To make sure is not McAfee related, please go to the vse 8.8 product guide and follow under troubleshooting section how to disable component to troubleshoot an issue. It is not enough only disabling components as in the section I am pointing there are a couple of drivers and one of them is network driver.
Please, let me know the result of the test.
here's what I had done before i posted here:
- Mail was stuck in the Queue folder
- Went into Access Protection and uncheck the mark under "Block" for "Prevent mass mailing etc...". Clicked Apply and OK.
- Did not reboot server. Stopped IIS6 and restarted it.
- It seemed like it attempted to re-send those emails because the timestamp changed on those files
- Repeat the process with SMTP in Services, same results
- Went back to Access Protection, right-clicked and selected Disable.
- Went back to IIS6 and did the same thing I did above without any luck.
After posting here, I went back to the server and did the following:
- Went into Access Protection and disabled it.
- Rebooted the server completely (of course, mail was sent then)
- Sent a test email and sent right away (mail did not get stuck in Queue)
- Went to Access Protection again and re-enabled it.
- Went into Standard Anti-Virus and unchecked the box for "Block" next to "Prevent mass mailing...etc".
- Rebooted the server completely and sent a test email
- Email sent right away, without being stuck
So for me, semeed like I had to reboot for the policies to take effect. The question now is this. Is it a bad idea to leave "Prevent mass mailings, etc.." unblocked? This is not a Mail Server, just running a couple of website. Access Protection is enabled. If I should leave "Block", I know I can add exclude a service, but I don't know which one.
In the Log, all entries are related ti WinLogin and Win Updates...nothing about mail.
8/22/2014 2:01:22 AM Blocked by Access Protection rule NT AUTHORITY\SYSTEM C:\Windows\servicing\TrustedInstaller.exe C:\Windows\SoftwareDistribution\Download\200dda5405b35d1db3ff8cec01ff6376\inst\ amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235 a9\smss.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Create
8/22/2014 2:01:24 AM Blocked by Access Protection rule NT AUTHORITY\SYSTEM C:\Windows\servicing\TrustedInstaller.exe C:\Windows\SoftwareDistribution\Download\200dda5405b35d1db3ff8cec01ff6376\inst\ amd64_microsoft-windows-smss_31bf3856ad364e35_7.1.7601.18113_none_fbd00b07bab8de 78\smss.exe Anti-virus Standard Protection:Prevent Windows Process spoofing Action blocked : Create
Since this is an IIS6 server, I would consider the exclusions listed here:
VirusScan Enterprise / SaaS Endpoint Protection exclusions for Exchange Server when running Security for Exchange / GroupShield for Exchange
The exclusions listed are recommended and may help with many problems you may encounter.
Also, look here for a list of additional exclusions that may be involved
Technical Articles ID: KB65718
I hope this is helpful.
before considering the exclusion you recommended, I decided to perform more tests. Because I had realized that later during the day yesterday, SMTP had stopped working, even though that "prevent mass mailing..." was disabled. Once again, I disabled Access Protection and rebooted the server and started working again. I re-enabled Access Protection leaving "Prevent mass mailing..." disabled and rebooted the server again, emails were flowing no problems. I even tested 30 minutes after the server had booted and emails were working again.
So I started thinking of a services that was starting really later. I can't imagine a service with Delayed Starting with start more than 30 minutes after booting. So it had to be a manual start up of some sort.
I then realized that a VPN is running on this server. I'm using SonicWall Net Extender to connect to a client's server in order to access some files on their server (I'm running some VB Scripts and Robocopy to copy files from their server to this production one). It donned on me that after all my testing yesterday, I had to connect the VPN in order for my scripts to work during a business day for my client. That when mail stopped sending and being stucked in Queue.
So this morning, when I rebooted, the VPN doesn't connect automatically, so all was working. As soon as I connected the VPN, mail stopped sending. They were stucked in Queue. I disconnected the VPN and mail was cleared from Queue.
So that's what it is.The VPN. I rebooted the server with Access Protection enabled and also Prevent mass mailing enabled, without adding any additional exclusions, and without connecting the VPN, and voila! it works.
So McAfee isn't the issue obviously, so I need to figure out a way around it.