Views:
When ScanMail detects a file that matches your scanning configurations, it executes an action to protect your Exchange environment. The type of action it executes depends on the type of scan it is performing (real-time, manual, or scheduled), the Exchange Server role, and the type of actions you have configured for that scan.

Procedure

  1. Go to the Security Risk Scan screen by navigating to one of the following:
    • For Real-time scans: Security Risk Scan
    • For Manual scans: Manual ScanSecurity risk scan
    • For Scheduled scans: Scheduled Scan[Add or Edit]Security risk scan
  2. Click the Action tab.
    The Action tab displays.
  3. Select one of the following:
    • AntimalwareScanCore: Perform scan actions recommended by Trend Micro.
    • Customized action for detected threats: Select to perform an action over all security risks or specify an action for each threat.
      Note
      Note
      To configure the scan action that ScanMail performs on Advanced threats, administrators must enable the Advanced Threat Scan Engine on the Security Risk Scan: Target tab.
    For details on Security Risk Scan actions, see Security Risk Scan Actions.
  4. To back up the infected file, select Backup infected file before performing action.
  5. Select Do not clean infected compressed files to optimize performance. if performance improvement is required.
  6. Select Send Predictive Machine Learning Feedback to Trend Micro Smart Protection Network to send file content and scan results to Trend Micro for analysis.
    Note
    Note
    To select this option, you must first enable Predictive Machine Learning from the Target tab.
  7. Configure Advanced Options as necessary.
    Note
    Note
    For details on advanced scan actions, see Advanced Scan Action Options.
    1. Click the Macros heading to configure macro scan.
      1. Select Enable advanced macro scan.
      2. Select one of the following:
        • Heuristic level
        • Delete all macros detected by advanced macro scan
      Note
      Note
      For details on conifguring macro scanning, see Configuring Macro Scanning.
    2. Click Quarantine and Backup Settings to specify the directory paths.
    3. Click Replacement Settings to configure the text or file name that replaces infected content.
    4. Click the Unscannable Message Parts heading to specify actions for encrypted email message, encrypted and password protected files, files not in the scan restriction criteria and unsupported or corrupted files. You can also specify file extensions to exclude from scanning, and text or file name that replaces unscannable content.
  8. Click Save.
Related information
Keywords: settings