Messaging Gateway

 View Only

  • 1.  Outbound Issue

    Posted Feb 15, 2010 05:25 AM
    <o name="PersonName" namespaceuri="smarttags" smarttagtype=""></o> /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:10.0pt; font-family:"Times New Roman"; mso-ansi-language:#0400; mso-fareast-language:#0400; mso-bidi-language:#0400;} Dear Users<o p=""></o>

     

    Our Scenario<o p=""></o>

    We have 2 SBG<o p=""></o>

    One is scanner and control centre and other is only scanner.<o p=""></o>

    Curruntly we are using inbound mail filtering and it is working without any issue.<o p=""></o>

    Now we have configured inbound and outbound filtering.<o p=""></o>

    we have configured one domain for inbound and another domain for outbound using 2 IPs.
    We have mapped this outbound domain with external DNS.
    then when we send mail using this outboutbond MTA (using SMTP commands as shown below) (SBG outbound domain) mail not send and we got following error from "Mail Delivery System(Mailer-Daemon@antispam.kfupm.edu.sa)"

    X-Symantec-Brightmail-Gateway-Queue-ID: 11/86-13329-FD9F87B4<o p=""></o>

    X-Symantec-Brightmail-Gateway-Sender: rfc822; <st1 st="on" personname="">ptashraf@kfupm.edu.sa</st1><o p=""></o>

    Reporting-MTA: dns; delivery<o p=""></o>

    Arrival-Date: Mon, 15 Feb 2010 10:38:07 +0300<o p=""></o>

    <o p=""> </o>

    Final-Recipient: rfc822; <st1 st="on" personname="">ashruakkode@gmail.com</st1><o p=""></o>

    Status: 5.0.0<o p=""></o>

    Action: failed<o p=""></o>

    Last-Attempt-Date: Mon, 15 Feb 2010 10:38:07 +0300<o p=""></o>

    Diagnostic-Code: smtp; 550 5.7.1 <<st1 st="on" personname="">ashruakkode@gmail.com</st1>>... Relaying denied


    But when we send mail to internal domain  and outbound policy also working.

    We are using smtp command for testing mail transfer as show below.


    *************************
    telnet 10.140.2.70 25
    Trying 10.140.2.70...
    Connected to antispamout1.kfupm.edu.sa (10.140.2.70).
    Escape character is '^]'.
    220 antispam.kfupm.edu.sa ESMTP Symantec Mail Security
    ehlo kfupm.edu.sa
    250-antispam.kfupm.edu.sa says EHLO to 10.140.1.110:44221
    250-8BITMIME
    250-PIPELINING
    250 ENHANCEDSTATUSCODES
    mail from:<st1 st="on" personname="">ptashraf@kfupm.edu.sa</st1>
    250 MAIL FROM accepted
    rcpt to:ashruakkode@gmail.com
    250 RCPT TO accepted
    data
    354 continue.  finished with "\r\n.\r\n"
    testing as outbound
    .
    250 OK 6B/D2-13329-560F87B4<o p=""></o>

    ******************************
    But if send mail to our internal domain using outbound domain ,it is sending and outbound policy also working.<o p=""></o>



  • 2.  RE: Outbound Issue

    Posted Feb 15, 2010 06:03 AM
    thorugh this MTA internal mail is routing


  • 3.  RE: Outbound Issue

    Posted Feb 16, 2010 10:53 AM
    Hi Ashraf,

    It seems like you have not configured your "Outbound Non-Local Mail Delivery" to "Use MX Lookup for non-local mail" on SMTP Settings tab.

    It would be helpful if you can provide screenshots of that page and Protocols > Domains page.

    Regards,

    Adnan


  • 4.  RE: Outbound Issue

    Posted Feb 22, 2010 11:49 AM
    Hi Ashraf,

    Can you please provide the configuration details that I had requested in my previous response?  More configuration details would be useful as the issue appears to be due to mis-configuration.

    Thanks

    Adnan


  • 5.  RE: Outbound Issue

    Posted Feb 23, 2010 05:41 AM
      |   view attached

    Attachment(s)

    doc
    screenshot_0.doc   76 KB 1 version


  • 6.  RE: Outbound Issue
    Best Answer

    Posted Feb 23, 2010 03:24 PM
    Thanks for providing the screenshot of SMTP Settings page.

    Looking at that page tells me that when you originally had the "Outbound Non-Local Mail Delivery" set to "Relay non-local mail to: mx2.kfupm.edu.sa" it resulted in the NDRs for your test emails with the following error code (that you pasted in your first comment above):

    Diagnostic-Code: smtp; 550 5.7.1 <ashruakkode@gmail.com>... Relaying denied

    But then after my suggestion to change "Outbound Non-Local Mail Delivery" to "Use MX Lookup for non-local mail", you made the suggested change and then the NDRs for your outbound test email started showing the following error (that you pasted in another forum thread):

    Diagnostic-Code: smtp; 451 4.4.1 [internal] No valid hosts (too many connection failures)

    Is my analysis so far correct?

    If yes, then it means that either:

    1) SMTP Delivery Bindings need to be changed so that outbound (non-local) mail can be delivered using the IP address that has outbound SMTP access thru the firewall
    or
    2) SBG does not have access to deliver mail outbound thru your firewall
    or
    3) SBG is not able to perform DNS lookups, again most likely due to firewall configuration

    For 1), check the SMTP Advanced Settings page and change the SMTP Delivery Bindings for for Non-local messages, then test agian.

    For 2), check your firewall and firewall logs to make sure that connections from SBG are not blocked.

    For 3), perform a dns lookup on the appliance for gmail.com domain from the CLI (command line interface) as follows:

    nslookup -querytype=mx gmail.com

    If you can successfully resolve the gmail.com domain on the appliance, then we can rule out DNS issue.

    Please try above suggestions 1), 2) and 3) in that order and test after each step and record the results after each test.  If the issue still exsits, then to troublehsoot further, please provide the following:

    a) Output of the above DNS query on the appliance

    b) Screenshot of the Advanced SMTP Settings page

    c) Screenshot of Domains page (Protocols > Domains)

    d) Screenshot of Message Queues (Status > Message Queues) showing messages stuck in the delivery queue

    e) Screenshot of a Message Audit Logs page showing the details of a test message that resulted in the NDR

    Hopefully, the above suggestions will resolve the issue and you may not need to provide items a) thru e).

    Regards,

    Adnan





  • 7.  RE: Outbound Issue

    Posted Feb 24, 2010 05:21 AM
    Dear Adnan


    Now it is working.
    I changed non-local massges to outbound IP in SMTP advanced settings
    I really apprecite your help and continuous support.

    I always respect your valuable time.

    I had one more question.
    1.I have created an annotation messge for appending all outbound messages and it is working.
    But How can put image in annotation message.

    Thanks
    Ashraf
    Syamanetc Admin
    kfupm.








  • 8.  RE: Outbound Issue

    Posted Feb 24, 2010 10:53 AM
    You are welcome.

    Can you please close this thread by marking my response that helped you solve the problem as Solution?

    It is best to create a new forum thread for a different issue/question so that it would be easier for other people to find the solution when they search.  So for the annotation question, can you please create another thread?

    Thanks

    Adnan


  • 9.  RE: Outbound Issue

    Posted Feb 27, 2010 12:36 AM
    Dear Adan

    Annotations also working.
    Thanks for your help
    Later I will create new thread for diffrent questions.

    Thanks in advance


  • 10.  RE: Outbound Issue

    Posted Feb 27, 2010 03:32 AM
    Hi Ashraf,

    Thank you for closing this thread by marking my suggestion as the solution.

    My request to open new thread for different issue/question was to simply keep things clear in a thread so that when someone is reading thru a thread, they don't get confused due to more than one thing being discussed in the thread.  Also one issue/question per thread makes it easier to search.

    Thank you for your understanding and patience.

    Regards,

    Adnan