Kaspersky Blocking Microsoft Outlook on Exchange Servers with Windows Extended Protection (WEP)

[Bee Admin]

Have any of you experienced the new problem of Exchange Servers blocking connections from computers with Kaspersky Endpoint Security that have web and email threat protection enabled?

According to Intermedia Exchange Hosting, when they apply Windows Extended Protection (WEP) to their exchange server as required by Microsoft, any application that proxies the connection to the exchange server will be blocked.  Kaspersky and BitDefender both proxy their connections to Exchange Servers if you have Web and Mail Threat protection enabled. 

This is a huge problem for me as I have had to replace Kaspersky with Webroot on 2 clients already.  I can't disable web and email scanning.  Kaspersky support (if you want to call it that) has no clue.  This problem is easily reproducible.

Has anyone else dealt with this?

Edited October 16, 2022 by Bee Admin

[Fahad Faez]

Hello Bee ,

i'm also facing this issue with all my outlook clients , that happend after applying the Windows Extended Protection (WEP) , the clients ( including me ) had to pause our protection to enable outlook connection .
 

even after applying latest security CU to the exchange server , the connection still blocked .

 

 

[JL - KL DACH]

Hello,

please open a case here: https://CompanyAccount.kaspersky.com

We need to take a more deeper look at the device information, so please first use our GSI tool and upload the resulting file to your new ticket. This should speed up the analysis: 
https://support.kaspersky.com/3632
(Please run as Administrator and include Event Logs)

In addition it might be helpful to get some version information depending on problem description and environment:

- On-Prem or Cloud Endpoint Version
- Kaspersy Security Center and Network Agent Version (if in use)
- Office Version
- Exchange Server Version (if Problem with Exchange Server environment)
- Versions of virtual infrastructur if Kaspersky Virtualization protection is in use
 

[dsadmin]

The problem is simple but you won't be able to tell Kaspersky Support that.  They simply do not understand the problem even when you tell them exactly what the problem is.  Here is the problem:

Windows Extended Protection does not allow "Proxied" connections to Exchange servers.  Kaspersky and BitDefender both do this.

Don't bother opening a ticket at companyaccount.  I already did, followed all of their ridiculous steps and sent the diagnostic reports.  They didn't have a clue.  After explaining the problem in detail with screenshops showing them that "ALL" Outlook users could not login to Exchange server when EMAIL and WEB Threat protection is enable, this was their response:

"How are you?

Right, some of the issues had been resolved.
But there is still a couple minor issues, but nothing to worry about now.

I will need you to give me this informations to understand the scenario a little more, helping you on a more precise support:

1- What is happening on the system right now (Errors or problems): Getting Prompted to login into AD to open Mail.

2- How was it working before:

3- How long is happening:

4- If you know what was changed to cause this error, please, describe (for example, a KES upgrade):

5- What is your License ID:

6- Workspace ID:

7- UserID:

8- Your Timezone:

9- The Failing modules policies configuration screenshot"

Worst support on the planet and I'm saying that with 25 years in the PC industry.  

The way to solve this problem is to either disable EMAIL and WEB Threat Protection or get a new anti-virus program which is what I did.

 

[JL - KL DACH]

Hello DSAdmin,

thank you for your description.

It's a pity you changed the product. I'm really sorry about that.

However, the way to solve the problem is not disabling options which seems causing a problem but doing some troubleshooting on it to find the root cause.

This is the reason why Kaspersky Support asking for extended information to enclose an obvious problem with WEP.

Just fingerpointing the support is bad and changing the product is not very helpful and will not solve the problem.

Telling the Forum what Incident Number you opened and which Kasperky Product and Version you are exaxtly using would be the minimum professional thing to do to get adequate help to start to troubleshoot a problem.

You have to know that as much detailed information as possible is needed in the forum to clarify the problem here parallel to support. Too much details are missing here in the forum topic to help you.

[Eleia]

Did you add protected users to the protected mailboxes in kaspersky security for office 365 policy ?

 

I had the same problem when i granted access for Kaspersky to office 365 without adding my users to the protected mailboxes section

 

Edited October 31, 2022 by Eleia

[The3ofD]

Is there an easy fix for non-tech professionals.  I don't understand any of this

[ElvinE5]

56 минут назад, The3ofD сказал:

Is there an easy fix for non-tech professionals.  I don't understand any of this

I can’t say for sure, but it looks like a problem with checking secure connections, when the server rejects connections in which Kaspersky replace the certificate with your own in order to be able to decrypt SSL traffic

 

try adding your Exchange server to the list of trusted (by IP or DNS name) in the policy for KES

Спойлер

 

but as you understand, this will reduce the efficiency of the components Mail and Web Threat Protection, since they will not be able to look inside the encrypted traffic.

on the other hand, this is probably your trusted server and you have mail protection configured somewhere earlier ...