Article ID: 2805201 - View products that this article applies to.
The antimalware feature in Exchange 2013 can be enabled during the installation of Exchange 2013 or any time afterwards if the user did not opt into using it during the installation.
In addition, the antimalware feature can be disabled at any time after it’s enabled by running the following script: Disable-AntimalwareScanning.ps1
If you do not enable the antimalware feature, or have disabled it at a later date, you have subsequently disabled the updating of the Microsoft engine.
The Exchange Transport Rule feature in Exchange 2013 utilizes the Microsoft engine during text extraction for certain predicates. Therefore, even when antimalware scanning is disabled, you still may be utilizing the Microsoft engine for these predicates.
There may be an occasion where an update is put out for the Microsoft engine that is specifically targeted for Exchange Transport Rule functionality. If you’ve disabled the antimalware feature with the script above or never opted into using it then automatic updates for the Microsoft engine are not enabled. In this case you would not automatically receive this update.
In order to retrieve a Microsoft engine update when you did not enable the antimalware feature on install or had it enabled but subsequently disabled it via the “Disable-AntimalwareScanning.ps1” script you will need to execute the script below which will initiate a Microsoft engine update:
Update-MalwareFilteringServer.ps1 –identity %ServerName%
This script is found at the following location by default: C:\Program Files\Microsoft\Exchange Server\V15\Scripts