Exchange Server

How can I move the Intelligent Message Filter (IMF) archive folder in Exchange 2003?

Microsoft Exchange Intelligent Message Filter is a product developed by Microsoft to help companies reduce the amount of unsolicited commercial e-mail (UCE), or spam, received by users. You can read more about IMF on the Block Spam with Exchange 2003 Intelligent Message Filter page.

When using IMF to help reduce the volume of Unsolicited Commercial E-Mail (UCE, or most commonly known as Spam) received by your users, one of the configuration options is to archive the received messages that are flagged as spam and have a Spam Confidence Level (or SCL) greater than a certain threshold you find reasonable (I use 7 for my SCL level). Read more about how to Configure Intelligent Message Filter in Exchange 2003 SP2.

Note: When performing the archive operation on the messages that have an SCL that is greater than the threshold you’ve configured (make sure you also read Bug in Intelligent Message Filter Interface), these messages will be placed inside a folder on your server’s hard disk.

The archive folder’s location is usually here:

Sponsored Content

What is “Inside Microsoft Teams”?

“Inside Microsoft Teams” is a webcast series, now in Season 4 for IT pros hosted by Microsoft Product Manager, Stephen Rose. Stephen & his guests comprised of customers, partners, and real-world experts share best practices of planning, deploying, adopting, managing, and securing Teams. You can watch any episode at your convenience, find resources, blogs, reviews of accessories certified for Teams, bonus clips, and information regarding upcoming live broadcasts. Our next episode, “Polaris Inc., and Microsoft Teams- Reinventing how we work and play” will be airing on Oct. 28th from 10-11am PST.

c:\program files\exchsrvr\mailroot\vsi 1\ucearchive

(replace C:’ with the drive letter of your Exchange installation, and replace VSI 1 with the folder name for your SMTP Virtual Server).

In the above screenshot you see that there are only 2 messages in the folder. This is only a test setup, so there aren’t many messages there. However in a production environment there will be hundreds, if not thousands of spam messages in the folder, and more will be flowing in daily. We need to be able to view and work with these messages. Otherwise I wouldn’t bother archiving them, now would I?

One thing you could do is to move this directory to a larger drive because spam really accumulates over time. Furthermore, if this server is your mail gateway for incoming messages, it might be wise to place this folder on a separate drive altogether.

To move the IMF archive folder’s location to a different hard disk follow these steps:

  1. Open Registry Editor.

Note: As always, before making changes to your registry you should always make sure you have a valid backup. In cases where you’re supposed to delete or modify keys or values from the registry it is possible to first export that key or value(s) to a .REG file before performing the changes.

  1. In Registry Editor, navigate to the following registry key:

Note: You might not find this key in place. If that is the case, create a new key under the Exchange key and call it ContentFilter.

  1. Within the ContentFilter key, create the following value (REG_SZ or String Value):


and enter the new ucearchive folder path, for example D:\ucearchive.

  1. Close Registry Editor, and restart the Simple Mail Transfer Protocol (SMTP) service.
  2. When new spam flows in, you’ll notice how it fills the new folder’s location.

If you’ve used any of the tools listed on the View Intelligent Message Filter Archive article, you’ll need to manually update the ucearchive folder’s location in these tools. Also, when looking at the archived items you will notice that they do not have an SCL rating. This is because Exchange IMF does not archive the SCL rating in the message header. In order to keep the SCL rating within the message you will need to read Archiving the SCL Rating in Intelligent Message Filter.

Further Reading

You might also want to read the following related articles:


IMF Archive Manager: Releases

Related Topics:


Don't have a login but want to join the conversation? Sign up for a Petri Account

Comments (0)

Leave a Reply

External Sharing and Guest User Access in Microsoft 365 and Teams

This eBook will dive into policy considerations you need to make when creating and managing guest user access to your Teams network, as well as the different layers of guest access and the common challenges that accompany a more complicated Microsoft 365 infrastructure.

You will learn:

  • Who should be allowed to be invited as a guest?
  • What type of guests should be able to access files in SharePoint and OneDrive?
  • How should guests be offboarded?
  • How should you determine who has access to sensitive information in your environment?

Sponsored by: