cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
564
Views
0
Helpful
1
Replies

ASA 5510 + CSC smtp relay denied

mike
Level 1
Level 1

Hi,

We have an ASA 5510 in a working setup with an inside, outside an dmz. Lately we installed a CSC module and we redirect the smtp traffic through the module to do spam and virus filtering. Whenever we try to send mail we get a relay access denied from the ASA to the local exchange server. The exchange server is supposed to deliver the mail through the ASA to a second mailserver in another subnet (I.E. from inside to dmz). When I remove the csc-class from the global policy the mail is accepted fine. I even disabeled all the SMTP scanning options through the management interface, but it keeps saying "relay access denied" and no entries appear in the CSC log.

Any ideas?

Thanks,

Mike

1 Reply 1

I've always had the CSC do inspection on the outside. You specify your email domain so it knows which email addresses are local and gives it a concept of incoming vs. outgoing email. If you then have it inspecting traffic between two servers inside that domain (you say between inside and dmz?) then maybe it's getting confused?

I would try doing the csc inspect on the outside interface.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: