Main Menu
  • COMPANY
    • Boundless Cybersecurity
    • Press Releases
    • News
    • Awards
    • Leadership
    • Press Kit
    • Careers
  • PROMOTIONS
    • Customer Loyalty Program
  • MANAGED SERVICES
    • Managed Security Services
    • Security as a Service
    • Professional Services
SonicWall
  • Products
    • Network Security
      • Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
      • Security ServicesComprehensive security for your network security solution
      • Network Security ManagerModern Security Management for today’s security landscape
    • Advanced Threat Protection
      • Capture ATPMulti-engine advanced threat detection
      • Capture Security applianceAdvanced Threat Protection for modern threat landscape
    • Access Security
      • Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
      • Secure Mobile AccessRemote, best-in-class, secure access
      • Wireless Access PointsEasy to manage, fast and secure Wi-FI
      • SwitchesHigh-speed network switching for business connectivity
    • Email Security
      • Email SecurityProtect against today’s advanced email threats
    • Cloud Security
      • Cloud App SecurityVisibility and security for Cloud Apps
      • Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
    • Endpoint Security
      • Capture ClientStop advanced threats and rollback the damage caused by malware
      • Content Filtering ClientControl access to unwanted and unsecure web content
    • Product Widgets
      • Product Menu Right Image
      • Capture Cloud Platform
        Capture Cloud Platform

        A security ecosystem to harness the power of the cloud

    • Button Widgets
      • Products A-Z
        all products A–Z FREE TRIALS
  • Solutions
    • Industries
      • Distributed Enterprises
      • Retail & Hospitality
      • K-12 Education
      • Higher Education
      • State & Local
      • Federal
      • Healthcare
      • Financial Services
      • Carriers
    • Use Cases
      • Secure SD-Branch
      • Zero Trust Security
      • Secure SD-WAN
      • Office 365 Security
      • SaaS Security
      • Secure WiFi
    • Solutions Widgets
      • Solutions Content Widgets
        Federal

        Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions

      • Solutions Image Widgets
  • Partners
    • SonicWall Partners
      • Partners Overview
      • Find a Partner
      • Authorized Distributors
      • Technology Partners
    • Partner Resources
      • Become a Partner
      • SonicWall University
      • Training & Certification
    • Partner Widgets
      • Custom HTML : Partners Content WIdgets
        Partner Portal

        Access to deal registration, MDF, sales and marketing tools, training and more

      • Partners Image Widgets
  • Support
    • Support
      • Support Portal
      • Knowledge Base
      • Technical Documentation
      • Community
      • Video Tutorials
      • Product Life Cycle Tables
      • Partner Enabled Services
      • Contact Support
    • Resources
      • Resource Center
      • Free Trials
      • Blog
      • SonicWall University
      • MySonicWall
    • Capture Labs
      • Capture Labs
      • Security Center
      • Security News
      • PSIRT
      • Application Catalog
    • Support Widget
      • Custom HTML : Support Content WIdgets
        Support Portal

        Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials

      • Support Image Widgets
  • COMPANY
    • Boundless Cybersecurity
    • Press Releases
    • News
    • Awards
    • Leadership
    • Press Kit
    • Careers
  • PROMOTIONS
    • Customer Loyalty Program
  • MANAGED SERVICES
    • Managed Security Services
    • Security as a Service
    • Professional Services
  • Contact Sales
  • English English English en
  • BLOG
  • CONTACT SALES
  • FREE TRIALS
  • English English English en
SonicWall
  • Products
    • Network Security
      • Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
      • Security ServicesComprehensive security for your network security solution
      • Network Security ManagerModern Security Management for today’s security landscape
    • Advanced Threat Protection
      • Capture ATPMulti-engine advanced threat detection
      • Capture Security applianceAdvanced Threat Protection for modern threat landscape
    • Access Security
      • Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
      • Secure Mobile AccessRemote, best-in-class, secure access
      • Wireless Access PointsEasy to manage, fast and secure Wi-FI
      • SwitchesHigh-speed network switching for business connectivity
    • Email Security
      • Email SecurityProtect against today’s advanced email threats
    • Cloud Security
      • Cloud App SecurityVisibility and security for Cloud Apps
      • Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
    • Endpoint Security
      • Capture ClientStop advanced threats and rollback the damage caused by malware
      • Content Filtering ClientControl access to unwanted and unsecure web content
    • Product Widgets
      • Product Menu Right Image
      • Capture Cloud Platform
        Capture Cloud Platform

        A security ecosystem to harness the power of the cloud

    • Button Widgets
      • Products A-Z
        all products A–Z FREE TRIALS
  • Solutions
    • Industries
      • Distributed Enterprises
      • Retail & Hospitality
      • K-12 Education
      • Higher Education
      • State & Local
      • Federal
      • Healthcare
      • Financial Services
      • Carriers
    • Use Cases
      • Secure SD-Branch
      • Zero Trust Security
      • Secure SD-WAN
      • Office 365 Security
      • SaaS Security
      • Secure WiFi
    • Solutions Widgets
      • Solutions Content Widgets
        Federal

        Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions

      • Solutions Image Widgets
  • Partners
    • SonicWall Partners
      • Partners Overview
      • Find a Partner
      • Authorized Distributors
      • Technology Partners
    • Partner Resources
      • Become a Partner
      • SonicWall University
      • Training & Certification
    • Partner Widgets
      • Custom HTML : Partners Content WIdgets
        Partner Portal

        Access to deal registration, MDF, sales and marketing tools, training and more

      • Partners Image Widgets
  • Support
    • Support
      • Support Portal
      • Knowledge Base
      • Technical Documentation
      • Community
      • Video Tutorials
      • Product Life Cycle Tables
      • Partner Enabled Services
      • Contact Support
    • Resources
      • Resource Center
      • Free Trials
      • Blog
      • SonicWall University
      • MySonicWall
    • Capture Labs
      • Capture Labs
      • Security Center
      • Security News
      • PSIRT
      • Application Catalog
    • Support Widget
      • Custom HTML : Support Content WIdgets
        Support Portal

        Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials

      • Support Image Widgets
  • COMPANY
    • Boundless Cybersecurity
    • Press Releases
    • News
    • Awards
    • Leadership
    • Press Kit
    • Careers
  • PROMOTIONS
    • Customer Loyalty Program
  • MANAGED SERVICES
    • Managed Security Services
    • Security as a Service
    • Professional Services
  • Contact Sales
  • Menu

Comprehensive Anti-Spam Services (CASS) Troubleshooting Guide

03/26/2020 64 People found this article helpful 99,571 Views

    Download
    Print
    Share
    • LinkedIn
    • Twitter
    • Facebook
    • Email
    • Copy URL The link has been copied to clipboard

    Description

    This article covers troubleshooting steps for Comprehensive Anti-Spam Services (CASS).

    Resolution

    1. Check the SonicOS firmware customer is running. This will help determine the CASS version.

    2. Check the Anti-Spam | Status page and ensure that the status of SonicWall Anti-Spam Service, SonicWall Junk Store and Destination Mail Server are Operational.

    3.
    If the SonicWall Anti-Spam Service status is not Operational:

    • Check the Anti-Spam licenses and the IP address it is pointing to. If it points to an internal IP then use a public DNS server for the UTM device, so that the anti-spam service can resolve to the correct IP address of the COLO server.
    • Make sure that ISP is not blocking port 25 and 10025.
    • If the issue persists collect a packet capture on destination port 25 and 10025 for at least 5 minutes.

    4. If the SonicWall Junk Store status is not Operational:

    • Try to access http://localhost:10080 on the server where the Junk Store is installed.
    • If the Junk Store is running properly the browser should open http://localhost:10080/index.htmlpage. If it fails this indicates the Tomcat service is not running and further troubleshooting requires to be done. The most common reason could be a port conflict with another application using Tomcat.
    • If the page is accessible then ensure that Windows or any other personal firewall software (eg. TrendMicro) is not blocking port 10080, 10443 and 10025.

    5. If the Destination Mail Server is not Operational:

    • Test whether the mail server is accepting connections on port TCP 25 from the UTM LAN IP address and the Junk Store IP address.

    6. Not able to receive emails and all 3 services of CASS, viz., SonicWall Anti-Spam Service, SonicWall Junk Store and Destination Mail Server, are Operational:

    • Ensure that Disable SYN Flood Protection for Anti-Spam-related connections is checked in the diag page.
    • If using MS Exchange Server then the option Anonymous User should be checked in the Exchange Server.
    • If the issue persists collect MlfAsgSMTP logs in Log Level 2 under Anti-Spam > Advanced page.

    7. Check to see if Junk Summary is configured under the Anti-Spam | Junk Summary page. Junk Summary is important if the admin wants the users to be able to un-junk or delete their own emails from CASS Junk Box. Junk Summary is an email sent to users notifying them about the emails detected by CASS as junk. By clicking on the Junk Summary links, users can manage their Junk Box. If the Junk Summary is not being received by the users, then collect the commonlogs:junknotification logs in log level 2 for that date from the Anti-Spam | Advance page.

    8. CASS 2.0 supports user based (per user) Allowed/Blocked list only if LDAP is configured under the Anti-Spam | LDAP Configuration page. Admin can use Corporate Allowed/Blocked list irrespective of LDAP if they are running CASS 2.0. This helps in addressing effectiveness issues like spam coming in or good emails being judged as spam. If allowed/blocked list is not enough to address the issues related to effectiveness then collect mail samples in .msg or .eml format, so that the same can be submitted to our Back-end Effectiveness Team for analysis.

    9. Logs under the Anti-Spam | Advance page are useful for troubleshooting CASS related issues. Listed below are some logs that are useful in troubleshooting CASS related issues:

    • Users not able to un-junk - commonlogs:webui (based on date)
    • Not receiving junk summary - commonlogs:junknotifications (based on date)
    • All emails processed by junk store - mfe:hostname (hourly logs)

    10. The following should be kept in mind when troubleshooting CASS related issues:

    • CASS works only for SMTP traffic on port 25. Custom ports are not supported.
    • CASS won't work if the customer is using a hosted mail server on the WAN side of the SonicWall and uses POP to receive emails.
    • The SonicWall should be running in NAT mode.
    • CASS is NOT supported when the SonicWall is running in Layer 2 Bridged Mode or Transparent Mode.

    Related Articles

    • SSL Control and DPI-SSL Compatibility
    • FIPS Mode: Radius protected with IPSEC VPN
    • Maximum DHCP Leases

    Categories

    • Firewalls > TZ Series
    • Firewalls > SonicWall SuperMassive E10000 Series
    • Firewalls > SonicWall SuperMassive 9000 Series
    • Firewalls > SonicWall NSA Series

    Not Finding Your Answers?

    ASK THE COMMUNITY

    Was This Article Helpful?

    YESNO

    Article Helpful Form

    Article Not Helpful Form

    Company
    • Careers
    • News
    • Leadership
    • Awards
    • Press Kit
    • Contact Us
    Popular resources
    • Communities
    • Blog
    • SonicWall Capture Labs

    Stay In Touch

    • By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. You can unsubscribe at any time from the Preference Center.
    • This field is for validation purposes and should be left unchanged.
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
    • Instagram

    © 2022 SonicWall. All Rights Reserved.

    • Legal
    • Privacy
    • English
    Scroll to top
    Trace:957d8e7b1ca3887eccd6a78a7ba67e6e-76