We have an IronportC160 that cannot send to lasllc.net. When anyone (three different senders). Sends an email to this domai, the log shows lookup an virus scans good, the message is queued for delivery. Three days later the log shows a delivery attempt that is rejected as being too old. Why is it sitting 3days? No other destination has the problem.
please use the hoststatus command on the CLI to check what the problem could be:
CLI: hoststatus lasllc.net
Check if the host shows up or down, and if there are any errors at the end of the output. Also hoststatus gives you the destination IP(s) the IronPort tries to connect to, if they are not reachable for some reason, the appliance will keep attempting to send messages to that domain until delivery expires, in your case 3 days. This is set by your bounceconfig.
Hope that helps,
PS: A uselful command to check connectivity is
Use that to check the IPs given by the hoststatus command.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...