Solved

Astaro UTM 110 warnings

Posted on 2013-12-13
6
2,440 Views
Last Modified: 2016-02-25
Hi

I get this warnings:

[MOSFW01][WARN-129] Spam Filter cannot query database servers

The spam filter daemon is unable to reach the database servers via HTTP. Please make sure that the device is able to send HTTP (TCP port 80) requests to the Internet. You may have to allow such traffic on upstream devices.
--
System Uptime      : 14 days 15 hours 58 minutes
System Load        : 0.39
System Version     : Sophos UTM 9.105-9

Please refer to the manual for detailed instructions.

But HTTP is open. Any idea? Or how can users surf?

Many thanks in advance
0
Comment
Question by:*** Hopeleonie ***
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 
LVL 64

Assisted Solution

by:btan
btan earned 500 total points
ID: 39718086
Usually it is caused by your link failing or DNS not responding in time when it makes the request. In the firum also stated if it is in HA mode can be likely case or going through pool if service like akamai or opendns that may block access to the online db. Good to check proxy log if going through that in the path to db.

http://www.astaro.org/gateway-products/mail-protection-smtp-pop3-antispam-antivirus/28136-spam-filter-cant-reach-database-servers-after-upgrade-7-5-a.html
0
 
LVL 19

Author Comment

by:*** Hopeleonie ***
ID: 39724643
Dear breadtan

We are still troubleshooting the problem
0
 
LVL 19

Author Comment

by:*** Hopeleonie ***
ID: 39743448
Hi breadtan

We still didn't find a solution. I have escalated the case to a Senior.
0
Are You Headed to Black Hat USA 2017?

Getting ready for Black Hat next week? Kick things off with the WatchGuard Badge Challenge and test your puzzle and cipher skills. Do you have what it takes to earn our limited edition Firebox Badge? Get started today - https://crimsonthorn.net

 
LVL 64

Assisted Solution

by:btan
btan earned 500 total points
ID: 39743475
They may not necessarily be down, but there could be a high latency issue that is causing large amounts of packets to be dropped for example. If the messages are happening regularly have a look at your network connection log to see if you are getting line drops. Also check to see if your ISP has network congestion or chocking in place to some sites.

I was thinking maybe to look out for  "ctasd" error messages in smtp.log, ctasd connects to commtouch for IP reputation info. If that can work then HTTP should be alright.

Also in case of an HA setup with dynamic interfaces (e.g. PPPoE) the slave node can't reach the query database server and will send out such notification. One mean is to change the dynamic interface to a static interface. E.g. by moving the PPPoE dial-in to a router.

Worst case, reboot it to see any difference as sometimes there is hogging socket that is orphaned and not closed hence causing socket connection limiting and dropping...

Another concurrent task may be to activate vendor and raise support call if needed since it been a while. http://www.sophos.com/en-us/support/contact-support.aspx
0
 
LVL 19

Accepted Solution

by:
*** Hopeleonie *** earned 0 total points
ID: 39757753
A Senior is still troubleshooting the Problem. I think we will have to open a case.
0
 
LVL 19

Author Closing Comment

by:*** Hopeleonie ***
ID: 39770556
Thanks a lot breadtan.
0

Featured Post

Ready to get started with anonymous questions?

It's easy! Check out this step-by-step guide for asking an anonymous question on Experts Exchange.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question