[FW-1] smtp security server error

Subject:	[FW-1] smtp security server error
From:	Shiroma Dassanayake <nilshiro2000 AT YAHOO DOT COM>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Tue, 23 Aug 2005 22:35:12 -0700

Dear all
 
I have enabled an smtp resource on all incoming smtp to the mailserver. Up till 
yesterday this resource was working fine. Yesterday smtp got dropped with the 
following error string "TCP packet out of state: First packet isnt SYN tcp 
flags: RST". The flags change between RST and SYN-ACK. It cant be attributed to 
a bad packet, because all incoming smtp is dropped. In an effort to recitfy 
this situation, I removed the smtp resource and installed the policy. Incoming 
smtp did come in but all the unwanted smtp came in as well. So I re-inserted 
the smtp resource into the rulebase and installed the policy. After this the 
log tab of Smartview Tracker did not display any incoming smtp at all, there 
are no dropped smtp packets either. The active tab displays incoming smtp. No 
incoming smtp arrives at the inbound queue of the mailserver. The spool 
directory in the firewall is empty. Telnetting to the mailserver on port 25 
from the firewall returns the mailserver MTA version but the "Ch!
 eckpoint
 Firewall-1 secure ESMTP server " message is not displayed. 
 
I once again removed the smtp resource and installed the policy. Now there are 
mail messages in the inbound queue of the mailserver, but all the unwanted mail 
is coming in as well. 
 
Seems like the security server has just stopped working.
 
Smartcenter server runs NG AI R55 HFA-14
module runs NG AI R55 HFA-09
 

I am really stumped. Any ideas are greatly appreciated.
 
Regards
 

                
---------------------------------
 Start your day with Yahoo! - make it your home page 

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1] smtp security server error, Shiroma Dassanayake <= Re: [FW-1] smtp security server error, Reinhard Stich Re: [FW-1] smtp security server error, Shiroma Dassanayake Re: [FW-1] smtp security server error, Covington, Chris

Previous by Date:	Re: [FW-1] How to restore the rule database?? - Disaster, Harold Rugama C
Next by Date:	Re: [FW-1] smtp security server error, Reinhard Stich
Previous by Thread:	[FW-1] VPN Tab in NGX SmartConsole, Lyle Dove
Next by Thread:	Re: [FW-1] smtp security server error, Reinhard Stich
Indexes:	[Date] [Thread] [Top] [All Lists]