Cisco Support
English
Feedback Help
Cisco Support Community
Register
cancel
turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
diabetesvic
diabetesvic
Community Member
‎04-22-2012 11:47 PM
‎04-22-2012 11:47 PM

Email being dropped by CASE for one user but not others

Hi All,

I seem to be having a problem with our IronPort device. I have an email that comes from a external media site that gets sent to 4 email address which are all within about 15 minutes of each other. Now (seems to be random) some users will have the email dropped due to CASE and other will recieve the exact same email message. This happens to different uses ( so one day the user will get the email but the next day they don't)

I can't seem to see what they problem would be, does anyone have any suggestions on how to fix this?

Thanks

Labels:
1 person had this problem
0 Helpful
Reply
3 REPLIES
Doug Maxfield
Doug Maxfield
Community Member
‎04-24-2012 10:38 AM
‎04-24-2012 10:38 AM

Email being dropped by CASE for one user but not others

Have you checked your mail logs to see if maybe the sender is "round-robining" the mail through multiple server and only 1 server is causing the problem?  We have seen this before with a couple of senders.

Doug

0 Helpful
Reply
diabetesvic
diabetesvic
Community Member
‎04-25-2012 09:22 PM
‎04-25-2012 09:22 PM

Email being dropped by CASE for one user but not others

Hi Doug,

Yes i've checked this and they are all coming from the same address, looking back over the logs i can see that this only started happening at the start of the April. But that being said it's hasn't occurred again for the last 3 days maybe it's been fixed? i'll keep a eye on it anyway.

Thanks for your help

0 Helpful
Reply
Andreas Mueller
Andreas Mueller Silver
Silver
‎04-27-2012 01:08 AM
‎04-27-2012 01:08 AM

Email being dropped by CASE for one user but not others

Hi Peter,

just as an addition, this is how I usually approach problems like this. First step is to check the logs of the different messages, and compare if there are any differences in the following details:

- Sendergroup

- Mail Policy

- Anything related to LDAP (masquerading, rerouting, etc).

Also, if the network consits of ESAs running centralized management (cluster), I also check the config for any machine specific configuration.

So basically the same you did already by confirming that the sender IP is always the same. But also check the mail policies the messages hit, especial if they are configured differently for antispam.

Hope that helps,

Andreas

0 Helpful
Reply
Latest Documents
Snort IPS on ISR, ISRv and CSR - Step-By-Step Configuration
Created by Kureli Sankar on 04-19-2018 11:25 AM
0
0
0
0
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin... view more
Upgrade Chassis Manager (FXOS)
Created by Jeet Kumar on 02-23-2018 02:51 AM
2
15
2
15
    Login to the FXOS chassis manager. Direct your browser to https://hostname/, and log-in using the user-name and password.     Go to Help > About and check the current version:    Check the current version availa... view more
ASA 5506-X with ipv6 no access to internet
Created by Klaxel on 02-08-2018 01:25 AM
3
5
3
5
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6. In Syslog I also se... view more
All Documents
3711
Views
0
Helpful
3
Replies
CreatePlease to create content
Discussion
Blog
Document
Video
Popular Blogs
AnyConnect Certificate Based Authentication.
Created by Marvin Ruiz on 08-27-2012 05:20 PM
36
70
36
70
BLOG (No Title)
Created by athukral on 06-14-2011 04:23 AM
15
35
15
35
Wireless Hacking
Created by Anim Saxena on 01-24-2013 07:56 AM
2
20
2
20
All Blogs