Email and server security 10.0 huge problems

Hi all!

 

Yesterday i installed latest Email and Server security 10.00. it was working allright for one day. Now suddenly spam mails cannot quarantine by F-secure. My mailbox is filling with warnings. Database connection is ok and i'm using SQL server 2008 R2 express on same server as Exchange 2010 SP3. I understand that spam messages are deleted when there's no connection to database servers, so we are ok at the moment, and i have set Spam confidence level to only 8 or more => quarantine.

 

Here's sample warning mail:

 

Befor tried just reboot:

 

Date: 2013-07-18  18:25:32+03:00
Host: *************
Computer name: ****
User account: SYSTEM
Product: F-Secure Content Scanner Server (OID: 1.3.6.1.4.1.2213.18)
Severity: error (3)
Message: Scanning '*548403280*.tmp' by Threat Detection Engine was unsuccessful. Failed to classify the message. Error type=3, error code=204, description=CFCHttpClient::ReadResponse() - Request timeout.

 

And after reboot:

 

Date: 2013-07-18  19:43:31+03:00
Host: ***************
Computer name: ****
User account: SYSTEM
Product: F-Secure Anti-Virus for Microsoft Exchange (OID: 1.3.6.1.4.1.2213.20)
Severity: warning (2)
Message: Cannot quarantine message. Details:
 Source: **********
 Destination: **************
 Subject: **************
 Reason: 

 

 

Any advice were to start?

 

 

I'm opening a ticket, but i have to call f-secure. Ticket submit form just ends with error.

 

EDIT:

 

now this:

 

Date: 2013-07-18  19:56:45+03:00
Host: **********
Computer name: ****
User account: SYSTEM
Product: F-Secure Anti-Virus for Microsoft Exchange (OID: 1.3.6.1.4.1.2213.20)
Severity: error (3)
Message: The F-Secure Anti-Virus for Microsoft Exchange Real-Time Scanner cannot connect to any of the servers specified in Server Pool. 

 

Server pool? Where is it specified??

 

 

Accepted Answer

Comments

  • Sounds like you are having network errors

     

    This message:

    Message: Scanning '*548403280*.tmp' by Threat Detection Engine was unsuccessful. Failed to classify the message. Error type=3, error code=204, description=CFCHttpClient::ReadResponse() - Request timeout.

     

    means that your FSESS, cannot connect to Real-time protection network of F-secure (cloud) to check the message.

     

    This message:

    Date: 2013-07-18  19:56:45+03:00
    Host: **********
    Computer name: ****
    User account: SYSTEM
    Product: F-Secure Anti-Virus for Microsoft Exchange (OID: 1.3.6.1.4.1.2213.20)
    Severity: error (3)
    Message: The F-Secure Anti-Virus for Microsoft Exchange Real-Time Scanner cannot connect to any of the servers specified in Server Pool.

     

    Means that your scanning agent is not able to connect to your Content scanner server to send the e-mail for analysis.

     

    And here:

     

    Date: 2013-07-18  19:43:31+03:00
    Host: ***************
    Computer name: ****
    User account: SYSTEM
    Product: F-Secure Anti-Virus for Microsoft Exchange (OID: 1.3.6.1.4.1.2213.20)
    Severity: warning (2)
    Message: Cannot quarantine message. Details:
     Source: **********
     Destination: **************
     Subject: **************
     Reason:

     

    Probably the agent is not able to access the 'shared'/network folder that is used for quarantining messages. (see should have declared such a directory when run your installation wizard). Check if you can access it from your MSE node that is receiving and relaying the messages.

     

    Check if f-secure services are running in your nodes, and then check your network.

    (while opening the ticket with F-Secure)

     

    Good luck

    Costas

     

     

     

  • Vallu
    Vallu Posts: 3

    Just checked our firewall logs and it seems ok. Our server is constatly connection to http://193.66.251.202/SpamResolverNG/SpamResolverNG.dll?DoNewRequest and it's ok. 

     

    No connections are dropped from our server, so networks is ok.

     

    Now waiting for f-secure to solve this.

  • etomcat
    etomcat Posts: 1,319 Superuser
    Dear Sirs,
     
    Is FSAV ESS 10.00 already compatible with Exchange 2007 SP3 Update Roll-up 11 on Windows 2008 R2?
     
    Please give an official reply ASAP!
     
    Thanks in advance, Sincerely: Tamas Feher, 2F 2000, Hungary.
  • PBHS
    PBHS Posts: 3

    Thanks I have the same problem doing the steps helped, now all spam is getting added to the quarantine database

This discussion has been closed.