Trustwave Becomes First Pure-Play MDR Provider to Attain FedRAMP Authorization. Learn More

Request a Demo
Trustwave Becomes First Pure-Play MDR Provider to Attain FedRAMP Authorization. Learn More

Request a Demo
Services
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

View All Trustwave Services
Solutions
BY INDUSTRY
BY REGULATION
BY TOPIC
Microsoft Security
Unlock the full power of Microsoft Security
Offensive Security
Solutions to maximize your security ROI
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
We reduce cyber risk and fortify organizations
Awards and Accolades
Recognition by analysts and media outlets
Trustwave SpiderLabs Team
Global researchers, ethical hackers, and responders
Trustwave Fusion Security Operations Platform
Unprecedented security visibility and control
Trustwave Security Colony
Access to cybersecurity threat protection resources
Partners
Microsoft Security
Unlock the full power of Microsoft Security
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats
Register
Login
Resources
BLOGS
UPCOMING
MEDIA & ASSETS
NOTICES
HELP
Loading...
Loading...

Trustwave Knowledge Base

Home » Knowledgebase » Email Content Manager » PRB: Messages from other transport agents can be deadlettered

PRB: Messages from other transport agents can be deadlettered

Expand / Collapse
Show/Hide Article Tools


This article applies to:

  • MailMarshal Exchange 5.3 and above
  • NOTE: Change of default behavior in version 7.1

Symptoms:

  • Messages from other transport agents can be deadlettered

Causes:

  • MailMarshal Exchange processes all mail flowing through the Hub Transport server by default, including messages that have been generated by other transport agents configured on the Hub Transport server, such as AV scanners' notifications or notifications generated by the Hub Transport Rules agent.

  • In some rare cases, messages generated by other agents can be formed in unusual ways, and MailMarshal Exchange can deadletter these messages.

Resolution:

In MailMarshal Exchange release 5.3.2 and above, you can control whether MailMarshal Exchange processes messages created by other transport agents with a Registry setting. 

Note:

  • In versions 5.3 and 7.0, all messages are processed by default.
  • In version 7.1, messages from other transport agents are NOT processed by default.

Warning: Using the Registry Editor incorrectly can cause serious problems that may require you to reinstall your operating system. Trustwave cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Make sure that you backup your Registry prior to making any changes.

Version 7.X

  1. On the Array Manager server, open the Registry Editor.
  2. Navigate to the appropriate Registry location:
    • HKey_Local_Machine\Software\Wow6432Node\Marshal\MMExchange\Default\Engine
  3. Under the Engine key, create a new value with the following properties:
    • Type: DWORD
    • Name: AllowOtherFileSources
    • Data: To enable mail to bypass the MailMarshal Exchange Engine, set this value to 1. To disable the bypass, set it to 0.
    • Default (if the value is not present):
      • In version 7.0 the default is 0 (disable bypass).
      • In version 7.1 the default is 1 (enable bypass). 
  4. To apply the change, commit configuration.

Version 5.3

  1. On the affected server, open the Registry Editor.
  2. Navigate to the appropriate Registry location:
    • HKey_Local_Machine\Software\Wow6432Node\Marshal Software\MailMarshal For Exchange\Default\Engine
  3. Under the Engine key, create a new value with the following properties:
    • Type: DWORD
    • Name: AllowOtherFileSources
    • Data: To enable mail to bypass the MailMarshal Exchange Engine, set this value to 1. To disable the bypass, set it to 0.
    • Default (if the value is not present):
      • In versions 5.3  the default is 0 (disable bypass).
  4. Restart the MailMarshal Exchange Engine service.

To contact Trustwave about this article or to request support:

Rate this Article:
     

Add Your Comments


Comment submission is disabled for anonymous users.
Please send feedback to Trustwave Technical Support or the Webmaster.


Execution: 0.031. 9 queries. Compression Disabled.
Powered by InstantKB.NET