This article has been archived. It is offered "as is" and will no longer be updated.
When the Exchange Server 2003 component of Microsoft Windows Small Business Server 2003 processes incoming and outgoing e-mail messages that have attachments, the following event may be logged in the application log on the Small Business 2003 computer:
Event Type: Error Event Source: SmallBusinessServer Event Category: None Event ID: 5120 Date: 1/12/2004 Time: 6:36:37 PM User: N/A Computer: ComputerName Description:An error occurred in the function DeleteUnsafeAttachments while running the Secure Attachments Tool (Secatts.dll) to remove SMTP e-mail attachments. The error code is: -2146644475. To fix the problem, run the Configure E-mail and Internet Connection Wizard, and clear the option to remove e-mail attachments; then run the wizard again and select the option.For more information, see Help and Support Center at http://support.microsoft.com.
This behavior is caused by e-mail messages that contain MIME fields whose content type is multipart/alternative. The expected content type is multipart/mixed. Typically, e-mail messages that contain multipart/alternative content type MIME fields are the result of e-mail worms.
Less frequently, this behavior can be caused by a non-Microsoft antivirus program that is running a file-level scan of the Exchange folders. The file-level scan may remove infected attachments before Small Business Server 2003 can remove the attachment.
You can ignore these events, and you do not have to run the Configure E-mail and Internet Connection Wizard. However, if you have an antivirus program that runs a file-level scan, Microsoft recommends that you configure the file-level scan to exclude the Exchange Server folders.
For additional information about file-level antivirus scanners and Exchange Server 2003, click the following article number to view the article in the Microsoft Knowledge Base:
823166 Overview of Exchange Server 2003 and antivirus software
Microsoft is researching this problem and will post more information in this article when the information becomes available.