- Products
- Network Security
Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
Security ServicesComprehensive security for your network security solution
Network Security ManagerModern Security Management for today’s security landscape
- Advanced Threat Protection
Capture ATPMulti-engine advanced threat detection
Capture Security applianceAdvanced Threat Protection for modern threat landscape
- Access Security
Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
Secure Mobile AccessRemote, best-in-class, secure access
Wireless Access PointsEasy to manage, fast and secure Wi-FI
SwitchesHigh-speed network switching for business connectivity
- Email Security
Email SecurityProtect against today’s advanced email threats
- Cloud Security
Cloud App SecurityVisibility and security for Cloud Apps
Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
- Endpoint Security
Capture ClientStop advanced threats and rollback the damage caused by malware
Content Filtering ClientControl access to unwanted and unsecure web content
- Product Widgets
- Product Menu Right Image
- Network Security
- Solutions
- Solutions Widgets
- Solutions Image Widgets
- Solutions Widgets
- Partners
- Partner Widgets
- Partners Image Widgets
- Partner Widgets
- Support
- Support Widget
- Support Image Widgets
- Support Widget
- Products
- Network Security
- Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
- Security ServicesComprehensive security for your network security solution
- Network Security ManagerModern Security Management for today’s security landscape
- Advanced Threat Protection
- Capture ATPMulti-engine advanced threat detection
- Capture Security applianceAdvanced Threat Protection for modern threat landscape
- Access Security
- Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
- Secure Mobile AccessRemote, best-in-class, secure access
- Wireless Access PointsEasy to manage, fast and secure Wi-FI
- SwitchesHigh-speed network switching for business connectivity
- Email Security
- Email SecurityProtect against today’s advanced email threats
- Cloud Security
- Cloud App SecurityVisibility and security for Cloud Apps
- Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
- Endpoint Security
- Capture ClientStop advanced threats and rollback the damage caused by malware
- Content Filtering ClientControl access to unwanted and unsecure web content
- Product Widgets
- Product Menu Right Image
- Network Security
- Solutions
- Solutions Widgets
- Solutions Image Widgets
- Solutions Widgets
- Partners
- Partner Widgets
- Partners Image Widgets
- Partner Widgets
- Support
- Support Widget
- Support Image Widgets
- Support Widget
How to rebuild the thumbprints for Email Security
03/26/2020 
1,531 People found this article helpful
47,549 Views
Description
How to rebuild the thumbprints for Email Security (to address the Thumbprint is Stale Alert or fix a corrupted thumbprint/ MySQL database).
Resolution
This article is to address the Thumbprint is Stale Alert. This alert can take place due to corruption of the thumbprint database or some update files relating to the thumbprint databases.
NOTE: This Article does not apply to email security software/appliance version 7.4.0 to 7.4.5 so if you are running any version between 7.4.0 - 7.4.5 then please upgrade the firmware to 7.4.6 or higher and then follow steps mentioned for respective firmware.
For windows servers: Versions 7.2.x - 7.3.6
(To fully rebuild all Thumbprint databases from scratch)
- Stop the Email Security Services using the shortcut in Start | Programs | SonicWall Email Security | Stop all services shortcut.
- Delete the collab directory. Location:
C:\Program Files\SonicwallES\Plugin\default\collab - Note: do not rename folders in the Email Security Directories.
- Start the Email Security Services using the shortcut in Start > Programs > Sonically Email Security > Start all services shortcut.
- Check to see that the cola directory has been recreated. It may take a few moments for all services to start.
For appliances: Versions 7.2x – 7.3.6
(To fully rebuild all Thumbprint databases from scratch)
- Install “putty”- a telnet client from the Internet ( you can download it from Internet )
- Open putty and put in the VIP address of Email security device and port “22”
- Login as : “snwlcli”
- Login: admin
- Password : (admin password that you use for logging in the Web)
- On the Cli prompt type the following commands
Once connected to the appliance'S clip, to recreate the thumbprint database, issue the following at the CLI prompt:
Example:
SNWLCLI>cleanupdcdatabase
Please note: This will require a reboot of the server, so do not execute this unless you can afford a reboot during that time.
For windows servers: Versions 7.4.6 – 9.0.x
Note: The following commands are only available in 7.4.6 and higher. Please upgrade to at least 7.4.6 to run these commands.
- Stop the Email Security Services using the shortcut in Start | Programs | SonicWall Email Security | Stop all services shortcut.
- From a command prompt run the following command:
C:\Program Files (x86)\SonicWallES\mlfworkr.exe" -cleanupmariadbdata NOTE: If mlfworkr.exe is not found in Program Files (x86), look for it in Program Files - Delete the collab directory. Location:
C:\Program Files (x86)\SonicWallES\PluginDefault\collab
As the Email Security can be run only on the 64-bit Windows, the path starts by default with "C:\Program Files (x86)". - Start the Email Security Services using the shortcut in Start | Programs | SonicWall Email Security | Start all services shortcut.
- Check after a few moments to see that a new collab folder is created.
Please Note that this command will rebuild all mysql databases, Thumbprints and Reports Database.
For appliances: Versions 7.4.6 – 9.x.x
- Log into the CLI using Putty.
- Install “putty”- a telnet client from the internet ( you can download it from internet )
- Open putty and put in the IP address of Email security device and port “22”
- Login as : “snwlcli”
- Login: admin
- Password : (admin password that you use for logging in the WebUI)
- On the CLI prompt type the following commands
SNWLCLI:>stop appservices( it will take few minutes to stop services and come back to the prompt)SNWLCLI:>mysql -dodbrecovery( This command can take 5- 10 minutes and come back to the prompt)SNWLCLI :> cleanupdcdatabase. (The last command will ask for a confirmation to reboot.)
Once reboot is completed the Thumbprint databases and Reports database will initiate the rebuild.
It will take about 30-45 minutes to finish the download and processing of the thumbprints and insert into the MySQL databases.
Note: Older model Appliances (ES200 - ES500) can take much longer to process the updates. If you receive Thumbprint stale alerts still while rebuilding, please restart services and monitor the Thumbprint info page.
Please note that if you are receiving MySQL down alerts you will need to perform the complete rebuild as outlined above.
Selective Rebuilds
For windows server command line: Versions 7.2.x - 7.3.6
(To rebuild thumbprint databases per letter): Selective Rebuild
- Open a command line window on the affected server.
- Navigate to the install directory of Email Security. (Example: C:\Program Files\SonicwallES)
- Execute the following:
mlfworkr -rebuildcollabdb -all - (This command will effectively rebuild all thumbprint databases. If you wish to rebuild specific thumbprint databases based on the specific letter, simply specify the relative letter. Example: -rebuildcollabdb <c|e|g|h|i|p|t|all> Rebuild one (or all) collab db from archived tpd files).
(To rebuild thumbprint databases per letter):
1. Once connected to the appliance's cli, to rebuild the thumbprint database by letter, issue the following at the CLI prompt.
Syntax is as follows: -rebuildcollabdb <c|e|g|h|i|p|t|all>
Example:
SNWLCLI> rebuildcollabdb all
(To recreate thumbprints from scratch, this may be the case in the event that rebuildcollabdb does not resolve the alert issue)
Selective Rebuilds
For windows server command line: Versions 7.4.6 – 9.0.x
Support does not recommend running the ALL command In the CLI.
Please use the full rebuild commands above instead.
mlfworkr -rebuildcollabdb < AT | CT | DT | HT | IM | IP | NM | PH | TT | VR | XB | geoip | pdata | sdata | all >
Download new copies of thumbprint databases from the data center
(This command will effectively rebuild all thumbprint databases. If you wish to rebuild specific thumbprint databases based on the specific letter, simply specify the relative letter.)
The same command is used for appliances and their related build as above.
If in question type help rebuildcollabdb in the CLI to see the syntax for usage
rebuildcollabdb < AT | CT | DT | HT | IM | IP | NM | PH | TT | VR | XB | geoip | pdata | sdata | all >
Download new copies of thumbprint databases from the data center
How to rebuild Thumbprint databases from the UI (all versions).
Log into the UI and then change the end of the URL to Diag.html
example: https://10.61.249.2/index.html > Change to https://10.61.249.2/diag.html
Click the Thumbprint Info link.
You will now see the Thumbprints page where you can click a link to force a download of a specific database.
Related Articles
- SonicWall Hosted Email Security FAQ
- Email Security Junk Box & Message Log Update Issues (Y2K22 Bug)
- Email Security Junk Box & Message Log Update Issues - Y2K22 Bug
Categories
- Email Security > Email Security Appliance
- Email Security > Email Security Software
- Email Security > Hosted Email Security
YES
NO