Exchange Y2K22 Anti-Malware Services Safety Tweak, not Stopping Fix, and Mail Queue Stall Fix

By now most folks will have found the following fix sent out by Microsoft for the Y2K22 Anti-Malware bug:

Queue Safety Tweak

Before running the script check the timeout setting for mail held in the queue:

Get-TransportServer | Select-Object Name,MessageExpirationTimeout

If it’s set to anything less than 3 or 4 days then update that setting:

Set-TransportServer -Identity “EXCHANGESERVERNAME” -MessageExpirationTimeout 4.00:00:00

Once that is done move on to running the script.

Process Kill

We ran the script but had to manually kill two processes.

On Server Core to do so one can:

  1. Start TaskMgr.EXE
  2. Locate the Exchange processes and END TASK
  3. Restart the script

Another option would be to use Stop-Service NAME -FORCE in PowerShell.

NOTE: The update download is 1.7GB! For smaller pipes it will take a bit to come down.

Queue: Submission Undefined Clear Fix

Once everything seemingly looks normal and mail flow is “working” make sure to run:


Identity                DeliveryType Status MessageCount Velocity RiskLevel OutboundIPPool NextHopDomain
——–                ———— —— ———— ——– ——— ————– ————-
ExName             \Submission Undefined    Ready  172          -172     Normal    0              Submission

The above may be the result.

To get mail to flow properly run the following in the LaunchEMS shell:

Restart-Service FMS -Force

Run Get-Queue and you should see something like this:


Exchange Queues Being Emptied

Note that we have a standard user on our client’s domain that is restricted in scope but used for troubleshooting when needed. As soon as the above script finished at the moment mail flow received post script came in fine.

Once we forced the FMS service to restart we saw any mail held from over the weekend come in.

Conclusion – We’ll Keep Our Mail On-Premises

It is our client’s preference, and our own, to run Exchange mail services on-premises.

Once installed, Exchange is low maintenance with a similar patch cycle to the Windows OS with fewer issues that Windows OS patching in our opinion.

We have full control over the entire platform without being dependent on a third party to fix something when authentication or mail services break.

Have a great New Year everyone! 🙂

Philip Elder
Microsoft High Availability MVP

PowerShell and CMD Guides

Leave a comment

Your email address will not be published.