Has anyone else had SMTP problems as of August 17? My FGT300 has been up for 21 days working well. No changes have been made. All of a sudden yesterday around 4:00pm CT (according to our ISP who we use as a filtering proxy for our mail) connections have been dropping inbound to our mail server. I have noticed that our SMTP queue is getting larger on the outbound side as well.
Maybe this is related to an AV update? I did notice that we received one " 4.439(08/17/2004 17:19 " . By the way, they never close the paranthesis. Maybe we can add that to our Fortigate Spelling Problems thread. 
I am talking to support about this issue now (Case #16351). We' ll see what they have to say.
UPDATE:
Well, I unchecked our protection profile for both inbound and outbound mail and things started to clear. I stopped and restarted our Exchange SMTP service again to re-initialize the queues and all the mail was sent out.
Support didn' t say much. They turned the profile back on and sent test messages, which came through just fine. ...of course. So, I left the profiles on during lunch. When I came back, things were built up in the queue again. Check out the picture below.
All the items stuck in the queue report say " The connection was dropped by the remote host" . I' m sure Bellsouth.net, aol.com, comcast.net, sbcglobal.com aren' t all having server problems. It' s got to be something on our end. And like I said before, I can disable the protection profile in the Fortigate, refresh the queue, and they will all be sent out. Something is going on with this FGT300.
If this really is a bad AV update, I can' t be the only one experiencing it. Anyone else having trouble?
I am talking to support about this issue now (Case #16351). We' ll see what they have to say.
UPDATE:
Well, I unchecked our protection profile for both inbound and outbound mail and things started to clear. I stopped and restarted our Exchange SMTP service again to re-initialize the queues and all the mail was sent out.
Support didn' t say much. They turned the profile back on and sent test messages, which came through just fine. ...of course. So, I left the profiles on during lunch. When I came back, things were built up in the queue again. Check out the picture below.
All the items stuck in the queue report say " The connection was dropped by the remote host" . I' m sure Bellsouth.net, aol.com, comcast.net, sbcglobal.com aren' t all having server problems. It' s got to be something on our end. And like I said before, I can disable the protection profile in the Fortigate, refresh the queue, and they will all be sent out. Something is going on with this FGT300.
If this really is a bad AV update, I can' t be the only one experiencing it. Anyone else having trouble?
Hehehe... I just sent an e-mail to Fortinet support about it. It didn' t even make it out of the queue (see the pic below for the queue object property screenshot). I had to turn off the protection profile to get it out of the queue.
For those of you who might be wondering what my protection profile looks like, here you go:
edit " InboundEmail" set ftp scan quarantine oversize splice set http scan quarantine oversize set imap scan block quarantine oversize set pop3 scan block quarantine oversize set smtp scan block quarantine oversize splice set ips signature anomaly next edit " OutboundEmail" set ftp scan quarantine buffer_to_disk splice set http scan quarantine buffer_to_disk set imap scan quarantine buffer_to_disk set pop3 scan quarantine buffer_to_disk set smtp scan quarantine buffer_to_disk content_log splice nextAs you can see, nothing out of the ordinary.
