3

I have a Barracuda 300, sometime yesterday afternoon, roughly 5:30, the Barracuda stopped delivering external emails to our exchange users and instead, it began marking all those messages as 'deferred' and a reason as 'Invalid Recipient.'

We have had issues with this Barracuda in the past, and normally, just a little reboot and it would eventually start delivering the mail that is in the queue, as of 9:44AM, the mail/log storage is at 75%. The System Load is under <1%, and the firmware storage is at 37%.

I'm looking for other things that I can check, I've exhausted my knowledge on differing things to try, while, not a lot, I've covered the aspects of what I know to check, I'm just not that familiar with the Barracuda prodcuts:

  • I can ping our exchange server from the Barracuda
  • I've rebooted the Barracuda several times
  • A Dig/NsLookup against our exchange server is successful

A part of me just thinks that since the mail/log storage is so large, that it will just take some time before everything is back to normal, but, it's been about three hours so far, and the mail/log storage is slowly growing larger.

The firmware is ridiculously out of date, 4.0.1.009, the powers that be, just don't want to spend the money to update it.

Any help, even if it's just 'be patient, let it do it's thing', would be greatly appreciated.

Thanks.

Jasoomian
  • 173
  • 1
  • 1
  • 7

1 Answers1

3

Well, you have a few odd issues. Given the old firmware, you're subject to a massive bug related to the Spamassassin filter used by the Barracuda. This bug basically bricks all appliances that have a firmware older than January 2012. Anyone with an older firmware is referred to the Barracuda renewals department.

The current firmware is 5.1.1.xxx. Your vitals are fine in terms of CPU usage and disk utilization. The storage on a busy unit plateaus at 75% and logs/etc are rotated to keep things at that level.

You should check to see if you have LDAP integration enabled on your Barracuda.

That should be Domains -> Domain Manager -> yourdomain.com -> Users -> LDAP Configuration

For the time being, change Exchange Accelerator/LDAP Verification: to NO if it's enabled. If you did have it enabled, check your LDAP bind username and password.

If that's not the case, then check the main system configuration.

Basic -> IP Configuration -> Destination Mail Server TCP/IP Configuration.

Change that field to the IP of your Exchange system and input a test address on your network. Run the SMTP test. The output should end with:

From: <smtptest@barracudanetworks.com> 
Date: Wed Apr 4 08:19:55 2012 
Subject: Test message 

This is a test message from your Barracuda Spam & Virus Firewall. 
. 
250 2.6.0 <f2d75f7d-25d1-4834-ba73-0ca126d0e3fd@abcd.booty.net> [InternalId=466] Queued mail for delivery

Do you have a VMware environment? If so, I would suggest dumping the hardware unit at this point and picking up an evaluation of the Barracuda VX300 virtual appliance. It's far cheaper and faster than the hardware and you can run it for 30 days while "the powers that be" decide on whether they value spam filtering. You won't get support from Barracuda on your existing hardware without paying back to the date that the initial contract ended. It's their policy.

Also see: What to do with an out-of-warranty Barracuda Spam/Web filter?

Community
  • 1
ewwhite
  • 194,921
  • 91
  • 434
  • 799
  • Not using LDAP, but, what you suggested, adding the IP of the Exchange Server and testing an email address, completed successfully. I had just gotten off the phone with Barracuda, and was shocked that I will have to back-pay for Energizer Support and Instant Replacement from the date it expired. So, now, that it expired in 2010, I have to pay for three years (with a bonus free year), to get me in a position of support. Thanks for the info. – Jasoomian Apr 04 '12 at 15:45
  • Don't be shocked. It's their policy. It's also why you can find used units for $100 on eBay. The best short-term solution is to get the Virtual Appliance in place and copy your settings from one unit to the other (if you have a VMWare environment). Can you verify if you're being bit by the massive bug I mentioned before? This would mean that incoming messages are being assigned higher scores than normal. If you have any SCL checking on the Exchange side, this could result in deferred messages. – ewwhite Apr 04 '12 at 15:55
  • That's funny, that top part of that link that you posted was a question from ME about this same Barracuda, and, at that time, adjusting the SPAM score a bit higher was a temporary fix at best, but, it's been working for quite some time since I did that. – Jasoomian Apr 04 '12 at 16:11
  • If you're set on using a Barracuda, you're in a tough spot. THEIR recommendation would be to use a virtual appliance. If you can't do that, you're best off finding a used unit off of eBay that has the newest firmware or an active subscription... See: http://www.ebay.com/itm/NEW-BARRACUDA-NETWORKS-SPAM-VIRUS-FIREWALL-300-BSF300A1-/220985212304?pt=LH_DefaultDomain_0&hash=item3373bebd90#ht_3166wt_901 – ewwhite Apr 04 '12 at 16:14
  • That unit is so old, and the cost to renew the subscriptions is hard to justify vs. buying a new unit. I did want to add that I was incorrect in stating that LDAP was not being used, I am off site, and the lag between me and the barracuda can be long at times, and I had clicked on the right domain, and then in my impatience, clicked on the wrong one, and when it opened, I was on a different domain that does not use LDAP. I turned the LDAP verification off, and the barracuda delivered a ton of emails. While not a perfect solution, I can at least, work on finding one in peace. Thanks again. – Jasoomian Apr 04 '12 at 16:33
  • I'd really steer clear of the hardware. This is also echoed in the sentiment of the support engineers. Do you have a virtual environment to host the Barracuda VX appliance in? – ewwhite Apr 05 '12 at 15:09