While SmarterTools offers users the ability to license antivirus and antispam products such as Cyren Premium Antispam, Cyren Zero-hour Outbreak Detection and Message Sniffer, and while these are the most efficient ways to combat spam and viruses, some System Administrators choose to install their own on-server virus scanners to monitor files on the server. These can include products from companies such as AVG, Trend Micro and Symantec. In addition, some prefer products that come standard with Windows Server operating systems, such as Windows Defender.
Because mail servers are so i/o intensive, they need to be configured perfectly to maximize server resources and improve hardware performance. On-server virus scanners can significantly impact the performance of your mail server if it's not properly configured. If a System Administrator chooses to install a third-party product such as Trend Micro or AVG, it's imperative that certain files are excluded from any scans the antivirus software performs. Therefore, knowing how to add these exceptions is crucial.
Below are steps a System Administrator can take to manually add exceptions to Windows Defender, malware protection that is built into Windows Server 2012 and 2016. When SmarterMail is initially installed, and each time the SmarterMail service is started, SmarterMail will attempt to automatically add exceptions to Windows Defender if they are not currently present. If SmarterMail fails to add these exceptions, you must manually add them in order to prevent Windows Defender from scanning SmarterMail files. Manual exceptions would also need to be added to any other third-party antivirus software.
NOTE: SmarterMail exceptions must be added to whichever antivirus software you run on your SmarterMail server. Without them, your server will be drastically slowed down, corruption to SmarterMail files may occur, and important email components could be deleted.
Follow the steps below to add exceptions for SmarterMail to Windows Defender:
- Log into the server where SmarterMail is installed.
- Click on the Start menu.
- Hover your mouse over Administrative Tools and right-click on Windows PowerShell Module. Then click on Run as administrator. In the following confirmation window, choose Yes to allow the program to make changes to your computer.
- Windows PowerShell will open in a new window. One at a time, enter the following lines into the module. NOTE: If you have SmarterMail installed in a different directory, or store domain data in a different folder or drive, you will want to modify your paths accordingly. In addition, if you have domains stored in more than one location, you will need to repeat the process for each domain storage location:
Add-MpPreference -ExclusionExtension XML
Add-MpPreference -ExclusionExtension CFG
Add-MpPreference -ExclusionExtension GRP
Add-MpPreference -ExclusionExtension HDR
Add-MpPreference -ExclusionPath "C:\Program Files (x86)\SmarterTools\SmarterMail\Service\Settings"
Add-MpPreference -ExclusionPath "C:\SmarterMail\Domains"
- Exceptions for SmarterMail have now been added.
Extra Troubleshooting Tips
Execution of Scripts is Disabled
If you see the following line in the PowerShell window, you may not have the necessary permission to execute a command:
WARNING: File C:\Windows\system32\WindowsPowerShell\v1.0\Modules\PSDiagnostics.psm1 cannot be loaded because the execution of scripts is diabled on this system. Please see "get-help about_signing" for more details.
To resolve this issue, enter set-executionpolicy remotesigned into the PowerShell window. Then, confirm the policy change by entering Y into the PowerShell window. After changing the execution policy, you should be able to follow the steps above to add the SmarterMail exceptions.
Term is Not Recognized
If you see the following line in the PowerShell window, then Windows Defender has not been installed or is not enabled on your server:
The term 'Add-MpPreference' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
If Windows Defender is not installed or enabled by default on your server, adding exceptions for SmarterMail is not required. However, if Windows Defender is supported on your server, you can install Windows Defender and follow the steps above to add exceptions for SmarterMail.