Overview
Antivirus definitions are old (sometimes a few days old), but the last update succeeded and the update status is green. No errors can be found in the debug logs.
Clicking on the "Update all engines" button the update fails with the following error details:
Server response: 401 Unauthorized"
Solution
The following log excerpt shows that the update is successful, even though the definitions are 2 days old:
, ... "info ","autoupdate","localdownloadpath: C:\Program Files (x86)\GFI\MailEssentials\updater\AVX\bitdefender_current_revision.txt.tmp"
, ... "info ","autoupdate","AuDownload::DownloadFilePost()"
, ... "info ","autoupdate","Starting async request"
, ... "info ","autoupdate","ReadCallback()"
, ... "info ","autoupdate","async request started, waiting for response"
, ... "info ","autoupdate","getting response"
, ... "info ","autoupdate","got reponse"
, ... "info ","autoupdate","StatusCode: OK"
, ... "info ","autoupdate","Last modified: 16.06.2015 09:55:05"
, ... "info ","autoupdate","response URI: http://cdnupdate.gfi.com//incav2/bitdefender/bitdefender_current_revision.txt"
, ... "info ","autoupdate","Content-Length: 197"
, ... "info ","autoupdate","AuDownload::read_version_info(C:\Program Files (x86)\GFI\MailEssentials\updater\AVX\bitdefender_current_revision.txt.tmp)"
, ... "info ","autoupdate","c1version: 3"
, ... "info ","autoupdate","c2version: 2"
, ... "info ","autoupdate","c3version: 16829"
, ... "info ","autoupdate","c4version: 0"
, ... "info ","autoupdate","oldestc4version: 16821"
, ... "info ","autoupdate","vendorversionnumberoffset: 0"
, ... "info ","autoupdate","patchmethod: gfi"
, ... "info ","autoupdate","md5: 8g4eucRssnbYk5PPkaxnEg=="
, ... "info ","autoupdate","nopatch: False"
, ... "info ","autoupdate","diffmethod: xdelta"
, ... "info ","autoupdate","local and remote versions are identical"
This behavior is consistent with a proxy server (or similar system) caching these files. The updater checks the remote file, receives the old cached copy, determines that there is no update available, and logs that both "local and remote versions are identical".
To prevent this behavior, disable caching on the proxy server for the GFI MailEssentials server or exclude the cdnupdate.gfi.com domain.