This article applies to:

• MailMarshal (SEG) Spam Quarantine Management website
• MailMarshal ECM/MailMarshal Exchange 7.X Quarantine Management website
• Using Windows Authentication (NTLM)

Symptoms:

• The Spam Quarantine Management site can be slow to load or might even time out.  
• The symptoms can be intermittent.

Causes:

When using NTLM authentication with the SQM website, the Array Manager must interrogate a domain controller to verify that the user credentials being submitted are valid. The Array Manager uses DNS to determine which domain controller to communicate with. This is done with the use of DNS SRV records. The SRV record is used to map the name of a service (in this case, the LDAP service) to the DNS computer name of a server that offers that service.

You could encounter issues if the returned domain controller is:

• Not local to the Array Manager server and has poor connectivity
• Not accessible to the Array Manager - For example: blocked by a firewall
• No longer available – For example: it has been decommissioned

The Array Manager log could contain entries similar to the example below.

<LDAP://domain:389/CN=Administrator,CN=Users,DC=local,DC=test> returned 0x8007203a after 45953ms

Resolution:

To resolve this problem, consider the following points:

• Ensure that the DNS records reflect the current environment.
• Check on all DNS servers that the SRV records are created in the following location:
  
  Forward Lookups -> <Domain> -> _tcp -> _ldap
  
  
• Ensure that any domain controller that cannot be reached from the Array Manager, or no longer exists, is removed from the DNS entry (or has reduced priority).
• Change the priority of the SRV records in DNS to ensure that the local domain controller for the Array Manager has the highest priority.

You could also choose to use the email address and password authentication mechanism for the SQM/QM websites. However changing mechanisms on a production system is complex.