Incoming email delays - Netscreen 5GT

[tsbjax]

Hello,

We are having an issue that our ISP believes is firewall-related. Sometimes incoming email is delayed by as much as an hour, and sometimes is not delivered at all. We have a Netscreen 5GT firewall which accepts traffic from the router, and then sends port 25 traffic to a Mail Marshal machine for spam/security processing. The Mail Marshal machine then sends to Exchange for delivery to the end user's mailbox.

The emails in question are not making it to the Mail Marshal machine until right before they are delivered (late), and the ISP says traffic to/from the router is ok. So that leaves the firewall.

I have done telnet session to port 25 - sometimes they connect, sometimes they don't. It is very sporadic.

I have re-started the firewall which did not help. I cannot update the firmware because the person before me let the support agreement lapse. I have renewed it, but I don't have access to the latest firmware yet.

I don't know too much about how to troubleshoot issues with the firewall, but I want to be able to determine if the emails are actually making it to the firewall and if so, what is happening after that.

Any help/guidance, etc. would be greatly appreciated!!

Thanks so much!

Tara

 

[Packet7]

Hi Tara,

I would start with some basic SMTP testing. First, configure a flow filter on your Firewall and enable debug. Second, telnet to your SMTP IP from an external host. Repeat this a few times and make sure your connection looks OK. Next, I would stop the debug and look over the info. Third, I would start the debug again, clear the db and test with some real messages. I would then compare the debug info with the logs of your mail relay and server. Let me know if you have any questions.

Flow Filter:
set ff dst-port 25

Debug:
undebug all
debug flow basic
clear db

Stop Debug:
undebug all

View DB:
get db str

Remove Flow Filter:
unset ff 0

Rgds,

John