Microsoft Scan engine failing to update

Just as a heads up. We are seeing cases where the Microsoft scan engine is failing to update in Forefront Protection for Exchange with the following errors. 6019 GetEngineFiles An error occurred while testing the scan engine. 6012 GetEngineFiles An error occurred while loading the scan engine. Scan Engine: Microsoft. Error Code: 0x80004005. This only…


FOPE–Configuration and SPF checking

  We are in the process of adding this information to our setup documents. -When implementing FOPE or O365/Live@EDU and you have mail coming to your on premise servers, you need to turn off any SPF checking at your mail server/firewall. The connecting server will always be one of the Forefront Online servers and any…


Hello Fope!

My first FOPE centered blog. One common issue with FOPE (this also happens in FSS/Antigen) is the 0 day Virus’s that pretend to be a legitimate mail from other senders. These tend to be small emails asking you to open the file in a zip attached to the email. The file will look like a…


FSSMC/FPFMC Error 500 when launching

If you have issues logging into any of the Forefront Management Consoles with an Error 500 you most likely changed the service account password. To verify this is due to a password issue you can check the event logs for Event ID 10004, Distributed COM DCOM got error “1326” and was unable to logon <account…


FPE issue where all spam is missed

The most common reason we do not filter spam in FPE is that we honor the ms-exch-bypass-anti-spam permission on connectors. The most common scenario is that the bypass is enabled for anonymous connections. This is simple to fix with some PowerShell commands to remove the permissions from the connectors. In exchange PowerShell. Get-ReceiveConnector Take the…


Resolved – Engine update issue seen on multiple servers 09/22

Updates to this issue will be posted to  Last night we pushed out an update that resolves this issue. Updating your engines should resolve this issue and you can go back to your previous configuration.


Antigen 9.x Update issue.

During our testing we have discovered that there is a potential to download the Cloudmark engine update even when there is not an update. This is being looked at but for now it is recommended that you set Cloudmark to update only every 24 hours to avoid lowering your detection rate as the microupdate folder…


Cloudmark and Antigen 9.x issues on the weekend of 06/25/11

*Updated to include default folder path for Cloudmark* If you are having issues with timeouts after updating your Cloudmark engine between Friday and Saturday afternoon this post should help you out.   On Friday night we released a Cloudmark engine that had an issue being validated by scan engine test. This results in a rollback…


Keep an eye out for Kaspersky Not updating

We have been seeing some Antigen 9.x servers up past rollup-3 that are still not updating to Kaspersky 8. As of last week, customers still running Kaspersky5 started getting errors during attempted updates. This is normally due to one or more files being missing in the following directories.   %databasepath%\Engines\ %databasepath\Engines\Metadata\   Database path is…


Strange Configurations and how they impact your servers.

We have had a few strange detection issues last week due to some non-standard configurations. 1. Spam filtering not working for User X This one was due to a setting in content filtering. There is a setting called AntispamBypassEnabled  for each user. In forefront the agent log will show a content bypass enabled, skipping for…