This page contains answers to frequently asked questions (FAQ). The answers cover background scanning with Symantec Mail Security installed.
The following sections are in a Question (Q:) and Answer (A:) style.
Q: If enabled, when does the background scanning thread start?
A: Background scanning will start if any of the following events occur:
Q: What is the impact of enabling the “On virus definition update, force rescan before allowing access to information store” option?
A: Each time virus definitions are updated, a rescan of all items of the database is done. This option provides the highest level of security. The performance of the server is affected. The larger the store the longer it takes to scan. Until all the items are rescanned with the current virus definitions client will not be allowed to access those items.
Q: How do I enable detailed logging for the background scanning process?
A: To enable detail logging use the following steps.
Q: How can I tell when the background thread has started on a particular database?
A: On the ESM logging properties page, enable VSAPI logging. The application event log contains an event similar to the following.
Q: How do I know when the background scan has completed for a database?
A: With VSAPI logging enabled for the server, the following event will be recorded in the application event log when the background scan is complete.
Q: Why does the background thread sometimes start, and then finish only minutes later?
A: If no items need to be scanned, then the background thread can finish very quickly.
Q: Is the background thread a multi-threaded process? If so, how many threads will it use?
A: The background thread is multi-threaded. This is part of VSAPI 2.x. The process starts one thread per database on the server (Up to a max of 20.)
Q: How can I monitor the performance of the background thread?
A: VSAPI 2.x adds performance counters under MSExchangeIS. Two performance counters added are:
Q: What is the recommended setting for background scanning and rescanning after virus updates?
A: The server administrator must make this decision based on first-hand knowledge of the setup. Two factors to consider are:
Q: How long does it take for the background thread to complete?
A: In general, a background scan operates at a rate of 1GB per hour. This means that a single store of 30 GB takes approximately 30 hours to be complete. If you have three 30 GB stores, then the scan time will increase slightly. The increase is due to the use of three simultaneous threads to scan. It also depends on the following factors:
Q: The Information Store assigns what process priority to background scanning? Can you change the process priority?
A: The process priority assigned is BelowNormal. The process priority is not changeable.
Q: Who do I contact if I have a concerns about or enhancement requests for background scanning?
A: Background Scanning is part of Microsoft’s VSAPI. If you have suggestions for the feature set of background scanning, contact Microsoft.