Why a file triggers the Unscannable File Rule
A file can trigger the Unscannable File Rule when Mail Security is unable to scan the file.
Some examples of when a file might trigger the Unscannable File Rule are as follows:
Mail Security cannot access the file.
Mail Security cannot access the file to scan it.
This can occur when another thread or process is accessing the file. For example, two separate antivirus software programs (a file system-based program and an email-based program) attempt to scan the same file simultaneously.
Configure your other antivirus programs to exclude certain folders from scanning. If another antivirus program scans the Exchange directory structure or the Mail Security processing folder, it can cause false-positive threat detection, unexpected behavior on the Exchange server, or damage to the Exchange databases.
For information about how to prevent Symantec antivirus products from scanning the Exchange directory, go to the following Symantec Knowledge Base article:
The file is corrupt.
Mail Security correctly identifies the file, but the file is corrupt.
The file is incorrectly identified.
Mail Security misidentifies the file based on the message header. The actions that the program performs on the file are incorrect and invalid for the file type.
This can also occur in a file that contains invalid characters or values in the header.
The scanner or decomposer times out.
The antivirus scanner or decomposer times out while attempting to scan the file.
This can occur when a file meets or exceeds the scanning limits that you specify.
The temporary working directory is missing, or the path to the directory is incorrect.
This could occur if the temporary working directory is deleted or moved. Check to see if the \Temp directory exists. If it has been deleted, create it in the following location:
Files (x86)\Symantec\SMSMSE\6.5\Server \Temp
The file contains a large compressed attachment.
A file that contains a large attachment (for example, a 100 MB attachment that is compressed into a 4 MB .zip file) might trigger the Unscannable File Rule.
See Configuring rules to address unscannable and encrypted files.
A Symantec antivirus product is attempting to scan files in Mail Security folders.
You must configure the Symantec antivirus product to exclude Mail Security folders from being scanned.