First of all why do you need Forefront Protection for Exchange Server ?
Microsoft Forefront Protection 2010 for Exchange Server (FPE) provides fast and effective protection against malware and spam by including multiple scanning engines from industry-leading security partners in a single solution. FPE provides customers with an easy-to-use administration console that includes customizable configuration settings, filtering options, monitoring features and reports, antispam protection, and integration with the Forefront Online Protection for Exchange (FOPE) product. If you have installed FPE on multiple Exchange servers, such as in an enterprise, you can manage them with the Microsoft Forefront Protection Server Management Console (FPSMC). Additionally, you can use Windows PowerShell, a command-line shell and task-based scripting technology that enables the automation of system administration tasks, to administer FPE.
Installing FPE on a Mailbox / Hub Transport Exchange Server
- During installation you’ll be asked whether or not to enable Antispam, the default will be to not enable it. That’s what we want, we’ll leave that task to the Edge server.
- FPE on an internal machine will provide Antivirus and Antimalware protection. You’ll also be able to run on-demand scans of individual mailboxes if you so choose.
Installing FPE on an Edge Transport Exchange Server
- This time the default will be to enable Antispam, which is exactly what we want.
- Edge servers don’t have direct access to any mailboxes, so you can’t run scans on selected objects from here.
Update FPE Spam Definitions and Engines
- Spam/Virus/Malware definitions should come through Windows update automatically. Just be sure they’ll install automatically.
- To update your FPE Engines, browse to your Policy Management -> Global Settings -> Engine Options and choose Update All Engines Now from the options pane.
Send Test Emails
- To test if Antispam is functioning properly head on over to Gtube.net. Send a Gtube test from an external domain and you should receive an automatic reply that the mail is undeliverable:#550 5.7.1 Message rejected due to content restrictions ##
- To test Antivirus/Antimalware, use EICAR.org. Send the EICAR signature as an attachment from an external domain and you should receive the email, but the attachment will be quarantined.