Folder and File level scanning Exclusions for Exchange 2010

There is a technet article
http://technet.microsoft.com/en-us/library/bb332342.aspx

Titled : File-Level Antivirus Scanning on Exchange 2010
Please read the first section to understand the requirements.

To make the rest of the article easier to understand, as it does get a bit convoluted after the introduction….

The following folders (and subsequent subfolders) need exclusions:

C:\Program Files\Microsoft\Exchange Server\V14\Mailbox
C:\Program Files\Microsoft\Exchange Server\V14\GroupMetrics
C:\Program Files\Microsoft\Exchange Server\V14\TransportRoles
C:\Program Files\Microsoft\Exchange Server\V14\Logging
C:\Program Files\Microsoft\Exchange Server\V14\ExchangeOAB
C:\Program Files\Microsoft\Exchange Server\V14\Mailbox\MDBTEMP
C:\Program Files\Microsoft\Exchange Server\V14\Working\OleConvertor
C:\Program Files\Microsoft\Exchange Server\V14\ClientAccess

C:\Windows\Cluster
C:\Windows\System32\Inetsrv

C:\inetpub\temp\IIS Temporary Compressed Files
C:\Inetpub\logs\logfiles\w3svc

In my deployment, I typically  put the Transaction logs on E and databases on F

E:\Logs
F:\Databases

In addition, as mentioned in the article,
Many file-level scanners now support the scanning of processes, which can adversely affect Microsoft Exchange if the incorrect processes are scanned.
Therefore, you should exclude the following processes from file-level scanners.
(I re-sorted the table from the technet article into alphabetical listing for easy reading)

Cdb.exe
Cidaemon.exe
Clussvc.exe
Dsamain.exe
EdgeCredentialSvc.exe
EdgeTransport.exe
ExFBA.exe
GalGrammarGenerator.exe
Inetinfo.exe
Mad.exe
Microsoft.Exchange.AddressBook.Service.exe
Microsoft.Exchange.AntispamUpdateSvc.exe
Microsoft.Exchange.ContentFilter.Wrapper.exe
Microsoft.Exchange.EdgeSyncSvc.exe
Microsoft.Exchange.Imap4.exe
Microsoft.Exchange.Imap4service.exe
Microsoft.Exchange.Infoworker.Assistants.exe
Microsoft.Exchange.Monitoring.exe
Microsoft.Exchange.Pop3.exe
Microsoft.Exchange.Pop3service.exe
Microsoft.Exchange.ProtectedServiceHost.exe
Microsoft.Exchange.RPCClientAccess.Service.exe
Microsoft.Exchange.Search.Exsearch.exe
Microsoft.Exchange.Servicehost.exe
MSExchangeADTopologyService.exe
MSExchangeFDS.exe
MSExchangeMailboxAssistants.exe
MSExchangeMailboxReplication.exe
MSExchangeMailSubmission.exe
MSExchangeRepl.exe
MSExchangeThrottling.exe
MSExchangeTransport.exe
MSExchangeTransportLogSearch.exe
Msftefd.exe
Msftesql.exe
OleConverter.exe
Powershell.exe
SESWorker.exe
SpeechService.exe
Store.exe
TranscodingService.exe
UmService.exe
UmWorkerProcess.exe
W3wp.exe
In addition to excluding specific directories and processes, you should exclude the following Exchange-specific file name extensions in case directory exclusions fail or files are moved from their default locations.

Application-related extensions
.config
.dia
.wsb

Database-related extensions
.chk
.log
.edb
.jrs
.que

Offline address book-related extensions:
.lzx

Content Index-related extensions
.ci
.wid
.001
.dir
.000
.002

Advertisements

About Mike

owner of blog
This entry was posted in Exchange 2010. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s