Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

'500', ['Firewall Error'] message

Hi, can someone help me with this issue?

When I sent message through Ironport, email is delivered to recipient without any problem. But when I sent the same message again (eg. after 2 sec,) the Ironport responed with this error: Reason: 5.1.0 - Unknown address error ('500', ['Firewall Error']). This happend for all destination, not for specific domain. Here is part of the log:

Correct:

09 Jul 2009 08:11:20 (GMT +0200) Message 131644 queued for delivery.
09 Jul 2009 08:11:23 (GMT +0200) SMTP delivery connection (DCID 88408) opened from IronPort interface 172.16.x.x to IP address 90.183.x.x on port 25.
09 Jul 2009 08:11:23 (GMT +0200) (DCID 88408) Delivery started for message 131644 to name@domain.tld
09 Jul 2009 08:11:25 (GMT +0200) (DCID 88408) Delivery details: Message 131644 sent to name@domain.tld
09 Jul 2009 08:11:25 (GMT +0200) Message 131644 to name@domain.tld received remote SMTP response '2.6.0 message accepted'.


Error:
09 Jul 2009 08:11:22 (GMT +0200) Message 131645 queued for delivery.
09 Jul 2009 08:11:23 (GMT +0200) SMTP delivery connection (DCID 88408) opened from IronPort interface 172.16.x.x to IP address 90.183.x.x on port 25.
09 Jul 2009 08:11:25 (GMT +0200) (DCID 88408) Delivery started for message 131645 to name@domain.tld
09 Jul 2009 08:11:25 (GMT +0200) (DCID 88408) Message 131645 to name@domain.tld bounced by destination server. Reason: 5.1.0 - Unknown address error ('500', ['Firewall Error'])
09 Jul 2009 08:11:25 (GMT +0200) Start message 131646 on incoming connection (ICID 0).
09 Jul 2009 08:11:25 (GMT +0200) A new message 131646 was generated to handle bounce of message 131645.
09 Jul 2009 08:11:25 (GMT +0200) Message 131646 enqueued on incoming connection (ICID 0) from .


Any ideas where could be a problem?

Thanks

3 REPLIES
New Member

Re: '500', ['Firewall Error'] message

Since it is the DCID (delivery connection ID) stage of the email, this means the IronPort system is trying to hand the message off to the next hop, which is whatever the MX records for the destination domain is. I am leaning towards something the destination domain or IP address that is causing the 510 smtp error.

You may need to enable the domain debug log for the destination/recipient domain to gather more detailed info. Once it's enabled, try re-sending the test until the error occurs again. Once it occurs again, examine the domain debug log that you created. The good thing about the domain debug log, is that it only records for that particular domain and not all your outbound traffic.

How do I analyze mail delivery to a domain?

http://tinyurl.com/c6uw6w

New Member

Re: '500', ['Firewall Error'] message

After using tcpdump, we observed that Internet gateway respond with this error message:

Unsupported SMTP parameter (Data Size (> 20000000)) from initiator (172.16.x.x:12628)


but we sent 2 emails, each email 12kB. After setting the limit size to 4GB, it looks everything works fine. Any suggestions why (probably) Ironport sent messages with incorrect smtp paramter value?

New Member

Re: '500', ['Firewall Error'] message

What does the tcpdump show with respect to what the Ironport system is transmitting to the destination?

1280
Views
0
Helpful
3
Replies
CreatePlease login to create content