Cloudmark spam engine not update
-
Tuesday, September 04, 2012 12:35 PM
I have a server running Microsoft TMG 2010 with Exchange Edge Transport and Forefront 2010 installed.
The Cloudmark spam engine doesn't appear to be updating properly. I'm getting the following error logged in the event log and displayed through the Forefront 2010 admin console:
Level: Error
Event ID: 7048
Source: Microsoft Forefront Protection
Content Filter is enabled and the last definition update was over 12 hours ago.
All the other engines are updating and I believe the major Cloudmark definition retrieved from http://forefrontdl.microsoft.com/server/scanengineupdate is being checked/download successfully.
It appears it's only the micro updates, retrieve directly from Cloudmark, that are failing.
The machine has HTTP/HTTPS access to the internet.
Does anyone have any ideas?
Thanks,
Shoaib Nawaz
All Replies
-
Wednesday, September 05, 2012 3:16 AMcan any one reply?
-
Wednesday, September 05, 2012 6:45 AMModerator
Hi,
Thank you for the post.
Please ensure that proxy information has been entered, if required. The following URLs (and any subdomains under them) and the use of http and https must be allowed through the firewall:
•cdn-microupdates.cloudmark.com
•lvc.cloudmark.com
•tracks.cloudmark.com
•pki.cloudmark.com
Regards,
Nick Gu - MSFT
-
Thursday, September 06, 2012 9:10 PM
Thanks for the Reply. i already create a rule in TMG to allow above sites and disable HTTPS inspection. under engine options i enable proxy server which is localhost and port 8080. i am able to telnet all above sites but still i am receiving "Content Filter is enabled and the last definition update was over 12 hours ago."
My TMG rule is:
Protocols: All Outbound Traffic
From: Internal
To: URL Set (all above url)
Users: All users
Can anyone please let me known if i missed anything.
-
Monday, September 10, 2012 7:57 AM
surprise no one interested to help me :(
-
Wednesday, September 12, 2012 6:17 AMModerator
Hi,
Thank you for the update.
“I have a server running Microsoft TMG 2010 with Exchange Edge Transport and Forefront 2010 installed.”- I’d like to confirm if you have installed FPE 2010, Edge transport and TMG on the same server, if yes, the access rule for allow outbound traffic should be from: LOCALHOST.
Regards,
Nick Gu - MSFT
-
Thursday, September 13, 2012 5:10 AM
Dear Nick,
Thanks for the reply. Yes i have a Server Running MS TMG 2010 with Exchange Edge Transport and Forefront Protection for Exchange 2010. i changed my access rule from LOCALHOST.
Now here is my Rule:
Protocols: All Outbound Traffic
From: Internal, Localhost
To: URL Set (all above url)
Users: All usersbut i am still not able to receive Cloudmark Antispam Engine definition update.
Engine Summary Detail of Cloudmark Antispam Engine:
Engine Version: 3050.1.2.20
Defination Version: 7/09/2012 9:56AM
Last Update: 19/04/2012 10:06AM
Last check: 13/09/2012 3:00PMI also received an Error : Content Filter is enabled and the last definition update was over 12 hours ago. could you please help me to resolve the issue its really frustrating. -
Friday, September 14, 2012 7:59 AMwaiting for the reply..
-
Friday, September 14, 2012 8:18 AM
Hi,
can you access the following URLS in the browser on your TMG machine?
•cdn-microupdates.cloudmark.com
•lvc.cloudmark.com
•tracks.cloudmark.com
•pki.cloudmark.com
Greetings
Christian
Christian Groebner MVP Forefront
-
Friday, September 14, 2012 2:51 PM
Thanks for the reply:
Yes i am able to access above urls from my TMG machine. When i access cdn-microupdates.cloudmark.com, lvc.cloudmark.com and pki.cloudmark.com it redirect me into http://www.cloudmark.com/. but when i open tracks.cloudmark.com i received (This page is used to test the proper operation of the Apache HTTP server after it has been installed. If you can read this page, it means that the Apache HTTP server installed at this site is working properly.)
i am also able to telnet port 443 of above 3 urls expect tracks.cloudmark.com from TMG machine:
Thanks
Shoaib Nawaz -
Monday, September 17, 2012 7:40 AMstill waiting for the reply
-
Tuesday, September 18, 2012 2:49 PM????
-
Thursday, September 20, 2012 8:49 AM
Well this is really disappointing that experts in this forum are not interested to reply.
-
Friday, September 21, 2012 2:07 AMModerator
Hi,
Thank you for the update.
Please define the WinHTTP proxy as per this article: http://blogs.technet.com/b/isablog/archive/2009/11/28/using-windows-server-update-service-for-the-tmg-update-center.aspx. And make sure the proxy is not using NTLM authentication. Only basic authentication is supported with Cloudmark. If the issue still retains, we need analyze the programlog to see the detailed information. Besides that, please update FPE to the latest version: http://support.microsoft.com/kb/2619883.
Regards,
Nick Gu - MSFT
-
Thursday, September 27, 2012 3:51 PMThans Nick again for your reply. i follow your url but i think i am out of my luck. so i decide to disable proxy setting. after disable localhost proxy setting cloudmark engine start updating. thanks for your help.
.png)
