I m trying to use untangle as spam filter in front of my mail server .

I m using untangle in bridge mode with 2 interface .

External interface connect to my switch and internal interface connect to mail server.

i am able to ping from amil server and also i am able to ping mail server from outside .

when i telnet port 25 for mail server it get delayed for 40 to 50 sec and all my mail connections are tooo slow .

i cant connect to mail server at times .

i can see that there are log genrated in spam blocker , still things dont work and all my users complains for not able to connect mail server .

ports used on mail server

25
110
143
80 - webmail .

i have created a firewall rule to allow all any any any .

it seems untangle is adding lot of delay ,

is there some thing worng i m doing , if yes please help ....

Check the Attack Blocker logs to see if the mail server is showing up on it's radar. It wouldn't be surprising if it is if that server sees a lot of traffic and since it is the only device connected to Untangle.

Welcome to the Forums!

wow Thats what i call fast reply . Thanks buddy ....

I have checked by disabling attack blocker , still no improvement , i tried disabling all application on rack , - firewall ... , atack blocker , webfilter etc , but same result .

2) I have checked attack blocker logs , i see no packet got dropped or rejected .

Ping is working fine , no breaks , port 25 , 80 ,110 seems to access slow and we can say it does not work atall ....on the mail server ,.

Turning the Attack Blocker module off doesn't turn Attack Blocker off. It just turns the Event viewing capabilities off.

Let's do this as a test to see it we can increase performance and then start adding filtering in.

First, run this command and see if the speed problems still persist. This command will disable ALL untangle filtering but should still pass traffic.

/etc/init.d/untangle-vm stop

If you want to start the filtering back after you test it then just run
/etc/init.d/untangle-vm start

ok ...

Yes as soon as i stop vm then all started working well ,

after starting vm again it stopped , my smtp connection start hanging up ....

I noticed you have the firewall module installed.... what is your intention for the server? Just spam filtering or do you want to firewall the server too?

Also, how many users are connecting to this server?

yes i have installed the firewall module ...

You are correct i need it as spam filter - Primary , then i might have to use other features also .

This is our external mail server , only 30 users for pop , imap and smtp ....

Mail server details

1) postfix , amavis , spamassassin , squirellmail , clam for antivirus .

untangle server cpu is 95% idel

memory usage 1 gb out of 2 gb total ...

resoruce usage dont seems to high

I think your network layout isn't correct. It should be:

DSL modem -> Untangle (bridge) -> switch -> All your servers/PC's

I have it this way, the DSL modem is router/firewall, so Untangle has NO firewall/router enabled! And all works out of the box. External interface to DSL modem and internal interface to my switch.

You do not use the firewall in Untangle, so portforwarding is in the DSL device, port 25 for bsmtp mail only.

Again, your DSL device has a router inside with firewall. If not, you must use the router/firewall of Untangle. And you need port 53 and 80 also.

Dont worry for that , i m using all real ip address , i m ISP myself and can take care of the routing and bridging ,

As far as network is concerned , i m able to work properlyy if iuse VM stop as suggested by Silver bullet ...

2) I have uninstalled al application accept spam filter , sitll things are solw ...

silver bullet -- awaiting for ur idea to get it working

OK, here is what I think is happening... I think that the Spam Filter is scanning your POP and IMAP client connection to the email server since it scans traffic that occurs on ports 110 and 143 and hence causing the delay.

So, you have 2 options.
1) Disable POP and IMAP filtering in the Spam Filter, Phishing Filter and Virus Filter.

2) Create Bypass rules for traffic that occurs over those ports.

Since the mail has already been scanned by Untangle on the SMTP transaction, then you will be ok doing either and both essentially accomplish the same goal. I would try option 1 first and if it doesn't work then do option 2.

Thanks .

Issue :-
imap and pop and port 80 that is getting delayed . Even 10000 port for webmin gets delayed .

does this answer why 10000 port for webmain is also delayed ....

i m trying to work for option 1 , i ll see how i can create the bypass rule in case option 1 does not work .

Its working now , i created bypass rule for following ports without any destination or source ip address

Ports :-
80
110
143
10000

now it do not take time to download mails .

Smtp take 15 sec more then what it use to be before , but that is workable with regards to blocking of spam .

spam blocker is working kool . its eating up all spam mails for sure .