Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] Dr. Watson with secure SMTP server on NT with FW1 4.0

To: "'Patrick Coomans'" <[email protected]>, [email protected]
Subject: RE: [FW1] Dr. Watson with secure SMTP server on NT with FW1 4.0
From: Daniel Hitchcock <[email protected]>
Date: Wed, 18 Apr 2001 14:24:11 -0700
Sender: [email protected]

Warning: The following message is gloom and doom :)

I fought with the SMTP security server on NT4 for months. Every service pack released seemed to bring promises of "fixes to SMTP security server," but the behavior persisted. See if this sounds familiar:

while (youRunTheSMTPSecurityServer)

{

Things cruise along fine for <enter time period here>. Suddenly, one day, someone calls and complains that they aren't getting mail. You realize, "hey, haven't seen much activity on the FW1 list for a while". Then you get that sick feeling again. You go to the firewall and sure enough, the good Doctor is all over your console and System event log. You stop the firewall, start the firewall, reboot, fiddle with your external SMTP relay, fiddle with your internal SMTP relay, fiddle with your MX records, reboot your internal relay, reboot your external relay, monkey with the parameters on your SMTP resource, reboot again, etc. etc. Then, you get so fed up that you finally go to lunch around 3:30pm. You come back, and everything has magically fixed itself.

}

I never ever ever found a resolution to this, nor could Checkpoint support provide an answer. Just a few days ago, I had the distinct pleasure of encountering the exact same problem on a Nokia box running 4.1SP2. The solution? Same as always: either sit around and wait for it to fix itself, or switch to a simple SMTP accept rule with static NAT.

Anyone out there who has fixed this problem is strongly encouraged to be my hero by posting the answer to this nasty problem. Checkpoint, this includes you!

Dan Hitchcock
CCNA, CCSE, MCSE
Security Analyst
Breakwater Security Associates

dhitchcock (at) breakwatersecurity (dot) com
http://www.breakwatersecurity.com

-----Original Message-----
From: Patrick Coomans [mailto:[email protected]]
Sent: Wednesday, April 18, 2001 2:46 AM
To: [email protected]
Subject: [FW1] Dr. Watson with secure SMTP server on NT with FW1 4.0

I have a customer with FW1 version 4.0 and all of a sudden his secure SMTP server is giving one after another Dr Watson error.

I can't imagine it's a license issue because they run an enterprise (unlimited) FW1.

As the doc states: the FW.EXE restarts the SMTP secure server every time, but I regret to see that after 20 DrWatsons or so the Firewall-1 Status shows that the Firewall service stopped.

Any suggestions? Is this caused by bad messages? Too many messages?

Are there any registry settings I could change to make the SMTP server more robust so that it doesn't DrWatson anymore?

Thx,

Patrick Coomans

Prev by Date: Re: [FW1] Multicast address
Next by Date: Re: [FW1] Solaris log rotation script
Previous by thread: [FW1] Dr. Watson with secure SMTP server on NT with FW1 4.0
Next by thread: RE: [FW1] Re: Unix script
Index(es):
- Date
- Thread