[ngw] Antw: delay in sending email/email being blocked

Matt Schlawin MSchlawin at FVLHS.ORG
Mon Oct 8 18:54:44 UTC 2018


Thanks Ed,

I made the changes you suggested, and now it looks like I am getting
nearly immediate send times through SMG.  

Since SMG is a proxy and not a store and forward, does that explain why
I'm failing SMTP connection times and Transaction times when I test
through MXToolbox ?

If I go here:  https://mxtoolbox.com/diagnostic.aspx

and put in mail.fvlhs.org , I get warnings that the connection and
transaction times are too long.

SMTP Connection Time    5.790 seconds - Warning on Connection time    
More Info
SMTP Transaction Time    7.851 seconds - Warning on Transaction Time   
 More Info

Matt

Matthew Schlawin
Technology Director
Fox Valley Lutheran H.S.
5300 N. Meade Street
Appleton, WI 54913
www.fvlhs.org
(920)739-4441 

>>> "Ed Hanley" <ehanley at microfocus.com> 10/8/2018 10:55 AM >>>
Matt,

Do get your SPF, DKIM & DMARC settings in place.  ( SMG does conform to
SPF & DKIM )

On your GWIA - set the "Intervals to retry a deferred message:" to
"5,5,5,10,20,60"    The 5 value helps with whitelisting/greylisting
since the GWIA is talking to the target SMTP host through the SMG SMTP
Proxy service.  Note: SMG is not a SMTP store and forward solution, its
a SMTP Proxy service doing real time scanning.

-Ed
>>> Matt Schlawin <MSchlawin at FVLHS.ORG> 10/8/2018 9:09 AM >>>
Hello Thomas,

I am using SMG 7.  I will double check to make certain those ports are
open for SMG, but I'm almost certain they are.

The thing that is confusing is that everything was working just fine,
and then it started blocking attachments two weeks ago.  I have an SR
open at GWAVA and just sent in some more log files this morning.

The DNS changes did go through this morning.  I have not had a chance
to check them, but email does seem to be working quickly.  I am not
yet
forwarding my outbound through SMG until we get the delay issue fixed.

I did point the SMG DNS servers to our external DNS.

Thanks again for all your help.  I really do appreciate it!

Matt
>>> "Thomas Stimper" <tstimper at nmedv.de> 10/7/2018 11:37 PM >>>

SPF is really needed, include all of your email sending servers
(shops,
webservers, .....)

SMG: which version do you use? GWAVA6.5 or GWAVA 7?

SMG needs direct outgoing ports (from the documentation)
53 – UDP Outbound (DNS Lookup)
80 – TCP Outbound (Updates services for Antivirus, Signature Engine,
and GWAVA system.)
123 – TCP Outbound (Network Time Protocol (NTP))

especially pointing dns of the SMG to an internal dns which can go out
to the internet
causes somtimes delays in emails, if that internal dns cannot resolve
fast enough.
Most systems have configured at least 2 or 3 internal or external dns
servers.
If one of this dns serves does not respond does not wait long enought
for a external reply 
and  responds to fast with "host not known" then the dns cache gets
"poisoned" .

SMG needs DNS amd HTTP to reach his services for checking the emails.

Hope that helps

Thomas




>>> "Matt Schlawin" <MSchlawin at FVLHS.ORG> 07.10.2018 21:19 >>>
Thank-you for all the responses.  I do indeed have several
configuration
things going on.

My ISP should be making the changes to fix the configuration issues. 
Hopefully that will fix the blocking issues.  I did not realize I had
an
old PTR record referencing a non-existent spam filter.

When I remove the SMG IP address from GWIA, all sent items go out
immediately with no delay.  I'm still not sure if that connection
problem will be fixed, but for now I'm going to wait and see what the
DNS changes do.

Thanks again to everyone for your help!

Matt
>>> "Thomas Stimper" <tstimper at nmedv.de> 10/7/2018 6:02 AM >>>
Hi Matt,

1. your dns entries for your  mx record are missconfigured

- SMTP Reverse DNS Mismatch 	Reverse DNS does not contain the
hostname


2. your SMG is missconfigured

- SMTP Banner Check 	Reverse DNS does not match SMTP Banner

Both can be the cause of delays  because the receiving email server
will greylist or co
nnection drop
until you try many times.

Best regards







Mit freundlichen Grüßen

Thomas Stimper

MCNE
Micro Focus Premier Solution Partner
neue medien edv-systeme gmbh
Zwickauer Str. 224
09116 Chemnitz
Germany
Email tstimper at nmedv.de ( mailto:tstimper at nmedv.de )
Tel. +49 371 8448890
Fax +49 371 8448891
Amtsgericht / local court Chemnitz, HRB 12552
Geschäftsführer / CEO: Thomas Stimper
USt.ID / VAT DE176096756


>>> "Matt Schlawin" <MSchlawin at FVLHS.ORG> 07.10.2018 01:57 >>>
Hello everyone,

I have several GW email issues that I'm hoping someone here can help
with.  I have been running a GW 2014 R2 server on OES for several
years.
This server has been migrated from Netware and gone through upgrade
after upgrade.  A couple of months ago I migrated the server to a
brand
new SLES 12 box in preparation for the 2018 upgrade.  (Have not got to
that yet....)  We are using MF Secure Messaging Gateway for our spam
filter.  We route outbound through SMG as well.

Recently I have been getting reports of 1)  delays in sending email 
and 2) email being blocked.   I don't know if I have two different
issues going on here, or just one misconfiguration that is causing
both.
  I'm not sure if it's GW or SMG causing the problems.

1)  delays in sending.  At 3:58 today I sent an email to my gmail
account.  I forward all my gmail email to GW, so normally it gets
returned to my GW box in a minute or so.  It is now 5:50 and it still
has not made it to my gmail account.  In sent items under properties I
see this:

Transfer Delayed   10/6/2018 3:58 PM
Transfer Delayed  10/6/2018 4:18 PM
Transfer Delayed  10/6/2018 4:38 PM
Transfer Delayed  10/6/2018 4:58 PM
I've been looking through PO, MTA and GWIA logs but I'm not really
sure
what I'm looking for.  SMG message tracker does not show this email at
all.

2)  email getting blocked.
The head of the soccer league has emailed an excel spreadsheet to
three
people in our building for the last seven weeks.  The first five weeks
went throu
gh with no problem and the last two have bounced back.  SMG
message tracker shows:  Delivery statuses: 451 System error, please
retry later

I tried to send an excel spreadsheet to someone I email on a regular
basis and it bounced with this email:
Transcript of session follows:   Command:  Data...  Response: 550
permanent failure for one or more recipients 

I retried later and it went through.

Are #1 and #2 related as one thing mis-configured?  I do have and open
GWAVA tech support ticket, but so far we have not figured out what is
happening.

Anyone have any ideas on what is causing these issues?  I'm going to
turn on verbose logging and see if I can get more information.  These
error seem pretty sporadic and not a widespread issue.  If you are
reading this, it must have sent!

Thanks for any help!  
Matt




_______________________________________________
ngw mailing list
ngw at ngwlist.com 
http://ngwlist.com/mailman/listinfo/ngw 





_______________________________________________
ngw mailing list
ngw at ngwlist.com
http://ngwlist.com/mailman/listinfo/ngw





More information about the ngw mailing list