FAQs & Knowledge Base

Welcome to our Knowledge Base. Search or browse through the topics below to find answers to your questions.

Categories: Exchange Server Toolbox | Show all categories

Check the event log of the Exchange Server Toolbox or the Windows Event Viewer under Windows Logs | Application for the following message:

"The request was aborted: Could not create SSL/TLS secure channel"

If this is present, you can fix the problem this way:

  1. Press "Windows+R" and open "gpedit.msc".
  2. Navigate to Computer Configuration | Administrative Templates | Network | SSL Configuration Settings
  3. In the right pane, select "SSL Cipher Suite Order" and then click "Edit policy setting" in the center
  4. Select "Enabled" in the new window

You can now copy the contents of the text box under Options | SSl Encryption Collections into a text document. Append the following keys at the end:

  • TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
  • TLS_DHE_RSA_WITH_AES_256_GCM_SHA384

Follow the editing instructions in the right part of the window under "Help".

Then copy the text back into the text box and press "Apply" to save the settings. For the changes to be applied, you must restart the server.

All of our products are being developed in Delphi or C#. Although we use Log4Net with some of the components, they are safe to use, because the reported vulnerability applies to Log4J only.

None of our applications depend on Log4J or any other Java library and are thus not affected by this vulnerability.

This applies to all versions and editions of our applications (TreeSize, SpaceObServer, SpaceObServer WebAccess, HeavyLoad, SmartPOP2Exchange, Exchange Server Toolbox, SpamAssassin in a Box, SpamAssassin for Windows, SmartCallMonitor, SEPA-Transfer, ServerSentinel, and ShellBrowser). It is recommended to always use the latest available versions though to benefit from the latest patches, improvements, and features.

  • Check for Update
    • TCP and UDP Port 853
    • TCP Port 443
  • ClamAV
    • FreshClam (Signature Updater)
      • TCP Port 53
    • Rsync (SaneSecurity Signature Updater)
      • TCP Port 873
  • SpamAsassin
    • Razor (Regel Updater)
      • TCP Port 2703
    • Querying blacklists (RBLs)
      • TCP and UDP Port 53

This error is caused by missing access rights to a key file. This is located in the folder C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys. You can either change the permissions on the entire folder or check which file needs the permissions.

To find out which file this is, you can use window's own "Procmon". This shows all file accesses. Open the program and set the filter "Path contains C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys". Then check which file the "ESTArchiveStorageService" process tries to accessand allow access to this file.

We have planned a quarantine function for the future. Until this is implemented, you can, for example, set up a quarantine mailbox and deliver emails that have been detected as spam to it. To do this, you can use the following rule:


"Mail is spam" condition. To do this, you need to set a spam score. By default, the value 5 is recommended here.

Action "Forward copy to SMTP server". Here you specify the e-mail address of the quarantine mailbox and the SMTP server connection.

Action "Do not deliver email". This will delete the original email and deliver only the copy to the quarantine mailbox. It is important that this action is listed last.

 

Alternatively, you can use this action instead of "Forward copy to SMTP server":

"Modify recipients (SMTP)" action. Delete the existing recipients here and specify the quarantine mailbox as the recipient.

This action is useful if the quarantine mailbox is on the same SMTP server as the original recipient.