While SmarterTools offers users the ability to license antivirus products such as Cyren Zero-hour, and while it offers an efficient way to combat viruses via the included Clam AV integration, some System Administrators choose to install their own on-server virus scanners to monitor files on the server. These can include products from companies such as AVG, Trend Micro, and Symantec. In addition, some prefer products that come standard with Windows Server operating systems, such as Microsoft Defender Antivirus.
Because mail servers are so i/o intensive, they need to be configured perfectly to maximize server resources and improve hardware performance. On-server virus scanners can significantly impact the performance of your mail server if it's not properly configured. If a System Administrator chooses to install a third-party product such as Trend Micro or AVG, it's imperative that certain files are excluded from any scans the antivirus software performs. Therefore, knowing how to add these exceptions is crucial.
Below are steps a System Administrator can take to manually add exceptions to Microsoft Defender Antivirus, the protection that is built into Windows Server. When SmarterMail is initially installed, and each time the SmarterMail service is started, SmarterMail will attempt to automatically add exceptions to Microsoft Defender Antivirus if they are not currently present. If SmarterMail fails to add these exceptions, you must manually add them in order to prevent Defender from scanning SmarterMail files. Manual exceptions would also need to be added to any other third-party antivirus software.
NOTE: SmarterMail exceptions must be added to whichever antivirus software you run on your SmarterMail server. Without them, your server will be drastically slowed down, corruption to SmarterMail files may occur, and important email components could be deleted.
Follow the steps below to add exceptions for SmarterMail to Microsoft Defender Antivirus:
- Log into the server where SmarterMail is installed.
- Click on the Start menu.
- Hover your mouse over Administrative Tools and right-click on Windows PowerShell Module. Then click on Run as administrator. In the following confirmation window, choose Yes to allow the program to make changes to your computer.
- Windows PowerShell will open in a new window. One at a time, enter the following lines into the module. NOTE: If you have SmarterMail installed in a different directory, or store domain data in a different folder or drive, you will want to modify your paths accordingly. In addition, if you have domains stored in more than one location, you will need to repeat the process for each domain storage location:
Add-MpPreference -ExclusionExtension XML
Add-MpPreference -ExclusionExtension CFG
Add-MpPreference -ExclusionExtension GRP
Add-MpPreference -ExclusionExtension HDR
Add-MpPreference -ExclusionExtension JSON
Add-MpPreference -ExclusionExtension JSONS
Add-MpPreference -ExclusionExtension LOG
Add-MpPreference -ExclusionExtension DB
Add-MpPreference -ExclusionExtension STAT3
Add-MpPreference -ExclusionExtension STAT4
Add-MpPreference -ExclusionExtension BAK
Add-MpPreference -ExclusionExtension CFE
Add-MpPreference -ExclusionExtension CFS
Add-MpPreference -ExclusionExtension DEL
Add-MpPreference -ExclusionExtension DOC
Add-MpPreference -ExclusionExtension FDT
Add-MpPreference -ExclusionExtension FDX
Add-MpPreference -ExclusionExtension FNM
Add-MpPreference -ExclusionExtension GEN
Add-MpPreference -ExclusionExtension NVD
Add-MpPreference -ExclusionExtension NVM
Add-MpPreference -ExclusionExtension POS
Add-MpPreference -ExclusionExtension SI
Add-MpPreference -ExclusionExtension TIM
Add-MpPreference -ExclusionExtension TIP
Add-MpPreference -ExclusionExtension DMP
Add-MpPreference -ExclusionExtension SBIN
Add-MpPreference -ExclusionExtension PIDS
Add-MpPreference -ExclusionExtension TMPMSG
Add-MpPreference -ExclusionPath "C:\Program Files (x86)\SmarterTools\SmarterMail"
Add-MpPreference -ExclusionPath "C:\SmarterMail\Domains"
- Exceptions for SmarterMail have now been added.
Extra Troubleshooting Tips
Execution of Scripts is Disabled
If you see the following line in the PowerShell window, you may not have the necessary permission to execute a command:
WARNING: File C:\Windows\system32\WindowsPowerShell\v1.0\Modules\PSDiagnostics.psm1 cannot be loaded because the execution of scripts is diabled on this system. Please see "get-help about_signing" for more details.
To resolve this issue, enter set-executionpolicy remotesigned into the PowerShell window. Then, confirm the policy change by entering Y into the PowerShell window. After changing the execution policy, you should be able to follow the steps above to add the SmarterMail exceptions.
Term is Not Recognized
If you see the following line in the PowerShell window, then Microsoft Defender has not been installed or is not enabled on your server:
The term 'Add-MpPreference' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
If Microsoft Defender is not installed or enabled by default on your server, adding exceptions for SmarterMail is not required. However, if Defender is supported on your server, you can install it and follow the steps above to add exceptions for SmarterMail.