<> Trend Micro Incorporated April 19, 2019 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Trend Micro(TM) ScanMail(TM) (for Microsoft(TM) Exchange(TM)) 12.5 Patch 1 for Service Pack 1 Build 2039 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ NOTICE: This Readme file was current as of the date above. However, all customers are advised to check Trend Micro's website for documentation updates. GM release documentation: http://docs.trendmicro.com Patch/Service Pack release documentation: http://www.trendmicro.com/download TIP: Register online with Trend Micro within 30 days of installation to continue downloading new pattern files and product updates from the Trend Micro website. Register during installation or online at: https://clp.trendmicro.com/FullRegistration?T=TM Contents ========================================================== 1. About ScanMail (for Microsoft Exchange) 1.1 Overview of This Release 1.2 Who Should Install This Release 2. What's New 2.1 Enhancements 2.2 Resolved Known Issues 3. Documentation Set 4. System Requirements 5. Installation 5.1 Installing 5.2 Uninstalling 6. Post-Installation Configuration 7. Known Issues 8. Release History 9. Files Included in This Release 10. Contact Information 11. About Trend Micro 12. License Agreement ========================================================== 1. About ScanMail (for Microsoft Exchange) ====================================================================== ScanMail protects Exchange Server 2016, Exchange Server 2013, and Exchange Server 2010. Use the ScanMail installation program to quickly install ScanMail to one or more, local or remote, Exchange servers. Once installed, ScanMail can protect your servers in real time against viruses/malware, Trojans, worms, and spyware/grayware. ScanMail sustains business and network integrity by screening out spam messages and messages containing undesirable or unwanted content. ScanMail monitors and protects sensitive information that is traveling across your network. 1.1 Overview of This Release =================================================================== ScanMail (for Microsoft Exchange) 12.5 Patch 1 for Service Pack 1 consolidates all solutions to issues resolved after the release of ScanMail (for Microsoft Exchange) 12.5 Service Pack 1 build. 1.2 Who Should Install This Release =================================================================== You should install this Patch if you are currently running ScanMail (for Microsoft Exchange) 12.5 Service Pack 1 build. 2. What's New ====================================================================== NOTE: Please install the Patch before completing any procedures in this section (see "Installation"). This patch addresses the following issues and includes the following enhancement: 2.1 Enhancements =================================================================== The following enhancements are included in this release: Enhancement 1: [Hotfix 2016] Users encounter the following issues on the ScanMail for Microsoft Exchange Management Console after adding the IIS setting "nosniff" option in IIS HTTP Response Headers: - The Server Management page does not display. - The Security Risk Scan settings do not allow users to select any of the "Action" tabs. - The Log Query drop down menu is empty. - When the "Enable communication between the ScanMail MCP agent and Control Manager" option is enabled, the "Control Manager Setting" does not work as expected. - The "Manual Scan" and "Scheduled Scan" pages disappear. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This patch ensures that the IIS setting "nosniff" option can be enabled in IIS HTTP Response Headers without issues. Enhancement 2: [Hotfix 2030] This patch adds the "Block all password protected Office documents and compressed files" option under the attachment blocking policy settings to enable the attachment blocking filter to detect password- protected file attachments. NOTE: Users need to clear the browsing history from the web browser after applying this patch to be able to view this option on the ScanMail web console. Enhancement 3: [JP Hotfix 2636] When the Scan Engine (VSAPI) or Advanced Threat Scan Engine (ATSE) returns a "BAD_ZIP_ERR" or a "NO_SUPP_ERR" error code while scanning a sample, ScanMail treats the sample as unscannable and performs the action specified for "Files outside of scan restriction criteria" on the ScanMail web console. This patch provides a way to configure ScanMail to skip taking the action on this kind of samples. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 3: To configure ScanMail to skip the "Files outside of scan restriction criteria" action when VSAPI or ATSE returns a "BAD_ZIP_ERR" or "NO_SUPP_ERR" error code while scanning a sample: 1. Install this patch (see "Installation"). 2. Open the Registry Editor. 3. Add or locate the following key and set the value to the specific error code or codes separated by a semi-colon: Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion Key: VSAPISkipError Type: REG_SZ Data value:-82;-91 (-82:BAD_ZIP_ERR; -91: NO_SUPP_ERR) Enhancement 4: This patch makes ScanMail for Exchange compatible with the new APIs of Trend Micro Antispam Engine (TMASE) 8.5.0.1020. 2.2 Resolved Known Issues =================================================================== This release resolves the following issues: Issue 1: A parsing error occurs when ScanMail for Microsoft Exchange handles invalid characters in a file name. When this happens ScanMail for Microsoft Exchange temporarily quarantines the file and then resends it repeatedly. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: [Hotfix 2001] This patch enables ScanMail for Microsoft Exchange to replace invalid characters in file names, for example ":" "|", to a space character " " to prevent the parsing error. Issue 2: The Automatic Quarantine Maintenance and Automatic Report Maintenance functions in ScanMail for Microsoft Exchange 12.5 do not work. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: [Hotfix 2002] This patch ensures that both functions work normally. Issue 3: An issue prevents ScanMail for Microsoft Exchange 12.5 from resending quarantined email messages that were queried from remote servers. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: [Hotfix 2003] This patch resolves the issue so that ScanMail for Microsoft Exchange 12.5 can resend quarantined email messages that were queried from remote servers. Issue 4: A proxy server certificate error prevents users from enabling Predictive Machine Learning (PML) while ScanMail for Microsoft Exchange uses a proxy server. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 4: [Hotfix 2006] This patch resolves the issue by enabling users to configure ScanMail for Microsoft Exchange to ignore the proxy server certificate error by disabling the verify peer option for TrendX. This helps ensure that users can enable PML while using a proxy server. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 4: To disable the verify peer option for TrendX: 1. Install this patch (see "Installation"). 2. Open the Registry Editor. 3. Add or locate the following key and set it to "0". Path: HKLM\SOFTWARE\TrendMicro\Scanmail for Excahnge\CurrentVersion Key: VerifyPeerForTrendX Type: REG_DWORD Data values: 1: enables verify peer option for TrendX (default) 0: disables the verify peer option for TrendX 4. Restart the ScanMail for Microsoft Exchange Master Service. 5. Log on to the ScanMail for Microsoft Exchange console and enable PML. Issue 5: When a quarantined email message is resent as original email, its Message-ID should not change to allow ScanMail for Microsoft Exchange to skip basic filtering scans. However, the Exchange server automatically changes the email's Message-ID if it does not match the sender's domain. As a result, ScanMail for Microsoft Exchange treats the original email message as a new email and scans it again. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 5: [Hotfix 2009] This patch provides an option to configure ScanMail for Microsoft Exchange to skip the Message-ID checking for quarantined email messages that are resent as original email message so these messages can skip basic filter scan. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 5: To configure this option: 1. Install this patch (see "Installation"). 2. Open the Registry Editor. 3. Add or locate the following key and set the preferred value: Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion Key: SkipResendMessageIdCheck Type: REG_DWORD Data value: "1" = ScanMail skips Message-ID checking for quarantined email messages that are resent as original email "0" = ScanMail checks Message-ID of quarantined email messages that are resent as original email message(default) 4. Restart the ScanMail service. Issue 6: ScanMail uses two anti-spam patterns, "Anti-spam Incremental Pattern (Enhanced)" and "Anti-spam Pattern (Enhanced)", but only the first pattern appears on the Trend Micro Control Manager(TM) web console's "Update" page. Because of this, only this pattern will be updated and the TMASE rule file will not be downloaded. As a result, the "Current version" field for the Anti-spam pattern on the ScanMail web console displays "Not available". ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 6: [Hotfix 2010] This patch resolves the issue so that the correct information appears on the "Current version" field for the Anti-spam pattern on the ScanMail web console. Issue 7: In ScanMail for Microsoft Exchange 12.5, the PML and Virtual Analyzer features are not compatible with ATSE 11.x. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 7: [CP 2011] This patch enables PML and Virtual Analyzer to work with ATSE 11.x. Issue 8: The ScanMail for Microsoft Exchange Master Service stops unexpectedly when it receives a buffer from another module and the buffer size is "0". ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 8: [Hotfix 2012] This patch resolves the issue by enabling ScanMail for Microsoft Exchange Master Service to handle this event. Issue 9: The Search & Destroy function runs slowly because ScanMail for Microsoft Exchange retrieves the Exchange Web Services (EWS) Virtual Directory from distant Exchange servers. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 9: [Hotfix 2013] This patch provides an option to configure ScanMail for Microsoft Exchange to retrieve the EWS Virtual Directory from the Active Directory Domain Services (AD DS). ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 9: To configure this option: 1. Install this patch (see "Installation"). 2. Open the Registry Editor. 3. Add or locate the following key and set the preferred value: Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion Key: GetWebServicesVirtualDirectoryThroughAD Type: REG_DWORD Data value: "1" = ScanMail will retrieve the virtual directory properties from the AD DS "0" = ScanMail will retrieve virtual directory properties from the Internet Information Services (IIS) metabase (default) Issue 10: When ScanMail for Microsoft Exchange runs a manual or scheduled scan and the incremental scan option "Scan messages that have not been scanned" is not selected, the inbound disclaimer will be added to an email message every time a manual or scheduled scan runs. This happens because the "ID_HEADER_MAIL_SEND_TIME" value cannot be retrieved in store level scans and once removed, the "X-TM-SNTS-SMTP" header is not added again when the email message is re-scanned. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 10: [Hotfix 2015] This patch resolves the issue by enabling ScanMail for Microsoft Exchange to skip the "ID_HEADER_MAIL_SEND_TIME" when calculating "X-TM-SNTS-SMTP" and to automatically insert the "X-TM-SNTS-SMTP" header when an email message is scanned again. Issue 11: ScanMail for Microsoft Exchange encounters the following issues: - When ScanMail for Microsoft Exchange initially updates scan engine files and it is unsuccessful, it will update the engine files again. ScanMail gets the files from the Control Manager ActiveUpdate (AU) site even when the engine versions are older than the current engine files. - If ScanMail for Microsoft Exchange stops unexpectedly when "AutoRestartProcess" is set to "1", it will encounter a "Not Connected" status issue. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 11: [Hotfix 2019] This patch resolves both issues. Issue 12: ScanMail for Microsoft Exchange does not send its Product License Information to Control Manager so the information does not appear on the Control Manager 7 web console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 12: [Hotfix 2020] This patch resolves the issue by ensuring that ScanMail for Microsoft Exchange sends its Product License Information to Control Manager. Issue 13: An issue prevents ScanMail from replicating internal domains to other ScanMail target servers through the "Server Management" page or from the Control Manager server after users restart the SMEX_Master service on the target servers without accessing the "Internal Domains" page of the ScanMail web console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 13: [Hotfix 2021] This patch resolves the issue so ScanMail can replicate internal domains to other ScanMail target servers through the "Server Management" page or from the Control Manager server successfully. Issue 14: When the URL rewrite function is enabled in ScanMail for Microsoft Exchange 12.5 Service Pack 1, a plain text email message will display RTF tags when sent from Microsoft Outlook(TM). This happens because the email message is actually converted to text/rtf while the content type remains as text/plain and TMASE does not support URL rewrite in text/rtf format. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 14: [Hotfix 2022] This patch resolves the issue by enabling the URL rewrite function to skip a text/plain email message if it detects RTF flags in it. Issue 15: When an email has been flagged as new born spam and its suspicious file attachments have been sent to Trend Micro Deep Discovery Analyzer, the attachments may be stuck in "Being Analyzed" status forever. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 15: [Hotfix 2023] This patch resolves the issue by improving the X-TM-AS-URLRatingInfo checking mechanism for determining whether an email is new born spam. Issue 16: In certain environments, the submission queue on Exchange Servers grows continuously and requires users to restart the ScanMail for Microsoft Master service to clear it. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 16: [Hotfix 2024] This patch improves the cache mechanism in ScanMail for Microsoft Exchange 12.5 Service Pack 1 to ensure that file locks are released correctly when it encounters an exception. Issue 17: The Exchange submission queue fills up during a TMASE pattern update. During a TMASE pattern update, ScanMail locks the TMASE initialization and then the core[0]/core[1] switch. All scanning threads wait for the initialization to complete and for the lock to be released before switching to the new core to continue scanning. However, the TMASE rule may take over 90 seconds to initialize. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 17: [Hotfix 2029] This patch prevents ScanMail from locking the TMASE initialization during the pattern update since only the core[0]/core[1] switch needs to be protected. This helps ensure scans proceed normally until the switch from one active core to another. Issue 18: In Microsoft Exchange 2010, when ScanMail detects suspicious email messages while running a store level scan in a mailbox, it sends notifications to recipient email addresses based on the mailbox display name. As a result, other users with the same mailbox display name will receive the notifications. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 18: [Hotfix 2031] This patch helps reduce the impact of the issue in Exchange 2010 by limiting the recipients of the notifications. Issue 19: Sometimes, suspicious quarantined email messages do not go into the waiting queue and as a result, are not sent to Deep Discovery Analyzer for analysis. When this happens, these email messages are not resent until the messages time out or after the Master Service restarts. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 19: [Hotfix 2032] This patch helps ensure that suspicious quarantined email messages are added to the waiting queue to be sent to Deep Discovery Analyzer for analysis. Issue 20: An issue prevents ScanMail from replicating Internal Domains and Advanced Spam Prevention settings to other ScanMail target servers through the "Server Management" page or from the Control Manager server after users restart the ScanMail Master Service on the target servers without accessing the "Internal Domains and Advanced Spam Prevention" page of the ScanMail web console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 20: [Hotfix 2033] This patch resolves the issue so ScanMail can replicate Internal Domains and Advanced Spam Prevention settings to other ScanMail target servers through the "Server Management" page or from the Control Manager server successfully. Issue 21: When "Access Control" is enabled in ScanMail and users logon to ScanMail using the "Logon with domain credentials" option, a "Syntax Error" appears when they attempt to access the "Writing Style Training Settings" page. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 21: [Hotfix 2033] This patch prevents the "Syntax Error" to ensure that users can access the "Writing Style Training Settings" page normally. Issue 22: On the "Scheduled Scan Task" page, two 24-hour options appear in the "Pause" drop-down list on Exchange 2013 and 2016 servers. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 22: [Hotfix 2033] This patch removes the duplicate options from the drop-down list on the "Scheduled Scan Task" page. Issue 23: ScanMail for Microsoft Exchange does not send unscannable Message Information to Control Manager so the information does not appear on the "Log Query" page of the Control Manager web console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 23: [Hotfix 2025] This patch resolves the issue by ensuring that ScanMail for Microsoft Exchange sends unscannable Message Information to Control Manager. Issue 24: When the ScanMail database is offline, multiple Deep Discovery Analyzer related logs will have no message identity which prevents ScanMail from restoring dump logs to the database. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 24: [Hotfix N/A] This patch ensures that each Deep Discovery Analyzer related log has a message identity. Issue 25: When Deep Discovery Analyzer detects a suspicious file, ScanMail does not send logs to the Control Manager log. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 25: [Hotfix N/A] This patch ensures that ScanMail sends a "Virtual Analyzer Detections" log to Control Manager when Deep Discovery Analyzer detects a file. Issue 26: An issue prevents ScanMail for Microsoft Exchange from running certain database operations that contain datetime information on some Windows platforms. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 26: [Hotfix N/A] This patch resolves the issue by changing the datetime format in the affected database operations. Issue 27: By default, the replacement setting of the Attachment Blocking filter changes the replacement file name to "[Attachment Name].txt". However, when users open the received email, the file attachment was not renamed successfully. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 27: [Hotfix 1306] This patch updates the TmMsg module to ensure that file attachments are renamed successfully. Issue 28: The SMEX_Master service may stop unexpectedly when the debug log is enabled from the ScanMail for Exchange web console on the Exchange DAG environment. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 28: [Hotfix N/A] This patch prevents the service from stopping unexpectedly. Issue 29: ScanMail does not set the Virtual Analyzer settings correctly after server replication from the Server Management console or Control Manager console in the following scenarios: a. The Source ScanMail server is registered to the Virtual Analyzer server but the target ScanMail server(s) are not registered to the Virtual Analyzer server. After server replication, the target ScanMail server(s) UUID is not saved in the database which prevents ScanMail from submitting files or URLs to the Deep Discovery Analyzer server. b. The Source ScanMail server was unregistered from the Virtual Analyzer server but the target servers are registered to the Virtual Analyzer server. After server replication, the target servers are still registered to the Virtual Analyzer server. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 29: [Hotfix N/A] This patch ensures that Virtual Analyzer settings are set correctly on target servers after server replication. Issue 30: After replicating Virtual Analyzer settings from the Server Management or Control Manager server console, an issue prevents ScanMail from setting the correct status of the DTAS Agent module. This prevents ScanMail from sending quarantined messages to the Deep Discovery Analyzer server. These messages cannot be released unless the SMEX_Master service restarts. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 30: [Hotfix N/A] This patch resolves the issue by improving the Deep Discovery Analyzer cache mechanism. Issue 31: The SMEX_Master service cannot start if it restarts while "VSAPI64*.dll" exists in the eManager folder. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 31: [Hotfix N/A] This patch resolves the issue by enabling SMEX_Master to check if "VSAPI64*.dll" exists in the eManager folder before it starts and to delete it so it can start successfully. Issue 32: When users send time-of-click (TOC) log queries to remote servers and filter results by URL, the query results still display all TOC logs, but those sent to local servers can filter the results normally. This happens because the URL filter is not carried to the remote server so remote servers respond with all TOC logs. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 32: [Hotfix 2037] This patch adds the URL parameter in the remote query function to resolve this issue. Issue 33: Manual Scan takes a long time to complete when the "Scan messages that have not been scanned" option is enabled. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 33: [Hotfix N/A] This patch ensures that manual scans run normally with the option. Issue 34: Exchange email messages cannot be detected as internal messages so that system email messages are sent to Deep Discovery Analyzer for analysis. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 34: [Hotfix N/A] This patch prevents ScanMail from sending system- generated email messages to Deep Discovery Analyzer. Issue 35: The "HEUR_HAS_MACRO" ATSE rule detects if an email file attachment contains macros. Enabling Virtual Analyzer on the transport level also enables the "HEUR_HAS_MACRO" rule for store level scans. This causes many Microsoft Office files to be detected as "HEUR_HAS_MACRO" during Exchange 2010 store level real-time scans. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 35: [Hotfix N/A] This patch ensures that the "HEUR_HAS_MACRO" rule is not enabled for store level scans. 3. Documentation Set ====================================================================== To download or view electronic versions of the doe fintation set for this product, go to http://docs.trendmicro.com In addition to this Readme file, the documentation set for this product includes the following: - Online Help: The Online Help contains an overview of features and key concepts, and information on configuring and maintaining ScanMail (for Microsoft Exchange). To access the Online Help, go to http://docs.trendmicro.com - Installation Guide (IG): The Installation Guide contains information on requirements and procedures for installing and deploying ScanMail (for Microsoft Exchange). - Administrator's Guide (AG): The Administrator's Guide contains an overview of features and key concepts, and information on configuring and maintaining ScanMail (for Microsoft Exchange). - Support Portal: The Support Portal contains information on troubleshooting and resolving known issues. To access the Support Portal, go to http://esupport.trendmicro.com 4. System Requirements ====================================================================== There are no changes to the system requirements in the ScanMail (for Microsoft Exchange) 12.5 Service Pack 1 readme file. 5. Installation ====================================================================== This section explains key steps for installing. - This Patch supports remote and multi-server deployment. - This Patch automatically restarts the following services on both Normal and Cluster Servers: - ScanMail (for Microsoft Exchange) Master Service - ScanMail (for Microsoft Exchange) Remote Configuration Server - ScanMail (for Microsoft Exchange) System Watcher - ScanMail EUQ Monitor - Microsoft Exchange Transport - MOM service - HealthService service - To install or uninstall this Patch, you must have at least local administrator and domain user privileges. 5.1 Installing =================================================================== To install: 1. Log on using an account with local administrator and domain privileges. 2. Run "smex_125_sp1_win_en_patch1_b2039.exe" and select "Install". The framework automatically installs the Patch to the appropriate directory, replaces the outdated files, and updates the database. The "Successfully completed" count increases upon the completion of the installation. 3. Clear the browser cache and re-launch the browser. 5.2 Uninstalling =================================================================== To roll back to the previous build: - run "smex_125_sp1_win_en_patch1_b2039.exe" and select "uninstall"; or - run "uninstall.bat" in the following patch folder: {SMEX_HOME}\Patch\ScanMail 12.5 Patch 1 for Service Pack 1\ Uninstall The framework automatically rolls back to the previous build and a confirmation message indicating a successful uninstallation is displayed on the setup screen. 6. Post-Installation Configuration ====================================================================== No post-installation steps are required. NOTE: Trend Micro recommends that you update your scan engine and virus pattern files immediately after installing the product. 7. Known Issues ====================================================================== There are no known issues in this release. 8. Release History ====================================================================== For more information about updates to this product, go to: http://www.trendmicro.com/download ScanMail 12.0 for Microsoft Exchange March 2016 ScanMail 12.0 for Microsoft Exchange Service Pack 1 November 2016 ScanMail 12.5 for Microsoft Exchange November 2017 ScanMail 12.5 for Microsoft Exchange Service Pack 1 July 2018 9. Files Included in This Release ====================================================================== This is a full package release. Detail files list refer to ScanMail (for Microsoft Exchange) 12.5 Patch 1 for Service Pack 1 installation package. 10. Contact Information ====================================================================== A license to Trend Micro software usually includes the right to product updates, pattern file updates, and basic technical support for one (1) year from the date of purchase only. After the first year, you must renew Maintenance on an annual basis at Trend Micro's then-current Maintenance fees. Contact Trend Micro via fax, phone, and email, or visit our website to download evaluation copies of Trend Micro products. http://www.trendmicro.com/us/about-us/contact/index.html NOTE: This information is subject to change without notice. 11. About Trend Micro ====================================================================== Smart, simple, security that fits As a global leader in IT security, Trend Micro develops innovative security solutions that make the world safe for businesses and consumers to exchange digital information. Copyright 2019, Trend Micro Incorporated. All rights reserved. Trend Micro, ScanMail, Control Manager, Data Loss Prevention, OfficeScan, eManager and the t-ball logo are trademarks of Trend Micro Incorporated and are registered in some jurisdictions. All other marks are the trademarks or registered trademarks of their respective companies. 12. License Agreement ====================================================================== View information about your license agreement with Trend Micro at: http://www.trendmicro.com/us/about-us/legal-policies/ license-agreements Third-party licensing agreements can be viewed: - By selecting the "About" option in the application user interface - By referring to the "Legal" page of the Administrator's Guide