Messaging Gateway

 View Only
Back to discussions
Expand all | Collapse all

Problem with releasing message from quarantine

  • 1.  Problem with releasing message from quarantine

    Posted May 14, 2010 12:18 PM
    I'm having an issue with our Brightmail gateway.

    Since we upgraded from v8 to v9 I am no longer able to release a message from the spam quarantine.

    I've reviewed other threads from this problem and most suggest to manually an SMTP host (Admin -> Control Center -> SMTP) which I have already done (currently set to the IP of our internal mail server).

    This is the error I get in the control center log when I try to release a message:
    "[http-41443-Processor11] ERROR - com.brightmail.common.BrightmailException: null ; nested exception is:
      com.sun.mail.smtp.SMTPSendFailedException: 530 user must authenticate on this port"

    Any help is appreciated.


  • 2.  RE: Problem with releasing message from quarantine

    Posted May 14, 2010 12:33 PM

    It sound like the server you are sending the release quarantine has SMTP Auth enabled.  From the BCC command line, what happens when you telnet <ip address> port#




  • 3.  RE: Problem with releasing message from quarantine

    Posted May 28, 2010 05:55 PM
    Sorry to respond so late. I figured I would recieve an email about the update to the thread.

    Our mail server does use Outgoing Authentication.

    What is the 'BCC Command line' ?

    Thanks again,

    Noah


  • 4.  RE: Problem with releasing message from quarantine

    Posted Jun 01, 2010 12:00 PM
    What is BCC Command Line
    Symantec Brightmail has two functions - Scanner, and Control Center.  BCC = Brightmail Control Center.  If you have only a single system you'd have the Scanner and Control Center functions on the same server.

    BCC command line is accessed by using an SSH client to connect to the Unix command line.

    What software is running on your internal server (the IP you set under Admin -> Control Center -> SMTP?   Is there a restriction on that server as to what IP addresses are allowed to send to it?  If so, look on Brightmail Admin -> Configuration ->  Control center system (listed under role).   On the ethernet tab, do you have more than one IP address configured?  If so, next go to the SMTP tab, then at the bottom of the page, Advanced.   Look at the Delivery and then a bit down to SMTP Delivery Bindings.  Verify that the IP next to Messages destined for the Control Center: is "trusted" by your internal server.

    BTW: You'll get a notification if you look at Subscriptions on this page, and check "Posts tagged with Brightmail Gateway.

    Good luck.




  • 5.  RE: Problem with releasing message from quarantine

    Posted Jun 01, 2010 01:47 PM
    I accessed the BCC command line and was able to telnet to the SMTP server we have set (192.168.1.8 port25) and got a response, so our mail server is recieving on Port 25.

    The IP we have set for Admin -> Control Cneter -> SMTP is 192.168.1.8 Port 25 which is our internal mail server.

    For the 'Scanner and control center host' we have only 1 IP address listed (192.168.1.15) although there is a sperate IP for the scanner itself (192.168.1.16)

    The SMTP delivery bindings are as follows:
    Local: 1.15 (Scanner and Control Center)
    Non-Local: Auto
    Dynamically Router: Auto
    Messages Destined: 1.15 (Scanner and Control Center)

    192.168.1.15 is trusted by our internal server.

    Keep in mind that we were able to release quarantined messages without issue until we upgraded from version 8 to version 9. As far as I know, no configurational changes were made suring this time.

    Thanks for your continuted help.




  • 6.  RE: Problem with releasing message from quarantine

    Posted Jun 01, 2010 02:30 PM

    Stumped me.  I'd do a tcpdump from the support account next and see what's really happening.  That the test command line test didn't see a auth request has me puzzled.

    Have you opened a case with Symantec?


  • 7.  RE: Problem with releasing message from quarantine

    Posted Jun 01, 2010 02:52 PM

    We have a NFR Brightmail which no longer comes witha  support contract.

    Something odd:
    I don't believe I made any changes to the Brightmail Gateway, but when I tried to re-run the telnet tests from the BCC command line I get nothing but bad port errors.

    Example telnet 192.168.1.8 Port25 throws a bad port error.



  • 8.  RE: Problem with releasing message from quarantine

    Posted Jun 01, 2010 04:16 PM

    I have to ask ...   telnet 192.168.1.8 25   -- right?  not literally "port25"  Appologies in advance.  Since you don't have support, I'd recommend a packet capture and take a look at it with something like wireshark to see what happens during the converstation with 192.168.1.8.


  • 9.  RE: Problem with releasing message from quarantine

    Posted Jun 01, 2010 04:29 PM
    telnet 192.168.1.8 25
    Trying 192.168.1.8...
    Connected to 192.168.1.8
    220 mail.tkcomp.com

    So definately seem like its able to connect to the server using that port.

    Thanks for your help.


  • 10.  RE: Problem with releasing message from quarantine

    Posted Jun 04, 2010 06:40 AM


    Hey Guys,

    Just connecting via telnet doesn't prove anything here as from the original error we know the Control Center was able to make a connection to 192.168.1.8, the error came furhter in the SMTP conversation when the Control Center got the '530 user must authenticate on this port' error.  So continue with telnet to test sending a message and then see if you get this error. 

    To me it definitely sounds like the issue is with 192.168.1.8 not accepting the messages from the Control Center...

    Kevin