Exchange - Reset Scan Engine Version
Summary
This document resolves the stuck email issue in Microsoft Exchange based on the following article: Email Stuck in Exchange On-Premises Transport Queues.
Sample Run
Dependencies
Variables
| Name | Description |
|---|---|
| ExchangeEmailCheck | This contains data of the scan engine version and installs the latest safest version to avoid the vulnerability. |
Script States
| Name | Example | Description |
|---|---|---|
| ExchangeEmailCheck_OnPrem | The server impacted | This informs whether a vulnerability was found and if it has been fixed. |
Process
This script will run PowerShell to perform the following steps:
Verify the impacted version is installed
Run Get-EngineUpdateInformation and check the UpdateVersion information. If it starts with "22...", then proceed. If the installed version starts with "21...", you do not need to take action.
Remove existing engine and metadata
- Stop the Microsoft Filtering Management service. When prompted to also stop the Microsoft Exchange Transport service, click Yes.
- Use Task Manager to ensure that
updateservice.exeis not running. - Delete the following folder:
%ProgramFiles%/Microsoft/Exchange Server/V15/FIP-FS/Data/Engines/amd64/Microsoft. - Remove all files from the following folder:
%ProgramFiles%/Microsoft/Exchange Server/V15/FIP-FS/Data/Engines/metadata.
Update to latest engine
- Start the Microsoft Filtering Management service and the Microsoft Exchange Transport service.
- Open the Exchange Management Shell, navigate to the Scripts folder (
%ProgramFiles%/Microsoft/Exchange Server/V15/Scripts), and run *Update-MalwareFilteringServer.ps1 <server FQDN>.
Verify engine update info
- In the Exchange Management Shell, run Add-PSSnapin Microsoft.Forefront.Filtering.Management.Powershell.
- Run Get-EngineUpdateInformation and verify the
UpdateVersioninformation is 2112330001 (or higher).
Output
- Script log
- Dataview