Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


Antigen 9.1 SP1 error TION: Smtp sink status 3, method returned 0x80004005.

Posted on 2009-07-02
Medium Priority
Last Modified: 2013-11-22
I keep getting frequent eventID 4008 from AntigenSMTPSink that all say:

TION: Smtp sink status 3, method returned 0x80004005.

I can't find any relevant info other than 1 person's suggestion to run antutil /disable then /enable... I've done that and I'm still getting these errors.  The spam filter/antivirus is working, but it certainly isn't working as well as it should.  I suspect these errors are at least partly why.

Also, the updates for some of the engines almost always timeout... the kaspersky ones in particular have problems and haven't successfully updated in so long all the update info is blank.  
Question by:cymrich
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4

Author Comment

ID: 24776175
the /disable and /enable command appears to have actually made things worse... as far as I can tell now the spam filter is not working at all and the only thing catching spam is the IMF.

any suggestions?
LVL 40

Expert Comment

ID: 24776527
Do you have latest Hotfix Rollup installed? are you getting any error or warning in event viewer?

Author Comment

ID: 24777896
my original post has the error I am receiving... I have SP1 installed and supposedly once you have that you receive updates through windows updates.  I've checked for updates there and there are none.  
Nothing ever in the clear!

This technical paper will help you implement VMware’s VM encryption as well as implement Veeam encryption which together will achieve the nothing ever in the clear goal. If a bad guy steals VMs, backups or traffic they get nothing.

LVL 40

Expert Comment

ID: 24778051
This will occur when Antigen is unable to access message objects in the SMTP Queue. This may indicate a temporary resource problem on the system.

Recycle the Antigen services
Stop all Antigen services > Wait for all services to completely shut down > Use Task Manager to make > sure that no Antigen processes are still running > Start all Antigen services.
Run Restart-Service MSExchangeTransport
Or if possible reboot the server.

If the issue persists then :
Provide Get-TransportAgent command result.
Also in server event log do you have any error or warning related to the transport service?
What is the Exchange rollup update you have on server?

Author Comment

ID: 24787465
The services were all shutdown and restarted a few times recently... although I have not done a full reboot yet.  

These commands you are mentioning look like Exchange 2007 commands... Unfortunately I am using Exchange 2003 SP2.  Unless I am mistaken Antigen is for 03 and before only, and Forefront would be used with 07.   Is there an equivalent to these command for 03?  I went ahead and tried them from a command prompt just in case and they are not recognized.  

Author Comment

ID: 24787529
forgot to add... the only transport errors I see in the event logs are NDRs and errors from IMF saying it can't filter a messge.... ID #s 3030 for the NDRs and 7515 for the IMF
LVL 40

Accepted Solution

Subsun earned 2000 total points
ID: 24787934
My Bad, I didn't ask you the version of exchange.
Do you have Netlogon service started on your server?
You may try rebooting the server, if it doesn't resolve try to rebuild the scan engine

For update engine issue try : http://support.microsoft.com/kb/905991/en-us

Author Comment

ID: 24799157
I think I might have figured this out.  It seems somehow it lost the license agreement information.  When I looked under product license it showed XXXXXXXXX for the agreement number and 10/4/11 as the expiration.  I knew that the expiration was wrong and it should have been 7/31/11.  After inputting the agreement number again and then doing the updates it appears to be in working order once again.  

The link you provided for the update time out was very helpful.  I had found something similar for forefront when I searched google about it, but when looking for an antigen key to edit instead of a forefront one, I forgot to keep in mind that it used to belong to Sybari.  It seemed at first that every time I upped the download timeout it would simply download slower... but then I finally just set it to 1 hour and I was able to update everything that had been timing out.  at at 10 minutes it made it to 60% or so, at 20 minutes it made it to 50% or so... our connection is not that slow or unstable so this strikes me as odd.

After looking at the event logs again I realize I didn't notice that the 4008 events had indeed stopped the night I ran the antutil /disable and /enable.  They had not stopped right when I did it but the last ones were roughly an hour later.  so that at least was successful, but I'm not sure how the license agreement information was lost.  

I'm going to keep an eye on this until next week before officially calling it fixed.
LVL 40

Expert Comment

ID: 24800131
Hmm.. Green light.... :-)

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are times when we need to generate a report on the inbox rules, where users have set up forwarding externally in their mailbox. In this article, I will be sharing a script I wrote to generate the report in CSV format.
Are you an Exchange administrator employed with an organization? And, have you encountered a corrupt Exchange database due to which you are not able to open its EDB file. This article will explain all the steps to repair corrupt Exchange database.
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question