Quantcast
Channel: Symantec Connect - Messaging Gateway - Discussions
Viewing all 1067 articles
Browse latest View live

Symantec Email Submission Client (SESC) error message

0
0
I need a solution

I want to use SESC, but can't configure it after installation:

Here is my environment:

Windows Server 2012 Native AD

Windows Server 2008 R2, Exchange Server 2010 SP3

Symantec Mail Gateway

When I try to launch the program to configure, I have the problem as outlined in this article:

http://www.symantec.com/business/support/index?pag...

The SID in question is S-1-18-1 (AUTHENTICATION_AUTHORITY_ASSERTED_IDENTITY), which is new for Windows Server 2012 - as listed here: 

http://msdn.microsoft.com/en-us/library/cc980032

Is there any workaround or date when this problem will be addressed?

Thanks,

John


Block Specific language on the specific domain

0
0
I need a solution

Hi, 

I am facing Spams on SMG , these spams are in different languages. i want to block external mails of different languages but on specific domains. As some domains wants to recieve external mails and mostly they are in different languages 

Is it possible in symantec messaging gateway to block externals mails of specific language on specific domains ??

 

Regards, 

Irteza 

Messages do not appear in quarantine.

0
0
I need a solution

Hi,

Some emails are not showing up in my quarantine, they appear to have been quarantined in the "Message Audit Logs" but are not listed in quarantine, below is my current log:

2013 Mar 25 08:11:16 BRT (err) ecelerity: [2277] sieve: /data/mta/etc/recipient_validation.siv:96 sms_dds_is_valid: DDS call failed.
2013-03-25T07:56:14-03:00 (ERROR:31566.2756295568): [57007] Gatekeeper module: Failure evaluating dictionary rules.
2013-03-25T07:56:14-03:00 (ERROR:31566.2756295568): [57009] Gatekeeper module: Failed to apply rules for attachment dictionary scanning.
2013-03-25T07:56:14-03:00 (ERROR:31566.2756295568): [57155] Gatekeeper module: Failed to downcase utf8 string. Error: failed to convert ustr to lowercase.
2013-03-25T07:56:09-03:00 (ERROR:31566.2829724560): [57007] Gatekeeper module: Failure evaluating dictionary rules.
2013-03-25T07:56:09-03:00 (ERROR:31566.2829724560): [57009] Gatekeeper module: Failed to apply rules for attachment dictionary scanning.
2013-03-25T07:56:09-03:00 (ERROR:31566.2829724560): [57155] Gatekeeper module: Failed to downcase utf8 string. Error: failed to convert ustr to lowercase.
2013 Mar 25 07:31:09 BRT (err) ecelerity: [2277] sieve: /data/mta/etc/recipient_validation.siv:96 sms_dds_is_valid: DDS call failed.
2013 Mar 25 07:20:32 BRT (err) ecelerity: [2277] sieve: /data/mta/etc/recipient_validation.siv:96 sms_dds_is_valid: DDS call failed.
2013-03-25T07:12:26-03:00 (ERROR:31566.2819234704): [23005] Unable to verify reinsertion code for sac.cert@singlepoint.com.br
2013 Mar 25 07:04:27 BRT (err) ecelerity: [2277] sieve: /data/mta/etc/recipient_validation.siv:96 sms_dds_is_valid: DDS call failed.

2013-03-24T23:45:23-03:00 (ERROR:2277.3019508624): [45011] DDS client: XML-RPC call returned fault 800206 - Attempt to authenticate to data source failed: srjctcpdad01.abnote.int

2013-03-24T19:08:35-03:00 (ERROR:31566.2829724560): [23005] Unable to verify reinsertion code for sac.cert@singlepoint.com.br

Can anyone help me with this, I did not find anything more specific about what is happening.

Thank you,
Arthur Sant'ana Fernandes

Need to block outgoing mail using Symantec Brightmail Gateway

0
0
I need a solution

We need to block users to send mail to particular mail id [EG: abc@yahoo.co.in]  Is there any possiblity to block a particular mail id [EG: abc@yahoo.co.in] in Symantec bright mail gateway. We blocked the mail id in Symantec bright mail gateway by selecting Reputations -> Bad senders -> Local Bad senders Domain. But it seems to be only incoming mail is blocked. Please help

Policy to block my own e-mai domain (Blocking XYZ.com (my domain from outside)

0
0
I need a solution

 

 

If all spam mails are originating from my domain we just need to block all received external mails received from my domain. How can we do this . 

 

Thanks

 

Symantec Messaging Gateway 10.0.1 receiving email problem

0
0
I need a solution

Hi guys,i'm new here.kinda need help on our messaging gateway.

Situation :(SENDER LOCAL USER+EXCHANGE+SMG 10.0.1)  >>   (MAIL+RECEIVER)
                got no problem to send out and being log by the SMG 10.0.1

               

                (SENDER LOCAL USER+EXCHANGE+SMG 10.0.1)  <<   (MAIL+RECEIVER) 

                 receiver email cannot come in and there's no error capture by log or anything.But it only happen on one specific domain sender only.We're not  

                suspecting the problem cause by them because before this we have use fortimail and barracuda and got no problem at all with that domain.

So if you guys got any clues for my problem it will very much helpful.

Symantec Mail Gateway - Behind TMG

0
0
I need a solution

Gents

Software in this set up

1 x Forefront TMG 2010

2 x Exchange CAS/HUB in NLB set up

1 x Mail Gateway 10.0.2 Virtual Edition

Just finished an implementation of a Mail Gateway Appliance, i have set up the appliance behind a Microsoft TMG 2010, Mail arrives from outside, pass thru TMG then gets filtered on the Mail Appliance then it delivers it to my Client Access Array.

All works well but then after these past 3 days i have noticed a large amount of blocked connections attemps made by the forefront to the Mail Appliance i think, this is what it is on the diagnostics:

The FULL log is attached.

Any help would be appriciated.

2013 Mar 31 01:54:32 (notice) stunnel: LOG5[19264:3086904208]: Protocol negotiations succeeded
2013 Mar 31 01:54:33 (notice) stunnel: LOG5[19264:3086904208]: Certificate accepted: depth=3, /C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
2013 Mar 31 01:54:33 (notice) stunnel: LOG5[19264:3086904208]: Certificate accepted: depth=2, /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5
2013 Mar 31 01:54:33 (notice) stunnel: LOG5[19264:3086904208]: Certificate accepted: depth=1, /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)10/CN=VeriSign Class 3 International Server CA - G3
2013 Mar 31 01:54:33 (notice) stunnel: LOG5[19264:3086904208]: Certificate accepted: depth=0, /C=US/ST=California/L=Mountain View/O=Symantec Corporation/OU=Messaging and Web Security/CN=SWUPDATE.BRIGHTMAIL.COM
2013 Mar 31 01:54:34 (notice) stunnel: LOG5[19264:3086904208]: Certificate accepted: depth=3, /C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
2013 Mar 31 01:54:34 (notice) stunnel: LOG5[19264:3086904208]: Certificate accepted: depth=2, /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5
2013 Mar 31 01:54:34 (notice) stunnel: LOG5[19264:3086904208]: Certificate accepted: depth=1, /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)10/CN=VeriSign Class 3 International Server CA - G3
2013 Mar 31 01:54:34 (notice) stunnel: LOG5[19264:3086904208]: Certificate accepted: depth=0, /C=US/ST=California/L=Mountain View/O=Symantec Corporation/OU=Messaging and Web Security/CN=SWUPDATE.BRIGHTMAIL.COM
2013 Mar 31 01:54:34 (notice) stunnel: LOG5[19264:3086904208]: Connection closed: 404 bytes sent to SSL, 498 bytes sent to socket
2013 Mar 31 01:57:35 (notice) syslog-ng[1884]: STATS: dropped 0
2013 Mar 31 02:01:28 (notice) stunnel: LOG5[19264:3086904208]: Service pseudo-https accepted connection from 127.0.0.1:54456
2013 Mar 31 02:01:28 (notice) stunnel: LOG5[19264:3086904208]: connect_blocking: connected 172.31.255.251:8080
2013 Mar 31 02:01:28 (notice) stunnel: LOG5[19264:3086904208]: Service pseudo-https connected remote server from 172.31.255.233:64091
2013 Mar 31 02:01:28 (notice) stunnel: LOG5[19264:3086904208]: Negotiations for connect (client side) started
2013 Mar 31 02:01:41 (err) stunnel: LOG3[19264:3086904208]: CONNECT request rejected
2013 Mar 31 02:01:41 (notice) stunnel: LOG5[19264:3086904208]: Connection reset: 0 bytes sent to SSL, 0 bytes sent to socket
2013 Mar 31 02:01:41 (notice) stunnel: LOG5[19264:3086904208]: Service pseudo-https accepted connection from 127.0.0.1:54459
2013 Mar 31 02:01:41 (notice) stunnel: LOG5[19264:3086904208]: connect_blocking: connected 172.31.255.251:8080
2013 Mar 31 02:01:41 (notice) stunnel: LOG5[19264:3086904208]: Service pseudo-https connected remote server from 172.31.255.233:64094
2013 Mar 31 02:01:41 (notice) stunnel: LOG5[19264:3086904208]: Negotiations for connect (client side) started
2013 Mar 31 02:02:05 (err) stunnel: LOG3[19264:3086904208]: CONNECT request rejected
2013 Mar 31 02:02:05 (notice) stunnel: LOG5[19264:3086904208]: Connection reset: 0 bytes sent to SSL, 0 bytes sent to socket
2013 Mar 31 02:02:05 (notice) stunnel: LOG5[19264:3086904208]: Service pseudo-https accepted connection from 127.0.0.1:54462
2013 Mar 31 02:02:05 (notice) stunnel: LOG5[19264:3086904208]: connect_blocking: connected 172.31.255.251:8080
2013 Mar 31 02:02:05 (notice) stunnel: LOG5[19264:3086904208]: Service pseudo-https connected remote server from 172.31.255.233:64097
2013 Mar 31 02:02:05 (notice) stunnel: LOG5[19264:3086904208]: Negotiations for connect (client side) started
2013 Mar 31 02:02:29 (err) stunnel: LOG3[19264:3086904208]: CONNECT request rejected
2013 Mar 31 02:02:29 (notice) stunnel: LOG5[19264:3086904208]: Connection reset: 0 bytes sent to SSL, 0 bytes sent to socket
2013 Mar 31 02:02:29 (notice) stunnel: LOG5[19264:3086904208]: Service pseudo-https accepted connection from 127.0.0.1:54465
2013 Mar 31 02:02:29 (notice) stunnel: LOG5[19264:3086904208]: connect_blocking: connected 172.31.255.251:8080
2013 Mar 31 02:02:29 (notice) stunnel: LOG5[19264:3086904208]: Service pseudo-https connected remote server from 172.31.255.233:64100
2013 Mar 31 02:02:29 (notice) stunnel: LOG5[19264:3086904208]: Negotiations for connect (client side) started
2013 Mar 31 02:02:53 (err) stunnel: LOG3[19264:3086904208]: CONNECT request rejected
2013 Mar 31 02:02:53 (notice) stunnel: LOG5[19264:3086904208]: Connection reset: 0 bytes sent to SSL, 0 bytes sent to socket
2013 Mar 31 02:02:53 (notice) stunnel: LOG5[19264:3086904208]: Service pseudo-https accepted connection from 127.0.0.1:54468
2013 Mar 31 02:02:53 (notice) stunnel: LOG5[19264:3086904208]: connect_blocking: connected 172.31.255.251:8080
2013 Mar 31 02:02:53 (notice) stunnel: LOG5[19264:3086904208]: Service pseudo-https connected remote server from 172.31.255.233:64103
2013 Mar 31 02:02:53 (notice) stunnel: LOG5[19264:3086904208]: Negotiations for connect (client side) started
2013 Mar 31 02:03:17 (err) stunnel: LOG3[19264:3086904208]: CONNECT request rejected
2013 Mar 31 02:03:17 (notice) stunnel: LOG5[19264:3086904208]: Connection reset: 0 bytes sent to SSL, 0 bytes sent to socket
2013 Mar 31 02:03:17 (notice) stunnel: LOG5[19264:3086904208]: Service pseudo-https accepted connection from 127.0.0.1:54471
2013 Mar 31 02:03:17 (notice) stunnel: LOG5[19264:3086904208]: connect_blocking: connected 172.31.255.251:8080
2013 Mar 31 02:03:17 (notice) stunnel: LOG5[19264:3086904208]: Service pseudo-https connected remote server from 172.31.255.233:64106
2013 Mar 31 02:03:17 (notice) stunnel: LOG5[19264:3086904208]: Negotiations for connect (client side) started

Symantec Mail Gateway Blocking Incoming SMTP with 554 5.7.1

0
0
I need a solution

Gents

Got a Printer situated on a remote office wich can authenticate with user name a password, also a billing server wich can also authenticate with user name and password, before the addition of the Symantec Mail Gateway Appliance the authentication happened at the TMG layer, right now i have to place a publish rule on the TMG to force all SMTP on port 25 to the mail gateway in order for all my mail to be filtered. This is working great for users and ipad and iphones and every other device.

I am having issues with a Printer and a VoIP Billing solution wich needs to be able to send email for reporting reasons and the Printer is a MFP so it used to scan docs and send them via email.

The accounts are all authotized to send i can confirm by loggin in to the Outlook Web Portal and sending a fewa emails.

If i remove the Mail gateway and put the authorization back on the TMG all works again.

Printers comes from a PUBLIC IP, so does the VoIP Billing device, i can clearly see the connection been rejected at the anti Spam top rejected reports.

On the printer i have no errors but on the VoIP solution a i can a distinct error 554 5.7.1.

Please help.


Symantec Messaging Gateway 10

0
0
I need a solution

Hi 

 

Plz i have some issue with install with Symantec Messaging gateway 10, i have alerday Symantec Spam and licence expire in this month and i have buy  Symantec Messaging gateway 10.in install i have message <<i need appliance >>> but i have only Win Server 2003.

 

Best Regards

Symantec Messaging Gateway 10.0.1 does not block spam comming from internal mail host

0
0
I need a solution

Hi All,

I have a setup with two scanners and one control center. The second scanner only receive e-mail from an SMTP relay in the cloud.

There is no filtering happening on the SMTP relay and I was expecting the spam filtering to be done on the second scanner, but it appears that the scanner accepts all e-mail from the relay without applying any filtering.

I have the following SMTP configuration on the second scanner :

  • I only accept e-mails from the ip address of the relay on port 2525
  • the ip address of the relay has been added to the Internal Mail Hosts list

According to Symantec documentation, that's how it should be done. The external relay should be listed on the Internal Mail Hosts list and spam should be filtered:

http://www.symantec.com/business/support/index?pag...

http://www.symantec.com/business/support/index?pag...

Any help would be greatly appreciated.

Thanks,

Christophe

 

 

How to enable support account on SMG?

0
0
I need a solution

There is account for support on SMG that has greater accress than standard admininstrator created during installation. How can i enable this account? I need to run tcpdump and it is not available with standard admin account.

SMG multiple certificates for TLS

0
0
I need a solution

Hello, I just need an answer to my question.

I have a SMG and multiple certificates imported. How can I know which certicate will be choosen?

Thank you

 

Rudolf

SMG gateway - SMTP Protocol Returned a Permanent Error 552 Message size exceeds fixed maximum message size

0
0
I need a solution

When I send email to outside , I always get this error message if the mailsize is big,

SMTP Protocol Returned a Permanent Error 552 Message size exceeds fixed maximum message size

However, I have already checked on the mail server and smg smtp server and the maximum message size I have set to 20MB,

but actually my mail was around 8MB, still getting bounce back of the Error 552.

 

I updated the setting of SMG from here:-

Administration > Hosts > Configuration/Edit/SMTP tab, Advanced Settings -

Outbound SMTP Configuration > adjust the maximum message size on inbound and outbound already.

 

Do I have any more place to check?

 

Thanks

 

 

Where can i find the Release notes of the SMG 10.0?

0
0
I need a solution

Where can i find the Release notes of the SMG 10.0?

8573301
1365057362
2861871

filter emails by verdict

0
0
I need a solution

Hi all,

in Symantec Messaging Gateway 9.5.4 I cannot Filter audit logs using Verdict as a mandatory filter but only as an optional one. Is there a way to ignore mandatory filter and search just by optional filter (i.e. setting "all" as mandatory filter value)?

Regards


Spam Quarantine Summary is not getting delivered

0
0
I need a solution

Hi,

We have Novell Groupwise as our Email servers. We have just installed SMG and everything seems to be working fine, except that the Daily Spam Quarantine Reports are not getting delivered at all.

We configured it with Administrator option only, but no summary report is delivered to admin as per schedule.

We also configured it with are Active Directory server and also with our Email server settings. The test is successful while configuring the directory integration. Also the status of the Spam Report Summary task in the scheduled task of the notification is not showing any errors. But no Summary report is getting delivered to either Administrator or any users.

We want users to get the list of their spam quanrantine summary report on daily basis, without any authentication if possible.

There is nothing much in the logs as well.

Can someone guide on this error ?

Thanks,

Drivesafely

OK guys, how do you enforce TLS with Brightmail?

0
0
I need a solution

It seems like the whole world has gone crazy with TLS enforce requirements.

 

We have been running with opportunistic TLS for ages, even before Brightmail and never thought twice about it.  We have other solutions for *real* email encryption.

 

Recently it seems many companies have "discovered" TLS and they think that this is some kind of a super-duper new tchnology. Some large companies even have entire departments dedicated to TLS.   And then they send us a long list of their domains to which they want us to enforce TLS, or else they won't do business with us.

 

So I go to Protocols/Domains and add their domains as non-local, with the require TLS option.

 

But eventually the list of domains there has grown quite large (170 entries currently). And now each time I go to Protocols/Domains, it takes a loooong time to display them.

 

But that's not the bad part. The bad part is that each time I add a new domain to the list (or edit an existing entry), I start getting alerts from our Brightmail scanner appliances saying that they crashed and/or a bad message was De-queued.

 

It seems Brightmail can only handle so few entries in the Protocols/Domains list before it starts throwing fits when you add one more entry.

Spam Submission Invalid

0
0
I need a solution

Hi Guys,

I facing a typical Issue while submitting a sample spam. I have configured Customer Specific Spam Submission feature and tryting to submit a sample spam, it gets submitted successfully but while i am checking the audit log for the same it says: (error 256) submission invalid: message is not RFC 5322 compliant and (error 274) Submission Invalid: message does not have a body.

For further clarification please see the attached screen shot of the Submission Details page. request you all to post your valuable information and solutions.

 

Symantec Messaging Gateway are not receiving some external emails.

0
0
I need a solution

Mail clients in am environment defended by a Symantec Messaging Gateway are not receiving some external emails.

Mailer-Daemon@mail.mydomen.ru

From - Wed Apr 10 13:39:28 2013
X-Account-Key: account3
X-UIDL: 218
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:                                                                                 
Received: from mail.mydomen.ru (172.16.xxx.200) by MAIL1.mydomen.mydomen.ru
 (172.16.xxx.201) with Microsoft SMTP Server id 14.3.123.3; Wed, 10 Apr 2013
 13:39:24 +0400
From: Mail Delivery System <Mailer-Daemon@mail.mydomen.ru>
Message-ID: <E1.00.26303.24335615@mail.mydomen.ru>
To: <adm@mydomen.ru>
Subject: Undelivered Mail Returned to Sender
Date: Wed, 10 Apr 2013 13:39:14 +0400
Content-Type: multipart/report; report-type=delivery-status;
	boundary="qzuYxZ/o9Yko2XW4GKYzNfClxu7DIvieOjuOPA=="
Return-Path: <>
X-MS-Exchange-Organization-AuthSource: MAIL1.mydomen.mydomen.ru
X-MS-Exchange-Organization-AuthAs: Anonymous
MIME-Version: 1.0
I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.

For further assistance, please send mail to <postmaster>

If you do so, please include this problem report. You can
delete your own text from the attached returned message.

<email@dest.ru>: 550 5.7.1 Sender ID (PRA) Not Permitted
X-Symantec-Messaging-Gateway-Queue-ID: B1/00-26303-C3335615
X-Symantec-Messaging-Gateway-Sender: rfc822; adm@mydomen.ru
Reporting-MTA: dns; mail.mydomen.ru
Arrival-Date: Wed, 10 Apr 2013 13:39:14 +0400

Final-Recipient: rfc822; email@dest.ru
Status: 5.7.1
Action: failed
Last-Attempt-Date: Wed, 10 Apr 2013 13:39:14 +0400
Diagnostic-Code: smtp; 550 5.7.1 Sender ID (PRA) Not Permitted

--qzuYxZ/o9Yko2XW4GKYzNfClxu7DIvieOjuOPA==
Content-Description: Undelivered Message
Content-Type: message/rfc822

X-AuditID: c0a809fa-b7f986d0000066bf-0a-5165333ce521
Received: from MAIL1.mydomen.mydomen.ru ( [172.16.xxx.201])	by mail.mydomen.ru (Symantec
 Messaging Gateway) with SMTP id A1.00.26303.C3335615; Wed, 10 Apr 2013
 13:39:08 +0400 (MSK)
Received: from [127.0.0.1] (192.168.xxx.114) by MAIL1.mydomen.mydomen.ru
 (192.168.xxx.240) with Microsoft SMTP Server id 14.3.123.3; Wed, 10 Apr 2013
 13:39:18 +0400
Message-ID: <5165332D.5050906@mydomen.ru>
Date: Wed, 10 Apr 2013 13:38:53 +0400
From: =?UTF-8?B?0KDQvtC80LDQvQ==?= <adm@mydomen.ru>
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20130328 Thunderbird/17.0.5
To: <email@dest.ru>
Subject: =?UTF-8?B?0L/RgNC+0LLQtdGA0LrQsCDQvtGC0L/RgNCw0LLQutC4IDEy?=
Content-Type: text/plain; charset="UTF-8"; format=flowed
Content-Transfer-Encoding: 8bit
Return-Path: adm@mydomen.ru
X-Originating-IP: [192.168.xxx.114]

Exchange 2010 SP2 (MAIL1.mydomen.mydomen.ru 172.16.xxx.201) + Symantec Messaging Gateway Version 10.0.1 (mail.mydomen.ru 172.16.xxx.200 )

TECH163559 Assigning the Symantec Messaging Gateway IP to relay exceptions in mail server will resolve this issue.- yes

DNS Records:

mydomen.ru. MX. 10. mail.mydomen.ru. IN. 86400

v=spf1 a mx a:mail.mydomen.ru ip4:89.249.YY.YY include:spf.unisender.com -all

mail.mydomen.ru. A. 212.33.XX.XX.

Message Audit Logs Symantec Messaging Gateway :

Wednesday, Apr 10, 2013 01:47:23 PM MSKadm@mydomen.ruemail@dest.rutestNoneDeliver message normally

 

Outgoing email with blank field in the From

0
0
I need a solution

 

When I do a search in the messages audit logs for outgoing messages with "Mandatory filter value: <>". I found emails with blank field in the From. What could be happening?
 
I have Domino 8.5.2 FP 2 in my environment.
 
Thanks in advance.
Viewing all 1067 articles
Browse latest View live




Latest Images