Microsoft Forefront Endpoint Protection 2010 Antivirus 360' title='Microsoft Forefront Endpoint Protection 2010 Antivirus 360' />Five steps to cleaning a virus infected Exchange server.Cleaning a virus infected server is easy for value added resellers VARs and security consultants who follow these.By submitting your personal information, you agree that Tech.Target and its partners may contact you regarding relevant content, products and special offers.Cleaning a virusinfected server is easy for valueadded resellers VARs and security consultants who follow these five steps.You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.Search.Security.There are countless articles on how to prevent email virus infections, but almost nobody talks about how to clean up a massive infection.Of course, you want to update your servers file level and Exchange level antivirus software, and make sure all users have up to date antivirus applications running on their desktops.But sometimes these steps are not enough.If your server is heavily infected, the sheer volume of infected messages can overwhelm the machine and your antivirus software may not be able to keep pace with the server.If you find yourself in a situation like this, here are the steps you need to take.Stop the flow of SMTP traffic.First, cut off communications between your mail server and the Internet.This will prevent your server from spewing infected messages to the outside world and stop any new messages from arriving until youve recovered from the infection.One way of stopping the flow of SMTP traffic is to configure your organizations SMTP connector to not deliver mail Open Exchange System Manager and navigate through the console tree to Administrative Groups your administrative group Routing Groups First Routing Group Connectors your SMTP connector.Right click on your SMTP connector and select Properties.Now choose the Delivery Options tab.Pick the Never Run option from the Connection time dropdown list.While you are at it, you might also consider disabling the SMTP virtual server Navigate to Administrative Groups your administrative group Servers your server Protocols SMTP Default SMTP Virtual Server.Right click on the Default SMTP Virtual Server object and select the Stop command.Keep users out of Exchange.In some cases, you may also need to keep the users out of the Exchange server while you disinfect it.The easiest way to do this is to unplug the network cable from the server.This will guarantee that nobody can send or receive anything until you are ready for them to do so.Freeze your message queues.Now it is time to begin cleaning out the message queues.To do so, you must freeze the queues and then delete the undesirable messages.To freeze a queue, navigate through the Exchange System Manager console to Administrative Groups your administrative group Servers your server Queues.The consoles detail pane will display a list of the servers queues.Right click on the queue containing the offending messages and select the Freeze command.Keep in mind that X.Front License Plate Mount Kit '>Front License Plate Mount Kit .If you want to freeze all the queues, simply click the Disable Outbound Mail button click Enable Outbound Mail to re enable mail flow.Locate and remove infected messages.To locate infected messages and remove them from the queues Click the Find Messages button.The easiest way to spot an infected message is usually by its subject line.Unfortunately, the Find Messages feature doesnt allow you to search by subject line.Instead, enter a large number such as 1.Number of Messages to Be Listed In the Search field.Set the Show Messages Whose State Is option to All Messages and click Find Now.The result is that all of the messages in the queue will be displayed.You can then sort the results by subject line to make finding the infected messages easier.Finally, select and right click on the infected messages and select Delete No NDR.The infected messages will be deleted from the queue.Repeat the procedure on the remaining queues.Even after all of the queues have been disinfected, there is a very good chance that some of the mailboxes on your server contain infected messages.Exchange doesnt offer any easy mechanism for manually disinfecting everyones mailboxes.Your best option is to scan the mailboxes with an Exchange aware antivirus program.You should do this prior to allowing the users back onto the server.Return Exchange to a functional state.The last step in the process is to bring the server back to a functional state Enable mail flow and unfreeze any frozen queues.Enable the SMTP Virtual Server and set the connection time for your SMTP connector back to Always Run.Plug the network cable back in to allow users access Exchange once again.About the author.Brien M.Posey, MCSE, is a Microsoft Most Valuable Professional for his work with Windows 2.Server and IIS. Call Of Duty Modern Warfare 3 Crack Fps Fix For Eso .
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |