Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Registry hidden keys In ScanMail For Exchange (SMEX)

    • Updated:
    • 20 Oct 2016
    • Product/Version:
    • ScanMail for Exchange 11.0
    • ScanMail for Exchange 12.0
    • Platform:
    • Windows 2008 Standard
    • Windows 2012 Server Essentials
    • Windows 2012 Standard
Summary

This KB shows the registry hidden keys in SMEX 11.0 and 12.0.

Details
Public

The following keys are under the path:

HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion\

  • Type: REG_SZ
  • Value: Mail content-type. Use semicolon (;) as separator.
  • Purpose: When an email message passes through the Anti-spam filter, ScanMail will update the mail header. In some environment, this action might corrupt some email messages. We can use this registry key to specifically TNEF binary email messages.

This is available for all versions in both SMEX 11.0 and SMEX 12.0.

  • Type: REG_DWORD
  • Value: 33554432 (= 32*1024*1024, 32 MB)
  • Purpose: This sets the allowed scan size.

This is available for all versions in both SMEX 11.0 and SMEX 12.0.

  • Type: REG_DWORD
  • Value: 0
  • Purpose: This disables Trust Scan between transport and store level. Add hidden key to all Transport Level SMEX. Restarting the ScanMail_Master service is required for this key to take effect.

This is available for all versions in both SMEX 11.0 and SMEX 12.0.

  • Value: 0
  • Type: DWORD
  • Purpose: When the key “SkipQuarantinedSpamMail = 0” is not applied, once an email is detected as a spam, ScanMail delivers it to the spam folder directly without performing any scanning.

This is available for all versions in both SMEX 11.0 and SMEX 12.0.

  • Type: REG_DWORD
  • Data value: "1" = ScanMail (for Microsoft Exchange) performs attachment blocking scans on quarantined spam email messages
  • Purpose: This performs attachment blocking scans on quarantined spam email messages.

This is available for all versions in both SMEX 11.0 and SMEX 12.0.

  • Type: DWORD
  • Value: 1 (default value and mean enable), 0 (disable)
  • Purpose: This indicates trust scan result at transport level and is enabled by default. When the hidden is enabled it will add VS stamp at transport level, then store level will trust it and not scan. Customer may disable it and the mail will be scanned at recipient mailbox. The key will then take effect for the next mail.

This is available for all versions in both SMEX 11.0 and SMEX 12.0.

  • Type: DWORD
  • Value: 1
  • Purpose: When the URL triggers WTP filter and the action is Quarantine to User Spam Folder, SMEX will add "Suspicious URL" tag to notify customer that the mail has suspicious URL. It is an SMEX default behavior. This hidden key can remove this tag.

This is available for all versions in both SMEX 11.0 and SMEX 12.0.

  • Type: DWORD
  • Value: 1
  • Purpose: This hidden key can skip the mail backup.

This is available for all versions in both SMEX 11.0 and SMEX 12.0.

  • Type: DWORD
  • Value: 2048000 (Decimal)
  • Purpose: This exceeds the allowed scan length of the mail header.

This is available for all versions in both SMEX 11.0 and SMEX 12.0.

  • Type: REG_DWORD
  • Data value: 1
  • Purpose: This skips Office 2007 files, as they are considered compressed files in Attachment Blocking.

This is available for all versions in both SMEX 11.0 and SMEX 12.0.

  • Type: REG_DWORD
  • Purpose: This provides an option to configure the DLP filter to extract plain text from HTML content and then scan the plain text instead.

This is introduced in Hot Fix Build 4269 and also available in SMEX 12.0.

  • Type: REG_DWORD
  • Purpose: This ensures that email messages do not go through Trend Micro Deep Discovery Advisor repeatedly to prevent the looping issues.

This is introduced in Hot Fix Build 4259 and also available in SMEX 12.0.

  • Type: REG_DWORD
  • Value: 1
  • Purpose: This queries remote server logs or quarantined records using the Transport Layer Security (TLS) protocol.

This is introduced in Hot Fix Build 4235 and also available in SMEX 11 SP1 Patch 1 and SMEX 12.0.

  • Type: REG_DWORD
  • Purpose: Administrator Privileges - This Patch adds an option to prevent local and domain administrators from logging on to SMEX.

This is introduced in Hot Fix Build 4198 and also available in SMEX 11 SP1 Patch 1 and SMEX 12.0.

  • Type: REG_DWORD
  • Value: 1
  • Purpose: This updates pattern and engine files through the HTTPS server when it is set to use "Trend Micro ActiveUpdate Server" as download source.

This is available for all versions in both SMEX 11.0 and SMEX 12.0.

  • Type: REG_DWORD
  • Value: 1
  • Purpose: This allows users to enable the "HEUR_HAS_MACRO" ATSE rule which is used to detect if an email file attachment contains macros.

This is introduced in Hot Fix Build 4227 and also available in SMEX 11 SP1 Patch 1 and SMEX 12.0.

  • Type: REG_DWORD
  • Value: 1
  • Purpose: The TrustScan in Transport level is disabled by default. Add this key to enable it. Transport Trust Scan is applicable only for Spam Prevention, Web Reputation and Security Risk Scan filters. Results from both Content Filtering and Attachment Blocking etc. will not be trusted.

This is available for all versions in both SMEX 11.0 and SMEX 12.0.

  • Type: REG_DWORD
  • Values:
    1 = SMEX does not scan malformed email messages
    0 = SMEX quarantines malformed email messages

  • Purpose: This skips scanning emails which will otherwise trigger “Malformed message” feature.
  • Note: Disabling this feature may cause virus leak as the mail is not scanned.
This is applicable in SMEX 12.0 and SMEX 11.0 SP1 Patch 1.
Premium
Internal
Rating:
Category:
Install
Solution Id:
1114148
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.


Need More Help?

Create a technical support case if you need further support.