Hi,
I found that so many rejection messages inside our 2 Symantec Brightmail Gateway version 9.0.1-1 ,
/data/logs/scanner/audit_mta_logYEARMONTHDAY0000
where the xxx.xxx.xxx.xxx is the ip address of the connection come from,
---------------------------------------------------------
1284614565|cb5c5643-b7b3aae000003aff-26-4c91a9a55599|IRCPTACTION|<none>|msg_reject_other
1284614585|cb5c5643-b7b3aae000003aff-27-4c91a9b93407|ACCEPT|xxx.xxx.xxx.xxx:46417
1284614585|cb5c5643-b7b3aae000003aff-27-4c91a9b93407|IRCPTACTION|<none>|msg_reject_other
1284614603|cb5c5643-b7b3aae000003aff-28-4c91a9cb91e2|ACCEPT|203.92.86.167:53310
1284614605|cb5c5643-b7b3aae000003aff-29-4c91a9cdb6a1|ACCEPT|xxx.xxx.xxx.xxx:46427
1284614605|cb5c5643-b7b3aae000003aff-29-4c91a9cdb6a1|IRCPTACTION|<none>|msg_reject_other
1284614625|cb5c5643-b7b3aae000003aff-2a-4c91a9e16e23|ACCEPT|xxx.xxx.xxx.xxx:46437
1284614625|cb5c5643-b7b3aae000003aff-2a-4c91a9e16e23|IRCPTACTION|<none>|msg_reject_other
1284614645|cb5c5643-b7b3aae000003aff-2b-4c91a9f5e8df|ACCEPT|xxx.xxx.xxx.xxx:46447
1284614645|cb5c5643-b7b3aae000003aff-2b-4c91a9f5e8df|IRCPTACTION|<none>|msg_reject_other
1284614665|cb5c5643-b7b3aae000003aff-2c-4c91aa094255|ACCEPT|xxx.xxx.xxx.xxx:46457
1284614665|cb5c5643-b7b3aae000003aff-2c-4c91aa094255|IRCPTACTION|<none>|msg_reject_other
1284614685|cb5c5643-b7b3aae000003aff-2d-4c91aa1de0df|ACCEPT|xxx.xxx.xxx.xxx:56117
1284614685|cb5c5643-b7b3aae000003aff-2d-4c91aa1de0df|IRCPTACTION|<none>|msg_reject_other
1284614705|cb5c5643-b7b3aae000003aff-2e-4c91aa3181e1|ACCEPT|xxx.xxx.xxx.xxx:56127
1284614705|cb5c5643-b7b3aae000003aff-2e-4c91aa3181e1|IRCPTACTION|<none>|msg_reject_other
1284614725|cb5c5643-b7b3aae000003aff-2f-4c91aa45c188|ACCEPT|xxx.xxx.xxx.xxx:56137
1284614725|cb5c5643-b7b3aae000003aff-2f-4c91aa45c188|IRCPTACTION|<none>|msg_reject_other
1284614745|cb5c5643-b7b3aae000003aff-30-4c91aa59d150|ACCEPT|xxx.xxx.xxx.xxx:56147
1284614745|cb5c5643-b7b3aae000003aff-30-4c91aa59d150|IRCPTACTION|<none>|msg_reject_other
1284614765|cb5c5643-b7b3aae000003aff-31-4c91aa6d7325|ACCEPT|xxx.xxx.xxx.xxx:56157
1284614765|cb5c5643-b7b3aae000003aff-31-4c91aa6d7325|IRCPTACTION|<none>|msg_reject_other
1284614773|cb5c5643-b7b3aae000003aff-32-4c91aa75b29f|ACCEPT|203.92.86.55:38517
1284614773|cb5c5643-b7b3aae000003aff-32-4c91aa75b29f|IRCPTACTION|<none>|msg_reject_other
1284614773|cb5c5643-b7b3aae000003aff-33-4c91aa75a01e|ACCEPT|203.92.86.55:38518
1284614773|cb5c5643-b7b3aae000003aff-33-4c91aa75a01e|IRCPTACTION|<none>|msg_reject_other
1284614785|cb5c5643-b7b3aae000003aff-34-4c91aa818fb3|ACCEPT|xxx.xxx.xxx.xxx:56167
1284614785|cb5c5643-b7b3aae000003aff-34-4c91aa818fb3|IRCPTACTION|<none>|msg_reject_other
---------------------------------------------------------
but we are able to send/receive email through our Symantec Brightmail Gateway version 9.0.1-10 , only concern about those message , how we can find out whether that message due to certain policies/rules implemented ?
Thanks,
Cheers,
harris