If you are deploying file-level scanners on Exchange 2010 servers, make sure that the appropriate exclusions, such as directory exclusions, process exclusions, and file name extension exclusions, are in place for both scheduled and real-time scanning. This section describes directory exclusions, process exclusions, and file name extension exclusions for each server or server role.
Directory Exclusions
You must exclude specific directories for each Exchange server or server role on which you run a file-level antivirus scanner. This section describes the directories that you should exclude from file-level scanning for each server or server role.
Mailbox server role
· Exchange databases, checkpoint files, and log files across all storage groups. By default, these are located in sub-folders under the %Program Files%\Microsoft\Exchange Server\v14\Mailbox folder. You can obtain the directory location by running the following commands in the Exchange Management Shell:
· To determine the location of a mailbox database and log folders, run the following command: Get-MailboxDatabase -server
· To determine the location of a public folder database, run the following command: Get-PublicFolderDatabase -server
· Database content indexes. By default, these are located in mailbox database sub-folders under the %Program Files%\Microsoft\Exchange Server\v14\Mailbox folder.
· General log files, such as message tracking log files. These files are located in subfolders under the %Program Files%\Microsoft\Exchange Server\v14\TransportRoles\Logs folder and %Program Files%\Microsoft\Exchange Server\v14\Logging folder. To determine the log paths being used, run the following command in the Exchange Management Shell: Get-MailboxServer
· The Offline Address Book files that are located in subfolders under the %Program Files%\Microsoft\Exchange Server\v14\ExchangeOAB folder
· IIS system files in the %SystemRoot%\System32\Inetsrv folder
· The temporary folder that is used with offline maintenance utilities, such as Eseutil.exe. By default, this folder is the location where the .exe file is run from. However, you can configure where you perform the operation from when you run the utility.
· The temporary folders that are used to perform conversions:
· Content conversions are performed in the server’s TMP folder.
· OLE conversions are performed in %Program Files%\Microsoft\Exchange Server\v14\Working\OleConvertor folder.
· The Mailbox database temporary folder: %Program Files%\Microsoft\Exchange Server\v14\Mailbox\MDBTEMP
· Any Exchange-aware antivirus program folders
DAG Member Mailbox server
All the items listed in the Mailbox server role list, and the following:
· The file share witness. This is located on another server in the environment, typically a Hub transport server.
Hub Transport server role
· General log files, for example, message tracking. These files are located in subfolders under the %Program Files%\Microsoft\Exchange Server\v14\TransportRoles\Logs folder. To determine the log paths being used, run the following command in the Exchange Management Shell: Get-TransportServer
· The message folders that are located under the %Program Files%\Microsoft\Exchange Server\v14\TransportRoles folder. To determine the paths being used, run the following command in the Exchange Management Shell: Get-TransportServer
· The transport server role queue database, checkpoint, and log files that are located in the %Program Files%\Microsoft\Exchange Server\v14\TransportRoles\Data\Queue folder.
· The transport server role Sender Reputation database, checkpoint, and log files that are located in the %Program Files%\Microsoft\Exchange Server\v14\TransportRoles\Data\SenderReputation folder
· The transport server role IP filter database, checkpoint, and log files that are located in the %Program Files%\Microsoft\Exchange Server\v14\TransportRoles\Data\IpFilter folder
· The temporary folders that are used to perform conversions:
· Content conversions are performed in the server’s TMP folder.
· OLE conversions are performed in %Program Files%\Microsoft\Exchange Server\v14\Working\OleConvertor folder.
· Any Exchange-aware antivirus program folders
Edge Transport server role
· The Active Directory Application Mode (ADAM) database and log files that are located in the %Program Files%\Microsoft\Exchange Server\v14\TransportRoles\Data\Adam folder.
· General log files, for example message tracking. These files are located in subfolders under the %Program Files%\Microsoft\Exchange Server\v14\TransportRoles\Logs folder. To determine the log paths being used, run the following command in the Exchange Management Shell: Get-TransportServer
· The message folders that are located under the %Program Files%\Microsoft\Exchange Server\v14\TransportRoles folder. To determine the log paths being used, run the following command in the Exchange Management Shell: Get-TransportServer
· The transport server role queue database, checkpoint, and log files that are located in the %Program Files%\Microsoft\Exchange Server\v14\TransportRoles\Data\Queue folder.
· The transport server role Sender Reputation database, checkpoint, and log files that are located in the %Program Files%\Microsoft\Exchange Server\v14\TransportRoles\Data\SenderReputation folder
· The transport server role IP filter database, checkpoint, and log files that are located in the %Program Files%\Microsoft\Exchange Server\v14\TransportRoles\Data\IpFilter folder
· The temporary folders that are used to perform conversions:
· Content conversions are performed in the server’s TMP folder.
· OLE conversions are performed in %Program Files%\Microsoft\Exchange Server\v14\Working\OleConvertor folder.
· Any Exchange-aware antivirus program folders
Client Access server role
· Exclude the IIS compression directory from the antivirus software's scan list
For more information, see the Microsoft Knowledge Base article KB817422,
· IIS system files in the %SystemRoot%\System32\Inetsrv folder
· The Internet-related files that are stored in the sub-folders of the %Program Files%\Microsoft\Exchange Server\v14\ClientAccess folder
· The temporary folder that is used to perform content conversion. By default, this is the server’s TMP folder.
Unified Messaging server role
· The grammar files that are stored in the subfolders in the %Program Files%\Microsoft\Exchange Server\v14\UnifiedMessaging\grammars folder
· The voice prompts that are stored in the subfolders in the %Program Files%\Microsoft\Exchange Server\v14\UnifiedMessaging\Prompts folder
· The voicemail files that are stored in the %Program Files%\Microsoft\Exchange Server\v14\UnifiedMessaging\voicemail folder
