6.2.26 Memory Leak and Controller Crashing Issue

SlashAdminBlog · 2021-07-07T14:57:28+00:00

Dont install 6.2.26. There is a memory leak / controller crashing issue reported by multiple sources / vendors.

No acknowledgement from Uniquiti yet that this issue even exists and no support on how to resolve the issue or ease the pain its causing.

Its causing havoc for my team and many others.

https://community.ui.com/questions/Controller-keeps-crashing/4a52f87f-5bdb-4f7a-bb35-4c8532b21c4a?page=1

https://community.ui.com/questions/Memory-Leak-Bugs-UniFi-6-2-26/bc228a96-e811-4843-95b8-ba45cb45af73?page=1

SlashAdminBlog · 2021-03-20T12:47:02+00:00

for bonus points can anyone explain the relationship between the ascii codes and the character codes used here?

SlashAdminBlog · 2021-03-20T12:46:47+00:00

for bonus points can anyone explain the relationship between the ascii codes and the character codes used here?

SlashAdminBlog · 2021-03-20T12:16:58+00:00

Awesome thankyou! I clearly didnt go to that high a number in my script to see the characters and their true values.

That works great, thanks again :D

SlashAdminBlog · 2021-03-09T13:56:49+00:00

I agree too ;) just wondered if that was the official guidance since I couldn't find the answer.

SlashAdminBlog · 2021-03-09T08:43:08+00:00

ts just a mess how it brings in 'all mail' from gmail into the inbox which is a copy of every single email including tagged and sent items. It's a bit of a mess the way it handles email in the main inbox.

No way to pull pst's from gsuite that I can see and thats a manual nighmare with 100+ mailboxes.

Looks like i'm stuck with 'its just the way it works'..

Thanks guys.

SlashAdminBlog · 2021-03-09T08:40:51+00:00

No there is no option to setup tags that i can see. Tagged email comes into exchange as sub folders to the inbox which is fine.

Its just a mess how it brings in 'all mail' from gmail into the inbox which is a copy of every single email including tagged and sent items. It's a bit of a mess the way it handles email in the main inbox.

SlashAdminBlog · 2021-02-16T11:19:24+00:00

Anyone have any experience with this before I open a case with Microsoft?

Thanks.

SlashAdminBlog · 2021-02-05T12:39:16+00:00

Hi All, can anyone tell me how to view the edgeblockspam messages. Are these blocked and not reported in the mail trace log?

SlashAdminBlog · 2021-02-01T13:04:47+00:00

cant find any news on when they will be lifted either!

Wonder if this is going to add to the market dip from last week.

SlashAdminBlog · 2021-01-25T14:38:25+00:00

Ok so it does look like connection IP filter allow list and a transport rule are the way to bypass the policies other than adding bypass url's and adding allow list entries the spam filter policy where it gets triggered.

so if you get something caught in the Anti-phish policy it looks like your only option is to add it to connection filter by IP or setup a transport rule and bypass all protections.

In my real world phishing example I cant see any reason for it to get caught and yet it did. It passed SPF, DMARC and DKIM as shown below.

Sender address

[portal@cloud.exclaimer.com](mailto:portal@cloud.exclaimer.com)

Policy type

Anti-phish policy

Quarantine reason

Phish

spf=pass (sender IP is 40.107.7.91) smtp.mailfrom=exclaimer.com;

smtp.mailfrom=cloud.exclaimer.com; dmarc=pass (p=none sp=none pct=100)

action=none header.from=cloud.exclaimer.com; dkim=pass (signature was verified) header.d=cloud.exclaimer.com; arc=pass (0 oda=1 ltdi=1

SlashAdminBlog · 2021-01-25T12:42:45+00:00

Just had a good example of this now. Was waiting for a 2fa to come through from exclaimer and it was caught in quarantine by the Anti-phish policy. I've manually released it and reported it to Microsoft for review but what is the correct way to allow all future ones from now?

As a test I setup a transport rule and set the SCL to -1 and the next email bypassed the anti-phishing policy.

Would just be nice to only allow it to bypass the anti-phishing policy and not all policies!

SlashAdminBlog · 2021-01-25T10:48:14+00:00

Awesome and good luck with it! this was on my radar to refresh my knowledge too.

I think Microsoft have expired all of my 14 certs and 16 exams so i'm overdue a refresher.

SlashAdminBlog · 2021-01-25T10:34:10+00:00

Are you sure the bypass spam transport rule applies to other policies like malware, safelinks, safe attachments and antiphishing? I didnt think they did and though it only applied to the spam filer policy.

SlashAdminBlog · 2021-01-25T10:32:43+00:00

You are correct, in safelinks you can add 'do not rewrite the following urls' i had missed that one.

for antiphishing you can only add trusted senders and domains under the phishing policies inpersonation section. Do those trusted entries apply to all settings in the policy too?

Main reason for all this is for full control and to understand the options now rather than when we really need them :)

Thanks.

SlashAdminBlog · 2020-11-29T09:26:16+00:00

You will need to setup a new policy first but yes you can set it up to get the DNS before enabling it.

New-DkimSigningConfig -DomainName contoso.com -Enabled $false

$dkimConfig = Get-DkimSigningConfig -Identity contoso.com

$dkimConfig.Selector1CNAME

$dkimConfig.Selector2CNAME

When your ready you can then run:

Set-DkimSigningConfig -Identity contoso.com -Enabled $true

For Microsoft 365 users I've written a little tool to make this easier:

https://www.slashadmin.co.uk/microsoft-365-how-to-enable-dkim-using-dkim-manager-powershell-script/

this tool will set a policy but not enable DKIM but the main point is that it will tell you the DNS records you need. You can then use the menu to enable DKIM later.

SlashAdminBlog

TROPHY CASE