Best practices when using Symantec Mail Security and Backup Exec Exchange Agent

Article:TECH37229  |  Created: 2009-01-01  |  Updated: 2014-07-23  |  Article URL http://www.symantec.com/docs/TECH37229
Article Type
Technical Solution


Issue



Best practices when using Symantec Mail Security and Backup Exec Exchange Agent
 


Cause



One common issue encountered when backing up individual mailboxes when Symantec Mail Security is installed, is that when a scan is being run on the Exchange Information Store, if the messages getting backed up are infected by a virus or are currently being scanned, they will be reported by Backup Exec as corrupt or the error 'Access is denied'  will be reported. In both cases, the job will fail.


Solution



To avoid this, and to prevent the job from failing, VSAPI can be disabled at the time the backup happens.

Warning: When VSAPI is disabled, no virus scanning occurs against internal e-mail. When VSAPI is disabled, email activity has a greater risk of virus infection.

To disable VSAPI:

1. Exit all open programs

2. On the Windows taskbar, click Start | Run. In the Run dialog box, type regedit

Warning: Incorrect use of the Windows registry editor may prevent the operating system from functioning properly. Great care should be taken when making changes to a Windows registry. Registry modifications should only be carried-out by persons experienced in the use of the registry editor application. It is recommended that a complete backup of the registry and workstation be made prior to making any registry changes.

3. Click OK. The Registry Editor opens.

4. Go to the following key:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSExchangeIS\VirusScan\

5. In the right pane, select each value and change as indicated.
   Enabled = 0 (zero)
   ReloadNow = 1

6. Exit the Registry Editor

Note:
Disabling VSAPI does NOT stop scanning on inbound SMTP.


To enable VSAPI

1. Exit all open programs

2. On the Windows taskbar, click Start | Run

3. In the Run dialog box, type regedt32

Warning: Incorrect use of the Windows registry editor may prevent the operating system from functioning properly. Great care should be taken when making changes to a Windows registry. Registry modifications should only be carried-out by persons experienced in the use of the registry editor application. It is recommended that a complete backup of the registry and workstation be made prior to making any registry changes.

4. Click OK. The Registry Editor opens.

5. Go to the following key:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSExchangeIS\VirusScan\

6. In the right pane, select each value and change as indicated.
    Enabled =
    ReloadNow = 1

Microsoft Exchange resets the value ReloadNow to 0 (zero), necessitating the change of the ReloadNow value to 1.

7. Exit the Registry Editor

Additionally, batch files can be created that make the above modifications and they can be added in the Pre/Post Commands section of the backup job. Please review the Related Documents section of this TechNote for details on how to run Pre/Post Commands. Also, view the Symantec document referenced in the Acknowledgements section for .reg files which could be implemented to toggle the VSAPI setting.
Please refer to the Microsoft knowledge base article 823166 Overview of Exchange Server 2003 and antivirus software for a detailed explanation of the VSAPI functionality.
http://support.microsoft.com/kb/823166

Note:  If using Backup Exec with Symantec anti-virus products, Symantec recommends that customers experiencing the issues mentioned in this document upgrade to the latest versions of each of the products used to ensure the highest levels of compatibility between them. Please contact your sales representative or reseller to obtain upgrade information for your products. Additionally, you may also contact Symantec Sales directly at http://www.symantec.com/purchase/


Supplemental Materials

SourceError Code
Value0xa0008488
Description

Access is denied


SourceUMI
ValueV-79-40960-33928
Description

Access is denied



Legacy ID



275013


Article URL http://www.symantec.com/docs/TECH37229


Terms of use for this information are found in Legal Notices