Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
571
Views
0
Helpful
1
Replies

ASA 5510 + CSC smtp relay denied

mike
Level 1
Level 1

‎02-07-2008 03:02 AM - edited ‎02-21-2020 01:53 AM

Hi,

We have an ASA 5510 in a working setup with an inside, outside an dmz. Lately we installed a CSC module and we redirect the smtp traffic through the module to do spam and virus filtering. Whenever we try to send mail we get a relay access denied from the ASA to the local exchange server. The exchange server is supposed to deliver the mail through the ASA to a second mailserver in another subnet (I.E. from inside to dmz). When I remove the csc-class from the global policy the mail is accepted fine. I even disabeled all the SMTP scanning options through the management interface, but it keeps saying "relay access denied" and no entries appear in the CSC log.

Any ideas?

Thanks,

Mike

0 Helpful
1 Reply 1

GRAEME DANIELSON
Level 1
Level 1

‎02-10-2008 10:24 AM

I've always had the CSC do inspection on the outside. You specify your email domain so it knows which email addresses are local and gives it a concept of incoming vs. outgoing email. If you then have it inspecting traffic between two servers inside that domain (you say between inside and dmz?) then maybe it's getting confused?

I would try doing the csc inspect on the outside interface.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card