05-20-2009 03:27 AM - edited 03-11-2019 08:34 AM
Inbound emails are down. Outbound works.
the ASA 5510 shows this in the log.
Deny tcp src outside:209.252.33.110/38723 dst inside:63.243.80.11/25 by access-group "inside_access_out" [0x0, 0x0]
One minute everything was ok then it stopped working.
In the inside interface(incoming rules), i have a rule that states (source) email server name (destination) any (service) smtp (action) permit.
In the outside interface(incoming rule), i have a rule that states.. (source) any (destination) public ip of email server (service) smtp (action) permit.
Any ideas?
thanks
05-20-2009 04:38 AM
From the mail server/appliance can you telnet to a destination server on port 25? Is DNS working ok on the server
05-20-2009 04:39 AM
From the mail server/appliance can you telnet to a destination server on port 25? Is DNS working ok on the server/mail appliance
05-20-2009 04:44 AM
Here's an update. On the outside interface incoming rules...i changed the service from SMTP to ANY and emails started flowing in.
But it has always worked the the way. Why would it stop working now?
05-20-2009 08:48 AM
There is nearly always a cause for these problems.
Have you checked around the time this issue occurred for anything strange in the ASA syslog events?
Was the IOS upgraded?
Did someone add/remove a command?
Did you check 'show service-policy' and see if 'inspect esmtp' drops was incrementing?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: