Relay mail through Cisco Spam and Virus Blocker Appliance
I originally tried to add the ip in the relay mail through in the server admin. This didn't work and talked to apple support, did an enterprise capture after they were able to replicate the problem on their machine, and the engineer suggested adding the following line to the /etc/postfix/main.cf file:
relayhost = 192.168.0.000.
I did that and tested sending an email to an outside address but no relay. Does anyone have any other ideas?
relayhost = 192.168.0.000.
I find it extremely unlikely that IP address is valid for your network (or any network, for that matter).
I don't know if you've masked it trying to hide the real address (there's no point since it's a private network address anyway), but just in case that is what you've set, you will need to change that to the actual IP address of the mail appliance.
I did that and tested sending an email to an outside address but no relay.
What do you mean by 'no relay'. Do you mean that the mail server delivered the mail without relaying it through the appliance? Or that the mail didn't get delivered at all?
What do the log files have to say about it?
Similar Messages
-
Can anyone confirm that come December 31, 2015 the SPAM and VIRUS Blocker will become a brick with no more updates and no ability to to filter SPAM and Viruses?
Very troubling if true. Money spent on a hardware platform just to have it go EOL a couple of years later.Which model appliance do you have? If you have a "Blocker" which is the small business platform - EOL is listed actually 12/2011.
If you have a C-series, or larger... EOL information for hardware is based here:
http://www.cisco.com/web/ironport/c_x_series_life_cycle.html
EOL information for AsyncOS revisions specific is based here:
http://www.cisco.com/web/ironport/asyncOS_esa_eol_dates.html
-Robert -
Selection boxes in Barracuda Anti Spam and Virus Firewall do not appear in 7.0. They appeared in previous versions, and in IE.
FIXED!
I reverted back to 3.6.23 and all works fine. From everything I can tell; number of problems submitted, breadth of issues, no access to versions 4, 5, 6 (rapid version turnover with no support), and now beta being released for 8, it seems FF is having the user base do all it's alpha/beta testing without consent. Being in product marketing myself, I probably would have lost a significant percentage of my customer base by now. When FF begins to support a new mainstream release, then I'll be interested again. -
Yahoo mail - mark as spam and folder creation?
Is there a way to mark mail in inbox as spam so yahoo knows to move these messages automatically to spam folder in the future? Since using my ipod to manage yahoo email, seems like more and more spam enters inbox because I can not mark mail as spam using iPod. And is it possible to create/delete folders for mail?
- No, there is no way to mark as spam and et that back to Yahoo.
- Yu can't create folders on the iPod. If yu hav a Yahoo IMAP account, you can usually create folders usning web mail and they will appear on the iPod. If you have the more common POP3 account then yu can't create folder that will appear on the iPod. -
With the mail problem at hand, can I relay mail through a 10.4 server?
I read all the post and get worried not to have my mail running on 10.5. The question is, can I use an other 10.4 server that is standing here around and handles print and file sharing for the network to host also mail. I was hoping I can set on the main server the mail server domain to the 10.4 server.
I just don't know if this is possible and if so, how?
Thanks,
Davei got a workaround. just linked to an outside zimbra server and all mails are working. I guess we'll have to wait until this is fixed.
-
Why can't I block a number through the call and message blocking request?
Every time I try to insert a number, it keeps saying that they are unable to complete my requested change at this time.
Jezallygrace, I want to make sure you're able to block those unwanted calls and messages. If you're still having problems with the site, we'll need to verify the feature is on your account and possibly add the block for your. If you still need assistance, please send me a private message with your mobile number.
MarquiaF_VZW
Follow us on Twitter @VZWSupport -
My Macbook Air have spam and virus. How can I remove ?
When I navigate on my mac, spam page comes. They are from other Country like British. I'm very hungry, because apple says of mac never have ''virus''.
Please post a screenshot that shows what you mean. Be careful not to include any private information.
Start a reply to this message. Drag the image file into the editing window to upload it. You can also include text in the reply. -
Relay Outgoing Mail Through Host Not Updating
We relay our mail through an external company and I have added the entry to Relay Outgoing Mail Through Host field and enabled the tick box. What ever I do I cannot get these changes to take affect. I have tried modifying the main.cf and enabled the relay option without any joy. After modifying these I performed a full restart but it still hasn't taken affect.
This has been working up to now but after a power cut stopped for some reason.
We are running Mac OS X Server 10.4.8.
Thanks
RossI'd noticed a small glitch with the GUI during earlier testing. Might not clear things for you but worth trying...
Set it with the Relay Outgoing Mail ticked and relay server entered - click Save.
Wait for whirling update thingy to stop.
Delete the relay server name then tab out of field (field fills with greyed out "relay.example.com"), only then untick the option - Save.
Wait for whirling update thingy to stop.
Tick the option, fill in the relay server - Save.
If no change, people will probably need the unedited output from "postconf -n" and an example mail.log entry showing an outgoing message leaving the server.
-david -
It does NOT work.
Continually I am having to go through the spam box and remove and mark yet again messages that are safe senders though clearly setup as a safe sender.
It simply is not possible to make enough blocked senders by blocking a user. Tomorrow simply brings even more from the same blocked senders. Done it, been there, simply doesnot work.
In all, the mail system is a very huge step BACKWARDS from Yahoo.Hi Cherkhan,
Although we have a number of measures in place to detect and manage spam, we also rely on our customers to tell us what they don't want to receive. We base a sender's reputation on what our customers tell us about the messages they receive.
After moving to BT Mail you may notice some changes to how your email messages are managed. Email messages you would normally expect to see in your Inbox may be missing. You may also receive spam in your Inbox. We're sorry about any problems this causes during this transition period, and suggest you follow the advice below:
If you appear to be missing emails or have not received an email you were expecting, you first need to check the Spam folder. If the email is there, remember you need to mark it as Not Spam. Likewise if you are now receiving email into your Inbox that is Spam, remember you need to mark it as such.
If you have previously marked emails from a particular sender as spam but continue to receive emails from them they should try Blocking the Sender. Advice on how to do this can be found by clicking the Help link within BT Mail.
You can also add senders to their Safe Senders list and this will ensure that emails received from this source are delivered to their Inbox or a folder of their choice. Again advice on how to do this can be found by clicking the Help link within BT Mail.
If you find missing emails in the Spam folder, you can select the Not spam button, or alternatively you can drag and drop the email message back into your Inbox
Further advice can be found at BT Mail: What is spam and how do I stop spam emails?
Thanks
PaddyB
BTCare Community Mod
If we have asked you to email us with your details, please make sure you are logged in to the forum, otherwise you will not be able to see our ‘Contact Us’ link within our profiles.
We are sorry but we are unable to deal with service/account queries via the private message(PM) function so please don't PM your account info, we need to deal with this via our email account :-) -
Slow connection in one server if accessing through Cisco ACE
Hi,
Good day, Can someone help me on my problem? I have 3 servers, server1, server2 and server3. When one pc accessing the server 3 application via Cisco ACE, it experienced a slow connection but when direct access without Cisco Ace, it's fast. The connection of this PC through cisco ace and direct access have no issue.
What need to do in my configuration? Below is my configuration
logging enable
logging timestamp
logging trap 7
logging buffered 7
logging monitor 7
logging host 167.81.126.5 udp/514
logging host 137.55.152.147 udp/514
resource-class SG_01
limit-resource all minimum 0.00 maximum unlimited
limit-resource sticky minimum 10.00 maximum equal-to-min
boot system image:c4710ace-mz.A3_2_0.bin
login timeout 30
peer hostname singapore-ace2
hostname singapore-ace1
interface gigabitEthernet 1/1
channel-group 14
no shutdown
interface gigabitEthernet 1/2
channel-group 14
no shutdown
interface gigabitEthernet 1/3
channel-group 14
no shutdown
interface gigabitEthernet 1/4
channel-group 14
no shutdown
interface port-channel 14
description ISOLAN-ACE-TRUNK
ft-port vlan 99
switchport trunk native vlan 1
switchport trunk allowed vlan 12,14,112
no shutdown
clock timezone SGT 8 0
ntp server 137.55.152.1
context Admin
member SG_01
access-list ALL line 8 extended permit ip any any
access-list ALL line 9 extended permit icmp any any
ip domain-name ysn.psg.philips.com
probe http singapore_01
description This probe used to monitor application url-app-script
interval 5
passdetect interval 5
request method get url /insiteserverstatus/insiteserverstatus.aspx
expect status 200 200
open 1
probe http singapore_02
description This probe used to monitor IIS-login-page
interval 5
passdetect interval 5
request method get url /InSiteLumiledsApplication/
expect status 200 200
open 1
probe icmp uplink
description This probe used in conjunction with ft track host
interval 2
faildetect 2
passdetect interval 3
parameter-map type connection PARAM_L4STICKY-IP
exceed-mss allow
rserver host sggysnysn1ms013
ip address 137.55.152.135
inservice
rserver host sggysnysn1ms014
ip address 137.55.152.136
inservice
rserver host sggysnysn1ms018
ip address 137.55.152.145
inservice
serverfarm host PLI9058
probe singapore_01
probe singapore_02
rserver sggysnysn1ms013
inservice
rserver sggysnysn1ms014
inservice
rserver sggysnysn1ms018
inservice
sticky ip-netmask 255.255.255.255 address both SG_GROUP_01
timeout 720
replicate sticky
serverfarm PLI9058
class-map type management match-any HTTPS-ALLOW_CLASS
class-map match-all L4STICKY-IP_141:ANY_CLASS
2 match virtual-address 137.55.152.141 any
class-map type http loadbalance match-any NO_MS018
50 match source-address 137.55.155.31 255.255.254.0
class-map type management match-any SSH-ALLOW_CLASS
2 match protocol ssh source-address 167.81.124.0 255.255.255.192
3 match protocol ssh source-address 167.81.126.0 255.255.255.192
class-map type management match-any remote_access
2 match protocol xml-https any
3 match protocol icmp any
5 match protocol ssh any
6 match protocol http any
7 match protocol https any
8 match protocol snmp any
policy-map type management first-match remote_mgmt_allow_policy
class remote_access
permit
policy-map type loadbalance first-match L7PLBSF_STICKY-NETMASK_POLICY
class class-default
sticky-serverfarm SG_GROUP_01
insert-http X-Forwarded-For header-value "%is"
policy-map multi-match PLI9058-VIPs_POLICY
class L4STICKY-IP_141:ANY_CLASS
loadbalance vip inservice
loadbalance policy L7PLBSF_STICKY-NETMASK_POLICY
loadbalance vip icmp-reply
connection advanced-options PARAM_L4STICKY-IP
interface vlan 12
description Client-side vlan
bridge-group 1
no normalization
mac-sticky enable
access-group input ALL
access-group output ALL
service-policy input PLI9058-VIPs_POLICY
no shutdown
interface vlan 14
ip address 137.55.152.236 255.255.255.248
peer ip address 137.55.152.237 255.255.255.248
service-policy input remote_mgmt_allow_policy
no shutdown
interface vlan 112
description Server-side vlan
bridge-group 1
no normalization
access-group input ALL
access-group output ALL
nat-pool 1 137.55.152.141 137.55.152.141 netmask 255.255.255.192 pat
no shutdown
interface bvi 1
ip address 137.55.152.189 255.255.255.192
alias 137.55.152.188 255.255.255.192
peer ip address 137.55.152.190 255.255.255.192
description Bridge-Group 1 Virtual Interface
no shutdown
ft interface vlan 99
ip address 192.168.1.1 255.255.255.252
peer ip address 192.168.1.2 255.255.255.252
no shutdown
ft peer 1
heartbeat interval 100
heartbeat count 10
ft-interface vlan 99
ft group 1
peer 1
priority 150
peer priority 50
associate-context Admin
inservice
ft track host test1
track-host 137.55.152.234
peer track-host 137.55.152.235
peer probe uplink priority 50
probe uplink priority 50
ip route 0.0.0.0 0.0.0.0 137.55.152.233Hi Earsdale,
All the three servers are using the same configuration, so, I'm afraid it's not possible to give you a simple answer. You will need more troubleshooting.
I would recommend you to start by checking the differences between the servers because one of those differences is certainly causing the failure.
Also, it would be helpful to get traffic captures on the TenGig interface of the ACE to compare the behavior of the connection when going to the different servers, as well as the differences when being load-balanced vs accessing the server directly.
If you need help with this troubleshooting, you can always open a TAC service request
Regards
Daniel -
Hello
How is the license handled on the Spam & Virus Blocker? Our customer has approx. 120 Lotus Notes Mailboxes. But he only use 30 Mailboxes for external Mailing, the other Mailboxes are only used for calendar and internal mailing.
Can I take a Box for 50 users or will this not work? How will the Spam & Virus Blocker handle the license?
Thanks and regards
Lukerelayhost = 192.168.0.000.
I find it extremely unlikely that IP address is valid for your network (or any network, for that matter).
I don't know if you've masked it trying to hide the real address (there's no point since it's a private network address anyway), but just in case that is what you've set, you will need to change that to the actual IP address of the mail appliance.
I did that and tested sending an email to an outside address but no relay.
What do you mean by 'no relay'. Do you mean that the mail server delivered the mail without relaying it through the appliance? Or that the mail didn't get delivered at all?
What do the log files have to say about it? -
I'm using Mail 7.3 but can't find a "Block Senders" option - as exists in Outlook - as a way to prevent repeated spam and advertising landing in my Inbox. Anyone have a solution for this? I've had a look at the Message Rules option but that doesn't seem to offer a fix. Thanks
You should be able to manage the problem with Rules, if you are happy to just delete the emails without you ever seeing them.
In Mail>Preferences>Rules, create a new rule with these options:
Description: Give a name to the Rule, such as Delete or Block Sender
On the line started 'If' choose 'Any' from the drop down menu and on the next line select 'From' and 'Contains', and then input the email address of the unwanted sender
Under 'Perform the following actions' choose 'Delete'.
As other senders you want to block send you unwanted emails you can add them to the rule by clicking the '+' sign against the line you added the email, if you have an email from that sender on screen when you edit the rule - they should appear there automatically. -
Mail Delivery System Errors and Securing/Protecting agains spam
Good morning all.
This morning I started recieving these:
From: Mail Delivery System <[email protected]>
Subject: [It] Postfix SMTP server: errors from imr-mb02.mx.aol.com[64.12.207.163]
Date: November 18, 2011 8:51:23 AM EST
To: Postmaster <[email protected]>
Transcript of session follows.
Out: 220 mail.cotaoil.com ESMTP Postfix
In: EHLO imr-mb02.mx.aol.com
Out: 250-mail.cotaoil.com
Out: 250-PIPELINING
Out: 250-SIZE
Out: 250-VRFY
Out: 250-ETRN
Out: 250-AUTH LOGIN PLAIN CRAM-MD5 GSSAPI
Out: 250-AUTH=LOGIN PLAIN CRAM-MD5 GSSAPI
Out: 250-STARTTLS
Out: 250-ENHANCEDSTATUSCODES
Out: 250-8BITMIME
Out: 250 DSN
In: MAIL From:<[email protected]> SIZE=3485
Out: 250 2.1.0 Ok
In: RCPT To:<[email protected]> ORCPT=rfc822;[email protected]
Out: 451 4.3.5 Server configuration error
In: DATA
Out: 554 5.5.1 Error: no valid recipients
In: RSET
Out: 250 2.0.0 Ok
In: QUIT
Out: 221 2.0.0 Bye
How this started:
Over the past couple of days to approx a week, I have seen a massive influx of Spam on our server. Spam coming in on random ex employee names that no longer work for the company.
Previous to the spam, I turned on "forward un-deliverable mail to" and set to me. The CEO was missing emails because people were not spelling his name correctly. I have actually been able tyo catch a lot of employee emails some important, others not.
In trying to make the mail server more secure, one of the features I tried to turn on was SMTP Client Restrictions, Which broke SMTP for my users. Obviously the error is mine and I need to do more research, but love some feedback on what needs to be set on the server and clients for SMTP client restrictions to work.
I know THE HOFF (mr hoffman) had information at some point to help users secure postfix, can anyone point me in the right direction, as well as any tips here on how to stop the influx of spam?
pstconf -n is here:
alias_maps = hash:/etc/aliases,hash:/var/mailman/data/aliases
biff = no
body_checks = regexp:/etc/postfix/body_checks
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
enable_server_options = yes
header_checks = pcre:/etc/postfix/custom_header_checks
html_directory = /usr/share/doc/postfix/html
inet_interfaces = all
local_recipient_maps =
mail_owner = _postfix
mailbox_size_limit = 0
mailbox_transport = dovecot
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
maps_rbl_domains =
maximal_queue_lifetime = 2d
message_size_limit = 0
mydestination = $myhostname, localhost.$mydomain, localhost, mail.cotaoil.com, cotaoil.com, $mydomain
mydomain = mail.cotaoil.com
mydomain_fallback = localhost
myhostname = mail.cotaoil.com
mynetworks = 127.0.0.0/8,192.1.1.10,192.1.1.11
newaliases_path = /usr/bin/newaliases
owner_request_special = no
queue_directory = /private/var/spool/imap/dovecot/mail
readme_directory = /usr/share/doc/postfix
recipient_delimiter = +
sample_directory = /usr/share/doc/postfix/examples
sendmail_path = /usr/sbin/sendmail
setgid_group = _postdrop
smtp_sasl_password_maps =
smtpd_client_restrictions = permit_mynetworks permit_sasl_authenticated hash:/etc/postfix/smtpdreject cidr:/etc/postfix/smtpdreject.cidr reject_rbl_client zen.spamhaus.org permit
smtpd_enforce_tls = no
smtpd_helo_required = yes
smtpd_helo_restrictions = reject_invalid_helo_hostname reject_non_fqdn_helo_hostname
smtpd_pw_server_security_options = cram-md5,gssapi,login,plain
smtpd_recipient_restrictions = permit_sasl_authenticated permit_mynetworks reject_unknown_recipient_domain reject_unknown_sender_domain reject_invalid_hostname reject_unauth_destination check_policy_service unix:private/policy permit
smtpd_sasl_auth_enable = yes
smtpd_tls_CAfile = /etc/certificates/mail.cotaoil.com.8F44026B8E7E908CEDAAD718F486D91C8FCD693E.cha in.pem
smtpd_tls_cert_file = /etc/certificates/mail.cotaoil.com.8F44026B8E7E908CEDAAD718F486D91C8FCD693E.cer t.pem
smtpd_tls_exclude_ciphers = SSLv2, aNULL, ADH, eNULL
smtpd_tls_key_file = /etc/certificates/mail.cotaoil.com.8F44026B8E7E908CEDAAD718F486D91C8FCD693E.key .pem
smtpd_tls_loglevel = 0
smtpd_use_pw_server = yes
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
unknown_local_recipient_reject_code = 550
virtual_alias_maps =
mail:~ administrator$I am not certain what you mean by immediately removing the 192.1.1.10 and 192.1.1.11, AIX servers that I use to relay admin emails to an IT address here. Some sort of a gateway implemented on a pair of IBM boxes, I might presume.
192.1.1.0/24 is in a public address space that you don't have assigned (unless you're BBN). If that IP routing leaks out, then some folks can get cranky. Or should you eventially need to contact hosts within the address space of the "real" occupants of 192.1.1.0/24, routing won't necessarilt play nice. There may well be a static IP route here, depending on the details of the router configuration, as otherwise that IP traffic would be going to BBN and not to those servers. The Internet works because folks play by the rules, when working with IP routing and DNS services. And if your predecessor used this address space (and not the likely 192.168.0.0/16 block), I'd look around to see if there were other unusual network configuration choices.
TCP port 25 is the server-to-server mail port. That's the main connection used among mail servers. Blocking that has the effect that you've discovered.
It's the clients that can also use that port that need to be relocated off the port, as the clients don't have the reverse DNS and related tests that would allow them access to that port, with various common server security configurations.
Open TCP 587 at the firewall and ensure that this port is active at the mail server host, as a starting point. You can test that with (among other tools) with a remote "telnet your.mail.server.host.name 587" command or similar; that's a primitive (but effective) (common) port test.
With the Apple Mail client, make sure the SMTP server is configured to use the default SMTP ports. Mail > Preferences > Account > Account Information > Edit SMTP Server > select the target SMTP server > Advanced > select "use the default ports (25, 465, 587)" and consider using SSL and authentication. (Apple Mail tries a few ports automatically, so the set-up can be different than other clients.)
I don't have enough space here for a full write-up on how mail or IP works, and setting up an arbitrary mail client or an IP network can be an adventure; I assumed the Apple mail client in the above. See the user collaboration services disscussion of mail services in the Mac OS X Server Advanced Administration manual as some background. (And if this stuff all looks a little cryptic, that's understandable, and you might want to consider getting some set-up help or consider moving to hosted mail services and making this stuff somebody else's problem.) -
Spam & Virus Blocker / Exchange 2007
I have been running the Spam & Virus blocker for a month and love it. I'm in the middle of an email server migration (Ex2003 to Ex2007). I wanted the blocker to start forwarding (SMTP route) to my Ex2007 box instead of my Ex2003 box. The blocker continues to tell me that my Ex2007 box is down (Monitor - Delivery Status) and no mail gets delivered. If I bypass the blocker, mail gets delivered to Ex2007 just fine. Any ideas on how to fix this?
Problem solved, it was an ID10T error. I was asking the blocker to SMTP route to my domain controller and not the Exchange 2007 box. Once I realized my mistake, I put the correct server name into SMTP route, and it works perfect.
-
I seem to be noticing a growing amount of spam from TLDs like .work and review. Some are getting blocked in out spam system, but some still seem to get through. Right now I block TLDs (like .work) when they cause an issue, but it seems that the issue pops up later again with different domains after some amount of time. We also have a mechanism in place for blocking snowshoe spam so it's not an issue there.
I was just wondering how other people are handling this as it becomes a problem. We're also using several blacklists, greylisting and other tests on Exchange using Vamsoft ORF. Any thoughts? I've noticed that this is an issue on other systems as well...
This topic first appeared in the Spiceworks CommunityHi,
I recommend you select different agents depending on the junk mails type to achieve your goals.
1.Sender Filter agent
2.Recipient Filter agent
3.Sender ID agent
4.Content Filter agent
5.Protocol Analysis agent
The following article for your reference:
Anti-Spam Protection
Hope it helps!
Thanks.
Niko Cheng
TechNet Community Support
Maybe you are looking for
-
What does this mean and what do I need to do to fix this?
Hi so I was trying to back up my MacBook on my Time Machine with the Time Capsule. However it wont let me back up and displays the following message: Time Machine could not complete the backup. The backup disk image "/Volumes/DATA/Charlie Mackenzie's
-
Why is the login screen Red?
My login screen (where you select your profile and enter your password screen when you first turn the computer on) is now red all the time. I can't remember what image it was before, but it's for sure not a Red screen. Everything still function, but
-
How can I login ABAP System of the EP System?
Hi experts. I installed EP system, which from "as ABAP" and "as java","as EP" composition. i can use j2ee_admin normal logon EP (http://myportal:<port>/irj/portal),But i don't create new user, ume.persistence.data_source_configuration = dataSourceCon
-
Software Inventory in 2012 very slow
Hi, like many other people, I've noticed software inventory running much slower than in 2007. Various people have said its been assigned a lower priority, and also have given the opinion that its not a useful feature.. However, in my environment, I h
-
Image preview has disappeared from Finder and the Open dialog boxes in my apps. Show Icon preview is checked in the View Options menu. I've re-installed the system (10.3.5) but no change to the situation.