Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Registry hidden keys In ScanMail For Exchange (SMEX)

    • Updated:
    • 14 Mar 2019
    • Product/Version:
    • ScanMail for Exchange 11.0
    • ScanMail for Exchange 12.0
    • ScanMail for Exchange 12.0
    • ScanMail for Exchange 12.5
    • ScanMail for Exchange 12.5
    • Platform:
    • Windows 2008 Standard
    • Windows 2012 Server Essentials
    • Windows 2012 Standard
Summary

This KB shows the registry hidden keys in SMEX.

 
Always back up the whole registry before making any modifications. Incorrect changes to the registry can cause serious system problems.
Details
Public
Hot Fix BuildHidden Key
SMEX 12.5
Hot Fix Build 1318
Issue:

ScanMail cannot extract URLs from digitally signed email messages correctly because some garbled characters exist at the end of these URLs. ScanMail detects the URLs as suspicious.

Solution:

This hot fix provides an option to configure ScanMail to skip the extracting and scanning of URLs in digitally signed email messages. This hot fix automatically adds a registry key and sets its value to "1" to enable this option, by default.

Procedure:

To configure this feature:

  1. Install this hot fix.
  2. Open the Registry Editor.
  3. Locate the following key and set the preferred value:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: SkipWTP4SMINE
    Type: REG_DWORD
    Data value:
    "1" = Skip extracting URLs in digitally signed email messages
    "0" = Extract URLs in digitally signed email messages

SMEX 12.5
Hot Fix Build 1316
(same as SMEX 10.0 Hot Fix Build 4162)

Users need SMEX to log every attachment that passes through it to be able to trace what attachments have been sent in their Microsoft Exchange organization.
For example, if a confidential document named "secret.pdf" leaks out, users want to know if it was sent within the company. If so, they want to know who sent it, who was the recipient, and when the attachment was sent.
After applying Patch 1, users are allowed to enable ScanMail to log every attachment that passes through it onto a plain text file.
By default, the attachment log tracing feature is disabled when the Attachment Blocking filter is enabled.

To enable the attachment log tracing feature while the Attachment Blocking filter is ENABLED, create the following registry key and set its value to "1":

Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
Type: REG_DWORD
Key: EnableAttachmentTracing
Value: 1 (0 = disabled (default), 1 = enabled)

To enable the attachment log tracing feature while the Attachment Blocking filter is DISABLED, create the following registry keys and set the values to "1".

Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
Type: REG_DWORD
Key: EnableAttachmentTracing
Value: 1 (0 = disabled (default), 1 = enabled)

Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
Type: REG_DWORD
Key: EnableAttachmentTracingWithABDisabled
Value: 1 (0 = disabled (default), 1 = enabled)

To specify the scan level where this attachment log tracing feature should be active, create the following registry key and assign the appropriate value.

Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
Type: REG_DWORD
Key: AttachmentTracingOnScanLevel
Value:
1 - Transport Level (default)
2 - Store Level
3 - Both

To specify which scan type the attachment log tracing feature should be active in, create the following registry key and assign the appropriate value.

Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
Type: REG_DWORD
Key: AttachmentTracingOnScanType
Value:
1 - Real-time scan (default)
2 - Manual/Scheduled Scan
3 - Both

To specify the location of the attachment tracing log file, create the following registry key and assign the appropriate value.

Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
Type: REG_SZ
Key: AttachmentTracingLogFolder
Value: Attachment tracing log file's location, for example, "D:\AttacnmentTracking\Log".

The default value is "{SMEX_root}\debug". The typical default value is "C:\Program Files\Trend Micro\Smex\Debug"

 
The log file name is hard-coded to "AttachmentTracing.log". Users cannot specify the file name.

To specify the maximum size of an attachment tracing log file, create the following registry key and set an appropriate value.

Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
Type: REG_DWORD
Key: AttachmentTracingMaxLogFileSize
Value: File size in bytes, default is 10485760 (10MB).

 
When the log file size reaches the maximum value, it will create a backup in the same folder using a new file name consisting of the log filename and the date information.
For example: AttachmentTracing-10-11-02-16-26-52.log.
ScanMail will not delete the log files, so if there are too many log files that take up too much disk space, users need to delete or move the old log files manually.
SMEX 12.5
Hot Fix Build 1321
Enhancement:

ScanMail does not move internal messages detected as spam messages or malicious URLs to the junk email folder even if users selected the "Quarantine message to user's spam folder" action.

Solution:

This hot fix provides an option for users to configure ScanMail to enable it to move an internal message (considered spam or suspicious URL) to the junk email folder if users selected the "Quarantine message to user's spam folder" action. This hot fix automatically adds a registry key and sets its value to "1" to enable this option, by default.

Procedure:

To configure this feature:

  • Install this hot fix.
  • Open the Registry Editor.
  • Locate the following key and set the preferred value:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: EnableInternalMailSclChange
    Type: REG_DWORD
    Data value:
    "1" = Enable ScanMail to move an internal message which is Spam or suspicious URL to junk email folder if "Quarantine message to user's spam folder" action is selected
    "0" = Disable ScanMail to move an internal message which is Spam or suspicious URL to junk email folder if "Quarantine message to user's spam folder" action is selected

  • Restart the ScanMail service.
SMEX 12.5
Hot Fix Build 1323
Issue:

The Attachment Blocking OLE Scan feature does not work in SMEX 12.5.

Solution:

This hot fix enables the Attachment Blocking OLE Scan feature in SMEX 12.5.

Procedure:

To enable the Attachment Blocking OLE Scan feature:

  • Install this hot fix.
  • Open the Registry Editor.
  • Locate the following keys and set the preferred values:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: ABOLEScanLayer
    Type: REG_DWORD
    Data value:The maximum number of embedded layers can be scanned.
    "0"= No embedded layers will be scanned.
    "1"= The first embedded layer will be scanned.
    ...
    "20"= Up to the twentieth embedded layer will be scanned.

    The default value is "20". For example, to set the feature to scan up to the fifth layer, set "ABOLEScanLayer=5".

    Key: ABOLEContainerTypes
    Type: REG_SZ
    Data value: The ID list of VSAPI supported OLE container files. The values must be separated by semicolon (;). Below are the key meanings:
    "1" = Word
    "2" = PowerPoint
    "4" = Excel
    "30" = Project
    "4045" = Office 2007 files. The default value is "1;2;4;30;4045".
    Restart the ScanMail service.

    Enable the following Attachment Blocking settings:
    • Specific attachments > Attachment types > Applications and executable files
    • Specific attachments > Attachment types > Compressed files
    • Block attachment types or names within compressed files
     
    Enabling "Specific attachments > Attachment types > Compressed files" resolves a known issue for "OLE & Zip in Office 2007 format". Any compressed file type will be scanned after it is enabled.
SMEX 12.5
SP1 Hot Fix Build 2006
Issue:

A proxy server certificate error prevents users from enabling Predictive Machine Learning (PML) while SMEX uses a proxy server.

Solution:

This hot fix resolves the issue by enabling users to configure SMEX to ignore the proxy server certificate error by disabling the verify peer option for TrendX. This helps ensure that users can enable PLM while using a proxy server.

Procedure:

To disable the verify peer option for TrendX:

  • Install this hot fix.
  • Open the Registry Editor.
  • Add or locate the following key and set it to "0".

    Path: HKLM\SOFTWARE\TrendMicro\Scanmail for Excahnge\CurrentVersion
    Key: VerifyPeerForTrendX
    Type: REG_DWORD
    Data value:
    "0"= Disables the verify peer option for TrendX
    "1"= Enables verify peer option for TrendX (default)

  • Restart the ScanMail Master Service.
  • Log on to the the SMEX console and enable PML.
SMEX 12.5
SP1 Hot Fix Build 2009
Issue:

When a quarantined email message is resent as original email, its Message-ID should not change to allow SMEX to skip server automatically changes the email's Message-ID if it does not match the sender's domain. As a result, SMEX treats the original email message as a new email and scans it again.

Solution:

This hot fix provides an option to configure SMEX to skip the Message-ID checking for quarantined email messages that are resent as original email message so these messages can skip basic filter scan.

Procedure:

To configure this option:

  • Install this hot fix.
  • Open the Registry Editor.
  • Add or locate the following key and set the preferred value:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: SkipResendMessageIdCheck
    Type: REG_DWORD
    Data value:
    "1" = ScanMail skips Message-ID checking for quarantined email messages that are resent as original email
    "0" = ScanMail checks Message-ID of quarantined email messages that are resent as original email message

  • Restart the ScanMail service.
SMEX 12.5
SP1 Hot Fix Build 2013
Issue:

The Search & Destroy function runs slowly because SMEX retrieves the Exchange Web Services (EWS) Virtual Directory from distant Exchange servers.

Solution:

This hot fix provides an option to configure SMEX to retrieve the EWS Virtual Directory from the Active Directory Domain Services (AD DS).

Procedure:

To configure this option:

  • Install this hot fix.
  • Open the Registry Editor.
  • Add or locate the following key and set the preferred value:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: GetWebServicesVirtualDirectoryThroughAD
    Type: REG_DWORD
    Data value:
    "1" = ScanMail will retrieve the virtual directory properties from the AD DS
    "0" = ScanMail will retrieve virtual directory properties from the Internet Information Services (IIS) metabase.

Hot Fix BuildHidden Key
SMEX 12.0
SP1 Patch 1 - Hot Fix Build 1741
Issue:

The Search & Destroy feature of SMEX12.0 cannot delete messages from the German version of Exchange 2013.

Solution:

This patch provides a way to set the local language for the Search & Destroy feature in SMEX 12.0 to German in Exchange 2013.

Procedure:

To configure this option:

  1. Install this patch.
  2. Open the Registry Editor.
  3. Locate the following key and set the preferred value:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: SDLangID
    Type: REG_DWORD
    Data value: "0x07" = Search & Destroy uses German as the local language

  4. Restart ScanMail.
SMEX 12.0
SP1 Patch 1 - Hot Fix Build 1749
Issue:

After installing SMEX 12.0 SP1 Patch 1, it does not automatically send notification email messages to senders and recipients of an email message if the Virtual Analyzer server returns an error.

Solution:

This hot fix enables users to configure whether ScanMail sends notification email messages to senders and recipients of an email message if the Virtual Analyzer server returns an error.

Procedure:

To configure this option:

  1. Install this hot fix.
  2. Open the Registry Editor.
  3. Locate the following key and set the preferred value:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: DTASExtendedNotify
    Type: REG_DWORD
    Data value:
    "0" = (default)SMEX does not sends notification email messages to senders and recipients if the Virtual Analyzer server returns an error.
    "1" = SMEX send notification email messages to senders or recipients if the Virtual Analyzer server returns an error.

SMEX 12.0
SP1 Patch 1 - Hot Fix Build 1751
Enhancement:

URL Analysis - When an email message contains a URL that triggers a "404 Not Found" error, the Deep Discovery Analyzer URL analysis feature returns an -19 error code (prefetchd: server error or content does not exist). SMEX 12.0 treats this as an unanalyzed risk and takes action on the URL. This patch allows users to configure SMEX to skip URLs if it receives specific error codes from Deep Discovery Analyzer.

Procedure:

To configure this option:

  1. Install this patch.
  2. Open the Registry Editor.
  3. Locate the following key and set the preferred value:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: BypassURLDDANResult
    Type: REG_SZ
    Data value: "-19" = ScanMail skips a URL if Deep Discovery Analyzer returns a -19 error, and the URL will remain unrated.

     
    Users can specify several error codes separated by a semi-colon ";" so that if Deep Discovery Analyzer returns any of these codes, ScanMail will automatically skip the URLs that trigger the error.
SMEX 12.0
SP1 Patch 1- Hot Fix Build 1754
Enhancement:

Spam Detection - This patch allows users to configure the SMEX 12.0 spam detection feature to skip Exchange internal email messages with an "SCL=-1" rating.

Procedure:

To configure this option:

  1. Install this patch.
  2. Open the Registry Editor.
  3. Locate the following key and set the preferred value:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: AntiSpamTrustSCLMinusOne
    Type: REG_DWORD
    Data value:
    "0" = (default) ScanMail spam detection feature scans internal email messages
    "1" = ScanMail spam detection feature skips internal email messages

Critical Patch Build 1755 (R1)Issue:

SMEX 12.0 Patch 1 for Service Pack 1 communicates with the ActiveUpdate (AU) server by HTTP which is unencrypted.

Solution:

This critical patch enables SMEX 12.0 to communicate with the AU server by HTTPS by default.

Procedure:

To configure this feature:

  1. Install this critical patch.
  2. Open the Registry Editor.
  3. Locate the following key and set the appropriate value:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: AUFromHTTPSServer
    Type: REG_DWORD
    Data value:
    "1" = (default) Enables the solution
    "0" = Disables the solution

  4. Restart SMEX.
SMEX 12.0
SP1 Patch 2
Enhancement:

Content Filter and Data Loss Prevention Filter - This patch allows SMEX 12.0 to trust the Content Filter and DLP filter scan results from other SMEX servers.

Procedure:

To configure this feature:

  1. Install this patch.
  2. Open the Registry Editor.
  3. Locate the following key and set the preferred value:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: TrustScanForCFDLP
    Type: REG_DWORD
    Data value:
    "0" = (default) Disable this feature
    "1" = Enable this feature

SMEX 12.0
SP1 Patch 2
Enhancement:

This patch allows SMEX 12.0 to compress an email that contains a virus to a password-protected ZIP file and to forward the file to a specific sender.

Procedure:

To configure this feature:

  1. Install this patch.
  2. Open the Registry Editor.
  3. Locate the following key and set the preferred value:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: EnableZipAndForward
    Type: REG_DWORD
    Data value:
    "0" = (default) ScanMail does not compress or forward email messages that contain a detected virus
    "1" = ScanMail compresses and forwards email messages that contain a detected virus

SMEX 12.0
SP1 Patch 2 Hot Fix Build 4289
Issue:

SMEX 12.0 allows users to download pattern and engine files from a customized AU source without checking the signature file for the downloaded components. This may trigger a vulnerability issue.

Solution:

This patch restricts SMEX 12.0 to download only from the official Trend Micro AU server and to communicate with the server using HTTPS. This ensures that the signature file and certificate of each downloaded component are verified.

Procedure:

To configure this option:

  1. Install this patch.
  2. Open the Registry Editor.
  3. Add or locate the following key:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: AUFromOtherSource
    Type: REG_DWORD
    Data value:
    "1" = Allows users to download pattern and engine files from a customized AU source
    "0" = (default) Restrict SMEX 12.0 to download only from the official Trend Micro AU server

 
If the AU source has been customized, this feature will not take effect and may trigger a vulnerability issue.
SMEX 12.0
SP1 Patch 3 Hot Fix Build 1797
Issue:

This patch resolves the issue wherein the Restart the ScanMail Master Service and System Watcher encounter a memory leak problem when calls Exchange cmdlets frequently in some environments.

Solution:

This patch fixes the memory leak issue by adding the cache mechanism to store Exchange information gotten from Exchange cmdlets to avoid calling Exchange cmdlets frequently. User can configure the timeout of the cache.

Procedure:

To configure this option:

  1. Install this patch.
  2. Open the Registry Editor.
  3. Add or locate the following key and set the preferred value:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: ExchangeInfoCachePeriodInMinute
    Type: REG_DWORD
    Data value: timeout in minute (default time out is 30 minutes)

 
After changing the Exchange Pickup or Replay directory location, restart ScanMail service to refresh the cache. Otherwise, ScanMail cannot work normally. Changing the location of Pickup or Replay directories does not copy any existing message files from the old location to the new location. Therefore, manually move any existing message files that are left in the old location to the new location to resend the legacy messages.
Hot Fix BuildHidden Key
ISME 12.0
SP 1 Hot Fix Build 1504
Enhancement:

This hot fix provides a way to configure InterScan (for Microsoft Exchange) 12.0 Service Pack 1 to download signature files through the pre-OPR AU server.

Procedure:

To configure this feature:

  1. Install this hot fix.
  2. Open the Registry Editor.
  3. Locate the following key and set the preferred value:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: AUDownloadSigs
    Type: REG_DWORD
    Data value:
    1 = Enables the feature
    0 = (default) Disables the feature

ISME 12.0
SP 1 Hot Fix Build 1506
Enhancement:

InterScan (for Microsoft Exchange) 12.0 Service Pack 1 (manual or scheduled scans) may not be able to scan certain email messages if it fails to call the EWS API successfully on the first attempt. Hot Fix Build 1506 enables InterScan to retry calling the EWS APIs when the first call initially fails. This hot fix enables users to set a hidden key and configure the retry time. Thus, when the EWS API initially fails on the first call, InterScan retries the call based on the configured time.

Procedure:

To configure this option:

  1. Install this patch.
  2. Open the Registry Editor.
  3. Add or locate the following key and set the preferred value:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: EWSRetryTime
    Type: REG_DWORD
    Data value: 0 ~ 10

     
    Set the ten (10) value as the upper limit. If you set a number bigger than 10, InterScan treats it as retry for one (1) time. 0 means no retry when EWS API initially fails. InterScan sets the default value as one (1) if you do not create this hidden key.
ISME 12.0
SP 1 Critical Patch Build 1500
Solution:

This critical patch enables SMEX 11.0 Patch 1 for Service Pack 1 to communicate with the AU server by HTTPS by default.

Procedure:

To configure this feature:

  1. Install this hot fix.
  2. Open the Registry Editor.
  3. Locate the following key and set the preferred value:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: AUFromHTTPSServer
    Type: REG_DWORD
    Data value:
    1 = Enables the solution
    0 = (default) Disables the solution

  4. Restart ScanMail.
Hot Fix BuildHidden Key
SMEX 11.0
Patch 1 (same as SMEX 10.2 Hot Fix Build 3271)
Enhancement:

Scans on Exchange System Email Notifications - This patch allows users to configure SMEX 11.0 to scan Exchange system email notifications.

Procedure:

To configure this feature:

  1. Install this hot fix.
  2. Open the Registry Editor.
  3. Locate the following key and set the preferred value:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: SkipScanSystemEmail
    Type: REG_DWORD
    Data value:
    "0" = SMEX 11.0 scan Exchange system email notifications
    "1" = SMEX 11.0 does not scan Exchange system email notificaitons

  4. Restart the "Microsoft Exchange Transport" services.
SMEX 11.0
Patch 1 (same as SMEX 10.2 SP2 Hot Fix Build 3258)
Enhancement:

Spam Prevention Content Scanning Filter and Web Reputation Filter - This patch enables SMEX Spam Prevention Content Scanning filter and Web Reputation filter to take the "Pass entire message" action when users enable the "tag and deliver" action on the user interface.

Procedure:

To configure this feature:

  1. Install this patch.
  2. Open the Registry Editor.
  3. Locate the following key and set the appropriate value:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: SpamWTPPassAction
    Type: REG_DWORD
    Data value:
    "0" = The SMEX Spam Prevention Content Scanning filter and Web Reputation filter take the "tag and deliver" action when users choose the "tag and deliver" action on the user interface
    "1" = The SMEX Spam Prevention Content Scanning filter and Web Reputation filter take the "Pass entire message" action when users choose the "tag and deliver" action on the user interface

  4. Restart the "Microsoft Exchange Transport" services.
 
The new setting will take effect only after the service restarts.
SMEX 11.0
Patch 1 Hot Fix Build 1252
Enhencement:

This hot fix enables the SMEX Spam Prevention Content Scanning filter to take the "Quarantine message to user's spam folder" action for Phishing messages when users enable the option on the SMEX web console.

Enhancement:

This hot fix enables users to specify the tag which will be added to the subject of messages that are detected as "Spam" or "Phishing" and have been quarantined through the "Quarantine message to user's spam folder" action. This feature is automatically enabled after applying this hot fix.

Procedure:

To change the tag:

  1. Install this hot fix.
  2. Open the Registry Editor.
  3. Locate the following keys and set your preferred value for each:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: SpamTagOnSubject
    Type: REG_SZ
    Data value: Tag for Spam message. The default value is "Spam:".

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: PhishingTagOnSubject
    Type: REG_SZ
    Data value: Tag for Phishing message. The default value is "Phishing:".

    To disable this feature, set the value of the keys above to empty or delete the keys.

SMEX 11.0
Patch 1 Hot Fix Build 1266
Enhancement:

This hot fix addresses a latency issue with Exchange Intermittent RPC after the SMEX scan results queue is full.

 
This hot fix provides a hidden key for configuring the scan results queue size.
The default scan result queue size is: 51200.
To change the scan results queue size:
  1. Install this hot fix.
  2. Open the Registry Editor.
  3. Locate the following key and set your preferred value for each:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: ScanResultQueueSize
    Type: REG_DWORD
    Data value:(1000 ~ 65535)

SMEX 11.0
Patch 1 Hot Fix Build 1274
Enhancement:

This hot fix allows users to enable the Trend Micro Data Loss Prevention™ filter policy in SMEX 11.0 to treat the header, subject, body, and attachment of each email message as one target during transport level scanning.

 
When this option is enabled:
  • the Data Loss Prevention filter policy supports only the actions for entire messages.
  • the Data Loss Prevention filter policy will not trigger rules for attachment names.
Procedure:

To enable the Data Loss Prevention filter policy to treat the header, subject, body, and attachment of each email message as one target during transport level scanning:

  1. Install this hot fix.
  2. Open the Registry Editor.
  3. Locate the following key and set its value to "1":

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: DlpForEntireEmail
    Type: REG_DWORD
    Data value:
    "1" = Enables the option
    "0" = (default) Disables the option

  4. Restart the ScanMail Master Service.
Smex 11.0
Patch 2 (same as SMEX 10.2 SP2 Hot Fix Build 3277)
Enhancement:

Customized Tags for Quarantined Email Messages - SMEX 11.0 adds the hard-coded "Suspicious URL:" tag to the subject of messages that contain suspicious URLs and that were quarantined through the "Quarantine message to user's spam folder" action. This patch allows users to customize the tag for these messages.

Procedure:

To customize the tag for messages that contain suspicious URLs and that have been quarantined to a user's spam folder:

  1. Install this patch.
  2. Open the Registry Editor.
  3. Locate the following key and set its value to the preferred tag:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: SuspiciousURLTagOnSubject
    Type: REG_SZ
    Data value: Tag for messages that contain suspicious URLs and that were quarantined to a user's spam folder. The default tag is "Suspicious URL:".

  4. Restart the ScanMail Master Service.
SMEX 11.0
Patch 2 Hot Fix Build 1285
Enhancement:

In some Microsoft Exchange 2007/2010 servers, when the ScanMail manual or scheduled scan is enabled, the input-output (I/O) performance slows down and may prevent some end users from connecting to the Exchange Server.
This hot fix allows users to specify a sleep interval after each message is scanned to adjust the speed of manual and scheduled scans. This feature increases the total scanning time.

Procedure:

To specify the sleep interval:

  1. Install this patch.
  2. Open the Registry Editor.
  3. Locate or add the following key and set the preferred time interval in milliseconds:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: SleepIntervalForEachMessage
    Type: REG_DWORD
    Data value: sleep interval in milliseconds

  4. Restart the ScanMail Master Service.
SMEX 11.0
SP1 Hot Fix Build 4194
Enhancement:

Virus Scans - This Patch enables users to set whether SMEX 11.0 should back up infected encrypted and password- protected files during virus scans when the action for these types of files is set to "Pass" and the "backup infected file" option is enabled for virus scans.

Procedure:

To configure this option:

  1. Install this patch.
  2. Open the Registry Editor.
  3. Add or locate the following key and set the preferred value:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: SkipBackupEncryptPwd
    Type: REG_DWORD
    Data value:
    "1" = SMEX does not back up infected encrypted and password-protected files when the action for these types of files is set to "Pass" and the "backup infected file" option is enabled for virus scans.
    "0" = SMEX backs up infected encrypted and password- protected files when the action for these types of files is set to "Pass" and the "backup infected file" option is enabled for virus scans.

SMEX 11.0
SP1 Hot Fix Build 4195
Issue:

When the action for spam email messages is set to "Tag and Deliver" and the subject of a spam email message contains multibyte characters, the email subject may become corrupted after SMEX edits it because it uses the wrong character set to encode and decode the email subject.

Solution:

This hot fix enables users to specify the character set for encoding and decoding the subject of spam email messages which can help ensure that the email subject does not get corrupted after editing.

Procedure:

To specify the character set for encoding and decoding the subject of spam email messages:

  1. Install this hot fix.
  2. Open the Registry Editor.
  3. Add or locate the following key and set its value to the correct character set:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: SubjectDefaultCharset
    Type: REG_SZ
    Data value: specific character set, for example, "utf-8"

  4. Restart the ScanMail Master Service.
SMEX 11.0
SP1 Hot Fix Build 4198
Enhancement:

Administrator Privileges - This patch adds an option to prevent local and domain administrators from logging on to the SMEX 11.0 web console.

Solution:

To configure this option:

Procedure:
  1. Specify users or groups that can be used to log on to and manage the SMEX 11.0 web console into the "Access Control > Administrator" page.
  2. Install this patch.
  3. Open the Registry Editor.
  4. Add or locate the following key and set the preferred value:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: DisableLocalAdminHasFullPermission
    Type: REG_DWORD
    Data value:
    "0" = SMEX allows local and domain administrators to log on to the web console
    "1" = SMEX does not allow local and domain administrators to log on to the web console

  5. Restart the ScanMail Master Service.
SMEX 11.0
SP1 Hot Fix Build 4221
Enhancement:

Pattern and Engine Updates - This patch enables SMEX 11.0 to update pattern and engine files through the HTTPS server when it is set to use "Trend Micro ActiveUpdate Server" as download source.

Procedure:

To configure this option:

  1. Install this patch.
  2. Open the Registry Editor.
  3. Add or locate the following key and set the preferred value:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: AUFromHTTPSServer
    Type: REG_DWORD
    Data value:
    "1" = SMEX uses the HTTPS server when the download source is set to "Trend Micro ActiveUpdate Server".
    "0" = SMEX uses the HTTP server when the download source is set to "Trend Micro ActiveUpdate Server".

SMEX 11.0
SP1 Hot Fix Build 4227
Enhancement:

ATSE Rules - This patch enables users to enable the "HEUR_HAS_MACRO" ATSE rule which is used to detect if an email file attachment contains macros. Users will also be able to set the "Pass" action for these email messages if these email messages are not analyzed or cannot be analyzed successfully by the Deep Discovery Advisor server. This helps reduce the number of false positive detections by the ATSE.

Procedure:

To configure this option:

  1. Install this patch.
  2. Open the Registry Editor.
  3. Add or locate the following key and set the preferred value for each:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: EnableMacroRule
    Type: REG_DWORD
    Data value:
    "1" = Enables the HEUR_HAS_MACRO ATSE rule
    "0" = Disables the HEUR_HAS_MACRO ATSE rule

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: PassMacroRule
    Type: REG_DWORD
    Data value:
    "1" = SMEX takes the "Pass" action on an email message that triggers the HEUR_HAS_MACRO rule that is not analyzed or cannot be analyzed by the Deep Discovery Advisor server "0" = SMEX takes the specified Advanced Threat action on an email message that triggers the HEUR_HAS_MACRO rule that is not analyzed or cannot be analyzed by the Deep Discovery Advisor server

SMEX11.0
SP1 Hot Fix Build 4229
Enhancement:

DLP Filter Templates - This patch adds several new templates definitions for the Trend Micro Data Loss Prevention™ (DLP) filter and allows users to configure the DLP filter in SMEX 11.0 to merge cells in Microsoft Excel™ spreadsheets during content-matching.

Procedure:

To enable the DLP filter in SMEX 11.0 to merge cells in Excel spreadsheets during content-matching:

  1. Install this patch.
  2. Open the Registry Editor.
  3. Add the following hidden key and set its value to "0".

    Path: HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: DLPDoNotMergeCells
    Type: REG_DWORD
    Data value: 0

SMEX11.0
SP1 Hot Fix Build 4230
Issue:

When SMEX sends email attachments to the Trend Micro Deep Discovery Advisor server for further analysis, the information on some fields, for example in the mail subject or mail recipients fields, are not decoded and encoded in UTF-8 correctly. When this happens, Deep Discovery Advisor cannot analyze the sample.

Solution:

This hot fix enables SMEX to use the character set specified in the mail to decode the related fields and then encode the information in UTF-8 before sending samples to the Deep Discovery Advisor server. This hot fix also enables users to specify the character set for decoding the mail subject.

Procedure:

To specify the character set for decoding the subject of email messages:

  1. Install this hot fix.
  2. Open the Registry Editor.
  3. Add or locate the following key and set its value to the preferred character set:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: SubjectDefaultCharset
    Type: REG_SZ
    Data value: specific character set, for example, "utf-8", "iso-8859-1"

  4. Restart SMEX.
SMEX 11.0
SP1 Hot Fix Build 4235
Issue:

When administrators disable SSL version 3.0 (SSLv3) in the Internet Information Services (IIS), SMEX is not able to query remote server logs or quarantined records.

Solution:

This hot fix enables SMEX to query remote server logs or quarantined records using he Transport Layer Security (TLS) protocol.

Procedure:

To enable TLS support:

  1. Install this hot fix.
  2. Open the Registry Editor.
  3. Add the following hidden key and set its value to "1".

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: EnableTLSQuery
    Type: REG_DWORD
    Data value: 1

  4. Restart SMEX.
SMEX 11.0
SP1 Patch 1
Enhancement:

Quarantine Malformed Messages Feature - This patch enables users to disable the quarantine malformed messages feature.

Procedure:

To configure this option:

  1. Install this patch.
  2. Open the Registry Editor.
  3. Add the following hidden key and set the preferred value.

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: PassMalformedMail
    Type: REG_DWORD
    Data value:
    "1" = SMEX does not scan malformed email messages
    "0" = SMEX quarantines malformed email messages

SMEX 11.0
SP1 Patch 1 Hot Fix Build 4259
Issue:

When the "Send messages to Deep Discovery Advisor for analysis" option is enabled in SMEX, the email messages may go into a loop and are not sent to the recipients.

Solution:

This patch helps ensure that email messages do not go through Deep Discovery Advisor repeatedly to prevent the looping issue. This feature is disabled in this patch by default.

Procedure:

To configure this feature:

  1. Install this patch.
  2. Open the Registry Editor.
  3. Locate the following key and set the appropriate value:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: DTASLoopCheck
    Type: REG_DWORD
    Data value:
    "0" = (default) Disables the solution
    "1" = Enables the solution

  4. Restart SMEX.
SMEX 11.0
SP1 Patch 1 Hot Fix Build 4269
Issue:

When a message body contains text/HTML, the DLP filter in SMEX 11.0 treats the HTML tag as a social security number (SSN).

Solution:

This patch provides an option to configure the DLP filter to extract plain text from email with HTML format and then scan the plain text instead. This option is disabled by default.

Procedure:

To configure this feature:

  1. Install this patch.
  2. Open the Registry Editor.
  3. Locate the following key and set the appropriate value:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: DLPTreatBodyAsPlainText
    Type: REG_DWORD
    Data value:
    "0" = (default) Disables the option
    "1" = Enables the option

SMEX 11.0
SP 1 Patch 1 Hot Fix Build 4278
Enhancement:

This hot fix enables ScanMail to temporarily save spam logs in the ScanMail database when uploading spam logs to the Trend Micro Control Manager server. Users can configure the frequency by which ScanMail will delete the spam logs from the database which is set to every 12 hours by default.

 
This hot fix contains all files for Hot Fix Build 4273 because of file dependency, as a result, it contains all enhancements from that hot fix. Refer to the corresponding readme file for more information. You need to clear the browser cache and relaunch the browser after installing this hot fix to ensure that the changes appear web console.
Procedure:
  1. Install this hot fix.
  2. Open the Registry Editor.
  3. Locate the following key and set the preferred value:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: SpamMaintenanceInterval
    Type: REG_DWORD
    Data value: The frequency in hours that SMEX cleans spam logs from the database, supports any value from 1 to 24, the default value is "12".

  4. Restart the ScanMail Master Service.
SMEX 11.0
SP1 Patch 2 Hot Fix Build 4315
Enhancement:

This hot fix enables users to configure the SMEX 11.0 Service Pack 1 patch 2 spam detection feature to skip Exchange internal email messages with an "SCL=-1" rating.

Procedure:

To configure this option:

  1. Install this hot fix.
  2. Open the Registry Editor.
  3. Add or locate the following key and set its value to "1":

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: AntiSpamTrustSCLMinusOne
    Type: REG_DWORD
    Data value: "1" = (default) ScanMail spam detection feature skips internal email messages

SMEX 11.0
Patch 2 (Same as SMEX 10.0 Hot Fix Build 4242)
Issue:

SMEX 11.0 manual scans do not scan deleted items by default and requires users to configure a hidden key to scan deleted items.

Solution:

This patch enables users to configure SMEX 11.0 to scan deleted files during manual scans by default.

Procedure:

To configure SMEX 11.0 to scan deleted files during manual scans by default:

  1. Install this patch.
  2. Open the Registry Editor.
  3. Locate the following key and set its value to "0":

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: SkipScanDeletedRecoverableFolder
    Type: REG_DWORD
    Data value:
    "0" = The SMEX manual scans scan deleted items
    "1" = The SMEX manual scans do not scan deleted items

SMEX 11.0
SP1 Patch 2
Enhancement:

Attachment-Blocking - Files with .ODS extensions are treated as compressed files. This patch enables users to configure the SMEX 11.0 attachment blocking feature not to scan files inside open documents.

Procedure:

To configure this feature:

  1. Install this patch.
  2. Open the Registry Editor.
  3. Locate the following key and set the appropriate value:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: SkipBlockingFilesInsideOpenDoc
    Type: REG_DWORD
    Data value:
    "0" = Attachment blocking scans files inside open documents
    "1" = (default) Attachment blocking does not scan files inside open documents

SMEX 11.0
SP1 Patch 2
Enhancement:

Attachment-Blocking - This patch enables users to configure the SMEX 11.0 attachment blocking feature not to block secured messages such as encrypted email messages and Opaque-signed email messages.

Procedure:

To configure this feature:

  1. Install this patch.
  2. Open the Registry Editor.
  3. Locate the following key and set the appropriate value:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: SkipActionForABSecuredMessage
    Type: REG_DWORD
    Data value:
    "0" = Attachment blocking scans secured messages
    "1" = (default) Attachment blocking does not scan secured messages

SMEX 11.0
SP1 Patch 2
Enhancement:

Journal Reports - This patch enables SMEX 11.0 not to scan Journal reports by default to enhance performance.

Procedure:

To configure this feature:

  1. Install this patch.
  2. Open the Registry Editor.
  3. Locate the following key and set the appropriate value:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: IsSkipJournalReportScanning
    Type: REG_DWORD
    Data value:
    "0" = Scan journal report
    "1" = (default)Skip to scan journal report

SMEX 11.0
SP1 Patch 2
Enhancement:

Content Filter - This patch provides an option to configure the content filter to extract plain text from email with HTML format and then scan the plain text instead. This option is disabled by default.

Procedure:

To configure this feature:

  1. Install this patch.
  2. Open the Registry Editor.
  3. Locate the following key and set the appropriate value:

    Path: Content Filter - This patch provides an option to configure the content filter to extract plain text from email with HTML format and then scan the plain text instead. This option is disabled by default.
    Key: CFTreatBodyAsPlainText
    Type: REG_DWORD
    Data value:
    "0" = (default) Disables the option
    "1" = Enables the option

  4. Restart SMEX.
Hot Fix BuildHidden Key
Hot Fix Build 1178Issue:

Some users request for a way to set InterScan (for Microsoft Exchange) to run Scheduled Updates at 10-minute intervals instead of 15-minute intervals.

Solution:

Hot Fix Build 1169 enables users to configure InterScan (for Microsoft Exchange) to run Scheduled Updates at 10-minute or 15-minute intervals.

Procedure:

To configure this feature:

  1. Install this hot fix.
  2. Open the Registry Editor.
  3. Add the following key and set the appropriate value:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange \CurrentVersion
    Key: EnableAUTenMinutesInterval
    Type: REG_DWORD
    Data value:
    "0" = (default) InterScan runs Scheduled Updates at 15-minute intervals
    "1" = InterScan runs Scheduled Updates at 10-minute intervals

Hot Fix BuildHidden Key
Hot Fix Build 1177Issue:

The firewall policy blocks HTTP requests for online updates of the Product Registration module because the default content of the "User-Agent string" in these HTTP requests includes "Windows 98".

Solution:

Hot Fix Build 1177 enables users to customize the "User-Agent string" value used by the Product Registration module.

Procedure:

To configure this option:

  1. Install this hot fix.
  2. Open the Registry Editor.
  3. Add the following key and set the appropriate value:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: UserAgentStringOfPR
    Type: REG_SZ(String)
    Data value:"Mozilla/4.0 (compatible: MSIE 5.0; Windows 98)" (default value)
    "Mozilla/10.0 (compatible: MSIE 9.0; Windows 7)" (sample value)

  4. Restart the ScanMail Master Service.
Hot Fix Build 2202Issue:

A user requests for a way to perform an attachment blocking scan on quarantined spam email messages.

Solution:

This hot fix adds an option to configure SMEX to run attachment blocking scans on quarantined spam email messages.

Procedure:

To configure this option:

  1. Install this hot fix.
  2. Open the Registry Editor.
  3. Add the following key and set the appropriate value:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: EnableSpamMailAttachmentBlocking
    Type: REG_DWORD
    Data value:
    "0" = (default) SMEX skips attachment blocking scans on quarantined spam email messages
    "1" = SMEX performs attachment blocking scans on quarantined spam email messages

  4. Restart the ScanMail Master Service.
SMEX 10.2
SP1 Hot Fix Build 2204
Issue:

After upgrading the Virus Scan Engine (VASPI) to version 9.7, ScanMail performs the action specified for "Encrypted and password-protected files" on the ScanMail web console on password-protected Microsoft Office™ files and password- protected zip files. A user requests for a way to enable ScanMail to skip password-protected Office files.

Solution:

This hot fix adds an option to configure ScanMail to skip all password-protected Office files and perform the action specified for "Encrypted and password-protected files" on the ScanMail web console on password-protected zip files only. This option is enabled by default.

Procedure:

To configure this option:

  1. Install this hot fix.
  2. Open the Registry Editor.
  3. Locate the following key and set the appropriate value:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: BypassPasswordProtectedOfficeFiles
    Type: REG_DWORD
    Data value:
    "0" = SMEX takes the same action for password-protected Office files and zip files
    "1" = (default) SMEX skips all password-protected Office files and takes action on password-protected zip files only.

  4. Restart the ScanMail Master Service.
SMEX 10.2
SP1 Hot Fix Build 2205
Issue:

An issue prevents SMEX from sending released quarantined email messages to external recipients and the Exchange server receives a "550 5.6.2 SMTPSEND.BareLinefeedsAreIllegal" error message instead.

Solution:

This hot fix adds an option to make SMEX use the Exchange Web Services (EWS) API instead of the Microsoft Collaborative Data Objects (CDO) API. Enabling SMEX to use the EWS API ensures that it can send released quarantined email messages to external recipients.

Procedure:

To configure this option:

  1. Install this hot fix.
  2. Open the Registry Editor.
  3. Add the following key and set the appropriate value:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: ResendSwitchCdoToEws
    Type: REG_SZ(DWORD)
    Data value:
    "0" = SMEX uses the CDO API
    "1" = SMEX uses the EWS API

  4. Restart the ScanMail Master Service.
SMEX 10.2
SP1 Hot Fix Build 3191
Issue:

SMEX cannot apply the Security Risk scan filter action for encrypted and password-protected files on S/MIME-encrypted messages because it does not treat these messages as encrypted messages.

Solution:

This hot fix enables SMEX to treat S/MIME-encrypted messages as encrypted messages to ensure that ScanMail can successfully perform actions for encrypted and password-protected files on S/MIME-encrypted messages. This feature is automatically disabled after applying this patch.

Procedure:

To configure this option:

    1. Install this hot fix.
    2. Open the Registry Editor.
    3. Locate the following key and set the appropriate value:

      Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange \CurrentVersion
      Key: SkipActionForSMIME
      Type: REG_DWORD
      Data value:
      "1" = (default) SMEX does not take the action set for encrypted and password-protected files on S/MIME-encrypted messages
      "0" = SMEX takes the action set for encrypted and password-protected files on S/MIME-encrypted messages.

    4. Restart the ScanMail Master Service.
 
This feature is available only on Exchange transport level, and is not available on store level.
This feature only works with "quarantine entire msg", "delete entire msg", and "pass" action. When users select the "replace msg part" and "quarantine msg part" action, ScanMail automatically takes the "quarantine entire msg" action.
SMEX 10.2
SP1 Hot Fix Build 3243
Enhancement:

This hot fix adds a way to enable SMEX to replicate the configuration of the End User Quarantine tool exception list when it replicates server configurations through the Server Management tool or from Trend Micro Control Manager™. This feature is disabled by default.

Procedure:

To enable/disable the feature:

  • Install this patch.
  • Open the Registry Editor.
  • Locate the following key and set the appropriate value:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: ReplicateSpamMaintenance
    Type: REG_DWORD
    Data value:
    "1" = SMEX duplicates the configuration of End User Quarantine tool exception list during server configuration replication.
    "0" = (default)SMEX does not duplicate the configuration of the End User Quarantine tool exception list during server configuration replication.

SMEX 10.2
SP1 Hot Fix Build 3258
Enhancement:

SMEX Spam Prevention Content Scanning filter and Web Reputation filter - These filters can now be configured to take the "Pass entire message" action when users enable the "tag and deliver" action on the user interface. This feature is disabled by default.

Procedure:

To enable/disable the feature:

  • Install this patch.
  • Open the Registry Editor.
  • Locate the following key and set the appropriate value:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: SpamWTPPassAction
    Type: SpamWTPPassAction
    Data value:
    "0" = (default)The SMEX Spam Prevention Content Scanning filter and Web Reputation filter take the "tag and deliver" action when users choose the "tag and deliver" action on the user interface
    "1" = The SMEX Spam Prevention Content Scanning filter and Web Reputation filter take the "Pass entire message" action when users choose the "tag and deliver" action on the user interface

SMEX 10.2
SP1 Hot Fix Build 3271
Enhancement:

Exchange System Email Notification Scans - This patch allows users to configure SMEX 10.2 to scan Exchange system email notifications.

Procedure:

To enable/disable the feature:

  • Install this patch.
  • Open the Registry Editor.
  • Locate the following key and set the appropriate value:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: SkipScanSystemEmail
    Type: REG_DWORD
    Data value:
    "0" = SMEX 10.2 scans Exchange system email notifications
    "1" = (default) SMEX 10.2 does not scan Exchange system email notifications

  • Restart the Microsoft Exchange Transport services.
SMEX 10.2
SP1 Hot Fix Build 3275
Enhancement:

Customized Tags for Quarantined Email Messages - This patch enables users to specify the tag that SMEX 10.2 adds to the subject of messages that are detected as "Spam" or "Phishing" and are quarantined through the "Quarantine message to user's spam folder" action.

Procedure:

To customize the tag for quarantined "Spam" or "Phishing" email messages:

    • Install this patch.
    • Open the Registry Editor.
    • Locate the following keys and set your preferred value for each:

      Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
      Key: SpamTagOnSubject
      Type: REG_SZ
      Data value: Tag for Spam message. The default value is "Spam:".

      Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
      Key: PhishingTagOnSubject
      Type: REG_SZ
      Data value:Tag for Phishing message. The default value is "Phishing:".

 
To disable this feature, set the value of the keys above to empty or delete the keys.
SMEX 10.2
SP1 Hot Fix Build 3277
Enhancement:

Customized Tags for Quarantined Email Messages - SMEX 10.2 adds the hard-coded "Suspicious URL:" tag to the subject of messages that contain suspicious URLs and that were quarantined through the "Quarantine message to user's spam folder" action. This patch allows users to customize the tag for these messages.

Procedure:

To customize the tag for messages that contain suspicious URLs and that have been quarantined to a user's spam folder:

  • Install this patch.
  • Open the Registry Editor.
  • Locate the following key and set its value to the preferred tag:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: SuspiciousURLTagOnSubject
    Type: REG_SZ
    Data value: Tag for messages that contain suspicious URLs and that were quarantined to a user's spam folder. The default tag is "Suspicious URL:".

  • Restart the ScanMail Master Service.
SMEX 10.2
SP1 Hot Fix Build 3299
Enhancement:

Trend Micro Data Loss Prevention™ Filter Policy - This patch allows users to enable the Data Loss Prevention filter policy in SMEX 10.2 to treat the header, subject, body, and attachment of each email message as one target during transport level scanning.

 
When this option is enabled:
  • the Data Loss Prevention filter policy supports only the actions for entire messages.
  • the Data Loss Prevention filter policy will not trigger rules for attachment names.
  • the Data Loss Prevention filter policy does not support manual scans and schedule scans because SMEX cannot retrieve messages completely from the Exchange Server in store level.
Procedure:

To enable the Data Loss Prevention filter policy to treat the header, subject, body, and attachment of each email message as one target during transport level scanning:

  • Install this patch.
  • Open the Registry Editor.
  • Locate the following key and set its value to "1".

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: DlpForEntireEmail
    Type: REG_DWORD
    Data value:
    "1" = Enables the option
    "0" = (default) Disables the option

  • Restart the ScanMail Master Service.
SMEX 10.2
SP2 Patch 2
Enhancement:

Scan Results - This patch addresses a latency issue with the Exchange Intermittent RPC when the SMEX scan results queue is full.
This patch also allows users to configure the scan results queue size. The default scan result queue size is 51200 items.

Procedure:

To change the scan results queue size:

  • Install this hot fix.
  • Open the Registry Editor (regedit.exe).
  • Locate the following key and set your preferred value:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: ScanResultQueueSize
    Type: REG_DWORD
    Data value:(1000 ~ 65535)

SMEX 10.2
SP2 Patch 2 (Same as SMEX 10.0 Hot Fix Build 4242)
Issue:

SMEX 10.2 manual scans do not scan deleted items by default and requires users to configure a hidden key to scan deleted items.

Solution:

This patch enables SMEX 10.2 manual scans to scan deleted files by default.

Procedure:

To configure SMEX to run manual scans on deleted items:

  • Open the Registry Editor.
  • Locate the following key and set the appropriate value:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: SkipScanDeletedRecoverableFolder
    Type: REG_DWORD
    Data value:
    "0" = (default) The SMEX manual scans scan deleted items
    "1" = The SMEX manual scans do not scan deleted items

Hot Fix BuildHidden Key
Hot Fix Build 1467Issue:

When SMEX 8.0 is running in a cluster environment, it will frequently update/access the cluster registry and decrease the performance of the cluster.
The following logs will frequently appear in the "cluster.log" file: 00001164.00001cc8::2007/11/01-21:48:03.105 INFO [DM] DmUpdateSetValue 00001164.00001cc8::2007/11/01-21:48:03.105 INFO [DM] Setting value of PR_Profile for Software\TrendMicro\ScanMail for Exchange\CurrentVersion key.

Solution:

This hot fix enlarges the Product Registration registry key polling interval from one minute to one day. This means that if you update the license from one node, it will be reflected on other nodes for, at most, 1 day.
If a user thinks the interval is too long, he/she can also create a registry key and specify the polling interval he/she wants.

Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
Type: REG_DWORD
Name: PRPollingInterval
Value:In minutes

Hot Fix Build 1469Issue:

When InterScan for Microsoft Exchange 10.0 scans messages in a Microsoft Windows™ cluster environment, it accesses the cluster registry for querying Product Registration information frequently. may cause the cluster to switch to another server and trigger the following logs in the "cluster.log" file:

00000abc.000013c4::2010/07/26-06:01:46.992 INFO [DM]
DmWriteToQuorumLog Entry Seq#=3359 Type=0 Size=168
00000abc.000013c4::2010/07/26-06:01:46.992 INFO [DM]
DmpUpdateCreateKey: Creating key <Software\TrendMicro\
ScanMail for Exchange\CurrentVersion>...

Solution:

Hot Fix Build 1469 enables users to configure the InterScan product registration polling interval to delay the posting of product registration updates in the Trend Micro Control Manager™ server. This decreases the frequency of access to the cluster registry and can resolve the issue.

Procedure:

To configure the Product License polling interval, create the following registry key and set its value to your preferred polling interval in minutes:

Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange \CurrentVersion
Type: REG_DWORD
Name: PRPollingIntervalByCM
Value:In minutes

 
If this key does not exist, the default setting is zero minute.
Apply this hot fix only on Windows cluster servers (x86/x64).
Hot Fix Build 4240Issue:

InterScan always adds the Japanese prefix "[メールサーバ通知]" (translates to "[MailServer Notification]" in English) to the subject of notification email messages. A user requests for a way to prevent InterScan from adding these Japanese double-byte characters to the subject of notification email messages because these characters appear garbled in non-Japanese operating systems.

Solution:

Hot Fix Build 4240 allows user to specify the subject prefix for notification email messages

Procedure:
  • Install this hot fix.
  • Open the Registry Editor.
  • Add the following registry key and set the preferred value:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange \CurrentVersion
    Key: NotificationSubjectPrefix
    Type: REG_SZ
    Data value: Notification subject prefix. Trend Micro recommends setting this to "[MailServer Notification]".

  • Restart the following services:
    • InterScan (for Microsoft Exchange) Master Service
    • InterScan (for Microsoft Exchange) System Watcher Service
Hot Fix BuildHidden Key
Hot Fix Build 1450Issue:

A customer requests for a way to replace suspicious URLs with a dead link in Web Reputation Service (WRS) notifications.

Solution:

Hot Fix Build 1450 enables users to specify a prefix for ScanMail to add at the beginning of suspicious URLs in WRS notifications. This converts the URLs to dead links. For example, if a user specifies "SuspiciousURL" as a prefix, and WRS detects a malicious URL: "http:// www.malicious.com"
WRS notification email messages display: "SuspiciousURLhttp:// www.malicious.com". which is an invalid link. This prevents users from opening such URLs.

Procedure:

To specify a prefix for ScanMail to add at the beginning of suspicious URLs in WRS notifications, set the following registry key:

Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
Key: SuspiciousURLPrefix
Type: REG_SZ
Data value: (customized value), must not include TAB and space characters

Hot Fix Build 1462Issue:

Sometimes, SMEX may not be able to update the pattern file when the ActiveUpdate option, "Allow other servers to download updates from this server", is enabled.

Solution:

Hot Fix Build 1462 enables SMEX to update the pattern file successfully even when the ActiveUpdate option, "Allow other servers to download updates from this server", is enabled.

Procedure:

To enable SMEX to update the pattern file successfully even when the ActiveUpdate option, "Allow other servers to download updates from this server", is enabled, add the following registry key:

Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
Key: AuSmartDuplicateIsolate
Type: REG_DWORD
Data value: 1

 
You can only apply this hot fix on computers running on a Microsoft Windows™ 32-bit system.
Hot Fix Build 1463Issue:

Users can configure SMEX to send an email notification each time ScanMail performs an action against a security risk or malicious content. When a message contains multiple security risks or malicious contents and ScanMail performs multiple actions on this message, it sends multiple email notifications for the message.

Solution:

Hot Fix Build 1463 enables SMEX to consolidate all notifications for each message generated over a period of time and send these in one email notification message.

Procedure:

To enable SMEX to consolidate all notifications for each message generated over a period of time and send these in one email notification message, add the following registry keys:

Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
Key: ConsolidateDuplicateNotification
Type: REG_DWORD
Data value: 1

Hot Fix Build 1470Issue:

On computers where an Exchange Server 2010 is installed in a Mailbox server role (without Hub Transport server role), delivered report email messages may not be able to show graphs. This occurs when SMEX cannot retrieve the correct Internal URL property of the Exchange Web Services (EWS) virtual directory.

Solution:

Hot Fix Build 1470 enables users to specify the Internal URL property of the EWS virtual directory. This allows delivered report email messages to show graphs without issues.

Procedure:

To configure this option:

  • Open an Exchange Management Shell and run the following command:
    Get-WebServicesVirtualDirectory | select InternalUrl
  • Choose a valid result that the Mailbox server can use.
  • Add the following registry key and specify a value for the EWS virtual directory Internal URL property:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: EWSInternalUrl
    Type: REG_SZ
    Data value: Internal URL value, for example, "https://cas.exchange2010.com/EWS/Exchange.asmx"

  • Restart the ScanMail Master Service.
Hot Fix Build 1481Issue:

In a Microsoft Exchange™ Server 2003 cluster environment, the SMEX cluster resource sometimes goes offline because it fails to query the "SMEX_Master" process starting time on active node.

Solution:

Hot Fix Build 1481 enables ScanMail cluster resource to remain online by skipping the query of the "SMEX_Master" process starting time on active node.

This hot fix automatically adds the following registry key:

Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
Key: DisableQueryProcessLaunchTime
Type: REG_DWORD
Data value: 1

Hot Fix Build 4157

SMEX tags voice mail and missed call notifications from Microsoft Exchange Unified Messaging as spam.
After applying Patch 1, users can set whether the ScanMail anti-spam filter should scan voice mail or missed call notifications from Microsoft Exchange Unified Messaging.
When enabled, this feature allows ScanMail to check whether an email message is a voice mail or missed call notification from Microsoft Exchange Unified Messaging. It then checks whether the email message comes from an approved domain. If the email message satisfies both conditions, the anti-spam filter skips the scanning of the email message and ScanMail does not tag the email message as spam. This feature is disabled by default.

Procedure:

To enable this feature:

  • Create the following registry key.

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: AntiSpamSkipScanningVoiceMail
    Type: REG_DWORD
    Value: 1

  • Specify the approved domain names by performing either of the following options:
    Option 1:
    1. Log on to the product console.
    2. Click "Spam Prevention" from the main menu. A drop-down menu appears.
    3. Click "Content Scanning" from the drop-down menu. The "Content Scanning" screen appears.
    4. Add the domain name/s to the list of Approved Senders.
    5. Click "Save".
    Option 2: Create the following registry key:

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
    Key: AntiSpamWhiteList
    Type: REG_SZ
    Data value: Approved domain list (this value only supports these three formats: domain.com; @domain.com;*@domain.com). Each domain name should be separated by semicolon(;))

     
    If a user chooses Option 1, the anti-spam filter does not scan any messages from the approved domain. If a user chooses Option 2, only the voice mail and missed call notifications from the approved domain will not be scanned by the anti-spam filter.
Hot Fix Build 4162

Users need ScanMail to log every attachment that passes through it to be able to trace what attachments have been sent in their Microsoft Exchange organization.
For example, if a confidential document named "secret.pdf" leaks out, users want to know if it was sent within the company. If so, they want to know who sent it, who was the recipient, and when the attachment was sent.
After applying Patch 1, users are allowed to enable ScanMail to log every attachment that passes through it onto a plain text file.

Procedure:

By default, the attachment log tracing feature is disabled when the Attachment Blocking filter is enabled.

To enable the attachment log tracing feature while the Attachment Blocking filter is ENABLED:
Create the following registry key and set its value to "1".

Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
Type: REG_DWORD
Key: EnableAttachmentTracing
Value: 1 (0 = disabled (default), 1 = enabled)

To enable the attachment log tracing feature while the Attachment Blocking filter is DISABLED:
Create the following registry keys and set the values to "1".

Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
Type: REG_DWORD
Key: EnableAttachmentTracing
Value: 1 (0 = disabled (default), 1 = enabled)

Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
Type: REG_DWORD
Key: EnableAttachmentTracingWithABDisabled
Value: 1 (0 = disabled (default), 1 = enabled)

To specify the scan level where this attachment log tracing feature should be active:
Create the following registry key and assign the appropriate value.

Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
Type: REG_DWORD
Key: AttachmentTracingOnScanLevel
Value: "1" - Transport Level (default)
"2" - Store Level
"3" - Both

To specify which scan type the attachment log tracing feature should be active in:
Create the following registry key and assign the appropriate value.

Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
Type: REG_DWORD
Key: AttachmentTracingOnScanType
Value: "1" - Real-time scan (default)
"2" - Manual/Scheduled Scan
"3" - Both

To specify the location of the attachment tracing log file:
Create the following registry key and assign the appropriate value.

Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
Type: REG_SZ
KEY: AttachmentTracingLogFolder
value: Attachment tracing log file's location, for example, "D:\AttacnmentTracking\Log".
The default value is "{SMEX_root}\debug", the typical default value is: "C:\Program Files\Trend Micro\Smex\Debug"
Note that the log file name is hard-coded to "AttachmentTracing.log". Users cannot specify the file name.

To specify the maximum size of an attachment tracing log file:
Create the following registry key and set an appropriate value.

Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
Type: REG_DWORD
Key: AttachmentTracingMaxLogFileSize
Value: file size in bytes, default is 10485760 (10MB)

 
When the log file size reaches the maximum value, it will create a backup in the same folder using a new file name consisting of the log filename and the date information. For example:
AttachmentTracing-10-11-02-16-26-52.log.
ScanMail will not delete the log files, so if there are too many log files that take up too much disk space, users need to delete or move the old log files manually.

If an email message's recipient list is too long in a log entry, the recipients will be divided and multiple log entries will be generated with the same content except for the recipient field. The maximum length of the recipients field is 1024 bytes.

Hot Fix Build 4165Issue:

ScanMail adds some additional separators to tokenize content when applying content filtering policies. It may cause a difference in the content filtering scanning results from the results generated by SMEX 8.

Solution:

After applying hot fix 4165, by default, SMEX 10 uses the same separators used by SMEX 8.

Procedure:

If users have special requirements with separators, add the following registry key and restart the ScanMail Master Service.

Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
Key: AdditionalEmanagerSeparators
Type: REG_SZ
Data value: (customized value)

Hot Fix Build 4208Issue:

The SMEX virus scanning filter scans journal reports generated by an Exchange Server 2007 or 2010.

Solution:

Hot Fix Build 4208 Patch 1 enables users to set SMEX to bypass journal reports in all scans.

Procedure:

To enable the feature:

  • Create the following registry key and set its value to "1":

    Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange \CurrentVersion
    Key: IsSkipJournalReportScanning
    Type: DWORD
    Data value: 1 ("0" = Disables the feature, "1" = Enables the feature)

Hot Fix Build 4218Solution:

Hot Fix Build 4218 allows user to configure SMEX to automatically dump samples and logs related to the samples to the customized folder.

Procedure:

By default, the Virus Scan filter does not dump malware samples. To enable the Virus Scan filter to automatically dump malware samples, add the following key and set its value to "1":

Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
Type: REG_DWORD
Key: MSSAEnableUpload
Value: 1 ("0" disables the feature (default), "1" enables the feature)

To specify the location of the malware samples and logs, add the following key and set its value to the correct path:

Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
Type: REG_SZ
Key: UploadSampleFolder
Value: Default value is "c:\samplesubmitclient".

To specify the maximum size of each malware sample to be dumped, add the following key and set its value in bytes:

Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
Type: REG_DWORD
Key: SampleMaxSize
Value: size in bytes. Default value is 52428800 (50*1024*1024 = 50M)
ScanMail will not dump samples that exceed this limit.
Malware samples can be classified into three types:

  • samples containing a suspicious virus
  • samples containing a known virus
  • samples that do not contain any virus

To specify which type of malware samples should be submitted to DTAS, add the following key and set the appropriate value:

Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
Type: REG_DWORD
Key: UploadVirusType
Value: 0/1/2/3/4/5/6/7, default is "1".
1: samples containing a suspicious virus
2: samples containing a known virus
4: normal samples that do not contain any virus
To upload two or more sample types, add the numbers representing both types. For example, to submit samples containing suspicious virus (1) and normal samples (4), set the value to "5".

Users can specify a virus name prefix and any virus name that starts with it will be classified as a suspicious virus. To specify a virus name prefix filter, add the following key and set the preferred value:

Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
Type: REG_SZ
Key: VirusNamePrefixFilter
Value: prefixes separated by a comma (,). Default value is "HEUR_PDFEXP,HEUR_OLEXP,EXPL_CVE,HEUR_SWF,HEUR_LNK,EXPL_".

Users can specify a virus name suffix and any virus name that ends with it will be classified as a suspicious virus. To specify the virus name suffix filter, add the following key and set the preferred value:

Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
Type: REG_SZ
Key: VirusNameSuffixFilter
Value: suffixes separated by a comma (,). Default value is NULL.

Hot Fix Build 4223Issue:

In a Microsoft Exchange™ 2010 Database Availability Group (DAG) environment, when the user mailbox in a database experiences failover from one node to another, ScanMail always removes the approved sender list after a scheduled/manual spam maintenance task.

Solution:

Hot Fix Build 4223 Patch 2 allows users to specify the spam maintenance report mailbox to a distribution group. In this way, users can do spam maintenance tasks normally under a Microsoft Exchange 2010 DAG environment.

Procedure:
  • Move the EUQ Report Mailbox to a local NOT DAG database:
    • Initially create a local NOT DAG database on each server.
    • Move the EUQ Report Mailbox to the newly created NOT DAG database. For example, to move the server "S1" EUQ report mailbox to a NOT DAG database "DB_EUQ_S1":
        From the Exchange Management Console:
      • Create a new Exchange Mailbox Database named "DB_EUQ_S1" that is not used for DAG.
      • Choose EUQ_S1, and do "New Local Move Request", select "DB_EUQ_S1" as the "Target Mailbox Database".
        From the Exchange PowerShell:
      • New-MailboxDatabase -name DB_EUQ_S1 -server S1
      • New-MoveRequest -Identity EUQ_S1 -TargetDatabase 'DB_EUQ_S1'.
      • Create a new Distribution Group and add all EUQ Report Mailboxes to it. For example, add two EUQ Report Mailbox addresses "EUQ_S1@domain.com" and "EUQ_S2@domain.com" to the EUQ_Group@domain.com distribution group:
          From the Exchange Management Console:
        • Create a new Exchange distribution group named "EUQ_Group".
        • Right click this distribution group, select "Properties".
        • Target to "Members" tag, click "Add" button. Select "EUQ_S1" and "EUQ_S2" as target and press "OK" button to exit.
          From the Exchange PowerShell:
          • New-DistributionGroup -Name "EUQ_Group"
            -OrganizationalUnit "domain.com/users"
            -Type "Distribution"
          • Add-DistributionGroupMember -Identity "EUQ_Group"
            -Member EUQ_S1@domain.com
          • Add-DistributionGroupMember -Identity "EUQ_Group"
            -Member EUQ_S2@domain.com
          • Add the following hidden key in the registry to indicate a new distribution group name.

            Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
            Type: REG_SZ
            Name: EUQGroup
            Value: "EUQ_Group" (This value is distribution group name)

          • Apply this hot fix and do spam maintenance for each server.
           
          After completing the four steps above, restart the ScanMail Master Service.
          Hot Fix Build 4227Enhancement:

          When the Web Reputation filter is enabled and the action is set to "quarantine", the "Suspicious URL" tag is added to the subject line of quarantined email messages that have triggered the Web Reputation filter. Some users request for a way to prevent SMEX from adding a "Suspicious URL" tag in the subject line of such email messages.

          Solution:

          Hot Fix Build 4227 Patch 3 enables users to prevent SMEX from adding the "Suspicious URL" tag in the subject line of quarantined email messages that have triggered the Web Reputation filter.

          Procedure:

          To configure this option:

          • Install this patch.
          • Locate the following key and set the appropriate value:

            Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
            Key: RemoveSuspiciousURLTag
            Type: REG_DWORD
            Data value:
            "0" = SMEX adds the "Suspicious URL" tag to the subject line
            "1" = SMEX does not add the "Suspicious URL" tag to the subject line

          Hot Fix Build 4228Issue:

          In a Microsoft Exchange™ 2007 Cluster Continuous Replication (CCR) cluster environment, SMEX installed on an active node performs the database configuration backup task too frequently.

          Solution:

          Hot Fix Build 4228 allows users to set the frequency of the database configuration backup task.

          Procedure:

          To set the frequency of the database configuration backup task

          • Open the registry editor.
          • Add the following registry key and set the appropriate value:

            Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
            Key: CCRConfMonitorInterval
            Type: REG_DOWRD
            Data value: (decimal value in seconds) (The default value is 3600 seconds.)

          • Apply this hot fix.
          Hot Fix Build 4229Issue:

          Some users request for a way to set SMEX to download the Virus Scan Engine from a specific ActiveUpdate server and all the other engines and patterns from the Trend Micro global official ActiveUpdate server when the download source is set to "Trend Micro ActiveUpdate Server".

          Solution:

          Hot Fix Build 4229 allows user to specify a specific AcitveUpdate server URL that SMEX should download the Virus Scan Engine from.

          Procedure:

          To specify a specific AcitveUpdate server URL that SMEX should download the Virus Scan Engine from:

          • Open the registry editor.
          • Add the following registry key and set an appropriate value.

            Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
            Key: AlternativeVSAPIAUURL
            Type: REG_SZ
            Data value: (special ActiveUpdate Server URL link)

          • Delete the files under following folders except "placeholder.txt":
            • [SMEX directory]\AU_Data\AU_Cache
            • [SMEX directory]\AU_Data\AU_Temp
          • Install this hot fix.
          Hot Fix Build 4242Issue:

          A user requests for a way to prevent SMEX from scanning email messages in the "Deleted Items" folder and "Recoverable Items" folder.

          Solution:

          Hot Fix Build 4242 adds an option to prevent SMEX from scanning email messages in the "Deleted Items" folder and "Recoverable Items" folder.

          Procedure:

          To prevent SMEX from scanning email messages in the "Deleted Items" folder and "Recoverable Items" folder:

          • Install this hot fix.
          • Open the Registry Editor.
          • Add the following hidden key:

            Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
            Key: SkipScanDeletedRecoverableFolder
            Type: REG_DWORD
            Data value: 1

          To allow SMEX to scan email messages in the "Deleted Items" and "Recoverable Items" folders again, set "SkipScanDeletedRecoverableFolder=0" or delete the key.

          Hot Fix Build 4245Issue:

          In an Exchange Server Cluster Continuous Replication (CCR) environment, SMEX should record changes to the log and report databases only when the SQL server is local. However, SMEX still records such changes even when the SQL server is remote.

          Solution:

          This hot fix adds an option to prevent SMEX from recording changes to the log and report databases when the SQL server in a CCR environment is remote.

          Procedure:

          To prevent SMEX from recording changes to the log and report databases when the SQL server in a CCR environment is remote:

          • Install this hot fix.
          • Open the Registry Editor.
          • Add the following hidden key and set its value to "1":

            Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
            Key: IsRemoteSQL
            Type: REG_DWORD
            Data value: 1

          • Restart SMEX.
          Premium
          Internal
          Rating:
          Category:
          Configure; Troubleshoot
          Solution Id:
          1114148
          Feedback
          Did this article help you?

          Thank you for your feedback!

          To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
          We will not send you spam or share your email address.

          *This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

          If you need additional help, you may try to contact the support team. Contact Support

          To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
          We will not send you spam or share your email address.

          *This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.