I am using Ironport C160. I am not able to reciev email message from a specific domain. While tracing messages, it shows Incoming Connection lost and second line Message aborted. Some messages are recieved with Incoming connection lost error but emil recieved it.
This message means that the message injection was prematurely terminated. This will show up in the mail logs on the Email Security Appliance as "ICID lost." This is almost always indicative of an intermediate firewall, content filter or other device terminating the SMTP conversation.
The so-called "black hole connection" is also a possible reason for this. Many security devices (like firewalls) incorrectly block all ICMP messages, including the errors that are ncessary for Path MTU Discovery (RFC 1191) to work. This can result in connections that complete the TCP three-way handshake correctly, but then hang when data is transferred. But in order for TCP to operate most effeciently, ICMP unreachables (type 3) should be permitted.
You can take a closer look at this occurrence by enabling Injection Debug logs if you know the sending domain/host name or IP address. This will give you more detailed information during the smtp conversation. Debug logging can be turned on by using 'logconfig' -> 'new' CLI commands, or enabling a new Log Subscription on the System Administration GUI tab.
Hope this helps!
(*If you have received the answer to your original question, and found this helpful/correct - please mark the question as answered, and be sure to leave a rating to reflect!)
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...