Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Not applicable

SMTP Problems as of August 17

Has anyone else had SMTP problems as of August 17? My FGT300 has been up for 21 days working well. No changes have been made. All of a sudden yesterday around 4:00pm CT (according to our ISP who we use as a filtering proxy for our mail) connections have been dropping inbound to our mail server. I have noticed that our SMTP queue is getting larger on the outbound side as well. Maybe this is related to an AV update? I did notice that we received one " 4.439(08/17/2004 17:19 " . By the way, they never close the paranthesis. Maybe we can add that to our Fortigate Spelling Problems thread. I am talking to support about this issue now (Case #16351). We' ll see what they have to say. UPDATE: Well, I unchecked our protection profile for both inbound and outbound mail and things started to clear. I stopped and restarted our Exchange SMTP service again to re-initialize the queues and all the mail was sent out. Support didn' t say much. They turned the profile back on and sent test messages, which came through just fine. ...of course. So, I left the profiles on during lunch. When I came back, things were built up in the queue again. Check out the picture below. All the items stuck in the queue report say " The connection was dropped by the remote host" . I' m sure,,, aren' t all having server problems. It' s got to be something on our end. And like I said before, I can disable the protection profile in the Fortigate, refresh the queue, and they will all be sent out. Something is going on with this FGT300. If this really is a bad AV update, I can' t be the only one experiencing it. Anyone else having trouble?
Not applicable

Hehehe... I just sent an e-mail to Fortinet support about it. It didn' t even make it out of the queue (see the pic below for the queue object property screenshot). I had to turn off the protection profile to get it out of the queue. For those of you who might be wondering what my protection profile looks like, here you go:
edit " InboundEmail" set ftp scan quarantine oversize splice set http scan quarantine oversize set imap scan block quarantine oversize set pop3 scan block quarantine oversize set smtp scan block quarantine oversize splice set ips signature anomaly next edit " OutboundEmail" set ftp scan quarantine buffer_to_disk splice set http scan quarantine buffer_to_disk set imap scan quarantine buffer_to_disk set pop3 scan quarantine buffer_to_disk set smtp scan quarantine buffer_to_disk content_log splice next
As you can see, nothing out of the ordinary.
Not applicable

Here' s a bit more information about the problem.[ul]
  • I removed the " splice" keyword from my protection profile. No change.
  • I then removed " buffer_to_disk" . No change.
  • Removed " scan" . No change.
  • Removed smtp completely. No change.
  • Unchecked Protection profile from the policy. Things start to flow again.[/ul]
  • Not applicable

    I have the same problem in my 200 Box, now i have disabled the AV Scanning for SMTP. I am planing upgrade to 2.80 MR3 that claims to solve some problems with SMTP service.
    Not applicable

    That' s the version I' m using now Gustavo. The problem is solved now, thankfully. Tech support had me reboot my FGT. It had been up for 22 days. Even though the memory was only at 56%, they think that SMTP was having trouble due to the memory leak issue found in MR3. They also gave me MR4 build 218 to try out. So that' s the end of this issue for a bit, I guess.
    Top Kudoed Authors