Anti-spam updates fail after installing Security for Microsoft Exchange
Last Modified: 2024-02-19 14:20:28 Etc/GMT
Affected Products
Languages:
This article is available in the following languages:
Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.
As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."
Trellix announced the establishment of the Trellix Advanced Research Center to advance global threat intelligence.
Trellix Advanced Research Center analyzes threat data on ransomware, nation-states, sectors, vectors, LotL, MITRE ATT&CK techniques, and emails.
As of May 14, 2024, Knowledge Base (KB) articles will only be published and updated in our new Trellix Thrive Knowledge space.
Log in to the Thrive Portal using your OKTA credentials and start searching the new space. Legacy KB IDs are indexed and you will be able to find them easily just by typing the legacy KB ID.
Anti-spam updates fail after installing Security for Microsoft Exchange
Technical Articles ID:
KB60938
Last Modified: 2024-02-19 14:20:28 Etc/GMT Environment
Security for Microsoft Exchange 8.x Microsoft Windows server 2003, 2008, 2012 Microsoft Exchange 2003, 2007, 2010, 2013,2016 Problem 1In some environments, the Anti-spam updates fail after installing Security for Exchange 8.x or 7.6.
Problem 2With Security for Microsoft Exchange debugging enabled, errors similar to the following are recorded to the McCamelusRuleUpdater_7.log:
UpdaterThread.cpp,295,InitializeCamleusEngine - OUT UpdaterThread.cpp,139,DoContinuousUpdate - Begin UpdaterThread.cpp,149,Ascii str : C:\Programme\McAfee\GroupShield for Exchange\bin\Antispam\Rules UpdaterThread.cpp,151,Channel Ascii str : scm UpdaterThread.cpp,153,Server Address Ascii str : http://su3.mcafee.com/su3 UpdaterThread.cpp,158,MBCS s : C:\Programme\McAfee\GroupShield for Exchange\bin\Antispam\Rules, MBCS S : UpdaterThread.cpp,168,>>> nResult : -2147147438, szFile : (null), nLine : 0, szFunc : (null) UpdaterThread.cpp,169,>>> nResult : 0x80052152 UpdaterThread.cpp,171,>>> m_mase_updater_initialise_func returned : -2147147438 UpdaterThread.cpp,179,DoContinuousUpdate Initialize Success UpdaterThread.cpp,68,>>> Waiting for server UpdaterThread.cpp,197,DoContinuousUpdate start server Success UpdaterThread.cpp,312,StartUpdaterThread End UpdaterThread.cpp,72,>>> Downloading rules from server CamelusRuleUpdater.cpp,386,dwOpcode : 4 CamelusRuleUpdater.cpp,437,CCamelusRuleUpdater::OnInterrogate() UpdaterThread.cpp,89,******** Error while update with Error code : -2147146945 Problem 3Firewall logs show our web server sending the following header tags in the HTTP response:
X-SU3 The first three tags listed above are seen to contain data; however, the X-SU3-Status tag is empty. The firewall allows the first three HTTP packets through, but strips the fourth (empty) tag. The Anti-spam update requires these responses to complete the update. CauseThis issue is caused by two factors:
SolutionAfter verifying that one of the factors above is responsible, refer to your firewall documentation to configure the firewall to not block the X-SU3 packets.
Affected ProductsLanguages:This article is available in the following languages: |
|