Messaging Gateway

 View Only

  • 1.  A confusing inbound/outbound message flow issue - Brightmail gateway appliance 8300

    Posted Jul 29, 2010 10:56 AM
    Hi All,

    A werid thing has happened to us whilst we were migrating our two Brightmail gateway appliances to a new DMZ and WAN link recently.
    Our appliances have always been configured to accept inbound (external) email through ethernet 1 and deliver it once scanned etc to an internal SMTP server through ethernet 2. Likewise internal email flowwing externally should be sent from out SMTP servers to the ethernet 2 IP and then once processed be sent externally via ethernet 1.  This was the case before we moved the appliances as we can verify by looking at our old firewalls logs..
    To move the appliances we needed to re-IP them as well as physically re-patch them to the new DMZ and so we were advised to run the 'clear osconfig' command, reboot and re-enter the new configuration etc.  This went well and we were then able to reconnect the devices to the control centre (a seperate dedicated appliance). At this point we could then test email flow and our results were a little surprising.
    Inbound external email was coming through our public IP for this device and entering via ethernet 1 but was then being sent to the internal SMTP servers via the same interface (ethernet 1). External bound email was going into the appliance via ethernet 2 (as per the SMTP servers config) and then being delivered externally from ethernet 2 as well.

    The new DMZ runs on a more tightly controlled firewall with more exacting rule sets which expect traffic to be flowing externally (to the internet) from these devices through ethernet 1. This therefore created errors in the firewall rules and so email was being blocked from being sent externally.
    Now we could just change our firewall rules to allow this traffic to go through these ethernet ports as per teh new behaviour but I am a little concerned as to why this could have changed since all we habe done is effectively change the IP's of the devices.  I have backup copies of teh original osconfig.xml files and have verified that the same external/internal config was present on the device previously and I even took a screeshot of the ethernet and smtp config pages from the control centre before we made any of these changes and the setups are identicle except for the new IPs in place.

    Has anyone else seen this behaviour from their gateway devices or have we just missed someting out in the process of migrating the devices somewhere? 


  • 2.  RE: A confusing inbound/outbound message flow issue - Brightmail gateway appliance 8300
    Best Answer

    Posted Jul 29, 2010 01:20 PM

    Is this SBG 9?  On each scanner, look at Admin, Host, SMTP, Advanced, Delivery Tab,  and verify the traffic bindings are correct e.g. Local messages, and non-local messages are associiated with the IP of the correct interface.


  • 3.  RE: A confusing inbound/outbound message flow issue - Brightmail gateway appliance 8300

    Posted Jul 30, 2010 04:55 AM
    Hi Cricket17,

    We are currently only running version 8.0.2 (upgrading this to 9 shortly after the migration).  I've just cheked these settings and the appliance which was routing the email incorrectly had the wrong interfaces selected in that section of the advanced settings.  We've changed the settings and the firewall instantly started seeing the traffic route correctly.

    Thanks very much for your help! :)


  • 4.  RE: A confusing inbound/outbound message flow issue - Brightmail gateway appliance 8300

    Posted Jul 30, 2010 10:26 AM

    Thanks for the Solution tag. Glad to help.