Last night, Exchange 2016 CU9 was applied to my Exchange 2016 server. After the update completed, all new incoming email was being sent to the VIPRE "unprocessed" folder. Review of the PIM logs found the following error which I believe is preventing the PIM from processing the incoming email.
Error 1656 12 2018-03-30T08:18:54 497683316753 Error occurred during Process - sending RETRY back to the shim. Error: System.IO.FileNotFoundException: Could not load file or assembly 'Microsoft.Exchange.Transport.Flighting, Version=22.214.171.124, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. The system cannot find the file specified. File name: 'Microsoft.Exchange.Transport.Flighting, Version=126.96.36.199, Culture=neutral, PublicKeyToken=31bf3856ad364e35' at Microsoft.Exchange.Data.Transport.Email.PureMimeMessage.DetectRightsProtectedMessage(String contentType) at Microsoft.Exchange.Data.Transport.Email.PureMimeMessage.DetectMessageType() at Microsoft.Exchange.Data.Transport.Email.PureMimeMessage.Synchronize() at Microsoft.Exchange.Data.Transport.Email.MimeTnefMessage.Synchronize() at Microsoft.Exchange.Data.Transport.Email.EmailMessage.Synchronize() at Microsoft.Exchange.Data.Transport.Email.EmailMessage..ctor(MessageImplementation message) at Microsoft.Exchange.Data.Transport.Email.EmailMessage.Clone(Stream source, Boolean skipHeaderBytesLimitCheck) at Ninja.Core.Messaging.NinjaMessage.LoadMessageFromStream(Stream data) at Ninja.Services.PluginManager.MessageManager.Process(WorkItemState workItemState) WRN: Assembly binding logging is turned OFF. To enable assembly bind failure logging, set the registry value [HKLM\Software\Microsoft\Fusion!EnableLog] (DWORD) to 1. Note: There is some performance penalty associated with assembly bind failure logging. To turn this feature off, remove the registry value [HKLM\Software\Microsoft\Fusion!EnableLog].
Just for some additional information, the SMART rules actually look at the file headers to determine what type of file the attachment is... so if you create a SMART rule to block executables, it will still block an attachment that has been renamed to something like "setup.txt", "setup.exe2", or "setup.zip". Since it looks at the file headers, it knows that the file is executable, even if the file extension indicates a text file.
Is there not a KB Article for both 2013 and 2016 yet for this issue, where is our documentation Vipre?
Just an FYI Exchange 2016 CU12 apparently breaks Impersonation portion of 10.3.0.17
Antispam will dump everything in your inboxes. According to Vipre Support team a Fix is supposed to be in the works.
@Shannon... thanks for the heads up on that one.. I am currently on the 10.3.0.17 build and have been having various issues with that version but I have not yet updated my server to CU12.
Just for shits and giggles, I tried rolling back from 10.3 to 10.2 ... same thing. The antispam and antivirus definitions update successfully but impersonation still doesn't work. If anybody is in need of SPAM I have tons of it! :(
I do have another site running Exchange 2010 SP3 still and applied Rollup 26 this weekend. That seems to be functioning properly with 10.2.0.2