Has anyone else had SMTP problems as of August 17? My FGT300 has been up for 21 days working well. No changes have been made. All of a sudden yesterday around 4:00pm CT (according to our ISP who we use as a filtering proxy for our mail) connections have been dropping inbound to our mail server. I have noticed that our SMTP queue is getting larger on the outbound side as well.
Maybe this is related to an AV update? I did notice that we received one " 4.439(08/17/2004 17:19 " . By the way, they never close the paranthesis. Maybe we can add that to our Fortigate Spelling Problems thread.
I am talking to support about this issue now (Case #16351). We' ll see what they have to say.
Well, I unchecked our protection profile for both inbound and outbound mail and things started to clear. I stopped and restarted our Exchange SMTP service again to re-initialize the queues and all the mail was sent out.
Support didn' t say much. They turned the profile back on and sent test messages, which came through just fine. ...of course. So, I left the profiles on during lunch. When I came back, things were built up in the queue again. Check out the picture below.
All the items stuck in the queue report say " The connection was dropped by the remote host" . I' m sure Bellsouth.net, aol.com, comcast.net, sbcglobal.com aren' t all having server problems. It' s got to be something on our end. And like I said before, I can disable the protection profile in the Fortigate, refresh the queue, and they will all be sent out. Something is going on with this FGT300.
If this really is a bad AV update, I can' t be the only one experiencing it. Anyone else having trouble?
Hehehe... I just sent an e-mail to Fortinet support about it. It didn' t even make it out of the queue (see the pic below for the queue object property screenshot). I had to turn off the protection profile to get it out of the queue.
For those of you who might be wondering what my protection profile looks like, here you go:
edit " InboundEmail"
set ftp scan quarantine oversize splice
set http scan quarantine oversize
set imap scan block quarantine oversize
set pop3 scan block quarantine oversize
set smtp scan block quarantine oversize splice
set ips signature anomaly
edit " OutboundEmail"
set ftp scan quarantine buffer_to_disk splice
set http scan quarantine buffer_to_disk
set imap scan quarantine buffer_to_disk
set pop3 scan quarantine buffer_to_disk
set smtp scan quarantine buffer_to_disk content_log splice
That' s the version I' m using now Gustavo.
The problem is solved now, thankfully. Tech support had me reboot my FGT. It had been up for 22 days. Even though the memory was only at 56%, they think that SMTP was having trouble due to the memory leak issue found in MR3. They also gave me MR4 build 218 to try out. So that' s the end of this issue for a bit, I guess.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.