Messaging Gateway

  • Private Community
 View Only

  • 1.  SBG 9 no greeting message

    Posted Sep 16, 2010 03:30 AM

    Hello!
    We have one Control Center and two scanners connected to this Center. Both are 9.0.1-10. One of the scanners works fine, but another works strange. Now we can't connect to the second scanner via telnet to try to send a test mail. There is only black screen and no any greeting message. So all our mail now are going through the first scanner. I see that  there are many messages in message queue with error: 421 Unable to process message at this time.
    We tried to reinstall the second scanner on another ESX host - no difference. Perfomance monitoring doesn't show any problems. Maybe it's a network problem but we tried telnet from host on the same network as the scanner belongs to.
    Does anyone have any ideas?
    Best regards!



  • 2.  RE: SBG 9 no greeting message

    Posted Sep 16, 2010 09:43 AM

    Reinstall from scratch or did you just move the VM?

    Can you connect to the scanner's CLI via SSH?  (instead of the VM console window).  It looks like you can connect to the CC and the CC can talk to the scanner (your listing of queue statuses).

    Try    mta-control all status    to see the status of the MTA processes

    Does a netstat -a or netstat  -n show any inbound connections?

    What does your disk usage look like?

    For the bad scanner, what errors are in the Status | logs for the scanner?



  • 3.  RE: SBG 9 no greeting message

    Posted Sep 17, 2010 02:45 AM

    1. Scanner was reinstalled from scratch.

    2. Yes I can connect via SSH and there are no problems. No latency. All work fine.

    3. We use scanner only for inbound filtering. So result of 'mta-control all status':

    inbound MTA instance status:
    Enabled: yes
    Running: yes

    outbound MTA instance status:
    Enabled: no
    Running: no

    delivery MTA instance status:
    Enabled: yes
    Running: yes
     
    4. Netstat -n shows about 1300 connections fron internet addresses. 1100 of them with status CLOSE_WAIT and 200 with status ESTABLISHED.
     
    5. Hardware status from SBG:
     
     CPU Usage    CPU Iowait    CPU Temp    Memory Usage    Memory Free   Disk Usage    Disk Read      Disk Write     Swap Used   Swap Free

     10.08%         0.08%           —               2.54 GB            1.37 GB         3.93 GB        0  KB/s      1,512  KB/s      0  MB      4,143.33  MB 

     

     

    From ESXi: 

                                 latest            maximum            minimum           average

    Disk ReadRate         0 kbps            51 kbps             0 kbps             3,761 kbps
    Disk Usage           2770 kpbs        5407 kpbs           181 kpbs          1102 kpbs
    Disk WriteRate      2770 kpbs        5407 kpbs           181 kpbs          1098 kbps
     
    6. There are a lot of warnings in scanner log. Warnings like this:
     
    sieve: MAX connections from host 117.3.43.160: - message rejected.
     
    There are many errors in DDS log:
     
    - [1277903617829] 800412 com.symantec.sms.dds.api.exception.DataAccessUnavailableException: The data source is unavailable: LDAP_Domino at com.symantec.sms.dds.bl.EntrySourceMonitor.available(EntrySourceMonitor.java:108) at com.symantec.sms.dds.bl.EntrySou
    - [1277903617829] failed to fetch recipient com.symantec.sms.dds.api.exception.DataAccessUnavailableException: The data source is unavailable: LDAP_Domino at com.symantec.sms.dds.bl.EntrySourceMonitor.available(EntrySourceMonitor.java:108) at com.symantec.
     
    Do we have to increase the number of allowed connections? And what do DDS errors mean? 
     
    Best regards!
     

     


  • 4.  RE: SBG 9 no greeting message

    Posted Sep 23, 2010 06:40 PM

    It sounds as though the problamatic scanner can not connect to the LDAP source configured on the Brightmail Control Center. 

    If recipient validation is enabled and the scanner has can not access LDAP and the cached entries have expired, messages will sit in queue, when queue is full MTA will stop accepting messages.

    Check the connectivity between scanner and configured LDAP source.