This document provides answers to common post-installation and configuration questions about Symantec Mail Security 7.0, 7.5, and 7.9 for Microsoft Exchange (SMSMSE).
Question: In SMSMSE 7.9.1 is it possible to create scheduled scan jobs selecting a specific mailbox database and what occurs when a new mailbox is added to the database?
Answer: Yes, the schedule scan job can be created by selecting a specific mailbox database. When a new mailbox is added the next enumeration cycle by SMSMSE would add the mailbox to the list. However, the newly discovered mailbox will need to be added by modifying the job and selecting the new mailbox.
Question: In SMSMSE 7.9.1 Is it OK to leave the transport submission queue monitor enabled and running at all times?
Answer: No, transport submission queue monitor is a diagnostic mode and should only be utilized for troubleshooting queue buildup issues. Once the cause is identified and resolved the transport submission queue monitor should be disabled.
Question: Can I generate consolidated report on threats detected across the organization?
Answer: SMSMSE 7.9 has the capability to generate detailed consolidated report of all exchange servers in a Group level. For more details please refer implementation guide
Question: What option I should select for remediation type when malware is detected in Auto-Protect?
Answer: There are couple of search types you can choose and remediate the emails. One is “Sent Item Remediation only” and the other is “Deep Discovery and Clean-up”.
When you want to make sure that that the malware sent from user mailbox should be removed immediately when detected in transport; it is suggested to select “Sent Item Remediation only”.
When you want to have deep discovery of malware based on file hash (email attachment) across the organization in all the mailboxes the best option is “Deep Discovery and Clean-up”.
Question: How to select right kind of Remediation validation feed setting?
Answer: Based on desired security level customer can choose between different validation settings. Certificate based validation provide highest level of security, followed by custom validation. For manually validating the setting “Manually move feed to custom folder” can be used. Administrator here will examine the mail and move feeds manually to get them remediated.
Question: Is SMSMSE shipping remediation certificate?
Answer: No, SMSMSE is not shipping any kind of certificate. Customer need to bring their certificate and just need to provide details to SMSMSE.
Question: How can we see Remediated quarantined emails?
Answer: SMSMSE current quarantined management can be used for managing them. They are tagged with Internal & External remediation in quarantine view.
Question: Where can I find step-by-step configuration instructions?
Answer: The Implementation Guide contains instructions for configuring all of the product features. You can find the Implementation Guide and other documentation in the DOCS folder of your installation media and on the Symantec Web site.
Reference: Symantec Mail Security for Microsoft Exchange product documentation
Question: Will I need to reboot after installing or upgrading to SMSMSE 7.0, 7.5, or 7.9?
Answer: A reboot is not required. A reboot prompt may appear, but only non-critical components such as reporting will be affected by ignoring the prompt.
Reference: Is it Necessary to Reboot the Exchange Server after Upgrading Symantec Mail Security for Microsoft Exchange?
Note: In the case of SMSMSE 7.5 and 7.9, if the VC++ redistributables are not already installed then post installation reboot is required.
Question: How do I obtain and apply a license?
Answer: Obtain the license from the Symantec Licensing Portal. You will need to supply your 11-digit serial number. You can apply the license when prompted during the installation or after the product is installed.
Reference: Applying a license (.SLF) file for Symantec Mail Security for Exchange
Question: Can I import settings from a previous version of SMSMSE?
Answer: You cannot import settings from SMSMSE 6.x into SMSMSE 7.x. When you upgrade from SMSMSE 6.x, most settings are preserved in version 7.x.
Question: What exclusions do I need if Symantec Endpoint Protection or Symantec AntiVirus is installed on the same computer?
Answer: Symantec Endpoint Protection automatically excludes the needed folders for Exchange. However, two product directories need to be excluded manually:
Read the article for your version of SEP or SAV for complete details.
Question: How do I configure LiveUpdate if Symantec Endpoint Protection or Symantec AntiVirus is installed on the same computer?
Answer: Configure Symantec AntiVirus or SEP to perform definition updates. For Exchange Server 2016/2013/2010/2007, you must also configure Mail Security to perform definition updates. You can change LiveUpdate settings on the Admin tab of the Console.
Question: How do I enable Premium AntiSpam?
Answer: In the Console, select the server or group whose settings you want to change. Click Policies > Premium AntiSpam Settings, and then check Enable Symantec Premium AntiSpam. Then, click Premium AntiSpam Actions to configure what actions to take when spam is detected. Click Deploy changes when you have the desired configuration.
Reference: Overview of Premium AntiSpam in Symantec Mail Security for Microsoft Exchange
Question: Can I add legacy servers to the Console?
Answer: Version 7.0 server can only be added in version 7.0 console and version 7.5 server can only be added in version 7.5 console.
Question: How can I completely remove SMSMSE?
Answer: Use Add/Remove Programs in the Control Panel to uninstall SMSMSE. If you encounter problems, follow the manual removal instructions for your version.
Reference: Manual removal instructions for Symantec Mail Security for Microsoft Exchange, Symantec AntiVirus/Filtering for Microsoft Exchange, or Norton AntiVirus for Microsoft Exchange