Messaging Gateway

 View Only

  • 1.  SMG 10.6.1-3 Inbound Issue

    Posted Jul 05, 2016 06:52 AM

    Hi all,

    I encounter the inbound reject by MTA, deleted as spam and abort message after upgrading the SMG to 10.6.1-3. No blocking in front of my firewall or security features, anyone encounter this and solution?



  • 2.  RE: SMG 10.6.1-3 Inbound Issue

    Posted Jul 05, 2016 08:41 AM

    Hi,

    First, and most important - you should update to 10.6.1-4!!!

    https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160628_00

     

    Which version did you come from?

    IP connections are rejected, there is no message that can be deleted as spam ...? You see my confusion.

    Where do you encounter the problem, can you provide us a screenshot, etc to dive into?

     

    Regards

    Thomas



  • 3.  RE: SMG 10.6.1-3 Inbound Issue

    Posted Jul 07, 2016 11:03 PM

    I am updating from 10.5.3 then upgrade to 10.6.1-3. That time 10.6.1-3 is the latest version and 10.6.1.-4 release after our update. Having 2 issues:

     

    1) Message Verdict as Spam:

          - Sender can send it to Yahoo but forward from Yahoo to us is fail. Suspect due to URL Reputation Filtering

    2) Message Abort:

          - Sender can send it to Gmail but unable to us. Wondering due to new update bug?

     



  • 4.  RE: SMG 10.6.1-3 Inbound Issue

    Posted Jul 08, 2016 03:14 AM

    Hi,

    1. Are we talking about a spam rule "if a message contains redirect URL content" or the so called ultraURL feature?

    2. Have no idea what you mean, sorry. Can you see a ip connection? If yes, are they using TLS? Handshake errors ...

    Thomas



  • 5.  RE: SMG 10.6.1-3 Inbound Issue

    Posted Jul 08, 2016 04:41 AM

    1. It is not the redirect URL content. I know what you mean on that but this is new feature to check the URL in message content whether good, unknown or bad. 

    2. Yes, we can see the ip connection and not using the TLS. From the packet capture, seems like sender initial the RSET which is why SMG end the session. Still need further analyze on it

     



  • 6.  RE: SMG 10.6.1-3 Inbound Issue

    Posted Jul 08, 2016 06:12 AM

    1. so we are talking about UltraURL-feature, which means dns lookups at brightmail.com.

    In any of these cases i had to open a support ticket.

    2. Gmail messages cant connect to you, right? Are you offering starttls? If yes i would guess certificate problems on your side (expired?) or is offering client cert acitve on smg? I've only seen additional issues with missing extensions during server hello, but there are a lot more.

    If you need help there just let me know.

    Thomas



  • 7.  RE: SMG 10.6.1-3 Inbound Issue

    Posted Jul 11, 2016 05:26 AM

    I already lodge 2 tickets for these. In progress for it