Topic Last Modified: 2005-11-18
The Microsoft® Exchange Server Analyzer Tool reads the following registry entry to determine whether Symantec AntiVirus Corporate Edition (Symantec AV) is installed on the Exchange Server, and RealTime Protection (RTP) is enabled:
If the Exchange Server Analyzer finds that the HaveExceptionDirs registry value is set to 0, the Exchange Server Analyzer displays an error. A HaveExceptionDirs registry value of 0 indicates that folder exclusions are disabled.
Folder exclusions prevent specific folders from being scanned during real-time antivirus scanning. If you have not enabled folder exclusions on your Exchange Server, the following problems can occur:
- Symantec AV RTP may provide false positive reports on certain
clean files that are accessed during ordinary program activity.
- Symantec AV RTP may incorrectly report infected files in
software that your corporate security policy already permits to run
on your Exchange Server.
- Symantec AV RTP may scan the Exchange Server directory
structure and cause inaccurate virus detections, unexpected
behavior on the Exchange server, or damage to the Exchange Server
|You must never run file-based scanning software against Exchange Server databases, logs, temporary files, Internet Information Services (IIS) system files, or the installable file system (IFS) drive (drive M). Configure antivirus software to avoid scanning the folders that contain these files.|
You can run file-based antivirus software against the operating system of the Exchange Server computer and against Exchange Server program files (the Exchsrvr\Bin folder). However, do not run file-based antivirus software against the following files and folders:
- Exchange Server databases (.mdb and .stm files) and transaction
log (.log) files (default location: \Exchsrvr\MDBData)
- Exchange Server .mta files (default location:
- Exchange Server message tracking log files (default location:
- Virtual server folders (default location:
- Site Replication Service (SRS) files (default location:
- Internet Information Service (IIS) system files (default
- Internet Mail Connector files (default location:
- The working folder that is used to store streaming temporary
files that are used for message conversion. By default, this
working folder is located at \Exchsrvr\MDBData
- A temporary folder that is used together with offline
maintenance utilities, such as Eseutil.exe. By default, this folder
is the location that you run the .exe files from, but you can
configure this when you run the utility.
You can run file-based scanning against the following folders:
For detailed information about how to configure exclusions on RealTime scanning in Symantec AntiVirus Corporate Edition, see the Symantec antivirus Web site (http://www.symantec.com).
|Web addresses can change, so you might be unable to connect to the Web site or sites that are mentioned here.|
For more information about fortifying an Exchange Server environment against e-mail transmitted viruses and worms, see "Slowing and Stopping E-Mail Viruses in an Exchange Server 2003 Environment" (http://go.microsoft.com/fwlink/?LinkId=47587).
For more information about how to use antivirus software with Exchange Server, see the following Microsoft Knowledge Base articles:
- 328841, "Exchange and antivirus software" (http://go.microsoft.com/fwlink/?linkid=3052&kbid=328841)
- 823166, "Overview of Exchange Server 2003 and antivirus
- 306105, "XGEN: Microsoft's Position on Antivirus Solutions for
Exchange 2000" (http://go.microsoft.com/fwlink/?linkid=3052&kbid=306105)
- 245822, "Recommendations for troubleshooting an Exchange Server
computer with antivirus software installed" (http://go.microsoft.com/fwlink/?linkid=3052&kbid=245822)
For a list of third-party antivirus software that is available for Exchange Server, see the Exchange Server Partners: Antivirus Web site (http://go.microsoft.com/fwlink/?linkid=16226).