01-21-2009 06:27 PM
Hi Everyone
Wondered if anyone had seen behaviour like this before. 2 appliances in a centralised management deployment.
one listener only on each box with each listner having a relay hat policy and a default incoming policy. We are seeing outbound connections hit ironport 1 from exchange and are seeing instances of this error
Info: ICID xx Receiving failed: Too many messages.
At the same time it looks like messages are reported in the incoming report view (as opposed to outgoing) and also reported as being stopped by reputation filtering??? Under the incoming mail view the sender can be seen to be the IP address of the exchange.
The exchange box is definately specified in the relay hat group and it has an associated "relay" mail flow policy where obviously no SBRS checking is taking place.
Any ideas on what could be causing them to be reported as incoming?
Thanks
01-22-2009 06:34 AM
Hello David,
Since you have mentioned that exchange IP is listed in the RELAYLIST of the IronPort, the other issue I could think of is related to the order of SENDER GROUPS. Please verify if your RELAY sender group is listed at the top of the order. If f you can please post a snippet of the mail logs
-Kishore
01-22-2009 07:59 AM
thanks kishore.
relay hat is very top of the list so it really should be catching that.
i'll try and post some of the mail_log later. i cant see why we get the too many messages error either as there is no throttling / specified limits on hats
01-22-2009 10:44 PM
We've just implemented an Ironport solution and had *exactly* the same problem.
With the assistance of an Ironport engineer, we've moved to using two interfaces per device on different subnets (one inbound, one outbound) and the problems have instantly gone away.
TBH I think the Ironports simply don't work with a single IP as the incoming and outgoing interface. If you really can only have one interface enabled then apply two IPs on the same subnet to it and use one for inbound and one for outbound. This will resolve your problem. If you do this, ensure that your outgoing IP is the lowest address of the two in the subnet. For some reason, the outgoing listener always uses the lower IP ...
HTH :-)
01-24-2009 12:03 AM
If you do this, ensure that your outgoing IP is the lowest address of the two in the subnet. For some reason, the outgoing listener always uses the lower IP ...
01-24-2009 01:23 PM
TBH I think the Ironports simply don't work with a single IP as the incoming and outgoing interface. If you really can only have one interface enabled then apply two IPs on the same subnet to it and use one for inbound and one for outbound. This will resolve your problem. If you do this, ensure that your outgoing IP is the lowest address of the two in the subnet. For some reason, the outgoing listener always uses the lower IP ...
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide