AntiSpam Service died-v19

I PM'd you the ID.  It's good for 48 hours.  Is there a way I'll know when you're done so I can turn this back off?

Thanks!

So only Sophos has access to this device now and Sophos is not changing any configuration etc. We will report back, if there is any kind of Feedback. 

So DEV took a look into your installation. It seems like you are affected by this: https://support.sophos.com/support/s/article/KB-000042345?language=en_US

Essentially your hardware is "to old to support the standards we are using". Is this true based on your used hardware? 

Seems unlikely. 

24 x Intel(R) Xeon(R) CPU E5-2695 v2 @ 2.40GHz

I'm using the kvm64 processort on the virtual machine.  Perhaps I'll try a different virtual CPU.

Also the previous version of XG worked fine.  Prior to that, I used UTM on this hardware for about 4 years.

I change the CPU type in the VM to IvyBridge, and things seem to be working so far. "Host" also works.  Thanks for the tip and for looking into it.  kvm64 may not provide these flags.

https://qemu-project.gitlab.io/qemu/system/qemu-cpu-models.html

https://forum.proxmox.com/threads/enable-kvm-cpu-ssse3-support.106032/

My Antispam service won't start since upgrading to version 19, I'm still currently using pfSense and was test driving the virtual Sophos XG 8 months ago but couldn't get its SSL decrypt to work with a Microsoft Windows CA, I recently powered up the XG again and managed to get CA/Decrypt stuff working and also upgraded to v19, but now the antispam service won't start, I wanted test this feature as pfSense's IP blocking (pfBlockerNG) isn't successfully blocking spam email (Local Microsoft Exchange... I'm old skool) as well as I'd like, as I get between 5 to 50 spam messages a day, this might have been the Sophos XG Firewall's time to shine, anyway I'm running the XG on Hyper-V and "grep flags -m1 /proc/cpuinfo" shows ssse3 as available so I have no Idea why services won't start, does anyone have any ideas or is this (still) a known bug? 

My recent experience with the anti spam engine indicates on my machine at least it is a memory issue. Anti spam uses about 15% or more at startup and my machine runs with a lot of memory used at startup until all the various functions have settled down then the anti spam will start automatically. The delay is about 5 minutes when the memory use has dropped to 70% then goes over 80% when anti spam starts.

ian

 I changed the memory from 4GB to the max of 6GB of the home lab version, and no joy the service still won't start. The Control Center says memory usage is only at 46%. Thanks for the suggestion none the less.

Here the same problem. I created a ticket already, for the moment DEV will look onto our XG-Cluster.
Possible solutions that support tell me are reimage of the XG Cluster and Restart. We cant reimage our HA-cluster after every firmwareupdate. We invest in these to have zero downtime.

I actually recommend and implement networking equipment as part of my day Job, the Sophos XG is quite impressive compared to Palo alto, Juniper etc... but having a firmware update process that doesn't at least warn about missing CPU features (granted that doesn't seem to be my issue) or having this AntiSpam Service issue for over a month unresolved would make me think twice to recommend this in a production environment. Hopefully Sophos figures out what's causing this and release a patch ASAP, asking to rebuild a cluster/HA setup is pretty extreme and no doubt defeats the purpose. Please keep us posted on your progress.