|Applies To||RSA Product Set: RSA DLP|
RSA Product/Service Type: Interceptor
RSA Version/Condition: 9.6 SP2
|Issue||Emails get queued which causes a delay for the email release-period on the Interceptor. |
This issue occurs when TLS is enabled between the RSA DLP Interceptor & correspondent MTA.
It doesn't affect the functionality of how interceptor works as much as it introduces a tangible delay while an email is traversing through the Interceptor.
|Cause||TLS timeouts after the secure-connection handshake is done between RSA DLP Interceptor & correspondent MTA.|
Error related to the issue can be observed inside messages.log file located under path:
ERROR NW_903 xxxxxxxxxx QueueMonitor MTAMonitorError for MTA: xxxxxxxxxx , [Errno -5] No address associated with hostname
These connection timeouts will lead the incoming emails on the interceptor to be queued in the /var/spool/mqueue-out buffer as per below logs relevant to an attempt of
an email going to external domain which has been analyzed by Interceptor and then queued:
Apr 1 15:19:39 xxxxxxx : u31KJdLt024342: to=<xxxxxxx @yahoo.com>, delay=00:00:00, mailer=relay, pri=44232, stat=queued
|Resolution||Make sure that the MTA hostname is resolvable and their DNS records are updated on DNS server. |
Make sure that the MTA is reachable and there is no inter-mediate connectivity problem between both RSA DLP Interceptor & MTA.
|Workaround||There are no modifications that can be done to override the TLS timeouts, however in order to avoid getting your emails queued and buffered for a long period of time they|
can get flushed-out more rapidly in less than 10 minutes from the /var/spool/mqueue-out buffer instead of waiting for it be released for an hour or more.
The steps for doing such workaround are as follows: