Sign in
 
HomeProductsLibraryLearnDownloadsSupportForums
Microsoft Forefront TechCenter >
Fresh installation of Forefront Protection for Exchange holding e-mail

Answered Fresh installation of Forefront Protection for Exchange holding e-mail

  • Friday, March 30, 2012 7:30 AM
     
     
    Sign In to Vote
    0

    Hello all,

    I have a fresh installation of Exchange 2010 SP2 RU1.

    On top of that I installed the FPE 2010 Rollup 4 on the machine which holds the CAS/HUB roles.

    As soon as I install the product, the mail flow stops. And all the mail stays in the Submission queue.

    The server generates a tracking log every few seconds for each mail remaining in the submission queue with an event name of "DEFER".

    What might the problem be?


    • Edited by Barack D Friday, March 30, 2012 2:36 PM no updates could be done
    •  
     

All Replies

  • Friday, March 30, 2012 8:20 AM
     
     
    Sign In to Vote
    0

    Hi,

    have you checked that all services of Exchange and FPE are running? Maybe a reboot could fix the problem?

    Greetings

    Christian

    Christian Groebner MVP Forefront

     
  • Friday, March 30, 2012 2:45 PM
     
     
    Sign In to Vote
    0

    Christian, all the services are running. Reboots did not help.

    I just edited my first post. The point is I couldn't update any engines on the FPE. The server itself is not connected to the internet so I followed the manual update article. I ran the powershell script and downloaded everything both x6, and x64. Also it created a metadata folder.

    Then I,

    - shared the folder with read permissions to everyone (any user now can reach to the folder) (tried both on a remote server and on Hub/Cas server)

    - Enabled UNC in the FPE console

    - Edited each engine to update from the UNC path as \\servername\sharedfolder. Under this folder I have 3 subfolders x64,amd64 and metadata. Under those I have folders with engine names. Total of everything is 1.63 GB. (tried only microsoft, only wormlist and many combinations)

    - Now I disabled the fsc integration so that mail flow continue

    Now the tiny question is, does FPE operate without any engine definitions installed, in terms of standart mail delivery?

    Confusing question is, why does not FPE get the updates from the file share?

    Real question is why are the mails holded in the submission queue?

     
  • Friday, March 30, 2012 6:36 PM
     
     
    Sign In to Vote
    0

    Hi,

    the answer is simple because there is a setting called BIAS, with which you define the minimum number of engines an email has to be scanned before it is forwared. When there is no engine available, because the engines and signatures can't be downloaded after the installation, FPE can't process the emails which are in the queue.

    You should make sure that the server can access the internet for the engine updates. If you intend to use the antispam functionality of FPE it is mandadory that the server can access the internet.

    To find out why the manual engine update is failing check the eventlog. There should be something in it that gives you more information about it.

    Greetings

    Christian

    Christian Groebner MVP Forefront

     
  • Saturday, March 31, 2012 5:24 PM
     
     Answered
    Sign In to Vote
    0

    Hi,

    Christian thanks for all the help. The problem was the permissions on the c:\windows\temp folder. I added network service with full control permissions and the problem is fixed.

    The point is I did that before, however those permissions go away randomly. They are not perminent, and I don't get it. I thought it's about the GPO but I tried "gpupdate /force" and it doesn't alter the permissions of the temp folder. I need another topic for that problem I guess :)

    Thanks again!

    • Marked As Answer by Barack D Saturday, March 31, 2012 5:24 PM
    •