Information Store Protection

Use the Virus Scanning Engines to scan the Microsoft® Exchange mailbox databases and public folders for viruses.

GFI MailEssentials can scan the Microsoft Exchange Information Store using two different protocols:

Protocol Exchange versions Description
Exchange Web Services (EWS)
  • 2019
  • 2016
  • 2013
  • 2010

Information Store protection via Exchange Web Services retrieves email attachments from the Information Store via a predefined schedule. Attachments are then scanned by the Virus Scanning Engines and if malware is found, the attachment is removed from the email in the mailbox.

GFI MailEssentials does not have to be installed on the Microsoft Exchange server to use EWS.


  • EWS may impact system performance so it is recommended to schedule scanning during off-peak hours.
  • A user account with access to all mailboxes is required to use EWS. For more information refer to Set a Microsoft® Exchange account.
  • Unlike VSAPI, email attachments are scanned after these are stored in the mailbox so malicious attachments are not filtered from the Information Store until scan starts.
Virus Scan API (VSAPI)
  • 2010

VSAPI scans emails before these are stored in the Information Store, ensuring that malware is filtered out immediately before reaching the Information Store.

VSAPI requires that GFI MailEssentials is installed on the Microsoft Exchange server. On a Microsoft® Exchange Server 2010 machine, the Mailbox Server Role and Hub Transport Server Role are required.

NOTE: GFI MailEssentials cannot scan the Information Store if any other software is registered to use the Microsoft® Exchange VSAPI.


Information Store Protection is only available when GFI MailEssentials is installed in Active Directory or Remote Active Directory modes. It is not available in SMTP mode or GFI Directory mode.

To enable Information Store Scanning and configure the scanning protocol:

  1. Go to Email Security > Information Store Protection.

Information Store Protection node when both EWS & VSAPI are available

  1. From Information Store Virus Scanning tab, select Enable Information Store Virus Scanning.
  2. When GFI MailEssentials is installed on Microsoft Exchange 2010 with Mailbox Server and Hub Transport Server Roles, choose the protocol to use for scanning the Information Store - VSAPI or Exchange Web Services.
  3. In the other tabs, configure the protocol options. Refer to VSAPI Settings or Exchange Web Servies (EWS) Settings
  4. Click Apply.

The status of the Virus Scanning Engines used to scan the Information Store is displayed in the table.

To disable a particular antivirus engine from Information Store Scanning, navigate to the Virus Scanning Engines page, select the antivirus engine and disable Scan Internal and Information Store Items.