Skip to main content
A
Anonymous_User
Contributor
April 13, 2004
Question

Exchange email getting blocked

  • April 13, 2004
  • 6 replies
  • 8669 views
I' m just starting my attempts to solve this one, but perhaps somebody else on the forum has seen this or has some ideas: I setup the Fortigate 50a with the default policies. We are running Windows Small Business Server 2003. Our main application of note is Exchange Server 2003. We have the MX records for the domain pointed in and the Fortigate forwarding the ports to the server. With no policies in effect, everything works perfectly. When we use the default policy or normal policies, most of the email is being blocked--even if the size is small (ie text saying " test" ). My short term fix was to open the floodgates and let everything in. Now I want to figure out what/why these outside emails addressed to our users were being blocked. Any ideas? Any guesses as what to try next? Thanks, Jeremy

    6 replies

    A
    Anonymous_UserAuthor
    Contributor
    April 13, 2004
    Hi Jeremy! Did you check the Email Filter menu? I think may be your messages which contains some format can be blocked by these features. And would you pls review the Antivirus rules in your default Policy? Hope u fix the problem and share it to the Forum,pls! Brgds
    A
    Anonymous_UserAuthor
    Contributor
    April 16, 2004
    Hello, We are running a Fortigate 60 box, and like Jeremy in this thread, have the default settings in place. We are using an outside hosting provider for Exchange (which we connect to using a VPN session). The staff running Outlook XP are not having problems, but the folks on Outlook 2003 are having a problem where the connection to the server seems to be lost during spell-check/send. Otherwise, everything is passing normally and email is working fine. I checked the email filter settings again, per your idea, and they are also default/nothing. Any ideas? I' m about to call the Fortinet folks now to see what settings I might need to tweak. Kenan
    A
    Anonymous_UserAuthor
    Contributor
    April 22, 2004
    Try check your Exchange Server Event Log, you might be able to find something there. For my case, I found that my Exchange server refuse to Relay for my firewall IP (I enable NAT in the policies, which is wrong) I using Fortigate 100, NAT mode. You will need to configure the following: - 1. Virtual IP to map External IP -> Server IP (exchange server private IP). 2. Policies, Ext -> Int, make sure you don' t select any of the option. Have a try..
    A
    Anonymous_UserAuthor
    Contributor
    April 23, 2004
    Exchange 2003 port fowarding & FW Settings
    Fortigate 50A, configured (NON-transparent mode) to Scan/File Block all outbound SMTP traffic, and same on incoming SMTP traffic. The device is configured to TCP Port-Forward (port 25) to our Exchange server address (192.168.1.3). We have an Exchange 2003 sever. It sends (and receives) email immediately to most addresses. However we found that any email to Hotmail, rgm.com.au and a few others, gets delayed and not sent. As soon as I turn off Antivirus Scanning on outbound email....all email goes immediately. Note: On incoming Hotmail emails...there is upto a 5 minute delay on receiving emails with Inbound virus scanning turned on, but no delay with the scanning turned off. Sorry this is not a solution, but perhaps helps build a better picture of the problem. Jason.
    A
    Anonymous_UserAuthor
    Contributor
    June 21, 2004
    Why use Port-Fwd' ing at all? Why not just use Static NAT? If you specifically have a policy for Ext->Int for SMTP to your exchange server, then you don' t need Port-Fwd' ing enabled. i don' t and email come sin just fine. Just my .02. Travis.
    A
    Anonymous_UserAuthor
    Contributor
    April 26, 2004
    You have described problems similar to the ones i have been experience with several revisions of the 2.50 code. I have websites that simply will not display with AV turned on. As soon as I disable AV, all starts working well. I know this isn' t really and option as this will disable your AV scanning, but its worth a try; add the domains in question to the URL exempt list. This should cause the fortigate to exclude them from any file block procedures or AV scanning when the see the smtp header in the email. I' ll be glad when they get the AV weirdness straightened out too.
    A
    Anonymous_UserAuthor
    Contributor
    May 17, 2004
    I experienced the same problem : after my fortigate power supply died I had to use a temporary fortigate lended, this had the firmware v2.50 as soon as I enabled the AV filtering I started getting bugged by " lusers" with problems sending/receiving from (r)hotmail :) (but also a couple of other domains) problems that vanished as the old fortigate (with v2.36) was reinstated now I' m quite puzzled if is the case to upgrade .... also I doubt that disabling av checks for rotmail is a good idea given the fact that a huge pile of crap arrives from it (or with spoofed " from" fields in that domain) let' s hope that 2.50 gets a fix! Max
    A
    Anonymous_UserAuthor
    Contributor
    May 26, 2004
    We' ve seen something slightly related to this on one large site with 2000 users behind an 800. Hotmail broke for all IE6 users but the guys on Mozilla had no issues. Weirdest thing is it is intermittent. Fortinet are investigating but no solution at present. BTW, it has 2.5 build 264.
    A
    Anonymous_UserAuthor
    Contributor
    June 28, 2004
    Is it the entire mail or simply attachments?
    A
    Anonymous_UserAuthor
    Contributor
    July 7, 2004
    Totally new to F/walls - Exch 5.5 -> Cisco Pix (Nat) -> FG60 (Trans) -> Cisco Router -> Outside HTTP fine, FTP appears fine (not fully checked yet) Inbound Mail fine Inbound with Attachments fine Outbound Mail fine Outbound with Attachments NOGO!!! No blocking set Anybody any ideas - help greatly needed & appreciated
    A
    Anonymous_UserAuthor
    Contributor
    June 29, 2004
    We have an Exchange 2003 sever. It sends (and receives) email immediately to most addresses. However we found that any email to Hotmail, rgm.com.au and a few others, gets delayed and not sent
    Hotmail problem is now known.. (blocked when AV enabled). Look the Antivirus Forum here I solved same problem using set antivirus service smtp splice disable Although I solved the problem (thanks to Ukwizard' s hint) Fortinet support has not reply yet (and we are resellers here). They could have better support. So far they have not answered to any of my mails [:' (] Maybe the don’t receive my mails when they have enabled AV. They should try ‘splice’ ..
    Terms & ConditionsAccessibility statement