We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

Why is the Email Security Gateway blocking or whitelisting email messages with the reason of "Client"?

  • Type: Knowledgebase
  • Date changed: 10 months ago
Solution #00001942

This solution applies to all Email Security Gateways, all firmware versions.

When an email is blocked for reason of Client (as displayed on the Basic > Message Log page), it is because the Barracuda has been configured to block that specific IP address. You can check these settings by going to Block/Accept > IP Block/Accept page and looking at all of the IP ranges currently being blocked by the Email Security Gateway. If a netmask of has been entered for any entry, this means the Barracuda will block every possible sender, so use care when specifying the IP ranges.

Likewise, when an email is whitelisted for reason of Client (as displayed on the Basic > Message Log page), it is because the Barracuda has been configured to allow that specific IP address in the same way on the Block/Accept > IP Block/Accept page. If the Email Security Gateway is allowing too many messages for this reason, it is possible that too broad of a netmask has been specified which has resulted in whitelisting some or all incoming emails. Also, if there is another mail transfer agent in front of the Email Security Gateway (like an SMTP proxy server), you may want to make sure that server's IP address has not been accidentally whitelisted.

Additional Notes:
You cannot read any emails blocked for reason of 'Client' because they were blocked at time of SMTP transmission, therefore the email was accepted or written to disk.

If some or all of your incoming mail first travels through an SMTP proxy server, relay server, or mail server before reaching the Email Security Gateway, you should exempt the IP address of that mail server without whitelisting it. On firmware versions and above, the easiest way to do this is to list it as a Trusted Forwarder. For instructions and information about this feature, please see Solution #00003211.

Link to This Page: