[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [FW1] Files stuck in SMTP Queue
Hi
This problem is being taken care of by Checkpoint's engineers at this very
moment. It is indeed in the SMTP security server. A new patch (build 4050?)
which is supposed to solve this problem should be released by the end of
April.
Sincerely,
Alon Rotem
Software Developer
Phone: [+972 4] 8728899 Ext. 141
e-mail: alon.rotem@aks.com
Listen to my music at: http://www.audiogalaxy.com/bands/alonrotem
Aladdin Knowledge Systems Ltd.
Internet Security Unit (eSafe)
Ashlag 22, Haifa, Israel
Tel: +972 4 872-8899 Fax: +972 4 872-9966
Visit us at our Web site! http://www.esafe.com
Aladdin supports Idealist. Visit http://www.idealist.org
On 30/03/99 22:34:59 donm wrote:
>
>I had this problem for a while also. Although I never did figure out how
to
>get the "stuck" one's out (they eventually went away, and I think they
were
>finally sent back as undeliverable) I did fix the problem of others not
>getting through.
>
>The problem I had was that the SMTP security server was set for the
>resolvable name of our mail server (which happened to be a NAT address
that
>the firewall translated to a 10.x.x.x address. When I changed this to the
>10.x.x.x address, they all came through just fine. BTW I am using eSafe
to
>scan all e-mail arriving at the firewall.
>
>Hope this helps!
>
>Don Moore
>Network Administrator
>Advent Enterprises, Inc.
>donm@advent.org
>
>-----Original Message-----
>From: owner-fw-1-mailinglist@lists.us.checkpoint.com
>[mailto:owner-fw-1-mailinglist@lists.us.checkpoint.com]On Behalf Of Ken
>Gunther
>Sent: Monday, March 29, 1999 11:14 PM
>To: fw-1-mailinglist@lists.us.checkpoint.com
>Subject: [FW1] Files stuck in SMTP Queue
>
>
>
> Starting a few days ago my firewall (FW1 version 3.0b) is refusing to
>deliver most of our incoming Email to our POP3 server. We have no problem
>with outgoing Email however most of the incoming Email stays in the
>/etc/fw/spool directory. If I look at the log viewer the messages are
>rejected by rule #8 (my anti spam rule which is SMTP with resources that
>define the domains that I will accept mail for). The message in the log
>says "Agent mail dequeuer from <xxx@yyy.com> to <kgunther@estee.com>
>connection to original MTA failed".
>
> Some of the mail does get through and I can't figure out how it is
>different from the mail that does not get through.
>
>
> Any help would be appreciated.
>
> Ken
>
>>From bouncbot@us.checkpoint.com Tue Mar 30 05:44:11 1999
>Return-Path: <bouncbot>
>Received: by us.checkpoint.com (8.9.3/8.9.3/CPoak/1.3.5) id FAA09804
> for jwright@us.checkpoint.com; Tue, 30 Mar 1999 05:44:10 -0800 (PST)
>Received: from haven.us.checkpoint.com (haven.us.checkpoint.com
>[206.184.151.205])
> by us.checkpoint.com (8.9.3/8.9.3/CPoak/1.3.5) with ESMTP id FAA09793
> for <bouncbot@oak.us.checkpoint.com>; Tue, 30 Mar 1999 05:44:09 -0800
(PST)
>From: owner-fw-1-mailinglist@us.checkpoint.com
>Received: from softwhisper.us.checkpoint.com
(softwhisper.us.checkpoint.com
>[206.184.151.213])
> by haven.us.checkpoint.com (8.9.3/8.9.3/CPmx/1.1) with ESMTP id
FAA19091
> for <bouncbot@oak.us.checkpoint.com>; Tue, 30 Mar 1999 05:44:09 -0800
(PST)
>Received: (from majordom@localhost)
> by softwhisper.us.checkpoint.com (8.9.3/8.9.3/CPsoftwhisper/1.2.1) id
>FAA03645;
> Tue, 30 Mar 1999 05:44:08 -0800 (PST)
>Date: Tue, 30 Mar 1999 05:44:08 -0800 (PST)
>Message-Id: <199903301344.FAA03645@softwhisper.us.checkpoint.com>
>To: owner-fw-1-mailinglist@lists.us.checkpoint.com
>Subject: BOUNCE fw-1-mailinglist@lists.us.checkpoint.com: Non-member
>submission from [oscar.wahlberg.connecta@skandia.se]
>X-Loop: bouncbot
>Status: RO
>Content-Length: 3129
>Lines: 81
>
>>From bouncbot Tue Mar 30 05:44:05 1999
>Received: from haven.us.checkpoint.com (haven.us.checkpoint.com
>[206.184.151.205])
> by softwhisper.us.checkpoint.com (8.9.3/8.9.3/CPsoftwhisper/1.2.1)
with
>ESMTP id FAA03641
> for <fw-1-mailinglist@lists.us.checkpoint.com>; Tue, 30 Mar 1999
>05:44:05 -0800 (PST)
>From: oscar.wahlberg.connecta@skandia.se
>Received: from mailgw.skandia.se (mailgw.skandia.se [194.114.201.14])
> by haven.us.checkpoint.com (8.9.3/8.9.3/CPmx/1.1) with ESMTP id
FAA19085
> for <fw-1-mailinglist@lists.us.checkpoint.com>; Tue, 30 Mar 1999
>05:44:04 -0800 (PST)
>Received: from eskp1164.skandia.se ([10.1.253.4]) by mailgw.skandia.se
> (Netscape Messaging Server 3.6) with ESMTP id AAA12BD
> for <fw-1-mailinglist@lists.us.checkpoint.com>;
> Tue, 30 Mar 1999 15:43:59 +0200
>Received: by eskp1164.skandia.se with Internet Mail Service (5.5.2232.9)
> id <HV9NYP4P>; Tue, 30 Mar 1999 15:43:58 +0200
>Message-ID: <9FB4D4B9B1A3D111B0B10001FAD40206017EAEF1@eskp1227.skandia.se>
>To: purushothamkv@yahoo.com, fw-1-mailinglist@lists.us.checkpoint.com
>Subject: RE:
>Date: Tue, 30 Mar 1999 15:38:58 +0200
>MIME-Version: 1.0
>X-Mailer: Internet Mail Service (5.5.2232.9)
>Content-Type: text/plain
>
>Hi,
>
>I'm assuming you actually ment true and not ture ;)
>IF you're trying to use it with HTTP and HTTPS I've had
>the same problems (I was using a whitepaper from Checkpoint as
>a sample config) /w Solaris 2.6 and FW-1 v4.0 build 4031.
>But I've got it working now, unfortunatly you HAVE to defined
>both HTTP and HTTPS for client auth, I'd much rather not define
>HTTP, but such is life.
>Ofcourse the fact that you're running NT and I'm running Solaris,
>might matter, but this works for me ;)
>
>After that it seems to work (not fully tested here yet) the initial
>tests worked atleast.
>
>My rules:
>usr@grp any wwwserver http user-auth
>usr@grp any wwwserver http ,https client-auth
>any any wwwserver http,https reject
>
>The last rule should not be needed by you, but in my case
>I need it...
>
>
>Regards,
>Oscar Wahlberg
>oscar.wahlberg@connecta.se
>
>
>> -----Original Message-----
>> From: Purushotham Kumar [SMTP:purushothamkv@yahoo.com]
>> Sent: Tuesday, March 30, 1999 1:03 PM
>> To: fw-1-mailinglist@lists.us.checkpoint.com
>> Subject:
>>
>>
>> Implicit Client Authentication using user authentication does not work
>> with CheckPoint FireWall-1 Version 4.0 on Windows NT 4.0 , though tried
>> editing the Objects.C, "automatically_open_ca_rules (ture)".
>>
>> Tried adding user authentication rule before client authentication, and
>> also vice versa, but no improvement.
>>
>> It still prompts for a firewall authentication for each site.
>>
>>
>>
>> _________________________________________________________
>> Do You Yahoo!?
>> Get your free @yahoo.com address at http://mail.yahoo.com
>>
>>
>>
>>
==========================================================================
>> ======
>> To unsubscribe from this mailing list, please see the instructions
at
>> http://www.checkpoint.com/services/mailing.html
>>
==========================================================================
>> ======
>
>
>
>==========================================================================
==
>====
> To unsubscribe from this mailing list, please see the instructions at
> http://www.checkpoint.com/services/mailing.html
>==========================================================================
==
>====
>
>
>
>==========================================================================
======
> To unsubscribe from this mailing list, please see the instructions at
> http://www.checkpoint.com/services/mailing.html
>==========================================================================
======
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================