Message deferred by categorizer agent Exchange 2016/2019

Does your email exchange queue shows message deferred by categorizer agent and event log shows “The FIP-FS “Microsoft” Scan Engine failed to load. PID: 10816, Error Code: 0x80004005. Error Description: Can’t convert “2201010002” to long”? Well we have all suffered from this and the only way to get around it is to disable Malware agent and bypass the anti-malware filtering rule while we wait for an official update to fix this error.

Disable Malware Agent in Exchange 2016/2019

To disable malware agent in exchange 2016/2019 open exchange management shell and paste the following –

Get-TransportAgent "Malware Agent" | Disable-TransportAgent -Confirm:$false

You will receive a message saying exchange transport service needs to be restarted to reflect the changes. We need to bypass the anti-malware filtering rule before restarting the service.

Bypass the anti-malware filtering rule in Exchange 2016/2019

The following disables the anti-malware filtering rule –

Get-ExchangeServer | % {Set-MalwareFilteringServer -BypassFiltering $true -Identity $_.Name}

Restart Exchange Server Transport Service

Now that both malware agent and filtering rule is disabled and bypassed, restart the exchange server transport service

Restart Exchange Server Transport Service

Wait a bit and your queue should start to process the mails.