Jump to content

Archived

This topic is now archived and is closed to further replies.

davidenco

XmonSmtpAgent: Failed to create greylisting engine

Recommended Posts

I am running Exchange 2013 CU20 with EMSX 6.5.10055.0.

Since 10:09 today, Windows Event Log has been recording weird events and the Greylisting log in EMSX has not changed, so I suspect Greylisting is no longer working. It looks like every time an email comes in and triggers Greylisting, the entry appears in Windows Event Log, so I am not sure what is happening to those emails either. Potentially emails are being lost here.

The log entry is as follows:

XmonSmtpAgent: Failed to create greylisting engine. System.TypeInitializationException: The type initializer for 'XmonAgent.XmonGreylistingEngine' threw an exception. ---> System.InvalidOperationException: This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.
   at System.Security.Cryptography.SHA256Managed..ctor()
   at XmonAgent.XmonGreylistingEngine..cctor()
   --- End of inner exception stack trace ---
   at XmonAgent.XmonGreylistingEngine.GreylistingStatistics.Reset()
   at XmonAgent.XmonGreylistingEngine..ctor(UInt32 nDataHashMapSize, UInt32 nDataHashMapItemListSize)
   at XmonAgent.XmonSmtpAgentFactory.CreateAgent(SmtpServer server)

I have tried disabling transport protection, Greylisting and each of the modules in EMSX and re-enabling one-by-one but to no avail. The server has also been rebooted, but again no difference. A support ticket has been logged with technical support but so far nothing, so I thought I'd post here.

Any help would be greatly appreciated.

Share this post


Link to post
Share on other sites

Hello @davidenco ,

can you please open a ticket with your local support and provide them with a ESET log collector output to check? 

As it seems you are able to reproduce the issue easily can you please set the logging verbosity to diagnostics, reproduce the issue and collect the logs than so they will contain more detailed data? Please do not forget to revert the logging verbosity setting back, once the log collection is done.

Regards, P.R.

Share this post


Link to post
Share on other sites

I have done some digging and found that the message “This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms” is related to a local security option which was enabled on the server; something that is usually disabled by default. By disabling the option and rebooting, Greylisting just started working by itself and therefore the issue is now resolved.

The option is found in:

Administrative Tools > Local Security Policy > Local Policies > Security Options > "System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing."

Not sure why enabling this option should cause Greylisting to fail though?

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×