This post is not about how to configure incoming email (there is a GREAT white paper on the subject here: http://www.combined-knowledge.com/Downloads%202007.htm ). Instead, I will focus on an issue that I ran into while setting it up in a server farm environment with Microsoft Forefront Security. Forefront was installed on both of the front-end web servers.
When I followed the instructions in the white paper How to configure Email Enabled Lists in Moss2007 beta 2 using Exchange 2003 in the domain for receiving both local and external e-mail to the list (note that I opted to NOT automatically create distribution lists and contacts in Active Directory, so did not configure that piece) I found that email made it all the way to the inetputmailrootdrop folder on the connected front-end MOSS server and was picked up by the timer service, however, an error was consistently reported:
OWSTIMER.EXE (0×0950)
Windows SharePoint Services
E-Mail
6874
Warning An error occurred while attempting to create an attachment for an
item sent via e-mail. The e-mail was sent to the list "<doc library name>",
and the error was:
Useful, right?
Through some research and tons of troubleshooting, I disabled Forefront Security on the front-end MOSS servers. For those who are frustrated with it, the services will automatically restart unless you disable them. After disabling the Forefront services, I tried sending email to a document library again and received the following error message:
OWSTIMER.EXE (0×0950)
Windows SharePoint Services
E-Mail
6874
Warning An error occurred while attempting to create an attachment for an
item sent via e-mail. The e-mail was sent to the list "<doc library name>",
and the error was: Unknown server error number: d.
I uninstalled Forefront Security and the problem went away, I was able to successfully email documents to document libraries.
At this point I called Microsoft Technical support and was eventually transfered to Forefront security. They provided me with the following fix:
The FSCRealtimeScanner.exe (old AntigenRealtime.exe) is running as Network Service account as default. It does not have access to SPSTimer service. There is a hidden registry key “LegacyScanAccount”. When it is set to 1, FSCRealtimeScanner.exe will run as LocalSystem.
Do the following:
ú Stop FSCController service. Check task manager to make sure FSCController.exe and all the FSCRealtimeScanner.exe are shut down.
ú Run “iisreset /stop”
ú Run “net stop sptimerv3″
ú Add registry DWORD “LegacyScanAccount” with value 1 under
HKEY_LOCAL_MACHINESOFTWAREMicrosoftForefront Server SecuritySharePoint for 32 bit machine or HKEY_LOCAL_MACHINESOFTWARE
HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftForefront Server
SecuritySharePoint for 64 bit machine.
ú Run “net start sptimerv3″
ú Run “iisreset /start”
ú Send email to check if it works. FSCRealtimeScanner.exe should run as SYSTEM after you send an email to doc library.
This worked… of course it also created additional issues created by Forefront. More on those later.
Update [3/14/07]: I have given up on Forefront, after this fix, stsadm would not work and there was some kind of .Net problem. Removing Forefront fixed the problem. Unfortunately, I did not save the event logs and they have rolled over. *Heck*, this all happened the week I went on vacation. I now have Trend Portal Protect for MOSS installed and it appears to be working quite well.