Solved

Why does Exchange block GPG-encrypted messages?

Posted on 2009-04-06
6
821 Views
Last Modified: 2013-11-30
I am trying to implement an encryption solution using GPG, but it seems our Exchange server is blocking every message that has been encrypted. Signed messages work fine, and receiving encrypted messages also works, but as soon as i try to send an encrypted message, i get a mail from "System administrator" (wouldn't that be me? ;)) telling me that the the message couldn't be delivered, and a pretty uninformative error-code: [0x80004005-00000000-00000000]. Googling it doesn't really turn up much. I have tried disabling our av/spam detection and smtp scanner in our sonicwall, but to no avail. We also have a trend-micro mail scanner running on the exchange server, which i've also tried disabling, and it doesn't help. I've also tried checking and fixing the exchange servers mailbox store integrity, no help either. Can anyone help?
0
Comment
Question by:markqvist
  • 4
  • 2
6 Comments
 
LVL 65

Expert Comment

by:Mestha
ID: 24082816
I doubt if it is Exchange blocking the message. The AV would be my guess. Unfortunately disabling the AV is not enough, you need to remove it. When it is disabled its hooks remain in the system.
It could also be your firewall, if that scans SMTP traffic.
Exchange doesn't care what the message is, but something scanning the traffic would.

Simon.
0
 

Author Comment

by:markqvist
ID: 24088255
Thank you for the feedback. Unfortunately, totally removing the AV is not an option, since it is running on our production Exchange server, and it also wouldn't be very smart cost-wise, since we already paid for a license that runs a few years from now. Can you suggest alternative options? We are running Trend Micro as our antivirus.
0
 

Author Comment

by:markqvist
ID: 24088274
To clarify, I didn't just disable the AV entirely. I went to the configuration console and disabled all scanning modules relevant for outgoing mail traffic.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 65

Expert Comment

by:Mestha
ID: 24088579
Due to the way that the AV integrates with Exchange, removing it is the only way to prove it is not the cause of the problem. Disabling it is not enough, because of the hooks in to the application.

You need to remove it, then reboot. If the problem goes away, try reinstalling it. If the problem returns then you have to go back to Trend and ask them why they are blocking the messages.
If they cannot assist, then you will have to find another product or use a different system to encrypt messages.

Simon.
0
 

Author Comment

by:markqvist
ID: 24088950
Thank you for your insight. I guess I will just have to try it out... We'll see if it works ;)
0
 

Accepted Solution

by:
markqvist earned 0 total points
ID: 24418967
Turns out theres a bug in gnupg that prevents it from sending through exchange. I solved it by installing a local smtp server on the computers and sending through that :)
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are many Password Managers (PM) out there to choose from. PM's can help with your password habits and routines, but they should not be a crutch you rely on too heavily. I also have an article for company/enterprise PM's.
How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

790 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question