We've got a C350 installed at an ISP customer and recently, they've started to experience some major mail receiving problems with a specific domain(one of their major partners). Connections are lost and some even get the 501 5.5.4 Invalid Address Error.
The Partner is using MS Exchange and using a WiMax connection to the ISP. Exchange is sending mail directly and the mail is going through a PIX for Wimax customers and then going through ISP PIX before entering the C350. SMTP Fixup turned off on both PIX.
See below, most of the time, the connection is initiated but after 20-50 minutes, the connection is lost. I've configured the timeout to 1 hour on IronPort:
22 Jun 2008 12:08:32 (GMT +0400) Message 1644287 on incoming connection (ICID 10308995) added recipient (email@example.com) 22 Jun 2008 12:50:59 (GMT +0400) Incoming connection (ICID 10308995) lost. 22 Jun 2008 12:50:59 (GMT +0400) Message 1644287 aborted: Receiving aborted
-------------------- Second Issue: 501 5.5.4 Invalid Address, when mails are sent from the partner to ISP client.
Can you please help me on this? Is there a timeout settings on the PIX which could be causing this problem? Note that the partner can send mails to anywhere else and no problem. Same for the ISP.
I told the client to disable smtp fixup on the PIX. So, now both are disabled, but problem is still here. What is amazing is that it happens only intermittently when sending some large files. All the test mails we sent, was received without problem. I was perhaps thinking that there might be a DPI or smtp timeout setting on the PIX. Any ideas?
Hi there, best thing you can do is to create a Injectiond Debug Log, and specify the IP address of the remote sender, once you commit your changes tail this log in the CLI and you will see the full SMTP conversation. Alternatively if you are running 6.1 there is a new log type called SMTP Conversation which will do the same thing. These logs will help you diagnose the issue a little better :lol:
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...