Applies to: Exchange Server 2013
Topic Last Modified: 2013-03-01
In Microsoft Exchange Server 2013, you can disable or bypass malware filtering of all email messages in transit on a server. This must be done on a Mailbox server.
You may want to disable Exchange 2013 malware filtering if you are using another product for malware filtering. When malware filtering is disabled, the Exchange malware agent is unhooked and not running, and engine updates are not kept up-to-date.
 Important: |
|---|
| Bypassing malware filtering should only be done when troubleshooting a problem. When malware filtering is bypassed, the Exchange malware agent remains hooked, and engine updates are kept up-to-date. However, malware filtering is skipped while you attempt to resolve whatever problems you are encountering. After you have finished troubleshooting, you should restore malware filtering. |
What do you need to know before you begin?
- Estimated time to complete each procedure: 15 minutes
- You can't use the Exchange admin center (EAC) to perform this
procedure. You can only use the Shell.
- Disabling or enabling malware filtering restarts the Microsoft
Exchange Transport service on the server. This may temporarily
disrupt mail flow in your organization.
- Bypassing or restoring malware filtering doesn't require you to
restart any services. However, changes to the setting may take up
to 10 minutes to take effect.
- If you have multiple Exchange servers performing malware
filtering, you must perform these steps on each server.
- You need to be assigned permissions before you can perform this
procedure or procedures. To see what permissions you need, see the
“Anti-malware” entry in the Anti-Spam and
Anti-Malware Permissions topic.
- For information about keyboard shortcuts that may apply to the
procedures in this topic, see Keyboard Shortcuts in
the Exchange Admin Center.
 Tip: |
|---|
| Having problems? Ask for help in the Exchange forums. Visit the forums at: Exchange Server, Exchange Online, or Exchange Online Protection |
What do you want to do?
Use the Shell to disable malware filtering on a specific Exchange server
To disable malware filtering, run the following command:
 Copy Code |
|
|---|---|
& $env:ExchangeInstallPath\Scripts\Disable-Antimalwarescanning.ps1 |
|
 Note: |
|---|
To re-enable malware filtering, use
Enable-Antimalwarescanning.ps1 instead of
Disable-Antimalwarescanning.ps1. |
How do you know this step worked?
To verify that malware filtering is disabled, run the following command and confirm that it returns a value of False:
| Copy Code |
|
|---|---|
Get-TransportAgent "Malware Agent" |
|
Use the Shell to temporarily bypass malware filtering on a specific Exchange server
| Important: |
|---|
| Bypassing malware filtering should only be done when troubleshooting a problem. You should restore malware filtering after you have finished troubleshooting. |
To temporarily bypass malware filtering, run the following command:
| Copy Code |
|
|---|---|
Set-MalwareFilteringServer -BypassFiltering $true |
|
To restore malware filtering, run the following command:
| Copy Code |
|
|---|---|
Set-MalwareFilteringServer -BypassFiltering $false |
|
How do you know this step worked?
To verify that malware filtering is being bypassed, run the following command and confirm that it returns a value of True:
| Copy Code |
|
|---|---|
Get-MalwareFilteringServer | Format-List BypassFiltering |
|