FIX: The Email Policy Integration feature that redirects spam email messages to a quarantine mailbox address does not work when Forefront Protection for Exchange 2010 is installed on Forefront Threat Management Gateway 2010
You install Microsoft Exchange Server 2010 Edge and Microsoft Forefront Protection for Exchange 2010 (FPE) on a server that is running Microsoft Forefront Threat Management Gateway (TMG) 2010.
You enable and then configure the Email Policy Integration feature of TMG.
In the TMG Management console, you configure a quarantine mailbox address so that messages that have a spam confidence level (SCL) rating greater than or equal to a specific threshold are sent to this mailbox. (To set the quarantine mailbox address, click E-mail Policy, click the Spam Filtering tab, click Content Filtering, and then click the SCL Thresholds tab. On the SCL Thresholds tab, click to select the Quarantine messages that have an SCL rating greater than or equal to check box, specify a threshold, and then provide a valid quarantine mailbox address.)
In this scenario, an email message that meets the SCL threshold is not sent to the quarantine mailbox address as expected.
This problem occurs because of the designed behavior that occurs when FPE is installed on Exchange Server Edge. For more information about this behavior, see the blog post that is mentioned in the "References" section.
When the FSE Antispam Filtering option is enabled, the Content Filter agent in Exchange Server 2010 is disabled. Therefore, all Content Filter settings that are configured on TMG are ignored. These settings include the redirection of email messages to the configured quarantine mailbox.
To resolve this problem, install the service pack that is described in the following Microsoft Knowledge Base article:
2555840 Description of Service Pack 2 for Microsoft Forefront Threat Management Gateway 2010
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
After you install Service Pack 2, a new alert in the Content Filtering area of TMG is added to notify the TMG administrator of the problem that occurs when FPE antispam filtering is enabled and the Exchange Content Filter agent is disabled.
For more information about why Exchange Content Filter settings are ignored, see the blog on the following Microsoft TechNet website: