A firewall or other network security monitoring device is generating alerts indicating that Messaging Gateway (SMG) is making DNS queries for what appear to be algorithmically generated domain names (DGA)

Example:

PROTOCOL-DNS domain not found containing random-looking hostname - possible DGA detected
587259de88aad6f03ed8efdc517ef9e.smg.ultra.brightmail.com

Some of SMG DNS blacklist based filtering mechanisms use algorithmically constructed DNS names as part of their normal operation.

This is expected behavior URL Reputation and potentially other reputation features are enabled.

Messaging Gateway should be exempted from DGA based alerting in firewalls or other network security devices.