This article applies to:

• MailMarshal (SEG)

Question:

How do I troubleshoot SEG/MailMarshal?

Procedure:

There are a number of problems that could arise with email systems, which can interfere with the proper operation of MailMarshal. Often MailMarshal is not the cause of an issue, but rather it is just reflecting an external or internal mail or network problem. There are several places to look to help resolve problems with MailMarshal and your mail system.

This article is a simple starter pack for troubleshooting.

Check the MailMarshal Services

Check to see if the MailMarshal services are running in Admin Tools | Services, or the Configurator/Console. If necessary restart the services.

MailMarshal Console

Check the MailMarshal Console to see if mail is being processed. Check the Message History window to see if mail is being sent, and any errors that the sender has encountered in trying to send mail. Many "Failed to connect" or "Unable to resolve domain" messages indicate a downstream SMTP or DNS problem.

Windows Event Viewer

Check the Windows Event Viewer application log, especially if there are difficulties with starting any of the MailMarshal services, or there are pop up error messages. Often the Event Viewer logs will point to the nature of the problem. Event history is available in the SEG Console.

MailMarshal Working Directories

Check the MailMarshal sub-directories to see where mail is being caught up. In terms of mail flow, the MailMarshal receiver receives mail (both inbound and outbound) and places it in the Incoming directory. The engine then pulls mail out of the Incoming directory, unpacks it, checks it using the rules, and if it passes, places the mail in the ProcessedOK directory. The sender takes mail from the ProcessedOK directory and places it in the Sending directory for sending to its destination. Mail backed up in the Incoming directory indicates a problem with the engine service, either a stopped Engine or incorrectly configured rules. Mail backed up in the Sending directory points to a problem with the Sender service.

MailMarshal Log Files

Check the service log files. Often a good way to help resolve problems is to examine the Log files in the \Logging subfolder. Each MailMarshal service, including Engine, Receiver, and Sender (and others), creates its own log file for each day. Routine processing and problems encountered are all recorded in the log files. Look towards the end of each log file for the most recent logging information. In current versions, logging for each quarantined message is available when viewing the message in the Console.

Running MailMarshal in Debug Mode

The MailMarshal services can also be run in debug mode from a command prompt. This enables the user to immediately see the results of the system logging, and is especially useful for resolving problems and testing new rules. It is also useful when troubleshooting why a service fails to start - often you can see why by running the service in debug mode. Stop the MailMarshal system services. From a command prompt in the MailMarshal directory enter:

For example you can test the passage of certain mail messages by running the receiver and engine services in debug mode. Use a mail client such as Outlook Express to send mail and monitor its progress through the receiver and engine.

Contact Technical Support

If you are reading this article you are aware of the Knowledge Base. Search for specific keywords found in the logs or error messages. For non-urgent items you can try posting a question in the Customer Forum.

And of course, after all this if you are still puzzled as to what the problem may be, you can contact your LevelBlue Technical Support contact (either a reseller, or a direct contact, depending on your region). It helps to include as much information as possible.

The best way to gather information is to use the Support Tool. For more information about the Support Tool, see article Q10267.

This article was previously published as:

NETIQKB29048

Marshal KB51