Quantcast
Channel: Symantec Connect - Products - Discussions
Viewing all 1044 articles
Browse latest View live

Messaging Gateway "Relay Access Denied"

July 14, 2015, 11:40 am
$
0
0
I need a solution

Hi,

I'm new to SMG an am in the process of configuring my first two Messaging Gateway Virtual Edition (10.5.4-4).  I'm trying to configure the SMGs as a hop in between our Exchange Environment and our current edge infrastructure.  Emails route in fine from the edge, through the SMEs to Exchange.  When I try to test a route back from Exchange to SME that will route upstream to the edge devices, SME refused the message from Exchange with a '#5.7.1 smtp; 554 5.7.1 user@domain.com Relay access denied ' message.

I've tried looking under the administration/hosts/configuration/smtp and made sure the Exchange server IPs were list under both inbound and outbound and they are also listed under  administration/hosts/configuration/internal Mail Hosts.  Anyone have an idea of what I might be missing?

Search

Add support for VMXNET3 network drivers to messaging gateway

July 16, 2015, 10:42 am
$
0
0
I need a solution

We recently deployed Symantec Messaging Gateway 10.5.4-4 and tried to use the VMXNET3 network driver which provides superier performance in a VMWare virtual environment. This driver is not installed and we would like this driver included or a way to add the driver as cpu usage is considerably higher when using other adapter types (E1000)

SMG fails to receive email when Opportunistic TLS is used

July 21, 2015, 6:05 am
$
0
0
I need a solution

When I client who uses Mimecast emails us, and mimecast uses opportunistic TLS, SMG rejects the messages with a retry later.

The message header contains a failed TLS negotiation

Unable to initiate TLS - Possible CA Problem - sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

INFO |0716-101804 070|...|||Error Code|21040|Socket closed

The SMG is running the latest updates 10.5.2

We can email the client fine. Anyeon else expercing issues wiht this or similar  ?

Why is SMG not falling bakc to clear if TLS negotiation fails. Why is TLS failing ?

thank you in advance

1437563084

Receiving mails from external local domain

July 23, 2015, 11:10 am
$
0
0
I need a solution

Hello,

We have Symantec Messaging Gateway, version 10.5.4-4. We want to receive mails from a DB Sever, but these mails are rejected for the following reason:

"Rejected message by MTA, MAIL-FROM domain does note exist in DNS".

Domain sender is a local domain, so it doesn't have "A", "AAAA" or "MX" DNS registers. It's active the option "Reject messages where the domain provided in the MAIL FROM address has neither an "A", nor an "AAAA", nor an "MX" record in DNS" (Protocols - Settings - SMTP) and we don't want to disable this option.

So, I thought to add the IP Address in [Administration - Hosts - Configuration - Outbound - Accept outbound mail connections from the following IP addresses and domains], but I'm not sure if it's going to work.

So, we need to be able to receive emails from this server, without disabling the option mentioned above.

If we add the Server's IP address where I said before, Is it enough? Or we have to do something else?

And if not... any solution?

Thanks in advance,

David

SMG Header showing IPs

July 24, 2015, 10:38 am
$
0
0
I need a solution

SMG is showing private IPs on the header section, some work was done to remove this before but was before I got hands on the tool, based on old forums, I followed the path through under Administration -> Configuration -> <scanner name> -> SMTP -> Advanced Settings inside the Delivery tab, but Im dead on the water at that point, I'm not sure which option to go to since this solution is from 2012.

Please advise, thanks in advance.

Symantec SMG Reconfigre Routes and Change IP Address

July 26, 2015, 11:39 am
$
0
0
I need a solution

I'm in the process of changing the IP address of SMG 10.5 but most of the commands in the command line document is now working for me.

For example "delete osconfig". Am I missing something?

When I attempt to add route it tell me it can't reach network. What am I supposed to do here?

Moonshine: error return from add_pmc_stats.

July 27, 2015, 3:59 pm
$
0
0
I need a solution

Hi, were can I find more information about the following message?

Date:
Monday, Jul 27, 2015 04:55:32 PM CDT
Severity:
Error
Host:
SERVER_NAME
Log type:
Brightmail Engine
Description:
Moonshine: error return from add_pmc_stats.

As the link (help) says, it does not occur very often.

https://support.symantec.com/en_US/article.TECH102...

How can I check if it is a problem on the computer itself, such as damaged system files?

Thanks in advance

SBG BACKUP AND RESTORE

July 27, 2015, 10:48 pm
$
0
0
I need a solution

Hi Team,

How to resotre backup of symantec messaging gateway database .

smg version 10.5.3.4

We have new Appliance want to restore old appliance backup to new appliance.

Search

How to configure SMG- Expanded URL Reputation filtering properly?

August 5, 2015, 12:41 am
$
0
0
I need a solution

Hi,

I'm recieving more phishing emails contain malicous url which redirecting to malicous web site.
I'm using Symantec Messaging Gateway. Do realise that the SMG "Expanded URL Rputation filtering" feature is useful on this matter. However I'm not sure how to configure ir properly.

Can anyone advise:

i ) is the SMG "Expanded URL Rputation filtering" feature is useful on this matter?
ii) if so, is there any paper/guidelines I can refer for this configuration?

Need content filter rule to block messages with '=' in Return-Path header

August 11, 2015, 8:52 am
$
0
0
I need a solution

We've been experiencing an increase in messages getting through our Messaging Gateway as well as our customer's gateways.  This stuff goes in cycles, obviously, and the filters usually catch up but this time they haven't been.  Following all of the official and community best practices.  We've reduced a lot of the junk by lowering the directory harvesting thresholds down to 3 invalid recipients but this still results in a lot of messages getting through.

While reviewing the headers of these messages I found that the Return-Path is *almost always* formatted like this:
RandomName-RecipientsAddress@SenderDomain

The important detail is that the @ in the RecipientAddress portion is replaced with =, for example:
JohnDoe-myemail=address.com@sender.domain.com

Simple solution seems to be create a content filter rule to look for '=' in the Return-Path header.  I've tried this two ways and it does not work consistently, if at all.  Anybody have any ideas on what I'm doing wrong?  Is this a bug?  Here are the conditions I've tried:

If text in Message header "Return-Path" contains 1 or more occurrences of "="

If text in Message header "Return-Path" matches regular expression "^.*\=.*?"

Seems like this should be a no brainer but something isn't right.

Thanks!

SYMANTEC MESSAGING gateway 10.5.4-4

August 12, 2015, 6:43 am
$
0
0
I need a solution

hello community,

SMG setup:

A is a SMG gateway to the internet for all in / out of my company  (this is a VM) 10.5.4-4

B is another SMG right after A for other mail routing but all mail passes thru B as well in /out (this is a VM) as well 10.5.4-4

A and B both have the same SPAM filtering settings (delete mail with spam).

Problem: B is catching spam that A should have caught. <-- this is not right

Settings:  Both A and B are allowed (thru the firewall) to go where ever neeed to get virus and spam defs; basically they are allowed to make any                              connection to symantec or brightmail servers to get updates < this is NOT the issue, this works perfectly.

               Sender Authentication is off on A and B and DKIM is off

PLease help

Any way to make a scanner specific policy rule in Brightmail?

August 13, 2015, 9:37 pm
$
0
0
I need a solution

Hi all. We have had Brightmail messaging gateway for many years, and I am quite good with it  :)

We have two scanner appliances in Europe and two in USA.

And one control center appliance for all four scanners.

I am hopring that there is a way to make a content scanning policy rule scanner-specific (I want a Europe-specific action if the message is being processed by one of the European scanners)

451 qq temporary problem (#4.3.0)

August 3, 2015, 11:41 pm
$
0
0
I need a solution

Hello,

I have a user who complaint that his recipient unable to receive his emais. I have checked audit log in symantec mail gateway and it show "451 qq temporary problem (#4.3.0)". Any idea?

We running on Exchange 2010. The user is using Outlook client to send the emails.

SMG Policy Group imported from Active Directory is not working with content filtering policy

August 20, 2015, 1:26 am
$
0
0
I need a solution

I wonder why if i imported a group in my active directory for my policy group and apply a policy for it, its not working.

If I enter the mail individually on a policy group it works fine.

checked that the correct content filtering is applied to the policy group

SMG 10.5 - Suspected Spam

August 24, 2015, 2:08 am
$
0
0
I need a solution

Hi,

Have an outbound email that has a Suspected Spam verdict, kindly advice if there's any adjustment needed:

  • Filter Policy:    suspected spam: send message to the spam quarantine
  • Verdict: Suspected spam
  • Scanner Actions:    Modify the subject line, Hold message in Spam Quarantine
  • Quarantine Actions:    None
  • Day Zero Actions:    None
  • Content Incident Folder Actions:    None
  • Untested Verdicts:    Customer-specific Spam, Message was sent from a suspect spammer, Disarm, Unscannable for Disarm, User allow, User reject, Directory Harvest Attack, Connection Classification, , , , , , , , , , , Bounce attack signature present, Bounce Attack, Blocked language, Known language

SMG-Threshold.jpg 

Thanks a lot in advance.

Regards,

Raleigh

Search

How to generate CSR with multiple Domains

August 27, 2015, 4:43 am
$
0
0
I need a solution

I want to use TLS Encryption on my SMG Appliances . For this I want to buy a Certificate from a well know third party company however I need to generate a CSR . When you generate a CSR , you can only mention one Common Name whereas we want to generate a certificate which can support upto 7-8 Host Names  ( Subject alternative Names) and be usable by 4 SMG MTAs .

How can I do this via SMG Certificate Settings GUI .

Why is Symantec Messaging Gateway dropping connections from spesific IP address?

September 2, 2015, 2:08 am
$
0
0
I need a solution

We have been told by an external contact that emails sent to us is often returned with the message "You are not allowed to connect".

I found the connection IP from one of the emails that were accepted and tried to look it up under Reputation Tools > Find Sender, but got "The sender does not belong to any sender group.". Then I tried IP Reputation Lookup and got the following:

ipreplookup.png

I cannot find a reason why so many connections are rejected. Filtering Connection IP in Message Audit Logs returns a list of thousands of rejected connections with Action "Rejected message by MTA".

How can I find the reason for connection rejections?

1441348161

How can I customized the policy to meet the "reply-to" requirement

September 8, 2015, 12:28 am
$
0
0
I need a solution

Hi guys,

How can I customized the policy to meet the "reply-to" requirement in SMG. We are currently suing SMG version 10.5.3-4.

This is because we experienced a spam email from example: example@gmail.com, but when we hit "reply-to" it come out with different email address.

Can help me to tackle this issue?

Thanks

Enabling Spam Policies

September 10, 2015, 1:49 am
$
0
0
I need a solution

Hi All,

I have a doubt on enabling the email polices that are pre-configured in the appliance. I'm referring to the "Marketing Email/Newsletter/Suspicous URL".

When I enable, these polices refine the the email that are insise the bounds of "Suspected Spam" ?

Just to better explain: our range of suspected spam is among 72 and 89. If I enable these policies, all the email that are inside this range (rather then bieng delivedered as they are) are further checked by these policies ?

Thanks in advance for your reply/interest.

Cheers.

ACTION REQUIRED: UPDATE TO Symantec Messaging Gateway (SMG) 10.5.4 before 2016-01-01 to preserve the ability to retrieve Brightmail anti-spam rulesets and upgrade to new versions of appliance software.

September 10, 2015, 6:52 am
$
0
0
I do not need a solution (just sharing information)

Customers not currently on Symantec Messaging Gateway 10.5.4 or later are strongly advised to update by December, 31st 2015, to continue to receive updates past January 2016.

For more information, please see https://support.symantec.com/en_US/article.ALERT1868.html?

Viewing all 1044 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>