After upgrading to F-Secure Email and Server Security 14.x, the stripped attachments are not quarantined - F-Secure Community
<main> <article class="userContent"> <h3 data-version="3" data-article="000019827" data-id="issue">Issue:</h3> <p>After upgrading to F-Secure Email and Server Security 14.x, I notice stripped attachments are not quarantined. The quarantine folder is empty and nothing to query. The Items can not be deleted from the quarantine folder as the action fails.</p> <h3 data-id="resolution">Resolution:</h3> <p>You would need to make sure that correct permissions are set locally on the target server.<br><br>The "Microsoft Exchange Transport" service runs under "NETWORK SERVICE". Therefore, "NETWORK SERVICE" should have read/execute rights to FQM.EXE and FqmAssembly.dll. These rights should be set during installation for the F-Secure folder "C:\Program Files (x86)\F-Secure".<br><br>1. Open F-Secure Email and Server Security console and navigate to Email Quarantine<br></p><ul><li>Click on option and Test database connection to verify if SQL server is accessible. If not, follow the next troubleshooting steps.</li></ul><div>2. Open SQL management studio and troubleshoot the following:</div> <ul><li>Ensure the instance is running</li><li>Mixed authentication mode is enabled</li><li>The DB is exist</li><li>FQM user have rights to write in DB (DB owner, DB creator security admin)</li></ul><div>3. Open Windows Explorer from target server and make sure that FQM service is be running under Local System account<br> </div><br><b>Proceed to check the permissions locally:</b> <ul><li>"Microsoft Exchange Transport" service and hence our Transport Agent are running under "NETWORK SERVICE"</li><li>"NETWORK SERVICE" should have read/execute rights on "...Anti-Virus For Microsoft Services/" folder</li><li> C:\ProgramData\F-Secure\EssTemp\" folder rights:</li><li> 'LocalSystem' - FULL</li><li> 'administrators' - FULL</li><li>"NETWORK SERVICE" - read/write/delete</li><li> C:\ProgramData\F-Secure\EssLimited\ folder rights:</li><li> 'LocalSystem' - FULL</li><li> 'administrators' - FULL</li><li> 'NETWORK SERVICE' - read/delete</li><li> Quarantine folder:</li><li> C:\ProgramData\F-Secure\EssQuarantine\ folder permissions:</li><li> 'LocalSystem' - FULL</li><li> 'administrators' - FULL</li><li>Check permissions for network share if centralized mode used: <ul><li>FQM account (SYSTEM by default) should have 'read'/'write'/'change' access rights to remote centralized quarantine (share & folder security tabs).</li><li>"Exchange Servers" or specific Exchange computers/hosts should have 'read'/'write'/'delete' access rights on "Security" and "share" pages</li></ul></li></ul><p>Article no: 000019827</p> </article> </main>