?
Solved

1000's of VAPxxx.tmp viruses in Quarantine

Posted on 2005-03-20
5
Medium Priority
?
1,095 Views
Last Modified: 2008-03-03
the past few days my exchange 2003 server is being flooded with some type of virus.  the antivirus software in quarantining the virus of type VAPxxx.tmp.  i am using symantic antivirus corp edition and symatic mail security for exchange.  the problem is slow exchange server and taking up disk storage.   i have had this problem in the past and it finnally cleared up.  any ideas?

thanks,

charliebry
0
Comment
Question by:charliebry
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 3

Assisted Solution

by:quell23
quell23 earned 800 total points
ID: 13588658
my 2 cents:
You could look in your smtp logs and compare the time in the smtp logs with the time on the  symantec logs and then set exchange to deny mail from that IP address (or email address) thats in the smtp logs. If you need mail from that IP address, you could change your Symantec settings to delete whatever is in the quarentine every few hours vs the default which is 90 days I think.  Just an idea though.
0
 
LVL 10

Expert Comment

by:munichpostman
ID: 13588767
Consider putting in another system between your Exchange Server and the Internet such as:

www.ironport.com
www.ironmail.com

Better still consider using one of the following

www.messagelabs.com
www.postini.com
www.frontbridge.com
0
 
LVL 2

Accepted Solution

by:
TomBoland earned 1200 total points
ID: 13606022
Also make sure that NAV is set up to spefically exclude the exchange directories and the quarantine directories when it does it's normal file scan. It can make more copies of the same virus over and over again. You may only have a small number of actual viruses and NAV has copied over and over and over again when it scans.


Tom Boland
0
 

Author Comment

by:charliebry
ID: 13636396
I changed the NAV realtime protection to exclude NAV, Exchange and quarantine directories and that did solve the problem of filling up the quarantine file and disk storage.  By excluding these directories (mail boxes etc.) I assume the server is still protected.  I also found the site causing the problem "inet@microsoft.com" and blocked it.

Thanks,

Charliebry
0
 
LVL 2

Expert Comment

by:TomBoland
ID: 13636538
Mail Security and the NAV corporate edition are related but separate. You are still protected for email viruses as long as Mail Security is running, configured properly, and updates on schedule.

Here is the link from Symantec on what to included and exclude with NAV Corp Edition 9 and Mail Security on the same box:
http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2004052416452048?Open&src=ent_tutweb_nam&docid=2004062508305148&nsf=ent-security.nsf&view=docid&dtype=corp&prod=&ver=&osv=&osv_lvl=

Tom
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
Find out what you should include to make the best professional email signature for your organization.
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question