Microsoft Exchange Server 2016 Stopped Transporting Email on January 1st 2022
You notice that your Outlook Web Access shows your last received email is before midnight on New Years Eve December 31, 2021.
According to https://www.bleepingcomputer.com/news/microsoft/microsoft-exchange-year-2022-bug-in-fip-fs-breaks-email-delivery/, There is a bug in the FIP-FS engine that is blocking email delivery with on-premise servers starting at midnight . . . [and] . . . This is caused by Microsoft using a signed int32 variable to store the value of a date, which has a maximum value of 2,147,483,647 . . . However, dates in 2022 have a minimum value of 2,201,010,001, which is greater than the maximum value that can be stored in the signed int32 variable, causing the scanning engine to fail and not release mail for delivery.
Check your Exchange Server's Event Log for an error or errors similar to this “The FIP-FS Scan Process failed initialization. Error: 0x8004005. Error Details: Unspecified Error” or “Error Code: 0x80004005. Error Description: Can't convert “2201010001” to long.”
See also: https://www.alitajran.com/exchange-mail-flow-breaks
Here is a temporary fix until Microsoft issues Exchange updates addressing this problem. Either disable or bypass anti-malware scanning, and then restart the Exchange 2016 Transport Service, all using Exchange PowerShell.
See: https://docs.microsoft.com/en-us/exchange/disable-or-bypass-anti-malware-scanning-exchange-2013-help
I recommend to Bypass Filtering rather than disabling the anti-malware service.
Open Exchange Management Shell
Check Malware Agent [PS] C:\Windows\system32> Get-TransportAgent “Malware Agent”
Result should look like this:
Identity Enabled Priority
Malware Agent True 5
Check Malware Filtering Server
[PS] C:\Windows\system32>Get-MalwareFilteringServer | Format-List BypassFiltering
Result should look like this:
BypassFiltering : False
Now, Set BypassFiltering to True (which stops the malware service from filtering emails)[PS] C:\Windows\sy
[PS] C:\Windows\system32>Set-MalwareFilteringServer yourservername.domain.lan -BypassFiltering $true
While processing, the powershell should echo:
Creating a new session for implicit remoting of “Set-MalwareFilteringServer” command…
Now, check to see if BypassFiltering status has changed to True:
[PS] C:\Windows\system32>Get-MalwareFilteringServer | Format-List BypassFiltering
Your result should be:
BypassFiltering : True
Now, you need to restart the MSExchange Transport service See: http://www.tinkerist.com/?p=1752
[PS] C:\Windows\system32>Restart-Service MSExchangeTransport
You should see multiple occurrences of the following onscreen within PowerShell:
WARNING: Waiting for service 'Microsoft Exchange Transport (MSExchangeTransport)' to stop…
WARNING: Waiting for service 'Microsoft Exchange Transport (MSExchangeTransport)' to start…
Then it will return to the the powershell prompt:
[PS] C:\Windows\system32>
Open OWA in your user agent (web browser) and login to your email account. Your emails should begin to arrive!
See: https://docs.microsoft.com/en-us/exchange/disable-or-bypass-anti-malware-scanning-exchange-2013-help