The SMTP resource may not start, and Event ID 1005 is recorded when you fail over an Exchange Server 2003 virtual server (922252)


The information in this article applies to:

  • Microsoft Exchange Server 2003 Enterprise Edition
  • Microsoft Exchange Server 2003 Standard Edition
Important This article contains information that shows you how to help lower security settings or how to turn off security features on a computer. You can make these changes to work around a specific problem. Before you make these changes, we recommend that you evaluate the risks that are associated with implementing this workaround in your particular environment. If you implement this workaround, take any appropriate additional steps to help protect your system.

SYMPTOMS

When you fail over an Exchange Server 2003 virtual server to another node on an Active/Passive cluster, the SMTP resource may not start. When this issue occurs, the following event may be recorded in the System log:
Event ID     : 1005
Record Nr.   : 1867
Category     : None
Source       : MSExchangeCluster
Type         : Error
Generated    : 3/16/2005 1:11:40 PM
Machine      : LABEXCHCLUB
Message      : SMTP Virtual Server Instance 1 (EVS1): The IsAlive check for this 
resource failed.

CAUSE

This issue may occur when the following conditions are true:
  • McAfee Access Protection is installed in your organization.
  • The McAfee Access Protection settings are managed from a configuration server.
  • The node to which Exchange Server fails over lost connection with the configuration server. Therefore, the node uses default port blocking settings. By default, McAfee Access Protection blocks port 25 to prevent mass mailer worms.
In this scenario, traffic cannot reach the SMTP resource over TCP port 25. Therefore, "IsAlive" checks fail for the SMTP resource.

RESOLUTION

To resolve this issue, disable the Prevent mass mailing worms from sending mail setting in McAfee Access Protection.

Warning This workaround may make your computer or your network more vulnerable to attack by malicious users or by malicious software such as viruses. We do not recommend this workaround but are providing this information so that you can implement this workaround at your own discretion. Use this workaround at your own risk.

For information about how to disable the Prevent mass mailing worms from sending mail setting in McAfee Access Protection, view the McAfee documentation. Alternatively, contact McAfee technical support.

For information about how to contact McAfee technical support, click the appropriate article number in the following list to view the article in the Microsoft Knowledge Base:

65416 Hardware and software vendor contact information, A-K

60781 Hardware and software vendor contact information, L-P

60782 Hardware and software vendor contact information, Q-Z

Microsoft provides third-party contact information to help you find technical support. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information. The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, regarding the performance or reliability of these products.
Modification Type:MajorLast Reviewed:8/3/2006
Keywords:kbtshoot kbprb KB922252 kbAudITPRO
©2004 Microsoft Corporation. All rights reserved.