Author Topic: Incorrect SPF failures on all domains  (Read 433 times)

Offline Ossie44

  • Comodo Member
  • **
  • Posts: 30
Re: Incorrect SPF failures on all domains
« Reply #15 on: June 26, 2018, 10:10:03 PM »
and the latest in this saga is we now have some customers telling us they can't login to the spam gateway to check the quarantine queue etc.  We can however login as the administrator. 

The error being displayed from Comodo is as follows:

"Error 500.  CASG has encountered an unexpected error.  Wrong parameter: domain:domain_management:incoming_dq:retry: This error has been logged and our technicians will endeavour to correct this issue at the earliest opportunity"

I suspect all of this is related....  anyone else experiencing these problems with Comodo's EU servers??

Offline Willard-UK

  • Comodo Member
  • **
  • Posts: 42
Re: Incorrect SPF failures on all domains
« Reply #16 on: June 27, 2018, 04:50:05 AM »
At this time I and clients using casg EU servers have a normal service both login as admin or user works and mail not rejected.

I know it's a bit late but I have clients with both casg and direct smtp inbound and use the firewall to route the requests inbound from ip address ranges to different ports so I can select which checks are done depending on where the email is coming from.

Offline Ossie44

  • Comodo Member
  • **
  • Posts: 30
Re: Incorrect SPF failures on all domains
« Reply #17 on: June 27, 2018, 08:08:21 PM »
Comodo support have finally confirmed they did make changes on Tuesday which caused all these issues for us.  They tried to initially blame this on our SPF configuration, but that is irrelevant as the primary issue is they added another set of servers and IP addresses on Tuesday without informing their customers. 

As a result anyone who had firewall or other rules filtering incoming emails based on Comodo's EU address range will be impacted until they add 104.227.248.192/28 to that range.  We had previously been told by Comodo that only 144.168.192.64/27 was required for EU.  They have also informed us they have since now updated their SPF record with this new range (unconfirmed by us).

The second issue we raised is we also could not access the user administration functions in the spam gateway since the above changes occurred, and none of our customers can login to check their quarantine queues etc.  This issue is still on going.  The following is their feedback but that does not resolve the issue for us:


After the latest changes, the users are automatically redirected from https://antispamgateway.comodo.com to https://antispamgateway2.comodo.com domain just after the login page. However, the problem could be related to the version of the browser that is being used or related to browser's cache. Please try the steps below:
1) Clear cash, cookies and auto-password for this server. After this, close the browser, wait for a short while (example: 1 minute), open the browser and try to Log In
2) If the 1'st action is not working, repeat 1'st step and update browser to latest version and try to Log In
3) If the 1'st and 2'nd actions fail, try to Log In directly on https://antispamgateway2.comodo.com/admin or https://antispamgateway2.comodo.com/user depending on the account type

Offline Willard-UK

  • Comodo Member
  • **
  • Posts: 42
Re: Incorrect SPF failures on all domains
« Reply #18 on: June 28, 2018, 02:22:51 AM »
Will Comodo please update us with the correct firewall rules and SPF text ASAP.  Can't believe you make a change like this without telling us first and this is not the first time this has happened.

Offline Ossie44

  • Comodo Member
  • **
  • Posts: 30
Re: Incorrect SPF failures on all domains
« Reply #19 on: June 29, 2018, 08:51:35 PM »
Day 5 and we still have numerous problems with Comodo ASG that their developers don't seem to be able to solve which were caused by these unannounced and poorly tested changes:

1 - No end users can login to manager their quarantine, queues and Admins cannot manage Admins. Error being displayed is as follows.  Only advice we have received is to clear browser cache etc etc., despite us telling them several times that this occurs on any browser with any PC, even on PC's that have never used their website before.  Sounds like they have no idea how to test in the real world:

Jun 30, 2018 12:42:43 AM CASG has encountered an unexpected error: java.lang.IllegalArgumentException: Wrong parameter: domain:domain_management:incoming_dq:retry java.lang.IllegalArgumentException: Wrong parameter: domain:domain_management:incoming_dq:retry. This error has been logged and our technicians will endeavour to correct this issue at the earliest opportunity


2 - Some emails with embedded attachments are coming through into Outlook as useless winmail.dat attachments.  This usually means the encoding of the email has been screwed up somewhere.  When we stop using Comodo ASG the problem goes away. 


Needless to say we have had enough of this and have started migrating customers to MailGuard.  This is the 3rd time in as many years that we have experienced significant problems such as this with Comodo's ASG service and it has damaged our reputation. 

Offline Willard-UK

  • Comodo Member
  • **
  • Posts: 42
Re: Incorrect SPF failures on all domains
« Reply #20 on: July 04, 2018, 01:16:54 PM »
Has this been resolved?

Offline Ossie44

  • Comodo Member
  • **
  • Posts: 30
Re: Incorrect SPF failures on all domains
« Reply #21 on: July 04, 2018, 08:22:54 PM »
Not fully, we are still waiting for them to resolve the issue with the winmail.dat.

Don't really care now as we're moving most customers to another provider over the next couple of weeks. 

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek