messaging gateway 10.0.1-2 on a VMWare appliance; some flavor of linux. 

Audit logs report that traffic received from just one IP is sometimes delivered normally and sometimes fails due to "logical ip = not available".  That ip and his domain are in the "good sender" lists.  There is no reverse DNS to that IP, but I'm not using RDNS within brightmail. 

Is there a fix within Brightmail or is this caused by something external to our site?

Thanks!

Mike

Hi,

We have tried many different settings to setup Directory Integration with our Novell Groupwise 7 email server. The LDAP server test login is successfull. While doing the Authentication test login query, it gives us error.

Some errors the we get are as follows:

ERROR 1 #################################################

"The user name you have provided is shared by multiple directory entries. DDS error code: 800501 Additional information: User name drivesafely is not unique. The following entries share the same user name: [result set too large, server returned no entries]"

The settings when we get above error are as follows:

Base DN: Customize...
Custom base DN: o=company
Query filter: (objectClass=user)
Primary email attribute: emailid

ERROR 2 #################################################

Failed to authenticate the user with the test credentials provided.
Incorrect user name or password."

The setting when we get above error are as follows:

Base DN: Customize...
Custom base DN: o=company
Query filter: (objectClass=uid)
Primary email attribute: emailid

Can someone guide on the above issue ?

Thanks and regards,

Drivesafely

I'm experiencing a serious memory leak in the current version of SMG. When is Symantec planning on addressing this?

I am using Symantec Mail Security for smtp ver 5.0.1. I am unable to release the quarantined mail the page just goes blank. When I select the quarantine tab again the mail is still there. I have done a complete reinstall of the product and this did not fix the problem. Server is running win 2003. Bellow is the Brightmaillog.log with I think the error. Any help would be great.

Apr 23 2013 13:12:28 [http-41443-Processor1] ERROR - Dispatch[/inboxAction1] to method 'notSpam' returned an exception
java.lang.reflect.InvocationTargetException
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
    at java.lang.reflect.Method.invoke(Unknown Source)
    at org.apache.struts.actions.DispatchAction.dispatchMethod(DispatchAction.java:274)
    at org.apache.struts.actions.DispatchAction.execute(DispatchAction.java:194)
    at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:419)
    at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:224)
    at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1194)
    at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:432)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:709)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
    at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:672)
    at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:463)
    at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:398)
    at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:301)
    at org.apache.struts.action.RequestProcessor.doForward(RequestProcessor.java:1063)
    at org.apache.struts.action.RequestProcessor.internalModuleRelativeForward(RequestProcessor.java:1001)
    at org.apache.struts.action.RequestProcessor.processForward(RequestProcessor.java:560)
    at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:209)
    at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1194)
    at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:432)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:709)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
    at com.brightmail.pl.filter.AdministratorRoleChecker.doFilter(AdministratorRoleChecker.java:181)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
    at com.brightmail.pl.filter.SessionChecker.doFilter(SessionChecker.java:130)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
    at com.brightmail.pl.filter.CacheBuster.doFilter(CacheBuster.java:93)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
    at com.brightmail.pl.filter.CharacterEncoder.doFilter(CharacterEncoder.java:91)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
    at com.brightmail.pl.filter.HostACL.doFilter(HostACL.java:349)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
    at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:868)
    at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:663)
    at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
    at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
    at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
    at java.lang.Thread.run(Unknown Source)
Caused by: java.lang.NoSuchMethodError: com.brightmail.service.mail.impl.MailSend.sendFalsePositiveMessage(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/util/Map;Ljava/lang/String;)V
    at com.brightmail.bl.quarantine.QuarantineManager.releaseToMTA(QuarantineManager.java:933)
    at com.brightmail.bl.quarantine.QuarantineManager.release(QuarantineManager.java:862)
    at com.brightmail.bl.quarantine.QuarantineManager.release(QuarantineManager.java:654)
    at com.brightmail.pl.action.quarantine.MessageListAction.notSpam(MessageListAction.java:331)
    ... 55 more
Apr 23 2013 13:12:28 [http-41443-Processor1] ERROR -  
javax.servlet.ServletException: com.brightmail.service.mail.impl.MailSend.sendFalsePositiveMessage(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/util/Map;Ljava/lang/String;)V
    at org.apache.struts.actions.DispatchAction.dispatchMethod(DispatchAction.java:298)
    at org.apache.struts.actions.DispatchAction.execute(DispatchAction.java:194)
    at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:419)
    at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:224)
    at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1194)
    at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:432)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:709)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
    at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:672)
    at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:463)
    at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:398)
    at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:301)
    at org.apache.struts.action.RequestProcessor.doForward(RequestProcessor.java:1063)
    at org.apache.struts.action.RequestProcessor.internalModuleRelativeForward(RequestProcessor.java:1001)
    at org.apache.struts.action.RequestProcessor.processForward(RequestProcessor.java:560)
    at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:209)
    at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1194)
    at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:432)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:709)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
    at com.brightmail.pl.filter.AdministratorRoleChecker.doFilter(AdministratorRoleChecker.java:181)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
    at com.brightmail.pl.filter.SessionChecker.doFilter(SessionChecker.java:130)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
    at com.brightmail.pl.filter.CacheBuster.doFilter(CacheBuster.java:93)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
    at com.brightmail.pl.filter.CharacterEncoder.doFilter(CharacterEncoder.java:91)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
    at com.brightmail.pl.filter.HostACL.doFilter(HostACL.java:349)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
    at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:868)
    at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:663)
    at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
    at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
    at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
    at java.lang.Thread.run(Unknown Source)

Hello Symantec!

We currently use BCS (RPS) services. But please stop sending us invtatiations to polls regarding the BCS with active content that is blocked at the mail gateways at a lot of enterprise customers!!

Thank you very much.

This is all I got (in german):

Gesendet: Dienstag, 23. April 2013 11:02
An: NotificationRecipients
Betreff: [HTML script message blocked]

An e-mail with active content (Javascript, Active-X) was detected and blocked because of high virus risk.
Eine E-Mail mit aktivem Inhalt wurde gefunden und aufgrund möglicher Virengefahr geblockt.
Sender: faf.1c.symantec+allegiancetech+com.13579.chris.toph=my.company.com@mxsp4.email-od.com
Subject: "Einladung zur Teilnahme an der Umfrage zu den Business Critical Services"
Time: Tue Apr 23 17:02:10 2013
T-Action: Quarantine
Action: Quarantine; Notify

Please do not respond to this message!

My organization has recently switched from GFI Mail Essentials to SMG 10.0.1. While we initially had great results, a few problems have surfaced. We needed to disable rDNS checking as some of our clients don't have DNS records configured correctly, and simply adding their domain and the domain of their mail server to the good senders reputation list was ineffective (seems to check rDNS and bounce before ever processing any other filters?). 

As expected, there has been a marked increase in spam, which has made quite a rash on my hide over the last two days. Here are a couple examples of headers from the illicit mail:

Microsoft Mail Internet Headers Version 2.0

Received: from our.mail.server ([its ip]) by mail.ourdomain.com with Microsoft SMTPSVC(6.0.3790.4675);

                 Thu, 2 May 2013 14:47:05 -0700

Received: from our.brightmail.appliance (its ip) by

 our.mail.server (its ip) with Microsoft SMTP Server id

 14.2.342.3; Thu, 2 May 2013 14:46:56 -0700

X-AuditID: c0a800e5-b7fd36d0000070b8-a6-5182deca79cd

Received: from oik.communicatelonggovernment.net (Unknown_Domain

 [193.142.111.66])            by our.brightmail.appliance (Symantec Messaging

 Gateway) with SMTP id F9.60.28856.BCED2815; Thu,  2 May 2013 14:46:52 -0700

 (PDT)

To: <user@ourdomain.com>

Subject: Trending Video on How to Lose Fat by Dr Oz

Date: Thu, 2 May 2013 17:45:51 -0400

From: the dr oz video <Alba_Berg@communicatelonggovernment.net>

MIME-Version: 1.0

Message-ID: <6889883781357630454@oik.communicatelonggovernment.net>

Content-Type: text/plain; charset="us-ascii"

Content-Transfer-Encoding: 8bit

Content-Disposition: inline

X-Brightmail-Tracker: H4sIAAAAAAAAA12SfUgTYRzH99ymO9ceu91Mz+mKrogSNMsgS4lKqKB/WpCFRHbq6Q7Pm9zd

                dCakaC8o5EsQ1iyNigrFClFYr+T1YplQqH9Eb1BpsIrS/opB1j3bTc/+uh+f7/2e7/e+z+FG

                ctLswFmfzIoCw9OxFtNQi2d7+uiHBlfm6fbU7K7ANbAV7AoMNpn3gAJLbgnLc1WsuHbLYYt7

                4t5wTOWX9b5TVzrN9eBYWjOIwyliA/Vr+I45MidSrz7cjG0GFpwk3gKq6dwLgIQEwkk9+TIZ

                g2Y7kUX1TFwOcxOxknrZ22JEcyyxjeoaua/OOA4JG/UnYEcYEnnUyNAlE5qNRBr1ejaIReZl

                VONgZ/h1I5FCXZvF24DVP7/s1y34dQv++YWLwNQDnMy6IpErc8vVoiClS6UZ6CmwcgbvKWb4

                fqA29PC6YSoAhjtyFUDggLZC34kGFxnDVEk1FQooxzF6Cfz7WkXxRZ6SGjcjuQtFL89KdALk

                3qsYzuEiL19OO+BZRO1zVGCrJZ6V1Suhl8JlpKolzWmSV6rkijmPVyr0irwCKNyoHht6gI4t

                YWqOsKInYqYADDcroEH9PKJ7KLTfYRI8AktTMBGZ2US2jPWVcrxqooVLgvI7VSH0SjifE84O

                qEKiXtBFXA4fHalzkQ69/H9KDI9TQBluVaPGhRuQKpkKiSvTrO3wPrK2RmnYNhkOIEhGoc7S

                CadtKFFUWmg3BpwOOwQGg4G0VrJiBSdrNtrP/QbEk+EyHBr4BGx40EzGWjBWIHIiRX0FxerV

                2uFqFNfKCfJ8WhJOoGCLNBgOS8GniNk0psuaCguUehe5RFMWRv2qloKppdxGDUJJZmR9Ke7a

                OlSKRrVSShEko3BBKRySEqPSQidHPbi4+bNBzLk1+T3zRW/J+bNtSvld7Nvu0M/UM5a947dn

                LPsOFM4sbb0kYoeSn/mDF360tmzquHC37+rv1oM7Vy6eqn18lF5zIyu78XrGjrpH4vHRkRV/

                fSP5yWnj8VkZqwL3fhz8/tFXH+xzrNoYUsjA1MDV/vyUsen2zu7nxWtq8/pO0ibJzaxLM4oS

                8w/s03rRdwQAAA==

Return-Path: Alba_Berg@communicatelonggovernment.net

X-GFI-SMTP-Submission: 1

X-GFI-SMTP-HelloDomain: our.brightmail.appliance

X-GFI-SMTP-RemoteIP: brightmail.ip

X-OriginalArrivalTime: 02 May 2013 21:47:05.0078 (UTC) FILETIME=[9624F960:01CE477E]

----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Received: from our.brightmail.appliance (it's ip) by

 our.mail.server (it's ip) with Microsoft SMTP Server id

 14.2.342.3; Thu, 2 May 2013 08:11:22 -0700

X-AuditID: c0a800e5-b7fd36d0000070b8-16-51828214e245

Received: from mx04.mumrug.com (daily5.myastrologicalguide.com

 [66.172.81.105])               by our.brightmail.appliance (Symantec Messaging

 Gateway) with SMTP id E7.AF.28856.61282815; Thu,  2 May 2013 08:11:22 -0700

 (PDT)

Content-Type: text/plain; charset="us-ascii"

MIME-Version: 1.0

Content-Transfer-Encoding: 7bit

Reply-To: <AubreySanders@mumrug.com>

Date: Thu, 2 May 2013 08:11:16 -0700

From: Impress Everyone <AubreySanders@mumrug.com>

Subject: Just want to rapidly learn another language?

To: <user@ourdomain.com>

Message-ID: <20130501041734.32547.82115@mx04.mumrug.com>

X-Brightmail-Tracker: H4sIAAAAAAAAA12SfUgTYRzH92xrO9eeuN1yPc3MOioqm2lZSEhUEPVHL47obRB1unO7um1y

                d0vthZlKkPRHBb0oRW4VmL0HvZhhNVN7hTAiMxOR7GVQRET0RnXPebOzv+7H9/Pc7/vl+zyE

                gXpidhJsmcQKQYanTRbjorNuzuWsrHRnf4g68r40nTEvAEuvX9ljLgAeS76X5bmtrDBz/iaL

                /9TP3aaSrgllfRe7TBUgllYDUghE5qKBP+/B4OxAT3ovmGqAhaDILoCq9/abMDCQM1B982dl

                hqQN3a99bRzUM9C1D0cNeKbISSiReKycMZKTUXtblR7PJjIHDZz9oRjYyTnoeO9n5d/RZBq6

                1HjSOLgzD7151zZiH7DWaezqNHZ1Grt6YGgE6UxOocD5/FKpEBRdYnEW/gZZKYsPFTH8ZSA3

                c7tBN3AddBzOjwOSALQVfnLtclMjmK1ieSAOthB6OhU2RCrd1KjCkLfcz4j+jUKYZ0V6NHxR

                IctwSC4M81toJ/yND9uH1CBbKvKsJF8FPR5mUDIbM8TEsFjCFXGhsLgxLPBxgAiDvLZ3LV7r

                Zcq3sUJo0CwO9IQ5DkoJgkawG9vaBNbHlhVzvLxYDTQGHtklE1JLlEzp8KtHBg4t0MSaCFu3

                RdyUU4v/T6YnUuLAR1jleEuwCRRLmIDI+VRrO5yGQ1mTqmI7FqZhkUqKGst0+MmGEyXRcLtO

                kO60Q6DT6ShrCSsEOEm1UR9yNxhFGYOhIOtUhX5gI96bKZNFzwbJeU6FJUCRfJ12qMNxrVxQ

                +peWggtwsJGqqIRFME+pVdU0WcdBT7zCTaWqZHjUhFyKXi6lCTcIRYmRtKX4t0dwKaqqllKM

                RSopDiuFw8iRRMOdnBVgYfXpqsxluo6aiCv2tKfzVQ89ZeeJA7fW9H309Kbc6//x7KB5eXTD

                2Bvr+gK/rkYaVyZWx2IvXvms0qH2l013mh1V58O6kbNzW6zTWlpzZq2J7nQ9evA9O/fd3BNr

                a29uPrZ3PtrxMPvtNz6/4/n+aGCFt/pl9zlvxvpVtXdf3yjInLqYNop+Jme6QRCZv86ppLZj

                BAAA

Return-Path: AubreySanders@mx04.mumrug.com

X-MS-Exchange-Organization-AuthSource: our.mail.server

X-MS-Exchange-Organization-AuthAs: Anonymous

X-GFI-SMTP-Submission: 1

X-GFI-SMTP-HelloDomain: our.brightmail.appliance

X-GFI-SMTP-RemoteIP: brightmail.ip

So, is there anyway for me to curb some of this spam without re-enabling rDNS? I realize that blacklisting domains and IP's would be pretty futile... If not, is there anyway to configure SMG 10 to check sender whitelist before it bounces? If any/all of these seem pretty simple, my appologies; I'm still pretty new to SMG/Brightmail and exchange in general.

And thanks for your help!

Is there any? I have search Symantec KB but didn't manage to found any command...

Thanks!

 We have a policy set up within our SMG to hold a suspected spam message in quarantine and the user will receive an email notification from SpamAdmin stating that they have a message quarantined as spam and it shows a link for them to click on to sign in with their windows username/password. For some reason the past two users we have created within our Active Directory Users OU is not getting these same notifications when a message is quarantined, the message is quarantined they just don't get a notification in email. We have directory interegration enabled and it is working for other users in our Active Directory Users OU.

Any ideas what could cause this?

Hi,

I am receiving regular spam with subject 'It's me' and 'Give me a response hot stuff', the problem is that the email address is always changing; if it was from a single user I would have blocked the email address.

I would like to know if there is a way to block the subject with symantec messaging gateway?

Thanks,

Arvind

On June 25th, 2013 Symantec will be launching the pre-release evaluation of Symantec Messaging Gateway 10.5. This new version of Symantec Messaging Gateway plans to introduce new features including.

• Remove Zero Day Malware and Targeted Attacks from Office and PDF attachments with new “Disarm” technology.
• Block more Spam and Malware with Expanded Threat URL Reputation
• Simplify management with LDAP Authenticated Administration
• Enhanced management of Unscannable Messages
• Communicate securely with trusted partners using enforced inbound TLS encryption
• Increase security with TLS encrypted delivery to Symantec DLP
• Control Spam attacks and message volume from inside the your environment with Outbound Sender Throttling Capability
• Deploy using new Hyper-V support

The Symantec Enterprise External Test Program is designed to ensure that customers have a central location to download builds and access to post feedback on the Symbeta forum for Symantec technology experts to review. You can sign up for the evaluation by navigating to the following link.

https://symbeta.symantec.com/callout/?callid=81D33E0A55A4448181A05240646AA75C

A Webinar will also be scheduled to discuss and field questions around this pre-release evaluation. As with prior pre-release evaluations for Symantec Messaging Gateway, Symantec will be offering incentives for customers who participate in the evaluation. Details regarding the official start date, date and time of the webinar and incentive offerings will be provided as an update to this invitation.

If you would like to participate in this pre-release evaluation please sign up at the above Symbeta link and reply to this email with the following information:

1. Will your deployment be in tandem with Production or in a Lab environment?
2. Will your deployment be physical or virtual? If virtual which platform VMWare or Hyper-V?
3. Are there any specific areas that you want to focus on testing?

If there are any questions regarding the upcoming pre-release evaluation, please reply to this email or send an email to smg-beta@symantec.com, and a Symantec team member will respond to you shortly.

Thank You

Symantec Messaging Gateway Team

Hi

I have looked around the forums but haven't found the answer to my problem, but apologies if this duplicates an error.

I am trying to configure SMG to relay messages from a particular set of IP address' to both local and non-local domains. The local domains work fine, but sending to non-local (*@ gmail.com for example) does not work. I get 554 5.1.2 Recipient address rejected: User unknown.

The local domains are configured under Protocol>Domains, but I do not know how to allow SMTP email to non-local domains. Using the built in tools I am able to do an MX lookup for gmail.com, but beyond this I'm stumped.

Can anyone suggest what I might be doing wrong please?

Thanks

Dear All,

Where can i find information about SBG appliance 8360 and 8360 mail processing capacity?

Example: 200 emails per second... etc

Thank you

Greetings Symantec Support Forum,

We have a Symantec Messaging Gateway currently running version 9.5.3-3,  the gateway forwards mail to our Exchange Server 2010

We had a scare the other day when external email stopped flowing in.  We found that this was being caused by the SMG's Delivery Queue being filled with tens of thousands of what seem like SPAM messages.  After clearing the delivery queue external mail started to flow back in.

The issue now is that the delivery queue continues to accumulate about 100 of these per hour. They all have similar errors listed:

421 Closing Connection

451 4.4.2 [internal] send BODY failed

451 4.4.2 [internal] send RSET failed

451 4.4.2 [internal] connection closed by remote host

They are all To: a valid internal address and From: an external address (some dont seem valid), the route is listed as Control-Center

Is something misconfigured?  I can continue to clear the delivery queue but why are these messages getting stuck in the first place?

Any help or insight you can offer would be greatly appreciated,

Thank you,

dear experts

i have setup 10.1 version of VM appliance symantec brightmail gateway

i followed the standard process where

fqdn name

machine ip

dns

gateway

i didnt give any static route

installion is completed successfully but once i log in in gui insert the license file

as we are using Proxy server TMG i insert the user name password with hostname of proxy server

it is failing the credentails are not valid

i have assuming do i have to confgiure static route on linux machine itself so that it can directly talk to the internet?

or using GUI should work

Hello everyone,

I am trying to figure out how to search for all outbound email during the past day or week for example.

I am trying all sorts of wildcard masks but for some reason I never get any results.

I am using the SMTP -> Message Audit Logs sections -> Mandatory filter value field to execute my querries.

The reason I need to do this is to check if any unwanted emails are being allowed to relay.

Thanks
 

EDIT: Current software version: 9.5.4-4

Hi All,

We are using version 5.0.0.1 Symantec Mail GW with a single mail server with one domain. Now we have clustered the mail server. Currently scanner configured to inbound/outbound both. We cannot create same domain name again to secondary IP. (I did add some screens)

So we need to put secondary mail server to send internet mails to outside & recieve as well.

1. Can this version support such scenario ?

2. If Any work around exists , please share.

Thanks in advanced !

Regards,

Buddika

We have a Symantec Messaging Gateway, running as a virtual apliance on a vsphere server .

When we configured it we gave it 80gb of storage, which is not needed, and we would like to shrink it to either 60gb or 40gb which was the recommended .

Is this possible somehow ?

One of our clients have different requirement regarding SMG. They provide email relay services to their corporate clients who route all their outgoing emails to our client. Now the client wants to deploy SMG in their network for spam prevention and reporting requirements.

Question is how can we determine the licensing where client can only tell us email volume. Can anyone please guide me how much user license will suffice to cater requirement of 1 million emails per day.

Peak load hours are from 9am to 6pm which are 9 hours and if get the average of one million email by dividing it with 9 hours (32400 seconds) the we get 30 emails per second average. Lets say if we consider peak hours with higher loads then it may reach 100-300 emails per second.

Keeping all this requirement, what number of users license should client get for SMG.