mbit128 Posted December 9, 2016 Report Share Posted December 9, 2016 Hello everyone, I am using Immunet 5.03.10301 on a Windows 2008 R2 server running Exchange 2010. I ran fine on Immunet 2 for over a year, then upgraded to 5.0.2.10301. In response to searching I did for a related problem with not being able to quarantine files (see my post dated yesterday in the Malware Detections section), I uninstalled Immunet, selecting No on preserving settings and data per posts from people with similar scanning issues. I reinstalled it using the standard settings. Today, people started having issues with their email. The problem seemed to be missing email transaction logs on the server, which was traced to Immunet's quarantine. Attempting to restore the files failed with the following message: Message from webpage: File Could Not Be Restored. Check to see if Agent is online. Please Contact support@immunet.com. Agent is online. Scouring the forums again, I ended up restarting the server. Email function is restored, but I'm concerned about Immunet trying to delete the logs again. This leads me to two questions: First, how can I set Immunet to ignore the log file locations? Second, should Immunet even be used with Microsoft Exchange? Any advice that could be given would be greatly appreciated. Thanks in advance,Michael Link to comment Share on other sites More sharing options...
ritchie58 Posted December 15, 2016 Report Share Posted December 15, 2016 Hi Michael, please go to the Malware Detection section where you also posted regarding issues with your server. Link to comment Share on other sites More sharing options...
Rob.T Posted January 17, 2017 Report Share Posted January 17, 2017 I've o reproduced the behavior described above. It looks like by default Exchange echos email attachments sent through it into log files, which immunet then unpacks, scans and attempts to quarantine if any of the attachments are malicious. I think Exchange does this specifically so email attachments can be scanned by 3rd party av products, but these log files are not meant to be quarantined directly, only scanned. Quarantining results in breaking the integrity of your Exchange users mailboxes.tldr: Immunet doesn't support scanning Exchange attachments. You can still use Immunet as AV on the machine as long as you add exclusions to ensure immunet doesn't scan Exchange:C:\Program Files\Microsoft\Exchange Server\C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.