FIX: The Email Policy Integration feature that redirects spam email messages to a quarantine mailbox address does not work when Forefront Protection for Exchange 2010 is installed on Forefront Threat Management Gateway 2010

Article translations Article translations
Article ID: 2591744 - View products that this article applies to.
Expand all | Collapse all

SYMPTOMS

Consider the following scenario:
  • You install Microsoft Exchange Server 2010 Edge and Microsoft Forefront Protection for Exchange 2010 (FPE) on a server that is running Microsoft Forefront Threat Management Gateway (TMG) 2010.
  • You enable and then configure the Email Policy Integration feature of TMG.
  • In the TMG Management console, you configure a quarantine mailbox address so that messages that have a spam confidence level (SCL) rating greater than or equal to a specific threshold are sent to this mailbox. (To set the quarantine mailbox address, click E-mail Policy, click the Spam Filtering tab, click Content Filtering, and then click the SCL Thresholds tab. On the SCL Thresholds tab, click to select the Quarantine messages that have an SCL rating greater than or equal to check box, specify a threshold, and then provide a valid quarantine mailbox address.)

In this scenario, an email message that meets the SCL threshold is not sent to the quarantine mailbox address as expected.

CAUSE

This problem occurs because of the designed behavior that occurs when FPE is installed on Exchange Server Edge. For more information about this behavior, see the blog post that is mentioned in the "References" section.

When the FSE Antispam Filtering option is enabled, the Content Filter agent in Exchange Server 2010 is disabled. Therefore, all Content Filter settings that are configured on TMG are ignored. These settings include the redirection of email messages to the configured quarantine mailbox.

RESOLUTION

To resolve this problem, install the service pack that is described in the following Microsoft Knowledge Base article:
2555840 Description of Service Pack 2 for Microsoft Forefront Threat Management Gateway 2010

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

MORE INFORMATION

After you install Service Pack 2, a new alert in the Content Filtering area of TMG is added to notify the TMG administrator of the problem that occurs when FPE antispam filtering is enabled and the Exchange Content Filter agent is disabled.

REFERENCES

For more information about why Exchange Content Filter settings are ignored, see the blog on the following Microsoft TechNet website:
Exchange Content Filter settings are ignored
For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
824684 Description of the standard terminology that is used to describe Microsoft software updates

Properties

Article ID: 2591744 - Last Review: October 31, 2011 - Revision: 2.0
APPLIES TO
  • Microsoft Forefront Threat Management Gateway 2010 Enterprise
  • Microsoft Forefront Threat Management Gateway 2010 Standard
  • Microsoft Forefront Threat Management Gateway 2010 Service Pack 1
Keywords: 
kbfix kbbug kbexpertiseinter kbsurveynew KB2591744

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com