Symantec Mail Security for Microsoft Exchange (SMSMSE) does not detect and block SPAM when BM_Rulesets directories accumulate
| Article:TECH84147 | | | Created: 2006-01-17 | | | Updated: 2012-02-24 | | | Article URL http://www.symantec.com/docs/TECH84147 |
Problem
The Symantec Premium AntiSpam (PAS) Add-on for Microsoft Exchange is not detecting large amounts of mail that are SPAM.
Conditions
- PAS bm_ruleset folders are more than a few hours old.
Perform the following steps to check the date/time of the bm_ruleset folders:
1. Open Windows explorer to the following directory:
32-bit Operating System default: c:\Program Files\Symantec\SMSMSE\<version>\Server
64-bit Operating System default: c:\Program Files (x86)\Symantec\SMSMSE\<version>\Server
where <version> is the version of SMSMSE installed. The following is an example for 6.5 installed on 64-bit OS:
C:\Program Files (x86)\Symantec\SMSMSE\6.5\Server
3. If there are several bm_ruleset folders that are a few hours old or older, then this criteria has been met.
Cause
SMSMSE is not removing old rulesets. When rulesets accumulate SMSMSE cannot load the current set of rules correctly. This results in reduced or little SPAM effectiveness.
Solution
Upgrade to Symantec Mail Security for Microsoft Exchange 6.5.5 or later. To download the latest release, read Obtaining an update or an upgrade for a Symantec Corporate product. After upgrading, follow the steps in the Workaround section to clear out old rulesets.
Workaround
Clear out the rules and restart IIS.
1. Stop the following Windows Services:
Symantec Mail Security for Microsoft Exchange
Symantec Mail Security Utility Service
2. Open Windows Explorer and navigate to:
32-bit operating system: C:\Program Files\Symantec\SMSMSE\<version>\Server
64-bit operating system: C:\Program Files (x86)\Symantec\SMSMSE\<version>\Server
Where <version> is the version of SMSMSE installed. The following is an example for SMSMSE 6.5 installed on Exchange 2010:
C:\Program Files (x86)\Symantec\SMSMSE\6.5\Server
3. In the sidebar, in the All or part of the file name box enter brightmail_ref and click Search. Search results return a number of files and in some cases hundreds. Delete all resulting files.
4. Move all folders starting with bm_ruleset to a temporary folder.
5. Move the following files to a backup folder:
.sequence.0
.sequence.2
blrm
hashes
NOTE: Some or all of these files may not exist depending on the specific version of SMSMSE installed.
6. Wait approximately five minutes for SMSMSE to refresh the rules. Refresh the Server directory in Windows Explorer and see a small number of bm_ruleset folders.
7. For Exchange 2000/2003 restart IIS by clicking Start -> Run and typing iisreset.exe and click Ok.
8. For Exchange 2007/2010 restart the following Windows service: Exchange Transport Service.
9. Start the following Windows Services:
Symantec Mail Security for Microsoft Exchange
Symantec Mail Security Utility Service
|
|
| Source | ETrack |
| Value | 1899637 |
Related Articles
Legacy ID
2006011716254054
Article URL http://www.symantec.com/docs/TECH84147
Terms of use for this information are found in Legal Notices
Thank you.