In this post we’ll talk about what TLS is and how does it work in SMTP transactions, the same can be applied to other protocols like HTTPS, though.
The Entry Point (AddressOfEntryPoint) defined in the PECOFF format for executable files refers to location in memory where the first instruction of execution will be placed. To find this address in both memory and disk (RawData) you must first locate the following values inside the executable file: Continue reading
In this post we’ll show the analysis of another common error for smtp status code 421 4.4.2 host Error: timeout exceeded which refers to network or connection problems between SMTP servers. The symptoms you may observe is the your Postfix (IMSVA) server is not able to accept all incoming mails and sender server is starting to have queuing problems. Continue reading
PART II. Maillog indicators interpretation
In Part I. Postfix Maillog Performance Indicators, we reviewed how to find several values by filtering maillog that would help us understand how our Postfix or IMSVA device is actually working in terms of queuing, reception and delivery performance. Now we’ll see how to put a context to those numbers to transform them from just values to actions / configurations that will improve our device’s longtime performance. Continue reading
Part I. Postfix Maillog Performance Indicators
The following procedure should work for any mail server or Anti-Spam appliance. This particular analysis was made with the Postfix bundled in IMSVA 8.2 but it could be easily translated to any other platform.
The first point to identify what is the actual performance of Postfix is to define certain indicators that can help us to measure behavior patterns. The following list shows some of the most important for the analysis.
The IMSVA web management console doesn’t count with an option to shutdown or restart the box in which IMSVA is installed. To perform this operation you must login to the shell with user root using some SSH client like Putty. The following are the commands you have to execute to perform these operations: Continue reading
The different situations that can be described with the main smtp status codes defined in RFC 2821 are not enough to consider the wide range of situations an MTA server may face when delivering a message. Because of this, a new set of codes were created. The following is an extract from RFC 3463, where a definition for this new SMTP Protocol feature is given: Continue reading
The SSO feature of IMSVA helps users to access their EUQ web console without entering credentials every time they want to manage their quarantined mails. Continue reading
A very common problem in any Trend Micro ScanMail for Exchange (SMEX) implementation is the fact that when you have mails in SMEX quarantine, you can’t resend them. Continue reading
Wireshark is an application that allows you to capture network traffic, this is very useful when you need to troubleshoot problems or just to understand how an specific application works. In this post you will find some filters that may help you to correctly interpret complete conversations or specific network packets. Continue reading