You need a basic overview of how Simple Mail Transfer Protocol (SMTP) works to help in troubleshooting Symantec AntiVirus for SMTP gateways 3.x problems.
Overview of SMTP
SMTP is an agreed-upon format for transmitting data between two devices. The protocol determines the following:
- The type of error checking to be used
- Data compression method, if any
- How the sending device will indicate that it has finished sending a message
- How the receiving device will indicate that it has received a message
Note: See RFC 821 for a more detailed description of the SMTP model of communication.
The main purpose of SMTP is for sending and delivering email messages to user's mailboxes. SMTP servers, communicate with each other, for the purpose of sending and receiving SMTP mail. SMTP is independent of the particular transmission subsystem and only requires a reliable ordered data stream channel. SMTP uses a set of basic commands to "talk SMTP." The following are the SMTP commands most commonly used. The commands in bold are important when troubleshooting the Symantec gateways product installed.
HELO <SP> <domain> <CRLF>
MAIL <SP> FROM:<reverse-path> <CRLF>
RCPT <SP> TO:<forward-path> <CRLF>
SEND <SP> FROM:<reverse-path> <CRLF>
SOML <SP> FROM:<reverse-path> <CRLF>
SAML <SP> FROM:<reverse-path> <CRLF>
VRFY <SP> <string> <CRLF>
EXPN <SP> <string> <CRLF>
HELP [<SP> <string>] <CRLF>
What the essential commands mean:
Note: A blank subject line returns a scan error 32 when Symantec AntiVirus for SMTP Gateways 3.1.2 or newer is installed. This is due to a change in the decomposer.
How to troubleshoot the Symantec gateways product using SMTP commands and Telnet
Telnet can be used to determine whether a particular server can communicate with another SMTP server. Since the Symantec product is an SMTP relay and uses TCP/IP, you can start a telnet session and use SMTP commands to establish a connection to another SMTP server. After connecting, the telnet session can be used to determine whether the Symantec product installed on the computer can process mail. The following example are the commands you type in a Telnet session under Windows 2000. Windows NT and other shells are different.
- Open a command prompt (Command.exe).
- Type the following entries, pressing Enter after each one:
open <IP address of the Symantec AntiVirus for SMTP gateways server> <port (default is 25)>
helo <senders fully qualified domain name>
mail from: <return email address>
rcpt to: <recipients's email address>
<type in the email message>
. (type in the period)
- When you are finished with the Telnet session, close the Cmd.exe window.
The following is a list of the numerical codes and a brief description.
211 System status, or system help reply
214 Help message [Information on how to use the receiver or the meaning of a particular nonstandard command; this reply is useful only to the human user]
250 Requested mail action okay, completed
251 User not local; will forward to <forward-path>
354 Start mail input; end with <CRLF>.<CRLF>
450 Requested mail action not taken: mailbox unavailable [E.g., mailbox busy]
451 Requested action aborted: local error in processing
452 Requested action not taken: insufficient system storage
500 Syntax error, command unrecognized [This may include errors such as command line too long]
501 Syntax error in parameters or arguments
502 Command not implemented
503 Bad sequence of commands
504 Command parameter not implemented
550 Requested action not taken: mailbox unavailable [E.g., mailbox not found, no access]
551 User not local; please try <forward-path>
552 Requested mail action aborted: exceeded storage allocation
553 Requested action not taken: mailbox name not allowed [E.g., mailbox syntax incorrect]
554 Transaction failed
See RFC 1893 for additional information on numerical codes.