Link to home
Start Free TrialLog in
Avatar of Slagerij
Slagerij

asked on

Email piles up in Symantec gateway Slow Queue due to what looks like a mail loop involving addresses with bad recipients

We have been battling a mail delivery delay problem at our Symantec Gateway and I am fairly certain its because email that is destined for our internal domain but has a bad recipient address are bouncing back to the gateway only to be retried over and over again every 15 minutes for days. This is a problem because these are SPAM messages with junk addresses and its slowing the whole thing down to a crawl on a regular basis as the slow queue gets larger and larger.

I called Symantec and the only thing we can do is turn down the retry frequency and duration on their product. This is something I don't necessarily want to do because occasionally a message may need that slow queue when my users send email outbound to a domain that may be temporarily unavailable. We want those messages to cycle through and retry.

A little visual....

Normal
good_address@mycompany.com message --> Symantec Gateway --> MyCompany.com Internal BridgeHead Server Forwards internally

BAD
bad_address@mycompany.com message -->Symantec Gateway --> MyCompany.com Internal Bridgehead rejects message --> Symantec Gateway puts it in the slow queue and retry's every 15 minutes for X amount of days looping until the message times out.

Does this make sense? I need to somehow process/throw away messages with bad addresses without sending them back to the gateway for days worth of retry cycles....

Thanks in advance
ASKER CERTIFIED SOLUTION
Avatar of Sembee
Sembee
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Slagerij
Slagerij

ASKER

There doesn't appear to be anywhere you can set it up to do LDAP lookups. And I agree, rejecting non existant addresses should be a given but I'm not seeing it. I'm thinking "what if" the gateway and the bridgehead were across a slow link instead of right next to each other. I would be attempting to send all that SPAM across for no reason.

I inherited all of this and its a little dated. I'm thinking an upgrade is in my future but it sure would be nice to get this going long enough to buy me some time.

Time to close this puppy....

For the record-->Symantec had a patch for our problem and this seemed to fix the crippled queue problem. It also happens that our support was up and the invoice was a hefty chunk of change to re-up/upgrade. Well, since it took them weeks to diagnose and patch we were already looking at other products. For about a third of the price of the Symantec gateway we bought a Barracuda SPAM firewall 300.

It works better (more blocked SPAM,less false positives) than the Symantec its replaced so far and its running a Linux kernel on Barracuda supported hardware with a 24 hour replacement policy. The only thing I was a little concered about was the anti-virus. It uses open source ClamAV. However for us its going to work out just fine since we have Symantec SMTP AV on the backend is giving us a second layer of AV. Where as before we had 2 layers but they were both Symantec so it wasn't really 2 layers to me.
Simply put, our version of the Symantec Mail gateway didn't do LDAP lookup tpo check for bad recipients. Its not that it was overly old its just that somebody before me bought a version that didn't have all the features we needed. However its worked for years and this latest issue was a known at Symantec. It just took them a really long time to solution this for us so we moved on to another product.
Slagerij,

I too have the same problem with the same product.  What was Symantec's patch as they no longer support this product - even though I own a license for its upgrade?

Thanks,

Whitney