Mail Gateway troubleshooting
Mail systems are somewhat complex. It's not always straight forward how to design and configure a mail system; and there is a lot of things that can go wrong. This guide will help you debug and solve some of the most common problems.
Contents |
License Problems
The SPG/VSP requires a subscription license (called "commercial") for the Commtouch (real-time spam and virus defense) and Kaspersky (proactive and signature-based virus defense) to work. The appliance also has a max number of users (that is, e-mail recipients) that may be set to a specific number, of unlimited.
Read the Mail Gateway recipient filtering documentation about catch all.
Network Problems
It's also a good idea to verify has a green light next to it in the Web Interface (Network → Addresses) indicating an active network link status. The first thing you should always check when debugging a network is that the Ethernet cable is connected; since it's normally the last thing you would expect to be missing.
Receiving Mail
If you can connect to the SPG; but it refuses to accept the mail. It's a very good idea to connect to the unit using telnet to see the exact error message given. The two most common errors are Recipient and DATA failures.
The SPG does not get any Mail
If you have updated the MX record it might take a hours or days before mail starts to arrive, since all DNS record are cached for a various amount of time. If you have multiple MX records at different priorities you cannot always be sure that the primary MX record is used. Some spammers actually use the last MX record since it's very common to have a backup MX which point directly at the mail server.
"Relay access denied"
If the recipient address is denied; it might be because of two reasons. The domain is not defined or the user is not in a active recipient database. In order to solve these problems read the Mail Gateway documentation.
If the SPG complains about no sufficient storage it has run out of storage, these are very uncommon and should almost never be encountered. There is really no solution for this except waiting for the unit to work the queues and deliver mail. To temporary solve this problem you can always delete mail manually from the queues but thats not a permanent solution. In order the minimize the amount of spam you may want to consider using a harder anti-spam policy (maybe using GlobalView or RBLs) or a bigger/external storage device. This failure may also occur for an individual user if his quarantine is full.
DATA Command failure
These failures can occur when the SPG runs out of storage, these are very uncommon and should almost never be encountered. There is really no solution for this except waiting for the unit to work the queues and deliver mail. To temporary solve this problem you can always delete mail manual from the queues but thats not a permanent solution. In order the minimize the amount of spam you may want to consider using a harder anti-spam policy or a bigger/external storage device. This failure may also occur for an individual user if his quarantine is full.
Quarantine
I cannot submit the form in the Quarantine Report (but the link works)
All mail clients have different security approaches on what is considered dangerous, and some of them do not allow forms and thats the reason we also provide a link in the mail.
Mail Processing
Mail are stuck in the Incoming Queue
If a mail gets stuck in the Incoming Queue; and cannot be processed; I may be because our SPG cannot handle the mail for some reason. There is not much you can do except delete it and possible notify the sender.
Delivering Mail
Mail are stuck in the Outgoing Queue
This problem may or may not be a problem in the SPG configuration. Its recommended to force a new try of the mail (using the retry-button) and look for errors in the System Log and in the Mail Server log if possible.
