Overview
The Anti-Phishing engine fails to update its definitions. In the dashboard, the status shows as "No updates currently in progress (last update failed)". This happens due to the presence of old, corrupt definitions.
Process
Ensure that updates can go through
The first step is to allow updates through HTTP, as described in the Setting MailEssentials to use HTTP to download updates article. Once completed, make sure that there aren't any firewall rules that prevent access to the update servers:
GFI MailEssentials downloads updates from the following locations over HTTP ports 80 and 443:
amazonaws.com cdnupdate.gfi.com cdnpatches.gfi.com db11.spamcatcher.net meupdate.gfi.com update.gfi.com update.gfisoftware.com spamrazer.gfi.com support.gfi.com *.mailshell.net *.rules.mailshell.net
GFI MailEssentials can also be configured to download updates through a proxy server. Refer to the Configuring Proxy Settings article for more information.
You can use the nslookup tool to make sure that the domains are reachable. ICMP is usually disabled on CDNs, so ping may not be a reliable tool to use in testing.
Verify there are no port conflicts
GFI MailEssentials communicates through a variety of ports. Make sure that are no conflicts and that the local firewall solution is not preventing communication through the ports as defined in the GFI MailEssentials Port Description article.
Check the proxy configuration
Make sure that the credentials supplied to the proxy configuration are correct, as described in the GFI MailEssentials updates are failing when using a proxy article.
If definitions are old but updates don't fail, disable caching on the proxy server for the GFI MailEssentials server or exclude the cdnupdate.gfi.com domain.
Check Anti-Virus and Backup Exclusions
Updates may fail if the local antivirus marks the downloaded files as malware. Local backup solutions may access update files or folders and thus corrupt the update process. Please make sure you follow the steps in the Recommended Anti-virus and Backup Exclusions article to minimize the risk of corruption.
Stop the MailEssentials services
The MailEssentials services need to be stopped.
Open the Windows Services Manager by navigating to Start > Run > services.msc and stop the following services:
- Microsoft Exchange Transport service
- GFI List Server
- GFI MailEssentials Attendant
- GFI MailEssentials AS Scan Engine
- GFI MailEssentials Autoupdater
- GFI MailEssentials AV Scan Engine
- GFI MailEssentials Backend
- GFI MailEssentials Legacy Attendant
- GFI POP2Exchange
- GFI MailEssentials Quarantine Action Services
Remove the old files
Navigate to the ...\GFI\MailEssentials\AntiSpam\AUAntiPhish2 folder, and delete the following files:
Once the files are removed, MailEssentials will auto-update the definitions.
Download and manually unpack the current_revision file in the ...\GFI\MailEssentials\AntiSpam\AUAntiPhish2 folder, from the following URL: http://cdnupdate.gfi.com/ap/current_revision.zip, to manually install the latest definitions.
Start the MailEssentials services
The MailEssentials services previously stopped, need to be started back up.
Open the Windows Services Manager by navigating to Start > Run > services.msc and start the following services:
- Microsoft Exchange Transport service
- GFI List Server
- GFI MailEssentials Attendant
- GFI MailEssentials AS Scan Engine
- GFI MailEssentials Autoupdater
- GFI MailEssentials AV Scan Engine
- GFI MailEssentials Backend
- GFI MailEssentials Legacy Attendant
- GFI POP2Exchange
- GFI MailEssentials Quarantine Action Services
Priyanka Bhotika
Comments