Hello,
We are a company that sell astaro firewall to customers. Recently one of the customers contacts us and says that his emails doesnt get sent.
I checked in the logs :
/var/log/smtp/2012/06/smtp-2012-06-13.log.gz:2012:06:13-09:47:47 mail smtpd[8271]: SCANNER[8271]: id="1001" severity="info" sys="SecureMail" sub="smtp" name="email quarantined" srcip="192.168.1.103" from="tzvi@arv.co.il" to="drorm@ness-matach.co.il" subject="קריאה חוזרת" queueid="1SehMp-00029P-5A" size="19763" reason="as" extra=""
/var/log/smtp/2012/06/smtp-2012-06-13.log.gz:2012:06:13-09:47:47 mail smtpd[8271]: SCANNER[8271]: id="1001" severity="info" sys="SecureMail" sub="smtp" name="email quarantined" srcip="192.168.1.103" from="tzvi@arv.co.il" to="support@ness-matach.co.il" subject="קריאה חוזרת" queueid="1SehMp-00029P-55" size="19763" reason="as" extra=""
/var/log/smtp/2012/06/smtp-2012-06-13.log.gz:2012:06:13-09:47:48 mail exim-in[8375]: 2012-06-13 09:47:48 [192.168.1.103] F=<tzvi@arv.co.il> R=<tzvi.tzuntz@gmail.com> Accepted: from relay
/var/log/smtp/2012/06/smtp-2012-06-13.log.gz:2012:06:13-09:47:48 mail exim-in[8375]: 2012-06-13 09:47:48 1SehMq-0002B5-2B <= tzvi@arv.co.il H=(mailsrv.aravadom.co.il) [192.168.1.103]:50186 P=esmtps X=TLSv1:AES128-SHA:128 S=19365 id=08341028AACD704A9A906EEA6A8E3B6DC76A1DA9@mailsr v.aravadom.co.il
/var/log/smtp/2012/06/smtp-2012-06-13.log.gz:2012:06:13-09:47:51 mail smtpd[8271]: SCANNER[8271]: 1SehMt-00029P-JN <= tzvi@arv.co.il R=1SehMq-0002B5-2B P=INPUT S=18270
/var/log/smtp/2012/06/smtp-2012-06-13.log.gz:2012:06:13-09:47:51 mail smtpd[8271]: SCANNER[8271]: id="1001" severity="info" sys="SecureMail" sub="smtp" name="email quarantined" srcip="192.168.1.103" from="tzvi@arv.co.il" to="tzvi.tzuntz@gmail.com" subject="test" queueid="1SehMt-00029P-JN" size="18270" reason="as" extra=""
/var/log/smtp/2012/06/smtp-2012-06-04.log.gz:2012:06:04-19:41:00 mail smtpd[29741]: SCANNER[29741]: id="1001" severity="info" sys="SecureMail" sub="smtp" name="email quarantined" srcip="192.168.1.103" from="tzvi@arv.co.il" to="jana.kapun@intereuropa.si" subject="XML file for kop 61
set in your FTP server- please confirm us ASAP" queueid="1SbaKy-0007jh-80" size="18420" reason="as" extra=""
/var/log/smtp/2012/06/smtp-2012-06-04.log.gz:2012:06:04-19:41:00 mail smtpd[29741]: SCANNER[29741]: id="1001" severity="info" sys="SecureMail" sub="smtp" name="email quarantined" srcip="192.168.1.103" from="tzvi@arv.co.il" to="arava@intereuropa.si" subject="XML file for kop 61 set in your FTP server- please confirm us ASAP" queueid="1SbaKy-0007jh-7w" size="18420" reason="as" extra=""
/var/log/smtp/2012/06/smtp-2012-06-04.log.gz:2012:06:04-10:52:00 mail smtpd[32204]: SCANNER[32204]: id="1001" severity="info" sys="SecureMail" sub="smtp" name="email quarantined" srcip="192.168.1.103" from="tzvi@arv.co.il" to="roobi@ness-matach.co.il" subject="מסך - טייפ" queueid="1SbS52-0008NQ-4X" size="19623" reason="as" extra=""
As you can see he sent to gmail a test email and it got quarantined reason as. Also he sent to us to ness-matach couple of emails that got quarantined.
I tried to search the forums but didnt find any helpful posts.
I checked commtouch reputation and it was ok.
Eventually what i did is i went to SMTP Exceptions and disabled all antispam checks and put his email as sender. Will that be enough that his emails will not be quarantined again ?
Now my concerns are if the issue will happen to other users. I checked an noticed it happens to 1 user, others didnt complain yet.
And also wanted to know why a test email to gmail get quarantined?
Please let me know what other checks i can do if there are any.
Thanks:mad:
We are a company that sell astaro firewall to customers. Recently one of the customers contacts us and says that his emails doesnt get sent.
I checked in the logs :
/var/log/smtp/2012/06/smtp-2012-06-13.log.gz:2012:06:13-09:47:47 mail smtpd[8271]: SCANNER[8271]: id="1001" severity="info" sys="SecureMail" sub="smtp" name="email quarantined" srcip="192.168.1.103" from="tzvi@arv.co.il" to="drorm@ness-matach.co.il" subject="קריאה חוזרת" queueid="1SehMp-00029P-5A" size="19763" reason="as" extra=""
/var/log/smtp/2012/06/smtp-2012-06-13.log.gz:2012:06:13-09:47:47 mail smtpd[8271]: SCANNER[8271]: id="1001" severity="info" sys="SecureMail" sub="smtp" name="email quarantined" srcip="192.168.1.103" from="tzvi@arv.co.il" to="support@ness-matach.co.il" subject="קריאה חוזרת" queueid="1SehMp-00029P-55" size="19763" reason="as" extra=""
/var/log/smtp/2012/06/smtp-2012-06-13.log.gz:2012:06:13-09:47:48 mail exim-in[8375]: 2012-06-13 09:47:48 [192.168.1.103] F=<tzvi@arv.co.il> R=<tzvi.tzuntz@gmail.com> Accepted: from relay
/var/log/smtp/2012/06/smtp-2012-06-13.log.gz:2012:06:13-09:47:48 mail exim-in[8375]: 2012-06-13 09:47:48 1SehMq-0002B5-2B <= tzvi@arv.co.il H=(mailsrv.aravadom.co.il) [192.168.1.103]:50186 P=esmtps X=TLSv1:AES128-SHA:128 S=19365 id=08341028AACD704A9A906EEA6A8E3B6DC76A1DA9@mailsr v.aravadom.co.il
/var/log/smtp/2012/06/smtp-2012-06-13.log.gz:2012:06:13-09:47:51 mail smtpd[8271]: SCANNER[8271]: 1SehMt-00029P-JN <= tzvi@arv.co.il R=1SehMq-0002B5-2B P=INPUT S=18270
/var/log/smtp/2012/06/smtp-2012-06-13.log.gz:2012:06:13-09:47:51 mail smtpd[8271]: SCANNER[8271]: id="1001" severity="info" sys="SecureMail" sub="smtp" name="email quarantined" srcip="192.168.1.103" from="tzvi@arv.co.il" to="tzvi.tzuntz@gmail.com" subject="test" queueid="1SehMt-00029P-JN" size="18270" reason="as" extra=""
/var/log/smtp/2012/06/smtp-2012-06-04.log.gz:2012:06:04-19:41:00 mail smtpd[29741]: SCANNER[29741]: id="1001" severity="info" sys="SecureMail" sub="smtp" name="email quarantined" srcip="192.168.1.103" from="tzvi@arv.co.il" to="jana.kapun@intereuropa.si" subject="XML file for kop 61
set in your FTP server- please confirm us ASAP" queueid="1SbaKy-0007jh-80" size="18420" reason="as" extra=""
/var/log/smtp/2012/06/smtp-2012-06-04.log.gz:2012:06:04-19:41:00 mail smtpd[29741]: SCANNER[29741]: id="1001" severity="info" sys="SecureMail" sub="smtp" name="email quarantined" srcip="192.168.1.103" from="tzvi@arv.co.il" to="arava@intereuropa.si" subject="XML file for kop 61 set in your FTP server- please confirm us ASAP" queueid="1SbaKy-0007jh-7w" size="18420" reason="as" extra=""
/var/log/smtp/2012/06/smtp-2012-06-04.log.gz:2012:06:04-10:52:00 mail smtpd[32204]: SCANNER[32204]: id="1001" severity="info" sys="SecureMail" sub="smtp" name="email quarantined" srcip="192.168.1.103" from="tzvi@arv.co.il" to="roobi@ness-matach.co.il" subject="מסך - טייפ" queueid="1SbS52-0008NQ-4X" size="19623" reason="as" extra=""
As you can see he sent to gmail a test email and it got quarantined reason as. Also he sent to us to ness-matach couple of emails that got quarantined.
I tried to search the forums but didnt find any helpful posts.
I checked commtouch reputation and it was ok.
Eventually what i did is i went to SMTP Exceptions and disabled all antispam checks and put his email as sender. Will that be enough that his emails will not be quarantined again ?
Now my concerns are if the issue will happen to other users. I checked an noticed it happens to 1 user, others didnt complain yet.
And also wanted to know why a test email to gmail get quarantined?
Please let me know what other checks i can do if there are any.
Thanks:mad: