Message audit log shows "Action taken: Rejected message by MTA" without any verdict that triggers the action
search cancel

Message audit log shows "Action taken: Rejected message by MTA" without any verdict that triggers the action

book

Article ID: 155464

calendar_today

Updated On:

Products

Messaging Gateway

Issue/Introduction

Using mandatory filter "Connection IP" you can find several mails with no verdict but Message audit log shows "Action taken: Rejected message by MTA" on Symantec Messaging Gateway (SMG). 

Cause

"Action taken: Rejected message by MTA" can be caused by any reputation policy with action set to [Reject SMTP Connection] or when the one or more of the MTA DNS validation checks fail.

The "Verdict" field will clarify which reputation service rejected or deferred the connection but if the "Verdict" is "None" then the connection was likely rejected due to the MTA DNS validation which has no verdict. 

ID: 0ac85950-b7c36ae000004379-06-4ecdd99402c8
Message-ID:
Accepted From: 192.0.2.83
Scanners: Local Host
Time accepted: Thursday, Nov 24, 2019 02:43:48 PM JST
Direction:
Sender:
(none)
Authenticated username: (none)
Original recipients:
Original Subject: (none)
Full attachment list: None
Suspect attachments: None
#  Recipient Data
Intended recipient:
None
Verdict: None
Tracker: None
Actions taken: Rejected message by MTA
Delivery: None
Untested verdicts: None

 

Resolution

This behavior is by design.

The MTA DNS validation checks operate outside the scope of the Brightmail Engine and do not have an associated verdict. To confirm that one or more MTA DNS validation checks are enabled, please review Protocols > Settings in the SMG Control Center

 

For more information about MTA DNS validation, please refer to the the Messaging Gateway Administration Guide.

 

 

Powered by Wolken Software