MSMQ 4.0 runs with the Network Service account instead of Local System

The changes in security between Windows XP and Windows Vista have thrown up one or two problems for MSMQ. Take this one:

You cannot send or receive encrypted Message Queuing messages after you upgrade a computer from Windows XP to Windows Vista

The move to running MSMQ under the (less privileged) Network Service account instead of (all powerful) Local System means that the service doesn't have all the access permissions that it used to. In this case, after upgrading, the machine key files are no longer available. The file permissions need to be changed and the keys regenerated before you can make use of encryption again on the machine.