Page 1 of 2 12 LastLast
Results 1 to 10 of 14
  1. #1
    Untangler j.razz1's Avatar
    Join Date
    Mar 2011
    Posts
    39

    Default Exchange 2003 Connectivity & Outgoing Attachments

    Hi all. This is my first post here. I have searched both here and google attempting to find an answer to issue.
    ========================

    Setup:
    I just installed the Lite version last week as a test box. I took an older p4 machine and added 2 gigs to it as well as an 80 gig HDD. I also added an additional NIC to allow for internal and external connectivity.

    I then configured it using the wizard and placed it between my Pix 501 and my internal switch. Our mail is hosted externally and pulled in via pop3 and sent out via smtp using the assigned ports. Everyone in this particular office uses either Outlook 2003 or 2010. Outlook Exchange 2003 is set up internally on one of our servers.

    Our LAN is Cat6 and the NIC cards in the Untangled box are both 10/100 Full duplex cards running at 100 full duplex.

    Our internet speed is 6 megs up and down utilizing FTTH technology.
    ========================

    Issue:
    I am having connectivity issues now sending emails. They are timing out while trying to send them. I am noticing that the ones that seem to be causing issues are ones with attachments. Some are getting stuck in the outbox. I can send them via webmail but the uploads seem throttled (even downloads seem throttled).

    We were also experiencing timeouts when trying to reach websites in the afternoons but only some of us were experiencing this. I found out that Attack Blocker was limiting traffic (at least I think that is what it was doing). I assumed it blocked attacks from the outside but apparently it blocks/limits users on the LAN that utilize the network more than others. I turned that function off (power button on the Attack Blocker). Once I turned off Attack Blocker the timeouts stopped when visiting websites but the email issues remained.
    ========================

    Questions:
    -Are there any other modules that I should be adjusting to ensure that email is not throttled or attachments blocked from being sent out?

    -Under the Spam filter I noticed I can adjust the size of the messages allowed- is the size in bytes? I see that it says it allows the attachments to pass through even though they are over the size limit. What does this mean and how can I adjust it to allow for up to 10megs?

    -How do you all use the Attack Blocker? And, how do you use it dealing with email attachments as it seems that large attachments would count towards you being limited?

    -Any tips for someone looking to implement untangled across 8 offices (besides getting a better machine to run it on) to ensure newbie issues don't spring up?
    ========================

    Disclaimer:
    Again, I am new to this platform and I am unfamiliar with Linux.

  2. #2
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,491

    Default

    We need more details on the hardware you used, how many workstations are behind it. The hardware detail I really want? Make and model of the NICs.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  3. #3
    Untangler j.razz1's Avatar
    Join Date
    Mar 2011
    Posts
    39

    Default

    The hardware is a hp desktop machine from several years back (pentium 4)- it is an hp compaq desktop dc5000 model. As for the NIC cards, I am using the one built in to the HP MOBO and another one that was pulled from a Windows 98 machine (PCI). I can get you the model of the PC and the PCI NIC card tomorrow once I get back to the office unless there is a place that untangle can tell me the NIC information remotely.

    There are ~20 PC's on the LAN and 12 of those use a secure VPN connection to remote into another network (and I forgot to mention/clarify, but those 12 do not use Outlook- they use web based Groupwise and have reported no issues). We have an HP Proliant server that functions as our DC, DHCP, Mail and File server.

    Thanks for being willing to help.

  4. #4
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,491

    Default

    20 users is enough to flatline a single core p4 if you don't have good interfaces. It sounds like you've got a realtek or something similar borking things up.

    To make matters worse, the spam module + av module can really work over a CPU. Then you start seeing timeouts while downloading files and such.

    Untangle needs some hardware. For your network I wouldn't use anything less than a dual core with 1gb of ram and good interfaces. Untangle doesn't take much... but if you don't give it enough it can really slow things down.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  5. #5
    Untangler j.razz1's Avatar
    Join Date
    Mar 2011
    Posts
    39

    Default

    Thanks for the quick response. I am using 2 gigs of RAM but a dual core machine or greater will resolve the issues I am seeing?

    I just don't want to invest in a machine for untangle if it won't play nice with our current network.

    Would the Spam module cause the issue (a setting)? Or, is your point that the AV and Spam modules are pulling too many resources and causing a bottleneck? If that is the case I should be able to turn off both of them and run it for a day and not have those issues if that is the culprit. I just don't want to chalk it up to a bottleneck issue if there is some setting I am missing somewhere.

    Do you (or anyone else for that matter) have suggestions on my other questions?

    Thanks again for your time and willlingness to help me out on learning this.

  6. #6
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,491

    Default

    I'd need more solid details on your hardware specifically. But, the issues you're describing are a classic case of overload. The first bit to resolve is good network interfaces.

    When I say good, I mean Intel. There are a few others that work well as well, like broadcom, or 3com. Most desktop grade equipment comes with a realtek, via, or some other generic software based network interface. These devices simply cannot keep up with the throughput demands of a network.

    I suggest a dual core machine yes. Honestly, what you have can be repaired and made to work. The question is, do you want to put in the time to learn how to configure the bypass rules and tweak the daylights out of the system to make it run well? If not, better hardware is required.

    You can built it yourself, take a look at the untangle wiki for information, compare against the hardware requirements of Debian Linux. Or, you can work with one of Untangle's many resellers and have them build you a unit to fit your needs. Untangle themselves also have a limited hardware selection to choose from.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  7. #7
    Newbie
    Join Date
    Mar 2011
    Posts
    1

    Default

    I was just browsing for related forum posts for my project research and I happened to discover yours. Thanks for the excellent information!

  8. #8
    Untangle Ninja dwasserman's Avatar
    Join Date
    Jun 2008
    Location
    Argentina
    Posts
    4,371

    Default

    You can create a rule to bypass smtp outbound from your internal mail server, then anti spam and anti virus not scan this traffic. Lees resources neede in untangle box.
    In the other hand my advice is re-enable attack blocker and look inside the logs. Any workstation with a score over 100 is suspicius to have some malware propagating waste traffic.
    The world is divided into 10 kinds of people, who know binary and those not

  9. #9
    Untangler j.razz1's Avatar
    Join Date
    Mar 2011
    Posts
    39

    Default

    Thanks for the tip on the rule to bypass smtp. Do you have some pointers on how to do that (or where to do that at)?

    We had nothing in our Attack Blocker that was over 100, it just seemed like it was limiting those that used the internet more (myself and others that were emailing large attachments).

    I have turned off Spam blocker (we used Barracuda and the Spam filter has caught nothing to date so no big deal there) and I have turned off the Virus Blocker (nothing to date and we use Trend Micro). We will see if there are any issues with emails today. Thanks Again.

  10. #10
    Untangler j.razz1's Avatar
    Join Date
    Mar 2011
    Posts
    39

    Default

    Just as a follow up, I turned off the Spam Blocker and the Virus Blocker yesterday AM. We had no lag and no reports of messages getting stuck or timing out.

    Thanks for the suggestion and heads up. It would seem that Untangle needs to update their system requirements for the 1-50 PC range as the system I set up fits the bill and I only have 20 in the office I installed it in (or at least clarify that an intel based NIC is suggested).

    Thanks again. I have found another thread on here that linked to this network card: I think I will purchase it and give it a go: http://www.newegg.com/Product/Produc...ore-_-33180026

Page 1 of 2 12 LastLast

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2