As of Friday, December 31, 2021, Kraft Kennedy has been responding to multiple clients experiencing a situation where email transmission is failing. Outlook and mobile client connectivity both appear to work, but any emails attempted to be sent into, out of, or within an organization are not being sent.
The root cause is that Microsoft has pushed a bad update for the Malware Service in Windows. Exchange leverages this by way of the transport agent called “Malware Agent”.
The fix is to perform these two PowerShell commands on EVERY exchange server in the environment: (thanks to my KK teammate Jason for the code)
Get-TransportAgent -Identity “Malware Agent” | Disable-TransportAgent
Restart-Service MSExchangeTransport
Depending on the length of outage, messages may take minutes or a few hours to trickle in. This can be addressed by going to the hygiene provider (Mimecast, IronPort, Proofpoint) and forcing the inbound queue to flush.
Microsoft released official documentation of this issue at https://techcommunity.microsoft.com/t5/exchange-team-blog/email-stuck-in-transport-queues/ba-p/3049447. A formal fix is still in development so the workaround described above should still be pursued. This issue can impact clients that have moved to Exchange Online if they still leverage their on-premises Exchange hybrid server(s) for email relay.
Please contact Kraft Kennedy if you need assistance.