Every AV scanning on ISA server scans just some things. In another words traffic or data objects which are recognized by AV. Show me any AV for ISA and I will show you how to bypass it with any virus. Of course they, ISA AV products, usually don't tell you what is not scanned to keep you happy. In case of OWA I would rely more on scanning on native email format scanning on Mail server then scanning it on not native transport protocol for these objects. In Another words more not standard encapsulation == more probability AV will not check some levels of message encapsulation. Regards DavidF -----Original Message----- From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] Sent: Wednesday, May 04, 2005 3:57 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: OWA Publishing http://www.ISAserver.org Hi Jim, But can't the AV access it during the bridging? The HTTP Security Filter has access at the point. Thanks! Tom www.isaserver.org/shinder Tom and Deb Shinder's Configuring ISA Server 2004 http://tinyurl.com/3xqb7 MVP -- ISA Firewalls -----Original Message----- From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] Sent: Wednesday, May 04, 2005 8:54 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: OWA Publishing http://www.ISAserver.org Since OWA should be operating over SSL, this makes the virus scanning nearly irrelevant. You should investigate a virus tool for the Exch server instead. GFI rocks, period. This mail was checked for viruses by GFI MailSecurity. GFI also develops anti-spam software (GFI MailEssentials), a fax server (GFI FAXmaker), and network security and management software (GFI LANguard) - www.gfi.com