With Symantec Mail Security for Microsoft Exchange (SMSMSE) enabled, some items are not accessible until the service is stopped.
In the Application event log, an event ID 218 is logged from source "Symantec Mail Security for Microsoft Exchange" with details similar to the following:
The message "<Message Subject>" located in <location> has violated the following policy settings:
Scan: Auto-Protect
Rule: <rule name> (User defined action failed - Deny Access used instead)
The following actions were taken on it:
The message "<Message Subject>" was Denied Access for the following reason(s)
Scan Engine Error. <error code>
These errors occur when a scan request is sent to SMSMSE, but for some underlying reason SMSMSE cannot access the item in question. As a result, SMSMSE cannot verify whether the file violates one of the security policies implemented in the SMSMSE configuration (virus policy, content policy, attachment policy, etc.). Because the file in question cannot be accessed, SMSMSE takes the "Quarantine in Store" action inside the Exchange database (Deny Access), instead of the action configured for the policy in question.
Some memory related causes for this behavior have been addressed in SMSMSE 7.9.1 MP1 (also known as SMSMSE 7.9.2). Please upgrade to at least SMSMSE 7.9.1 MP1.
Workaround
With SMSMSE 7.5.4 or later, SMSMSE can bypass the Quarantine in Store (Deny access) action if configured to do so.
To bypass Quarantine in Store with 7.5.4, 7.5.5 or 7.5.6
To bypass Quarantine in Store with 7.9.0 and later
Effects of setting this registry key
When an item is inaccessible to the SMSMSE scanner for some reason, instead of Denying Access to the item (Default behavior), SMSMSE will instead allow access to the item. Because it cannot access the item to scan, this means that SMSMSE will allow access to items that potentially violate some of its policies (virus policy, content policy, attachment policy, etc.) without being scanned. It is up to the security posture of the individual organization whether this potential security risk is acceptible in order to improve availability of emails under this condition.