Exchange On Prem Mails stuck in message queue due to “MESSAGE DEFERRED BY CATEGORIZER AGENT”

January 2, 2022 by AJNI No Comments

On the first day of a new year (for me it was the second day) Microsoft gave us a present to work on that affects Exchange servers. Affected systems could not send or receive mails, messages would get stuck in message queue with the error "Message deferred by categorizer agent". Here are the two relevant event viewer entries:

The issue here is that the malware filter could not scan the message because of this error (it has to do with date time not fitting into 32 bit integers anymore) and the message would not get sent to the recipient. To temporarily resolve the issue, you can disable antimalware.

Open PowerShell as admin.

& "$env:ExchangeInstallPath\Scripts\Disable-AntimalwareScanning.ps1"

Restart MS Exchange Transport Service

Restart-Service MSExchangeTransport

References:

https://www.itwriting.com/blog/11910-exchange-emails-stuck-in-queue-because-message-deferred-by-categorizer-agent-happy-new-year-admins.html

Reading time: 1 min

Exchange 2013/2016/2019 Error with OWA/ECP after Cumulative Update (CU)

November 27, 2021 by AJNI 1 Comment

After updating Exchange 2013/2016/2019 you might get an error when trying to open OWA or ECP. This happens because of an expired OAuth certificate.

Open Exchange Powershell and check if the certificate has expired:

Get-ExchangeCertificate (Get-AuthConfig).CurrentCertificateThumbprint

If the certificate has expired, create a new one (do not forget to change the domain name):

New-ExchangeCertificate -KeySize 2048 -PrivateKeyExportable $true -SubjectName "cn=Microsoft Exchange Server Auth Certificate" -FriendlyName "Microsoft Exchange Server Auth Certificate" -DomainName "ajni.it"

Set the new certificate for OAuth:

Set-AuthConfig -NewCertificateThumbprint <ThumbprintFromStep1> -NewCertificateEffectiveDate (Get-Date)
Set-AuthConfig –PublishCertificate
Set-AuthConfig -ClearPreviousCertificate

Restart the Exchange IIS App Pools:

Restart-WebAppPool MSExchangeOWAAppPool
Restart-WebAppPool MSExchangeECPAppPool

If you still get the error in OWA/ECP, you either have to wait a couple of hours (some people have reported that they had to wait for up to 6 hours) or change the time zone of the Exchange server to UTC (Universal Coordinated Time).

References:

https://www.frankysweb.de/exchange-server-owa-und-eac-starten-nicht-nach-installation-der-juli-updates/

https://support.microsoft.com/en-us/topic/you-can-t-access-owa-or-ecp-after-you-install-exchange-server-2016-cu6-88b3fe67-5f97-a8a2-8ed8-70034ff15761

Reading time: 1 min

Tip Of the Day

Keep in touch

Oh hi there 👋
It’s nice to meet you.

Sign up to receive my awesome blog posts in your inbox, every week.

Recent Posts

Categories

Archives