I need a solution
hi,
does SMG 10.6.2 supports active directory 2016 ? recently one of my customers upgraded the AD to 2016 from 2008 and all the emails were hold in queue emails released only when i deleted the DDS .
0
↧
SMG 10.6.2 with AD 2016
↧
Allow SMG to receive all mails..
I need a solution
Hi All,
I just want to configure SMG 10.6.3-2 to receive all mails. Scanning should not works..
0
↧
↧
Changing NIC in Hyper-V VM
I need a solution
Hello, I need to move our existing SMG VM to another Hyper-V Cluster, so I exported the existing one and imported it into the new Hyper-V Host. After starting the VM there was no eth0 anymore, even though there is one in the VM Hardware settings. How can I re-configure the eth0 interface?
0
↧
Please improve the Search Filters in Quarantine!
I need a solution
Good Day!
As we are facing a high number of incoming Spam Mails and also Mails that get stuck in Quarantine, we do have to Sort and Filter to mark them as SPAM or NOT SPAM.
I'd like to clean the Quarantine giving specific Filters like Subjects in quotations. This is not possible in Symantec Messaging Gateway 10.6.3-2 or I cant seem to find a solution yet.
The Problem is, that I can set a Filter, but it shows me all Mails where these words are in.
For Example:
If I search for the Subject [Spam] hi --> This gives out a big list with other subjects aswell, even Subjects without the letters "hi"
But I'd like to use the filter as followed "[Spam] hi" -->This should give out all Mails with the Subject [Spam] hi and no other Mails.
This should work for all other Search Filters To, From and Message ID aswell...
Best Regards,
Marc
0
↧
Issues Sending to Domains Under Messagelabs
I need a solution
Hi there,
We have been experiencing ongoing sending issues to many domains that utilize Messagelabs services. Most boucebacks that we are receiving state that messages are being delayed, in which the messages are not sent at all. We have confirmed that we are not on any kind of blacklist and all of our SPF records are correct. We have noticed many threads on the Symantec site explaining that this is an ongoing issue with messagelabs services and we are experiencing that exact same problems. Are we able to have some assistance looking into this issue? Our IP is 184.71.14.234, thank you for your help. Here is a link with similar issues that we too are experiencing:
https://www.symantec.com/connect/forums/problems-emails-going-through-messagelab-servers
Thanks,
Daxtech
0
↧
↧
SMG 10.6.2 with AD 2016
I need a solution
Hi,
does the the version 10.6.2 supports Actrive Directiry 2016 for DDS ( authentication / address resolution ) becasue i had an issue after upgrading the AD were the emails for some reason stopped and it only worked once i deleted the DDS configuration .
0
↧
New Spider Ransomware
I do not need a solution (just sharing information)
Just wondering has anyone encountered this coming into to any SMG appliances they manage. Just read about this new variant and know I will be asked soon if our SMG protects us from this one. Good write up attached below if your interested. Looks as though it's making it's way through Bosnia now, wondwering if folks in the rest of world will also be seeing this.
We are running V10.6.3-2. Latest update from Symantec to defs was just a few minutes ago.
https://www.netskope.com/blog/spider-new-thread-ra...
0
↧
An external email detected as internal...
I need a solution
Recently I detected that one of my outgoing policies detected an external mail as if it were internal .... which caused that an automatic response email was sent to a domain that did not correspond ... what could be the problem for this to happen?
I received many errors like this for that mail. Maybe like 50 errors...
Attempted Delivery to: default-non-local-route | viernes, 15 dic, 2017 08:41:34 PM ART | 451 4.4.1 [internal] connection was not attempted: domain is marked down (too many connection failures) |
How can I prevent this from happening again?.
Thanks.
0
↧
How do I get removed from Blacklist?
I need a solution
Hi,
How do I go about getting removed from Symantec's blacklist / blocklist?
I've tried using this: http://ipremoval.brightmail.com/lookup/
but it's not working.
Thanks!
0
↧
↧
Does SMG affected by Meltdown and Spectre?
I need a solution
Any idea guys?
Haven't see official statement on this, logically the answer should be yes hmm
0
↧
Symantec Gateway web interface not working
I need a solution
Hi,
how to start web interface to configute symantec gateway?
Linux is installed, but no web interface is running on that machine.
0
↧
Symantec Messaging Gateway Alert - A service is not responding or working
I need a solution
Hi,
We keep getting this alert every 30mins:
======================= ALERT NOTIFICATION ================================
The following system components are not responding/working:
Host Component Problem
---------------------------------------------------------------------------
sgw1 AGENT Stopped
---------------------------------------------------------------------------
I have tried rebooting the apllication but no luck. Any advises please?
Thank you.
0
↧
Inbound mail relays/routes manually but not automatically
I need a solution
Hi there,
I'm currently running Symantec Messaging Gateway 10.6.4-3 using the VMware ovf deployment virtual appliance. This product is currently in 30 day evaluation and I'm trying to get the product tested and up and running before I load of our domain and users onto to it. I've tried raising a support case with Symantec but they will not help without a support contract and I've explained that I'm not buying a support contract for a product that I can't get to work in evaluation mode.
I've got the SMG configured with 2 NIC's, the first NIC has an external IP address (212.**.***.***) and the second NIC has an internal IP address (10.10.254.80). At the moment I'm only trying to get the SMG to route inbound mail coming in on my external IP address which should be scanned and then passed onto my Exchange server port 25 which sits on internal IP 10.10.254.10.
I have the domain configured within "Protocols --> Domains" and I can see that it says "Destination Routing: Host: 10.10.254.10:25".
When I send test emails through to the SMG, I can see that messages are being accepted on the external NIC, and in the "Message Audit Log" it shows "Deliver message nomally".
The problem I have is that all inbound mail sits in the "Message queues" and never gets relayed automatically to my internal Exchange server. I can see in the "message queues" page, each test email displays the correct route for each domain and I receive the error message for each email "421 4.4.0 [internal] Failed to connect: no mail servers for this domain could be reached at this time".
Eventually, after a few days this error changes to "451 4.4.1 [internal] Connection was not attempted: domain is marked down (too many connection failures)".
Initially I thought my Exchange server must be blocking connection or rejecting messages, but if I manually put the Exchange IP address into "New route" and then manually click "Reroute All", all emails are successfully delivered to the exchange server and appear in the test mailbox.
I've also used telnet from the command line on the SMG and sucessfully sent test messages to the Exchange server, these messages were also sucessful.
If I give my exchange server an external IP address and then tell SMG to route messages to the exchange server over the external NIC, messages are getting delivered to Exchange. Unfortunately I don't have enough spare IP addresses to do this permanently, mail has to route internally to my exchange server, automatically.
Maybe I'm missing something here, but I would appreciate any help with this before I spend a ton of money on licenses.
Kind regards,
Peter
0
↧
↧
SPAM mails not delivered in quarantine.
I need a solution
Hi
We just found out that SPAM mails that are marked with action "Hold message in Spam Quarantine" does not get delivered to the quarantine folder under "SPAM" -> "Email SPAM". The SPAM quarantine is completely empty.
When looking in the Audit log I can see that the mails i being marked with "Hold message in Spam Quarantine". Under Delivery I can see that it failes to deliver the email with the following error.
451 4.4.1 [internal]connection was not attempted: domain is marked down (too many connection failures)
Under Transient Delivery Attempts I can see that it tries to deliver the mail to an old IP adress that is not in use. But I don´t know where it gets that IP from, or how to change it.
Can anyone help me?
I have attached a screenshot from the log.
Best regards
Thomas
0
↧
SMG: SPF checking, what happen if sender has no SPF record?
I need a solution
Let's say we turn-on SPF check at SMG, what would happen if the sender has no SPF record?
As we all know, not many org defined SPF record at their DNS....(which is a shame...)
From my understanding, even if SPF record is defined but misconfigured...it can cause chaos
0
↧
Chunking of X-Brightmail-Tracker message header
I do not need a solution (just sharing information)
In version 9.4.45 and 9.5.3, the X-Brightmail-Tracker message header was chunked into nice short pieces (i.e., less than 80 characters).
In version 9.9.13, the X-Brightmail-Tracker message header is no longer broken up into short pieces.
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFmpjkeJIr... and so on for 802 characters.
This is causing us some grief.
Can you confirm that this was a deliberate change and tell us in what version the change occurred?
Jack
0
↧
SMG - spam and Delete message on 4 of 5 recipients
I need a solution
Dear All,
I'm using SMG software version: 10.6.4-3, on Message Audit Logs i have an email with 5 recipients and it says Verdict: spam and action: Delete message on 4 of them but only one(the fifth) received the message with action delivered normally, may i ask how SMG decide who will receive the same message and who no.
Thank's
0
↧
↧
Upgrade Messaging Gateway from 10.6.0-7 to 10.6.4*
I need a solution
Hi good people,
l run 1 controller and 4 scanners . l need to update them to the latest stable release. l am not sure of proper upgrade paths because l have got a lot of feedback with different approcahes. Can you prescibe a better upgrade path.l was thinking of doing this
- Backup everything manual
- upgrade one scanner at a time
- When upgrading each scanner l need to make sure the scanner is not processing any e-mails
- l need to upgrade from 10.6.0-7 to 10.6.2-3 and then do phased upgrade to the next edition until the latest edition
- l am better of doing a CLI upgrade that the GUI one
Please assist if there is a better way of doing this.
0
↧
SMTP warnings and forwarded impossible email from spam quarantine
I need a solution
Dear Syymantec Support,
I have two problems with the Symantec Message Gateway. First of all, on the mxtoolbox.com the smtp test has two warnings since there is SMG:
Test Result
SMTP Banner Check Reverse DNS does not match SMTP Banner
SMTP TLS Warning - Does not support TLS.
On the other hands, if i want to forward an e-mail from spam quarantine, then i get this message: "Cannot release the message. It has either been released already or a deivery error occurred. Please Check Brigtmail Log for details."
The Brigtmail Log says: "Feb 20 2018 19:40:07 [http-bio-443-exec-9] [QuarantineManager] ERROR - error.quarantine.unable.release.delivery javax.mail.MessagingExpection: Could not connenct to SMTP host: .... "
I hope you can help solve this problem. Thanks in advance.
0
↧
Symantec messaging gateway Birthday attacks against TLS ciphers / Sweet32
I need a solution
Hello,
We are running the latest version Symantec Messaging Gateway, we scanned this system on vulnerabilities with Qualys secure scan.
Qualys found one vulnerability with severity 3: Birthday attacks against TLS ciphers / Sweet32 CVE-2016-2183
How do we fix this in the gateways webconsole?
THREAT:
Technical Report page 11
Legacy block ciphers having block size of 64 bits are vulnerable to a practical collision attack when used in CBC mode.
All versions of SSL/TLS
protocol support cipher suites which use DES or 3DES as the symmetric encryption cipher are affected.
IMPACT:
Remote attackers can obtain cleartext data via a birthday attack against a long-duration encrypted session.
SOLUTION:
Disable and stop using DES and 3DES ciphers.
The following openssl commands can be used to do a manual test:
openssl s_client -connect ip:port
-cipher "DES:3DES" -ssl2
openssl s_client -connect ip:port -cipher "DES:3DES" -ssl3
openssl s_client -connect ip:port -cipher
"DES:3DES" -tls1
openssl s_client -connect ip:port -cipher "DES:3DES" -tls1_1
openssl s_client -connect ip:port -cipher
"DES:3DES" -tls1_2
If any of these tests is successful, then the target is vulnerable to Sweet32.
Thanks,
LEVD
0
↧