Install Config Wiki

All about installing, configuring and troubleshooting

User Tools

Site Tools


microsoft_exchange_server_2016_stopped_transporting_email_january_1st_2022

Microsoft Exchange Server 2016 Stopped Transporting Email on January 1st 2022

You notice that your Outlook Web Access shows your last received email is before midnight on New Years Eve December 31, 2021.

According to https://www.bleepingcomputer.com/news/microsoft/microsoft-exchange-year-2022-bug-in-fip-fs-breaks-email-delivery/, There is a bug in the FIP-FS engine that is blocking email delivery with on-premise servers starting at midnight . . . [and] . . . This is caused by Microsoft using a signed int32 variable to store the value of a date, which has a maximum value of 2,147,483,647 . . . However, dates in 2022 have a minimum value of 2,201,010,001, which is greater than the maximum value that can be stored in the signed int32 variable, causing the scanning engine to fail and not release mail for delivery.

Check your Exchange Server's Event Log for an error or errors similar to this “The FIP-FS Scan Process failed initialization. Error: 0x8004005. Error Details: Unspecified Error” or “Error Code: 0x80004005. Error Description: Can't convert “2201010001” to long.”

See also: https://www.alitajran.com/exchange-mail-flow-breaks

Here is a temporary fix until Microsoft issues Exchange updates addressing this problem. Either disable or bypass anti-malware scanning, and then restart the Exchange 2016 Transport Service, all using Exchange PowerShell.

See: https://docs.microsoft.com/en-us/exchange/disable-or-bypass-anti-malware-scanning-exchange-2013-help

I recommend to Bypass Filtering rather than disabling the anti-malware service.

See: https://docs.microsoft.com/en-us/exchange/antispam-and-antimalware/antimalware-protection/antimalware-procedures?view=exchserver-2019

Open Exchange Management Shell

Check Malware Agent [PS] C:\Windows\system32> Get-TransportAgent “Malware Agent”

Result should look like this:

Identity Enabled Priority

Malware Agent True 5

Check Malware Filtering Server

[PS] C:\Windows\system32>Get-MalwareFilteringServer | Format-List BypassFiltering

Result should look like this:

BypassFiltering : False

Now, Set BypassFiltering to True (which stops the malware service from filtering emails)[PS] C:\Windows\sy

[PS] C:\Windows\system32>Set-MalwareFilteringServer yourservername.domain.lan -BypassFiltering $true

While processing, the powershell should echo:

Creating a new session for implicit remoting of “Set-MalwareFilteringServer” command…

Now, check to see if BypassFiltering status has changed to True:

[PS] C:\Windows\system32>Get-MalwareFilteringServer | Format-List BypassFiltering

Your result should be:

BypassFiltering : True

Now, you need to restart the MSExchange Transport service See: http://www.tinkerist.com/?p=1752

[PS] C:\Windows\system32>Restart-Service MSExchangeTransport

You should see multiple occurrences of the following onscreen within PowerShell:

WARNING: Waiting for service 'Microsoft Exchange Transport (MSExchangeTransport)' to stop…

WARNING: Waiting for service 'Microsoft Exchange Transport (MSExchangeTransport)' to start…

Then it will return to the the powershell prompt:

[PS] C:\Windows\system32>

Open OWA in your user agent (web browser) and login to your email account. Your emails should begin to arrive!

See: https://docs.microsoft.com/en-us/exchange/disable-or-bypass-anti-malware-scanning-exchange-2013-help

See: https://docs.microsoft.com/en-us/exchange/antispam-and-antimalware/antimalware-protection/antimalware-procedures?view=exchserver-2019

microsoft_exchange_server_2016_stopped_transporting_email_january_1st_2022.txt · Last modified: 2022/01/03 18:18 by wikiadmin