Beginning 2022, Microsoft gifted all on-premises customers with something special: The mail queue of on-premises Exchange 2016 & 2019 servers stopped being processed.
The Eventlog shows errors like this:
- Event ID 5300
The FIP-FS „Microsoft“ Scan Engine failed to load. PID: 21744, Error Code: 0x80004005. Error Description: Can’t convert „2201010006“ to long. - Event ID 1106
The FIP-FS Scan Process failed initialization. Error: 0x80004005. Error Details: Unspecified error
Unspecified error is cool, because it gives you no hint what goes really wrong. No matter if it is a late “new-year-bug” or (like many people think) Microsoft’s try to force all customers to Exchange Online, find the solution here. You need to disable / reset the scan engine:
Solution 1: Manual fix
Step 1: Disable the Anti-Malware Scan
Microsoft has a default script for that in each Exchange installation:
& $env:ExchangeInstallPath\Scripts\Disable-Antimalwarescanning.ps1
Code language: PowerShell (powershell)Step 2: Set Antimalware to BYPASS for each of your servers
Set-MalwareFilteringServer <strong><YOURSERVERNAME></strong> -BypassFiltering $true
Code language: PowerShell (powershell)Step 3: Restart the Transport Service
Restart-Service MSExchangeTransport -Force
Code language: PowerShell (powershell)Step 4: Monitor the Queue shrink
Get-Queue
Code language: PowerShell (powershell)You can also use the queue viewer inside mmc. That also works fine.
Step 5: Restart and update the scan engine (Scripts are again in the folder $env:ExchangeInstallPath\Scripts\ )
Set-MalwareFilteringServer <strong><YOURSERVERNAME></strong> -BypassFiltering $false
Update-MalwareFilteringServer <strong><YOURSERVERNAME></strong>
Code language: PowerShell (powershell)Step 6: Verify the Engine and your queue not growing again
Add-PSSnapin Microsoft.Forefront.Filtering.Management.Powershell
Get-EngineUpdateInformation
Get-Queue
Code language: PowerShell (powershell)The UpdateVersion must be 2112330001 or higher. If not, or if your queue grows again, stop the scanner and leave it disabled. Continue investigating in a test environment.
Solution 2: Automated fix
If you want Microsoft to fix the issue for you, head over to https://aka.ms/ResetScanEngineVersion and execute, what you find here. Remember to set your Execution Policy to RemoteSigned before you execute the script:
Set-ExecutionPolicy RemoteSigned
Code language: PowerShell (powershell)More details can be found in the official documentation: Email Stuck in Exchange On-premises Transport Queues – Microsoft Tech Community
