Messaging Gateway

We've just moved from SBG 8.14 to 9.0 (appliance running on Linux). The following day, I've got these on my email: Error 1: ======================= ALERT NOTIFICATION ================================ The Directory Data Service status is as follows: Host : Local Host ( ) Date : Tuesday, Aug 24, 2010 08:28:03 AM HKT Status : A directory data integrity error has occurred. An email address is associated with more than one directory entry. Please check the directory data service logs for more information. =========================================================================== Error 2: ======================= ALERT NOTIFICATION ================================ The Directory Data Service status is as follows: Host : Local Host ( ) Date : Tuesday, Aug 24, 2010 11:18:54 AM HKT Status : A directory data access error has occurred. Please check the directory data service logs for more information. =========================================================================== Error 3: ======================= ALERT NOTIFICATION ================================ The following system components are not responding/working: Host Component Problem --------------------------------------------------------------------------- Local Host () MTA (Inbound) Stopped MTA (Outbound) Stopped MTA (Delivery) Stopped Any troubleshooting tips would greatly help. Thanks.

Just started the MTA agent via shell terminal.
I also downloaded the logs.
Here's a few of them, basicallythe rest are like this:

Aug 24 2010 13:28:43 [SmtpConsumer_0000_017] ERROR - Quarantine failed to resolve email address someone's_email. DDS has encountered an error.
com.brightmail.common.BrightmailException: null ; nested exception is:
  com.brightmail.service.ldap.impl.DDSClientException: Invalid query start (base DN) specified for LDAP data source. DDS error code: 800410
 at com.brightmail.service.ldap.impl.DDSClientHelper.quarantineResolveAddress(DDSClientHelper.java:564)
 at com.brightmail.bl.quarantine.SpamMessageHandler.headers(SpamMessageHandler.java:157)
 at com.brightmail.service.smtp.impl.SmtpConsumer.storeHeaders(SmtpConsumer.java:336)
 at com.brightmail.service.smtp.impl.SmtpConsumer.run(SmtpConsumer.java:206)
Caused by: com.brightmail.service.ldap.impl.DDSClientException: Invalid query start (base DN) specified for LDAP data source. DDS error code: 800410
 at com.brightmail.service.ldap.impl.DDSClientHelper.localizeDdsException(DDSClientHelper.java:933)
 ... 4 more
Aug 24 2010 13:28:43 [SmtpConsumer_0000_016] ERROR - Invalid query start (base DN) specified for LDAP data source. DDS error code: 800410
com.symantec.sms.dds.api.exception.XMLRPCServerFaultReceivedException: An error occured while attempting to make a request of the DDS server at localhost:41018. server fault code: [800410]  server message: [Invalid search base: mail_server]
 at com.symantec.sms.dds.api.impl.XMLRPCClientDDS.transformXmlRpcException(XMLRPCClientDDS.java:484)
 at com.symantec.sms.dds.api.impl.XMLRPCClientDDS.qAddrResResolveAddress(XMLRPCClientDDS.java:365)
 at com.brightmail.service.ldap.impl.DDSClientHelper.quarantineResolveAddress(DDSClientHelper.java:552)
 at com.brightmail.bl.quarantine.SpamMessageHandler.headers(SpamMessageHandler.java:157)
 at com.brightmail.service.smtp.impl.SmtpConsumer.storeHeaders(SmtpConsumer.java:336)
 at com.brightmail.service.smtp.impl.SmtpConsumer.run(SmtpConsumer.java:206)
Caused by: org.apache.xmlrpc.XmlRpcException: Invalid search base: mail_server
 at org.apache.xmlrpc.client.XmlRpcStreamTransport.readResponse(XmlRpcStreamTransport.java:186)
 at org.apache.xmlrpc.client.XmlRpcStreamTransport.sendRequest(XmlRpcStreamTransport.java:145)
 at org.apache.xmlrpc.client.XmlRpcHttpTransport.sendRequest(XmlRpcHttpTransport.java:94)
 at org.apache.xmlrpc.client.XmlRpcSunHttpTransport.sendRequest(XmlRpcSunHttpTransport.java:44)
 at org.apache.xmlrpc.client.XmlRpcClientWorker.execute(XmlRpcClientWorker.java:53)
 at org.apache.xmlrpc.client.XmlRpcClient.execute(XmlRpcClient.java:166)
 at org.apache.xmlrpc.client.XmlRpcClient.execute(XmlRpcClient.java:136)
 at org.apache.xmlrpc.client.XmlRpcClient.execute(XmlRpcClient.java:125)
 at com.symantec.sms.dds.api.impl.XMLRPCClientDDS.qAddrResResolveAddress(XMLRPCClientDDS.java:360)
 ... 4 more

We've temporarily rerouted incoming and outgoing emails to a different appliance (SBG 8). I've checked the Message queue and there are hundreds of emails there before, but when we rerouted, the queue shortly became empty. I think they also did something to the DNS.

Duplicate entries pretty much explains itself. This is an issue for version 9 due to the new LDAP engine. Please see this document:

Title: 'Symantec Brightmail Gateway 9.0 DDS - Error: AddressNotUniqueException: Address <address> is not unique. The following entries share the same email address.'
Document ID: 2010031606285754
> Web URL: http://service1.symantec.com/SUPPORT/ent-gate.nsf/docid/2010031606285754?Open&seg=ent

Thanks for the info JDavis.

I'm going to apply this on our SBG. It's currently offline and we'll do some test in a while.
I'm still not sure why the MTA suddenly stopped and what prevented the emails from being released by SBG.

I've done what the article says and more.
Only recipient validation is enabled to be able to use the "Reject Invalid Recipients" feature for all the mail servers (Lotus Notes). And only one of three mail servers  is enabled for email authentication at the moment.
I'm still not sure which is causing the problem of SBG not sending the emails - either the Address Resolution or having multiple LDAPs. I've disabled the Control Center Authentication based on the Administrator guide stating that it is used by clients to access the quarantine folder and we don't allow the clients to access that in the first place.
I've also disabled the address resolution.

Everything's working, so far.