search cancel

A large number of .tmp files accumulate in the SMSMSE\%Version%\Server\Temp directory when the Network Service account does not have Full Control to the temp directory

book

Article ID: 163867

calendar_today

Updated On:

Products

Mail Security for Microsoft Exchange

Issue/Introduction

A large number of files have accumulated in the Symantec Mail Security for Microsoft Exchange (SMSMSE) temporary directory, default location C:\Program Files (x86)\Symantec\SMSMSE\%Version%\Server\Temp directory.

 

Environment

Exchange 2007 or greater.

Conditions

The Network Service account does not have full control to the C:\Program Files (x86)\Symantec\SMSMSE\%Version%\Server\Temp directory.

To determine if the Network Service account has full control to the SMSMSE temp directory:

  1. In Windows Explorer, navigate to the C:\Program Files (x86)\Symantec\SMSMSE\%Version%\Server directory.
  2. Right click the Temp directory and select Properties.
  3. Select the Security tab.
  4. Click the Advanced button.
  5. Select the Effective Access tab.
  6. Next to User/Group: click Select a user.
  7. In the resulting Select User, Computer, Service Account, or Group, dialog, enter Network Service in the "Enter the object name to select" box and click OK.
  8. Click View effective access.
  9. If there is a red X next to the Full control Permission in the resulting Effective access table, this condition is met.

 

Cause

When a file is written to the temporary directory in SMSMSE for scanning, the Microsoft Exchange Transport service is responsible for deleting the file after the scan verdict is returned. If the Microsoft Exchange Transport service does not have access to delete the files after the verdict is returned, files will accumulate in the directory over time. The Microsoft Exchange Transport service runs under the security context of the Network Service account. 

Resolution

Add full control to the SMSMSE temp directory for the Network Service account.

To add full control to the directory for the Network Service account:

  1. In Windows Explorer, navigate to the C:\Program Files (x86)\Symantec\SMSMSE\%Version%\Server directory.
  2. Right click the Temp directory and select Properties.
  3. Select the Security tab.
  4. Click the Edit... button
  5. Select NETWORK SERVICE in the "Group or user names:" list
  6. Next to "Full control" click the "Allow" checkbox.
  7. Click Apply, and then OK

After taking the above steps, the .tmp files will no longer accumulate in the directory. It is safe to delete the existing .tmp files from the directory.