Strange Email behavior after removing Trend Micro Messaging Security

I recently upgraded my Exchange server OS, running Exchange Server 2003, from Server 2000 to Server 2003.  Also on this server is Trend Micro's SMB Messaging Security suite which included Scanmail 7.0 for Exchange.  After upgrading the OS, it seems the Trend program made some changes to the way it integrates with Exchange and Outlook as messages to many users started getting dumped in the Spam Folder under their mailboxes.  These messages were all legitimate.  Since it was confusing the users and I needed a quick fix, I removed the Scanmail program to prevent items from getting placed in the Spam Folder.  I don't know that I even need that program as we filter our incoming email through ExchangeDefender to weed out spam before it even hits our Exchange server.  That is not the weird issue, however.  Beginning today, one user is now unable to receive emails in her Outlook client sent from an internal scanner, yet the message gets delivered to her Blackberry.  We also have a BES onsite.  Before removing the Scanmail program, she would get these messages in both places.  I sent a scan from that machine to myself and compared the header to one of the scans she had received prior to this occurrence.  The only difference is the following two lines, which seem to reference the scanmail program:
X-TM-AS-Product-Ver: SMEX-7.2.0.1122-3.6.1039-15026.001
X-TM-AS-Result: No--7.892700-5.000000-31

What is going on here?  The Exchange System Manager says that all scans are being delivered to her Mailbox store, they're going to her Blackberry, yet she doesn't get them in her Outlook client anywhere.  Is there some hidden folder in the Trend directory or Exchange that I'm not seeing?
fabiounessAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
fabiounessConnect With a Mentor Author Commented:
Oh wow...I got the problem fixed and it has nothing to do with Trend at all.  The date and time on the scanner was way off and by resyncing it with the servers, it now successfully delivers the message to the user's Outlook client.  I don't know how the time got off, whether it was always off prior to this problem developing this past weekend, related to any of the recent updates to the Exchange server, or whatever, but it works now.  So sorry to waste everyone's time troubleshooting this, but thank you for the assistance!  I don't know what to do with the points, as none of the responses was a solution, but I'd like to grant them anyway.
0
 
peakpeakCommented:
What about OWA, are the messages there?
0
 
fabiounessAuthor Commented:
Not there either.
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
peakpeakCommented:
SMEX is the scanmail program. You said you had removed that but obviously there seem to be some residue of SMEX left behind.
0
 
peakpeakCommented:
Also do a search for the message that are missing. Might end up in another folder. Check all rules too.
0
 
fabiounessAuthor Commented:
That line referring to SMEX was not present in the latest message that isn't showing up in the user's mailbox...that was just to show that those lines are the only difference in the header information between the last message that showed up in the mailbox and the one that doesn't show.  We've searched her entire mailbox from within Outlook and found nothing, but is there a way to get the Exchange server to detail which folder it dumped the message into?  System Manager only shows that the message was delivered to the mailbox store.  Could this instead be a case of something with the Blackberry server filtering messages from this scanner?  The filters set on the server refer only to CC and TO rules.
0
 
peakpeakCommented:
0
 
fabiounessAuthor Commented:
Message tracking was already on and I can see the "missing" message in the tracking center.  The thing I need is for the system to tell me exactly which folder in the user's mailbox store it got delivered to.  Is that possible?
0
 
peakpeakCommented:
What you see is what you get. Can you send a message and paste the output here?
0
 
fabiounessAuthor Commented:
This is a scan sent from the machine that the user can no longer get in her mailbox.  I sent it to my own account at the same time.

Microsoft Mail Internet Headers Version 2.0
Received: from RNPC8143C ([192.168.101.57]) by fltexch.xxyyzz.com with Microsoft SMTPSVC(6.0.3790.3959);
       Tue, 5 Jan 2010 14:52:05 -0500
From: LD016-Warranty@xxyyzz.com
Subject:
To: "XX" <xx@xxyyzz.com>, "YY"
       <YY@xxyyzz.com>
Date: Wed, 6 Jan 2010 03:56:00 -0500
Message-Id: <20100106035600HQ.DCSML-S000960000.000074C8143C@192.168.101.57>
MIME-Version: 1.0
Content-Type: multipart/mixed;
      boundary="DC_BOUND_PRE_<1262768160.000074c8143c>"
Return-Path: LD016-Warranty@xxyyzz.com
X-OriginalArrivalTime: 05 Jan 2010 19:52:05.0259 (UTC) FILETIME=[8E7565B0:01CA8E40]

--DC_BOUND_PRE_<1262768160.000074c8143c>
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

--DC_BOUND_PRE_<1262768160.000074c8143c>
Content-Type: application/pdf; name="20100106035600487.pdf"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
      filename="20100106035600487.pdf"


--DC_BOUND_PRE_<1262768160.000074c8143c>--
0
 
peakpeakCommented:
Sorry, I meant from the Message Tracking for the particular message
0
 
fabiounessAuthor Commented:
Attached is a screen shot.
Tracking.doc
0
 
peakpeakCommented:
Ok, good. A successfully delivered message on your system, does that differ from this trace?
0
 
fabiounessAuthor Commented:
Shows the same.  That was a successfully delivered message, only it came to Outlook for the one user and only to the Blackberry of the other.  I am going to turn off her Blackberry account and see what happens.
0
 
peakpeakCommented:
Good idea. Is there any tracing options on the BES?
0
 
peakpeakCommented:
There's something positive with going through your system in all aspects: You learn a lot you didn't know before and become better prepared for next problem (there will be one :). Glad it's solved !
0
All Courses

From novice to tech pro — start learning today.