Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2752
Views
0
Helpful
5
Replies

CRES email delay

Go to solution
KFrank
Level 1
Level 1

‎03-12-2014 05:43 AM

Is anyone else having an issue with encrypted email responses? An example is you send a CRES email to a user. They get the email in the normal amounnt of time but when they open the email and respond it takes a abnormal amount of time to receive the response? I did a test this morning sending an email to myself and I still haven't received the response. It's been over an hour.

There also seems to be something messed up with a listener that was created. This listener would prevent response to encrypted emails from being put back in aCRES envelope. This was great because wouldn't have to go through the login process to read responses to encrypted emails you've sent. This is no longer working.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Robert Sherwin
Cisco Employee
Cisco Employee
In response to KFrank

‎03-14-2014 10:08 AM

I worked direct w/ Kevin on this.  The stem of the issue was a recently updated certificate.  The cert had out-of-order intermediate certificate in use... and with CRES communicating over TLS - CRES was seeing this out-of-order and not properly communicating back once the reply was created and sent -- thus causing the delay in replies, and also the inabilty to do clean TLS communication back.

Corrective action taken - review of the certificate in use, and then editing and updating of the associated intermediate certificates associated to the master certificate in use.

Testing after the update shows CRES communicated cleanly to the domain with TLS... and the send/reply happen in timely fashion as expected.

-Robert

Cheers,
Robert Sherwin

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Robert Sherwin
Cisco Employee
Cisco Employee

‎03-12-2014 08:32 AM

How are you sending/replying -- is this from Outlook -- or are you logging in and doing the creation/reply directly from the CRES interface (https://res.cisco.com)?

-Robert

Cheers,
Robert Sherwin
0 Helpful

Go to solution
KFrank
Level 1
Level 1
In response to Robert Sherwin

‎03-12-2014 09:15 AM

I sent and encrypted email to a gmail address. Then opened it and responed. The response took over an hour to show up back in Outlook.

0 Helpful

Go to solution
Robert Sherwin
Cisco Employee
Cisco Employee
In response to KFrank

‎03-12-2014 09:49 AM

I have tried both methods, using my @cisco.com to @gmail.com addreses:

  • directly with only creating and replying via https://res.cisco.com --- no issues, no delays.
  • directly with creating and replying in Outlook with the Outlook Plug-in --- no issues, no delays.

With the reply that took over an hour to show back up --- what are the full header hops showing between the res.cisco.com servers back to your end (Exchange?)

Cheers,
Robert Sherwin
0 Helpful

Go to solution
KFrank
Level 1
Level 1
In response to Robert Sherwin

‎03-12-2014 10:59 AM

Here is the traffic from the last one.

Received: from mta3.cfi.org (192.168.18.53) by
  with Microsoft SMTP Server id 14.3.174.1; Wed, 12 Mar 2014
 09:05:42 -0400
X-IronPort-AV: E=Sophos;i="4.97,638,1389762000"; 
   d="html'217?scan'217,208,217";a="5105197"
Received: from esa2.cres.iphmx.com (HELO mx6.res.cisco.com) ([68.232.140.57])
  by mta3.cfi.org with ESMTP/TLS/AES256-SHA; 12 Mar 2014 09:05:40 -0400
Received: from mxnat3.res.cisco.com ([184.94.241.96])  by mx6.res.cisco.com
 with ESMTP/TLS/RC4-MD5; 12 Mar 2014 05:43:01 -0700
Return-Path: <@gmail.com>
Received: from localhost ([127.0.0.1])          by mxnat3.res.cisco.com (PostX
 Enterprise 4.1.5 SMTP Adaptor) with SMTP ID 912          for
 <@cfi.org>;          Wed, 12 Mar 2014 05:05:35 -0700 (PDT)
Received: from mxnat3.res.cisco.com ([184.94.241.96])  by mx5.res.cisco.com
 with ESMTP/TLS/RC4-MD5; 12 Mar 2014 04:50:00 -0700
Received: from esa1.cres.iphmx.com ([68.232.140.79])          by
 mxnat3.res.cisco.com (PostX Enterprise 4.1.5 SMTP Adaptor) with SMTP ID 94
          for <@cfi.org>;          Wed, 12 Mar 2014 05:05:35 -0700
 (PDT)
Date: Wed, 12 Mar 2014 05:05:35 -0700
From: "@gmail.com" <@gmail.com>
To: <@cfi.org>
Message-ID: <|1__f86ec0f600000144b665f7040a089e887bee1003@prod-cres-app2.sv4.ironport.com>
Subject: RE: Test2 Confidential
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----Part-0-488201446-1394629539808"

 

0 Helpful

Go to solution
Robert Sherwin
Cisco Employee
Cisco Employee
In response to KFrank

‎03-14-2014 10:08 AM

I worked direct w/ Kevin on this.  The stem of the issue was a recently updated certificate.  The cert had out-of-order intermediate certificate in use... and with CRES communicating over TLS - CRES was seeing this out-of-order and not properly communicating back once the reply was created and sent -- thus causing the delay in replies, and also the inabilty to do clean TLS communication back.

Corrective action taken - review of the certificate in use, and then editing and updating of the associated intermediate certificates associated to the master certificate in use.

Testing after the update shows CRES communicated cleanly to the domain with TLS... and the send/reply happen in timely fashion as expected.

-Robert

Cheers,
Robert Sherwin
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents