[Today’s post comes to us courtesy of Wayne McIntyre]
In SBS 2008, Forefront Security for Exchange is offered as a 120 day trial during the installation of SBS. If you choose to install this component it is a good idea to regularly review email messages and attachments that may have been quarantined by forefront. This is good for 2 reasons, identifying false positives so you can forward the email to the user as it is a legitimate email with a safe attachment, and also to get an idea of what type of unsafe emails and attachments are being sent to your users which will give you an understanding of what Forefront is blocking. Additionally, when performing a migration from exchange 2003 when you run the move mailbox wizard, Forefront Security for Exchange real time scanner will scan all email in your users’ mailboxes as they are being moved and possibly quarantine previous emails.
To access the quarantine report open Forefront Server Security Administration under All Programs > Microsoft Forefront Server Security > Exchange Server, click continue on UAC prompt, select your server and click ok. Once Forefront Server Security Administration is loaded, expand the report section and select Quarantine.
From here you will have the following options:
- Clear Log which will clear all items from the Quarantine Pane, however the quarantined items will remain in the database until the quarantine database is compacted which occurs daily at 2am.
- Export, which will export the quarantine list to a txt file.
- Save As, which gives you an opportunity to save the attachment that was quarantined.
- Deliver, which allows you to deliver the message or attachment to the original recipient, an alternate recipient or both:
- You can also configure your purge settings to automatically remove quarantined items after x number of days. This will help in controlling the database size.
- To delete individual items or a subset of items highlight the items you wish to delete and press the delete key on your keyboard (use ctrl/shift for multi-select).
For more in-depth coverage for Forefront Security for Exchange Server refer to the user guide on Technet: http://technet.microsoft.com/en-us/library/bb795069.aspx