Why does Exchange block GPG-encrypted messages?

Posted on 2009-04-06
Last Modified: 2013-11-30
I am trying to implement an encryption solution using GPG, but it seems our Exchange server is blocking every message that has been encrypted. Signed messages work fine, and receiving encrypted messages also works, but as soon as i try to send an encrypted message, i get a mail from "System administrator" (wouldn't that be me? ;)) telling me that the the message couldn't be delivered, and a pretty uninformative error-code: [0x80004005-00000000-00000000]. Googling it doesn't really turn up much. I have tried disabling our av/spam detection and smtp scanner in our sonicwall, but to no avail. We also have a trend-micro mail scanner running on the exchange server, which i've also tried disabling, and it doesn't help. I've also tried checking and fixing the exchange servers mailbox store integrity, no help either. Can anyone help?
Question by:markqvist
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
LVL 65

Expert Comment

ID: 24082816
I doubt if it is Exchange blocking the message. The AV would be my guess. Unfortunately disabling the AV is not enough, you need to remove it. When it is disabled its hooks remain in the system.
It could also be your firewall, if that scans SMTP traffic.
Exchange doesn't care what the message is, but something scanning the traffic would.


Author Comment

ID: 24088255
Thank you for the feedback. Unfortunately, totally removing the AV is not an option, since it is running on our production Exchange server, and it also wouldn't be very smart cost-wise, since we already paid for a license that runs a few years from now. Can you suggest alternative options? We are running Trend Micro as our antivirus.

Author Comment

ID: 24088274
To clarify, I didn't just disable the AV entirely. I went to the configuration console and disabled all scanning modules relevant for outgoing mail traffic.
Instantly Create Instructional Tutorials

Contextual Guidance at the moment of need helps your employees adopt to new software or processes instantly. Boost knowledge retention and employee engagement step-by-step with one easy solution.

LVL 65

Expert Comment

ID: 24088579
Due to the way that the AV integrates with Exchange, removing it is the only way to prove it is not the cause of the problem. Disabling it is not enough, because of the hooks in to the application.

You need to remove it, then reboot. If the problem goes away, try reinstalling it. If the problem returns then you have to go back to Trend and ask them why they are blocking the messages.
If they cannot assist, then you will have to find another product or use a different system to encrypt messages.


Author Comment

ID: 24088950
Thank you for your insight. I guess I will just have to try it out... We'll see if it works ;)

Accepted Solution

markqvist earned 0 total points
ID: 24418967
Turns out theres a bug in gnupg that prevents it from sending through exchange. I solved it by installing a local smtp server on the computers and sending through that :)

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
Phishing attempts can come in all forms, shapes and sizes. No matter how familiar you think you are with them, always remember to take extra precaution when opening an email with attachments or links.
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question