Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] Mail stuck in queue using AV server

To: [email protected]
Subject: [FW1] Mail stuck in queue using AV server
From: "Zinski, Steve" <[email protected]>
Date: Wed, 8 Nov 2000 12:48:29 -0500
Sender: [email protected]

I am at my Witt's end on this one.

Earlier this week, I reported problems with Norton AntiVirus for Firewalls
working properly with our FW1. Several of you wrote to me and told me that
you were having similar problems with messages getting stuck in the queue
(i.e., the /spool directory) and not passing through the AV server.

After recommendations from the group, I downloaded and installed Trend
Micro's InterScan VirusWall. After configuring the AV server with VirusWall
installed, I performed a "fwstop; fwstart" and, lo and behold, the stuck
messages were processed and moved on their merry way!

After about 20 minutes and roughly 500 messages scanned, I decided to turn
off the FW1 rule to see if everything cleared out of the queue. To my utter
amazement, there were about 25 messages left in the queue. I sat and watched
the InterScan screen on the AV server and noticed that every 10 minutes the
FW1 tried to send the same message to the AV server... over, and over, every
10 minutes.

Now I'm back to square one. I've tried two totally separate AV products,
three different physical servers for the AV software, two flavors of WinNT
on the AV server (NT4.0 and Win2k), new firmware on the FW1 (now running 4.1
SP2), different network connections/cables/equipment, and I'm still stuck
with mail that won't leave the queue.

Now I believe that the problem resides with the FW1 itself. Obviously I have
my SMTP rule configured correctly, since over 500 emails were successfully
processed. I have checked the messages that are stuck in queue and the only
common denominator is that their appears to be two sets of headers... it's
almost as if the FW1 is writing the header wrong when it attaches the new
header with the AV info at the top.

Anyone have any suggestions where I might look to solve this problem?
Thanks!

Steve Zinski
Senior Network Specialist
University of Richmomd, Virginia



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: RE: [FW1] SecuRemote and NAT to inside
Next by Date: Re: [FW1] Where is GUI client for Windows 95/98/NT/2000 on CP2000CD ?
Previous by thread: Re: [FW1] SecuRemote and NAT to inside
Next by thread: RE: [fw1-wizards] RE: [FW1] IKE/ACE Authenticated Topology downlo ads for SecuRemote ?
Index(es):
- Date
- Thread