When ScanMail detects a file
that matches your scanning configurations, it executes an action to protect your
Exchange environment. The type of action it executes depends on the type of scan it
is performing (real-time, manual, or scheduled), the Exchange Server role, and the
type of actions you have configured for that scan.
Procedure
- Go to the Security Risk Scan screen
by navigating to one of the following:
-
For Real-time scans:
-
For Manual scans:
-
For Scheduled scans:
-
- Click the Action tab. The Action tab displays.
- Select one of the following:
-
ActiveAction: Perform scan actions recommended by Trend Micro.
-
Customized action for detected threats: Select to perform an action over all security risks or specify an action for each threat.
Note
To configure the scan action that ScanMail performs on Advanced threats, administrators must enable the Advanced Threat Scan Engine on the Security Risk Scan: Target tab.
For details on Security Risk Scan actions, see Security Risk Scan Actions. -
- To back up the infected file, select Backup infected file before performing action.
- Select Do not clean infected compressed files to optimize performance. if performance improvement is required.
- Select Send Predictive Machine Learning Feedback to Trend Micro
Smart Protection Network to send file content and scan results
to Trend Micro for analysis.
Note
To select this option, you must first enable Predictive Machine Learning from the Target tab. - Configure Advanced Options as necessary.
Note
For details on advanced scan actions, see Advanced Scan Action Options.- Click the Macros heading to configure macro
scan.
-
Select Enable advanced macro scan.
-
Select one of the following:
-
Heuristic level
-
Delete all macros detected by advanced macro scan
-
Note
For details on conifguring macro scanning, see Configuring Macro Scanning. -
- Click Quarantine and Backup Settings to specify the directory paths.
- Click Replacement Settings to configure the text or file name that replaces infected content.
- Click the Unscannable Message Parts heading to specify actions for encrypted email message, encrypted and password protected files, files not in the scan restriction criteria and unsupported or corrupted files. You can also specify file extensions to exclude from scanning, and text or file name that replaces unscannable content.
- Click the Macros heading to configure macro
scan.
- Click Save.