Source: Internet
Author: User
Tags malware protection


Here is the operation above the mailbox server.


Start the Exchange Powell Shell

  1. Navigate to the Script directory


    CD ' C:\Program Files\Microsoft\Exchange Server\v15\scripts '

    650) this.width=650; "src=" Https://s2.51cto.com/wyfs02/M00/8C/E2/wKiom1h8dHewbpkAAAAEYsd6qMQ508.png "title=" 1.png "alt=" Wkiom1h8dhewbpkaaaaeysd6qmq508.png "/>





  2. Installing anti-Malware scripts



    . \ENABLE-ANTIMALWARESCANNING.PS1 disabling the use of DISABLE-ANTIMALWARESCANNING.PS1

    650) this.width=650; "src=" Https://s2.51cto.com/wyfs02/M01/8C/E2/wKiom1h8dODBc43xAAAcR7jgHvc673.png "title=" 1.png "alt=" Wkiom1h8dodbc43xaaacr7jghvc673.png "/>

  3. Restart the MSExchangeTransport (Exchange transport) service


  4. 650) this.width=650; "src=" Https://s3.51cto.com/wyfs02/M01/8C/E2/wKiom1h8dYKRzu6ZAAAbBa-pGFo524.png "title=" 1.png "alt=" Wkiom1h8dykrzu6zaaabba-pgfo524.png "/>



To temporarily bypass malware filtering, run the following command:


Set-malwarefilteringserver <ServerIdentity>-bypassfiltering $true

To restore malware filtering, run the following command:


Set-malwarefilteringserver <ServerIdentity>-bypassfiltering $false


Use the shell to manually download engines and definition updates

Prerequisites:

Permissions for organization management (organization management) and clean Management (hygiene management) must be assigned.

To download the engine and definition updates, run the following command:

& $env: exchangeinstallpath\scripts\update-malwarefilteringserver.ps1-identity <fqdn of Server>

This example manually downloads the engine and definition updates to a server named mailbox01.contoso.com:

& $env: Exchangeinstallpath\scripts\update-malwarefilteringserver.ps1-identity mailbox01.contoso.com

How do you know this works?

To verify that the update was successfully downloaded, you need to access Event Viewer and then view the event log. We recommend that you filter only the FIPFS events by following these steps:

    1. From the Start menu, click All Programs > Administrative Tools > Event Viewer.

    2. In Event Viewer, expand the Windows Logs folder, and then click Applications.

    3. On the Action menu, click Filter Current log.

    4. In the Filter Current Log dialog box, from the following list of event sources, select the Fipfs check box, and then click OK.

If the engine has been successfully downloaded, you will see event ID 6033, which will display information similar to the following:

MS Filtering Engine Update process performed a successful scan engine update.

Scan Engine: Microsoft

Update Path: http://forefrontdl.microsoft.com/server/scanengineupdate

Last Update time: 2012-08-16T13:22:17.000Z

Engine Version: 1.1.8601.0

Signature Version: 1.131.2169.0


This article is from the "Record Bit Technology" blog, please make sure to keep this source http://seawind.blog.51cto.com/6845370/1892294

EXCHANGE13/16 Anti-Malware protection

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.