syem

Kaspersky Secure Mail Gateway [In progress]

14 posts in this topic

Hi All,

 

please help me, i try install kaspersky security mail gateway with topologi

 

internet--firewall--ksmg--mail server--klien

 

maillog error "Relay access denied"

 

Nov 12 00:00:42 ksmg postfix/smtpd[7889]: setting up TLS connection from unknown[45.116.137.30]

Nov 12 00:00:43 ksmg postfix/smtpd[7889]: Anonymous TLS connection established from unknown[45.116.137.30]: TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)

Nov 12 00:00:43 ksmg postfix/smtpd[7889]: NOQUEUE: reject: RCPT from unknown[45.116.137.30]: 554 5.7.1 <dyah@xxx.co.id>: Relay access denied; from=<susan@utraining-global.com> to=<dyah@xxx.co.id> proto=ESMTP helo=<mail.utraining-global.com>

Nov 12 00:00:44 ksmg postfix/smtpd[7889]: disconnect from unknown[45.116.137.30]

Nov 12 00:00:58 ksmg postfix/smtpd[7888]: connect from mail.bayubuanatravel.com[202.129.224.208]

Nov 12 00:00:58 ksmg postfix/smtpd[7888]: NOQUEUE: reject: RCPT from mail.bayubuanatravel.com[202.129.224.208]: 554 5.7.1 <oji.r@xxx.co.id>: Relay access denied; from=<Office@bdo.bayubuanatravel.com> to=<oji.r@xxx.co.id> proto=ESMTP helo=<mail.bayubuanatravel.com>

Nov 12 00:00:58 ksmg postfix/smtpd[7888]: disconnect from mail.bayubuanatravel.com[202.129.224.208]

Nov 12 00:01:03 ksmg postfix/smtpd[7880]: connect from e215.en25.com[209.167.231.215]

Nov 12 00:01:04 ksmg postfix/smtpd[7880]: NOQUEUE: reject: RCPT from e215.en25.com[209.167.231.215]: 554 5.7.1 <jajat.sudrajat@xxx.co.id>: Relay access denied; from=<monitor@go.terrapinn.com> to=<jajat.sudrajat@xxx.co.id> proto=ESMTP helo=<e215.en25.com>

Nov 12 00:01:09 ksmg postfix/smtpd[7880]: disconnect from e215.en25.com[209.167.231.215]

Nov 12 00:01:43 ksmg postfix/smtpd[7889]: connect from mail-wm0-f49.google.com[74.125.82.49]

Nov 12 00:01:44 ksmg postfix/smtpd[7889]: setting up TLS connection from mail-wm0-f49.google.com[74.125.82.49]

Nov 12 00:01:45 ksmg postfix/smtpd[7889]: Anonymous TLS connection established from mail-wm0-f49.google.com[74.125.82.49]: TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits)

Nov 12 00:01:45 ksmg postfix/smtpd[7889]: NOQUEUE: reject: RCPT from mail-wm0-f49.google.com[74.125.82.49]: 554 5.7.1 <nulyda.moulisa@xxx.co.id>: Relay access denied; from=<eka.novian@gmail.com> to=<nulyda.moulisa@xxx.co.id> proto=ESMTP helo=<mail-wm0-f49.google.com>

Nov 12 00:01:46 ksmg postfix/smtpd[7889]: disconnect from mail-wm0-f49.google.com[74.125.82.49]

Nov 12 00:05:06 ksmg postfix/anvil[7890]: statistics: max connection rate 1/60s for (smtp:209.85.160.175) at Nov 12 00:00:00

Nov 12 00:05:06 ksmg postfix/anvil[7890]: statistics: max connection count 1 for (smtp:209.85.160.175) at Nov 12 00:00:00

Nov 12 00:05:06 ksmg postfix/anvil[7890]: statistics: max cache size 5 at Nov 12 00:00:58

 

Please advice

thanks

Share this post


Link to post
Share on other sites

This error looks for a misconfiguration: 554 5.7.1 <dyah@xxx.co.id>: Relay access denied

 

Can you post the configuration? # /opt/kaspersky/klms/bin/klms-control --export-settings -f <file_name>

Share this post


Link to post
Share on other sites
This error looks for a misconfiguration: 554 5.7.1 <dyah@xxx.co.id>: Relay access denied

 

Can you post the configuration? # /opt/kaspersky/klms/bin/klms-control --export-settings -f <file_name>

 

attach settings

KSMG_settings.zip

Share this post


Link to post
Share on other sites
attach settings

 

Hi,

 

May I also ask to confirm that you are following the deployment guide starting from p.20 ?

 

Thank You!

Share this post


Link to post
Share on other sites
Hi,

 

May I also ask to confirm that you are following the deployment guide starting from p.20 ?

 

Thank You!

 

yes i follow p 20.

Share this post


Link to post
Share on other sites

hi all,

 

now problem relay acces denied.. solved..

 

now i have problem date.. please advice

 

post-278438-1447307861_thumb.png

Share this post


Link to post
Share on other sites
What was the problem with the relay access denied?

 

 

hello i have a problem about kaspersky secure mail gateway

this is still POC

can you help me why KSMG can not screening email?

ip gateway 10.1.6.254

ip mailbox 10.1.6.6

i sent the setting and screen capture

 

post-549114-1494319715.jpg

post-549114-1494319724.jpg

Share this post


Link to post
Share on other sites
hello i have a problem about kaspersky secure mail gateway

this is still POC

can you help me why KSMG can not screening email?

ip gateway 10.1.6.254

ip mailbox 10.1.6.6

i sent the setting and screen capture

 

and this setting

KSMG_settings__1_.rar

Share this post


Link to post
Share on other sites

Hi,

 

Could you please confirm that your e-mail passed throw KSMG?

You can double-check an e-mail header, it should contain KSMG verdict.

 

Thank you!

Share this post


Link to post
Share on other sites
Hi,

 

Could you please confirm that your e-mail passed throw KSMG?

You can double-check an e-mail header, it should contain KSMG verdict.

 

Thank you!

 

Sorry i still do not understand

What does it mean?

I try to follow the commands according to the existing tutorial

Is there something wrong with their email?

Their mailbox uses the exchange

And their gateways use office 365

 

Thank u for your respon

Share this post


Link to post
Share on other sites
hello i have a problem about kaspersky secure mail gateway

this is still POC

can you help me why KSMG can not screening email?

ip gateway 10.1.6.254

ip mailbox 10.1.6.6

i sent the setting and screen capture

 

Hello,

 

please attach a sample of header - http://support.kaspersky.com/12313

Thank you.

Share this post


Link to post
Share on other sites
Hello,

 

please attach a sample of header - http://support.kaspersky.com/12313

Thank you.

 

Hello Dmitry,

 

Can you please check whether there is still a wrong log?

I have followed all the solutions.

 

 

 

May 19 02:35:07 klms opendkim[1791]: OpenDKIM Filter v2.10.3 starting (args: -x /etc/opendkim.conf -P /var/run/opendkim/opendkim.pid)

May 19 02:35:09 klms postfix/postfix-script[1937]: starting the Postfix mail system

May 19 02:35:09 klms postfix/master[1938]: daemon started -- version 2.6.6, configuration /etc/postfix

May 19 09:43:51 mtcsmgap01a KSMG: external directory services disabled

May 19 09:43:52 mtcsmgap01a KSMG: product started in configuration mode

May 19 09:43:54 mtcsmgap01a KSMG: settings changed: app-settings

May 19 09:43:54 mtcsmgap01a KSMG: settings changed: task 2 "Backup"

May 19 09:43:54 mtcsmgap01a KSMG: settings changed: task 3 "ScanLogic"

May 19 09:43:54 mtcsmgap01a KSMG: settings changed: task 4 "Facade"

May 19 09:43:56 mtcsmgap01a KSMG: Event logging stopped

May 19 09:44:09 mtcsmgap01a KSMG: external directory services disabled

May 19 09:44:13 mtcsmgap01a KSMG: Anti-Spam bases applied: publishing-time="2015-09-24T19:58:08"

May 19 09:44:13 mtcsmgap01a KSMG: Anti-Spam bases are obsoleted: 602 days

May 19 09:44:41 mtcsmgap01a KSMG: Anti-Virus bases applied: primary_index-publishing-time="24092015 1308", publishing-time="2015-09-24T10:55:00", record-count=6543093

May 19 09:44:41 mtcsmgap01a KSMG: Anti-Virus bases are obsoleted: 602 days

May 19 09:44:45 mtcsmgap01a KSMG: product started

May 19 09:44:45 mtcsmgap01a KSMG: real-time scan started

May 19 09:44:45 mtcsmgap01a klms-smtp_proxy: /opt/kaspersky/klms/libexec/klms-smtp_proxy started, pid = 4240, recieving on unix:/var/run/klms/klms_smtp_sock, sending to unix:/var/spool/postfix/public/klms_forward_sock, timeout = 10, threads number = 20, scanner = unix:/var/run/klms/klms_scanner_sock

May 19 09:44:46 mtcsmgap01a postfix/postfix-script[4292]: stopping the Postfix mail system

May 19 09:44:46 mtcsmgap01a postfix/master[1938]: terminating on signal 15

May 19 09:44:46 mtcsmgap01a postfix/postfix-script[4365]: starting the Postfix mail system

May 19 09:44:46 mtcsmgap01a postfix/master[4366]: daemon started -- version 2.6.6, configuration /etc/postfix

May 19 09:44:46 mtcsmgap01a KSMG: settings changed: app-settings

May 19 09:44:46 mtcsmgap01a postfix/pickup[4370]: ADEE5A0002: uid=496 from=<klms@localhost>

May 19 09:44:46 mtcsmgap01a postfix/cleanup[4390]: ADEE5A0002: message-id=<20170519024446.ADEE5A0002@mtcsmgap01a.ksmg.sucorsekuritas.com>

May 19 09:44:46 mtcsmgap01a postfix/qmgr[4371]: ADEE5A0002: from=<klms@localhost.ksmg.sucorsekuritas.com>, size=778, nrcpt=1 (queue active)

May 19 09:44:46 mtcsmgap01a postfix/pickup[4370]: B3C11A0003: uid=496 from=<klms@localhost>

May 19 09:44:46 mtcsmgap01a postfix/cleanup[4390]: B3C11A0003: message-id=<20170519024446.B3C11A0003@mtcsmgap01a.ksmg.sucorsekuritas.com>

May 19 09:44:46 mtcsmgap01a postfix/qmgr[4371]: B3C11A0003: from=<klms@localhost.ksmg.sucorsekuritas.com>, size=776, nrcpt=1 (queue active)

May 19 09:44:46 mtcsmgap01a KSMG: settings changed: app-settings

May 19 09:44:46 mtcsmgap01a postfix/local[4397]: ADEE5A0002: to=<root@mtcsmgap01a.ksmg.sucorsekuritas.com>, orig_to=<postmaster@localhost>, relay=local, delay=0.12, delays=0.09/0.01/0/0.01, dsn=2.0.0, status=sent (delivered to mailbox)

May 19 09:44:46 mtcsmgap01a postfix/qmgr[4371]: ADEE5A0002: removed

May 19 09:44:47 mtcsmgap01a postfix/local[4398]: B3C11A0003: to=<root@mtcsmgap01a.ksmg.sucorsekuritas.com>, orig_to=<postmaster@localhost>, relay=local, delay=0.95, delays=0.06/0.02/0/0.87, dsn=2.0.0, status=sent (delivered to mailbox)

May 19 09:44:47 mtcsmgap01a postfix/qmgr[4371]: B3C11A0003: removed

May 19 09:44:48 mtcsmgap01a KSMG: Anti-Spam bases applied: publishing-time="2015-09-24T19:58:08"

May 19 09:44:48 mtcsmgap01a KSMG: Anti-Spam bases are obsoleted: 602 days

May 19 09:45:00 mtcsmgap01a KSMG: bases update error: License error

May 19 09:46:21 mtcsmgap01a postfix/postfix-script[4563]: stopping the Postfix mail system

May 19 09:46:21 mtcsmgap01a postfix/master[4366]: terminating on signal 15

May 19 09:46:21 mtcsmgap01a postfix/postfix-script[4636]: starting the Postfix mail system

May 19 09:46:21 mtcsmgap01a postfix/master[4637]: daemon started -- version 2.6.6, configuration /etc/postfix

May 19 09:46:21 mtcsmgap01a KSMG: settings changed: app-settings

May 19 09:50:00 mtcsmgap01a KSMG: bases update error: License error

May 19 09:51:03 mtcsmgap01a KSMG: license key installed: serial="0C7E-0006C7-5536D563", key-type="Trial", functionality-level="Full functionality"

May 19 09:51:04 mtcsmgap01a KSMG: license key is ok: serial="0C7E-0006C7-5536D563", functionalityLevel="Full functionality"

May 19 09:51:35 mtcsmgap01a KSMG: settings changed: task 11 "Updater"

May 19 10:01:24 mtcsmgap01a KSMG: Anti-Virus bases applied: primary_index-publishing-time="19052017 0256", publishing-time="2017-05-19T00:56:00", record-count=9573989

May 19 10:01:24 mtcsmgap01a KSMG: Anti-Virus bases are up to date

May 19 10:01:45 mtcsmgap01a KSMG: Anti-Spam bases applied: publishing-time="2017-05-19T09:50:06"

May 19 10:01:45 mtcsmgap01a KSMG: Anti-Spam bases are up to date

May 19 10:01:47 mtcsmgap01a KSMG: Anti-Virus bases updated

May 19 10:01:47 mtcsmgap01a KSMG: Anti-Spam bases updated

May 19 10:04:08 mtcsmgap01a postfix/postfix-script[6567]: stopping the Postfix mail system

May 19 10:04:08 mtcsmgap01a postfix/master[4637]: terminating on signal 15

May 19 10:04:08 mtcsmgap01a postfix/postfix-script[6640]: starting the Postfix mail system

May 19 10:04:08 mtcsmgap01a postfix/master[6641]: daemon started -- version 2.6.6, configuration /etc/postfix

May 19 10:04:13 mtcsmgap01a postfix/postfix-script[6672]: stopping the Postfix mail system

May 19 10:04:13 mtcsmgap01a postfix/master[6641]: terminating on signal 15

May 19 10:04:13 mtcsmgap01a postfix/postfix-script[6745]: starting the Postfix mail system

May 19 10:04:13 mtcsmgap01a postfix/master[6746]: daemon started -- version 2.6.6, configuration /etc/postfix

May 19 10:04:15 mtcsmgap01a KSMG: settings changed: task 3 "ScanLogic"

May 19 10:16:02 mtcsmgap01a KSMG: settings changed: app-settings

May 19 10:16:54 mtcsmgap01a KSMG: settings changed: app-settings

May 19 10:27:39 mtcsmgap01a KSMG: Flush all messages in MTA queues: success

May 19 10:30:50 mtcsmgap01a postfix/postfix-script[9428]: stopping the Postfix mail system

May 19 10:30:50 mtcsmgap01a postfix/master[6746]: terminating on signal 15

May 19 10:30:51 mtcsmgap01a postfix/postfix-script[9503]: starting the Postfix mail system

May 19 10:30:51 mtcsmgap01a postfix/master[9504]: daemon started -- version 2.6.6, configuration /etc/postfix

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now