Ramblings on IT

I don’t sell or support Trend Micro products any longer (excepting the last few clients still using WFBS until their licenses expire), mostly because Trend has caused me little in the way of a joyful experience supporting their products over the years, and it’s only gotten worse of late.

“Worry-Free Business Security” v7 was a complete disaster for me as client after client experienced issues with computer speed, and my company suffered hours of support time patching and babysitting the stuff. Anything BUT “Worry-Free,” IMO.

Late last week, I helped a new client with their email – their old cloud filters got turned off unexpectedly, and they needed to get their email back and running quickly. I got their MX record changed and pointed to my company’s cloud filters, and did all the other things needed to get their email flowing again, and a couple hours later, they were back and running.

Or so I thought.

Turns out they have an ‘orders’ email that is set to auto-forward to a supplier’s external email address, and once the change was made, these messages started bouncing with a ‘Too Many Hops’ message coming back from the far-end server.

Counting up the hops in the email header, and there were exactly 16 ‘Received’ hops.

Long story short(er), and it turned out the supplier has Trend’s Interscan Messaging Security Suite installed in front of their Exchange 2007, and deep in the bowels of one of the .ini files lies a ‘MaxHopCount’ setting of 16.

Really? 16?

Exchange 5.5 had a default of 18 (circa 1997); Exchange 2000 actually dropped that default to 15; Exchange 2003 bumped it to 30; Exchange 2007 left it at 30; and Exchange 2010 now defaults to 60.

Why the increase? Well, for one, there’s a lot more servers and routers on the Internet, but additionally, mail now is more likely to be filtered in the cloud through several servers before it gets to its destination.

My company’s email service goes through about 7 hops before it gets delivered, running the mail through spam & anti-virus filters as it goes. When mail is redirected, that then doubles the count to 14. Add the initial and final ‘Receive’ hops, and you’re up to 16. The far end actually added an additional hop going from their IMSS server to Exchange, which pushed it over the edge and made it fail.

Thanks to the Userfull Blog and Yanissa for posting the answer to the dilemma.

And a big #FAIL to Trend Micro. Out of curiosity, I searched through the IMSS Admin and Install guides and it mentions the MaxHopCount parameter exactly ZERO times.

Client is happy again, and I learned something new today. I also advised my client’s supplier to consider other solutions to Trend. They’ve not been terribly impressed with them lately either. And that’s too bad … I used to champion Trend products for business, but for me and my clients they lost sight of where their strengths were.