This site is for AVG Business products only. For articles on Avast Business products, see Avast Business Help. If you are in the right place but cannot find what you are looking for, please contact AVG Business Support for further assistance.

Exchange Protection

This Article Applies to:

  • AVG Internet Security Business Edition
  • AVG Email Server Business Edition


The Exchange component for Windows Servers is specifically meant to protect your Exchange Server from threats without interfering in its function. It scans and filters emails for viruses at the Exchange server level to help stop potential attacks before they spread to the network.

Exchange Shield is not visible in the main UI components/features list, only in the settings.

Supported Exchange Servers

Microsoft Exchange Server versions 2010 and later are supported.


For Exchange Server to be detected by AVG Business Antivirus and the plugin installed, it should be installed prior to installing Antivirus. If it is installed afterward, the Exchange component would need to be added manually.

Recommended Antivirus Components

When installing servers in a business environment, please follow our guidelines in Recommended Components for Servers.

Configuring Exchange Protection

Advanced Exchange settings can be accessed by navigating to Menu > Settings > Basic Protection > Exchange.

Three sets of settings are available here:

  • Scanning
  • Actions
  • Blocking

You can also enable/disable the component here using the dedicated toggle.


Here, you can configure basic scanning parameters:

  • Scan messages on-access: On-access scanner scans messages upon downloading, and remains active even if scanning messages in the background and proactive scanning options are off.
  • Scan messages in the background (Exchange 2010 only): Background scanning works when an item that has not been scanned with the latest AVG virus definitions is encountered in the users’ mailbox folders. Scanning and searching for not examined objects runs in parallel. A specific low priority thread is used for each database, which guarantees other tasks (e.g. email messages storage in the Microsoft Exchange database) are always carried out preferentially.
  • Enable proactive scanning (Exchange 2010 only): Proactive scanning works when an item is delivered to a folder, but a request has not been made by a client. As messages are submitted to the Exchange store, they enter the global scanning queue as low priority (maximum of 30 items). They are scanned on the first in, first out (FIFO) basis. If an item is accessed while still in the queue, it is changed to high priority.
  • Scan at transport level: Enables scanning of emails at the Exchange Hub Transport level.
  • Scan RTF message bodies: Enables scanning of messages in rich text format.
  • Try to clean infected objects: infected objects will be cleaned (e.g. remove malicious code only); if unsuccessful, they will be removed.

Any malicious activity detected will be written to the Windows Event Log - you can select several logging options:

  • Low: Errors & viruses only
  • Normal: Warning, errors, & viruses
  • High: For more detail in AVG logs
  • Maximum: For the max detail in AVG logs

Note that the Exchange component can only scan messages (on-access and in the background) on IS level.


The Actions settings allow you to configure how untestable and infected items are handled. In both cases, you can choose to allow full access to the item, overwrite the item with a warning, or delete the whole message.


Use these settings to block attachments with specified filename masks (characters and wildcards used to match folder and file names) that are found in messages coming through Exchange.

You can also choose what the file name is replaced by, and the content of the .txt file that will replace the blocked file.